diff --git a/app/assets/javascripts/admin.js.coffee b/app/assets/javascripts/admin.js.coffee new file mode 100644 index 000000000..761567942 --- /dev/null +++ b/app/assets/javascripts/admin.js.coffee @@ -0,0 +1,3 @@ +# Place all the behaviors and hooks related to the matching controller here. +# All this logic will automatically be available in application.js. +# You can use CoffeeScript in this file: http://jashkenas.github.com/coffee-script/ diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb new file mode 100644 index 000000000..272e14eea --- /dev/null +++ b/app/controllers/admin_controller.rb @@ -0,0 +1,8 @@ +class AdminController < ApplicationController + def index + authorize! :manage, :all + respond_to do |format| + format.html # index.html.haml + end + end +end diff --git a/app/helpers/admin_helper.rb b/app/helpers/admin_helper.rb new file mode 100644 index 000000000..d5c6d3555 --- /dev/null +++ b/app/helpers/admin_helper.rb @@ -0,0 +1,2 @@ +module AdminHelper +end diff --git a/app/models/ability.rb b/app/models/ability.rb index cc403b32c..4be2e10a5 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -78,32 +78,16 @@ class Ability cannot :destroy, OrderItem, :order => { :member_id => member.id, :completed_at => nil } if member.has_role? :admin - # admin user roles (for authorization) - can :read, Role - can :manage, Role - # for now, only admins can create/edit forums - can :manage, Forum + can :read, :all + can :manage, :all - # admins can manage products - can :manage, Product - - # admins can read other people's orders... - can :read, Order - can :read, OrderItem - - # but they can't do anything to them, because orders are *history* + # can't change order history, because it's *history* cannot :create, Order cannot :complete, Order cannot :destroy, Order cannot :manage, OrderItem - # admins can read and manage members' account details (paid acct - # status, etc) - can :read, Account - can :manage, Account - can :read, AccountType - can :manage, AccountType end end diff --git a/app/views/admin/index.html.haml b/app/views/admin/index.html.haml new file mode 100644 index 000000000..ef7530bca --- /dev/null +++ b/app/views/admin/index.html.haml @@ -0,0 +1 @@ +-content_for :title, 'Admin' diff --git a/config/routes.rb b/config/routes.rb index 3df532b51..aeea090df 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -89,11 +89,17 @@ Growstuff::Application.routes.draw do # match ':controller(/:action(/:id))(.:format)' match '/policy/:action' => 'policy#:action' + match '/support' => 'support#index' match '/support/:action' => 'support#:action' + match '/about' => 'about#index' match '/about/:action' => 'about#:action' + match '/shop' => 'shop#index' match '/shop/:action' => 'shop#:action' + match '/admin' => 'admin#index' + match '/admin/:action' => 'admin#:action' + end diff --git a/spec/controllers/admin_controller_spec.rb b/spec/controllers/admin_controller_spec.rb new file mode 100644 index 000000000..587324b52 --- /dev/null +++ b/spec/controllers/admin_controller_spec.rb @@ -0,0 +1,5 @@ +require 'spec_helper' + +describe AdminController do + +end diff --git a/spec/helpers/admin_helper_spec.rb b/spec/helpers/admin_helper_spec.rb new file mode 100644 index 000000000..3870aa933 --- /dev/null +++ b/spec/helpers/admin_helper_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +# Specs in this file have access to a helper object that includes +# the AdminHelper. For example: +# +# describe AdminHelper do +# describe "string concat" do +# it "concats two strings with spaces" do +# helper.concat_strings("this","that").should == "this that" +# end +# end +# end +describe AdminHelper do + pending "add some examples to (or delete) #{__FILE__}" +end diff --git a/spec/models/ability_spec.rb b/spec/models/ability_spec.rb index 3d0cd04e3..527eaf908 100644 --- a/spec/models/ability_spec.rb +++ b/spec/models/ability_spec.rb @@ -238,7 +238,7 @@ describe Ability do end it "cannot delete orders" do - @admin_ability.should_not be_able_to(:delete, @order) + @admin_ability.should_not be_able_to(:destroy, @order) end end