mirror of
https://github.com/discourse/discourse.git
synced 2024-12-03 20:43:44 +08:00
586454bcf1
* DEV: Add a dedicated Admin::StaffController base controller The current parent(Admin:AdminController) for all admin-related controllers uses a filter that allows only staff(admin, moderator) users. This refactor makes Admin::AdminController filter for only admins as the name suggests and introduces a base controller dedicated for staff-related endpoints. * DEV: Set staff-only controllers parent to Admin::StaffController Refactor staff-only controllers to inherit newly introduced Admin::StaffController abstract controller. This conveys the purpose of the parent controller better unlike the previously used parent controller.
59 lines
1.6 KiB
Ruby
59 lines
1.6 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class Admin::ScreenedIpAddressesController < Admin::StaffController
|
|
|
|
before_action :fetch_screened_ip_address, only: [:update, :destroy]
|
|
|
|
def index
|
|
filter = params[:filter]
|
|
filter = IPAddr.handle_wildcards(filter)
|
|
|
|
screened_ip_addresses = ScreenedIpAddress
|
|
screened_ip_addresses = screened_ip_addresses.where("cidr :filter >>= ip_address OR ip_address >>= cidr :filter", filter: filter) if filter.present?
|
|
screened_ip_addresses = screened_ip_addresses.limit(200).order('match_count desc')
|
|
|
|
begin
|
|
screened_ip_addresses = screened_ip_addresses.to_a
|
|
rescue ActiveRecord::StatementInvalid
|
|
# postgresql throws a PG::InvalidTextRepresentation exception when filter isn't a valid cidr expression
|
|
screened_ip_addresses = []
|
|
end
|
|
|
|
render_serialized(screened_ip_addresses, ScreenedIpAddressSerializer)
|
|
end
|
|
|
|
def create
|
|
screened_ip_address = ScreenedIpAddress.new(allowed_params)
|
|
if screened_ip_address.save
|
|
render_serialized(screened_ip_address, ScreenedIpAddressSerializer)
|
|
else
|
|
render_json_error(screened_ip_address)
|
|
end
|
|
end
|
|
|
|
def update
|
|
if @screened_ip_address.update(allowed_params)
|
|
render_serialized(@screened_ip_address, ScreenedIpAddressSerializer)
|
|
else
|
|
render_json_error(@screened_ip_address)
|
|
end
|
|
end
|
|
|
|
def destroy
|
|
@screened_ip_address.destroy
|
|
render json: success_json
|
|
end
|
|
|
|
private
|
|
|
|
def allowed_params
|
|
params.require(:ip_address)
|
|
params.permit(:ip_address, :action_name)
|
|
end
|
|
|
|
def fetch_screened_ip_address
|
|
@screened_ip_address = ScreenedIpAddress.find(params[:id])
|
|
end
|
|
|
|
end
|