diff --git a/README.md b/README.md index 2662a90..3a0426f 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,6 @@ Run the tests locally (against development environment): ## TODOs -1. Need to actually protect the admin paths with `under()` 1. Action for resetting passwords 1. Action for locking/unlocking accounts 1. CSS diff --git a/lib/PostText.pm b/lib/PostText.pm index d411b01..dd3070a 100644 --- a/lib/PostText.pm +++ b/lib/PostText.pm @@ -160,10 +160,6 @@ sub startup($self) { ->to('moderator#hidden') ->name('hidden_list'); - $moderator->any([qw{GET POST}], '/create') - ->to('moderator#create') - ->name('create_mod'); - my $mod_thread = $moderator->under('/thread'); $mod_thread->get('/unflag/:thread_id', [thread_id => qr/\d+/]) @@ -192,6 +188,16 @@ sub startup($self) { ->to('moderator#unhide_remark') ->name('unhide_remark'); + my $mod_admin = $moderator->under('/admin', sub ($c) { + return 1 if $c->is_admin; + + # Return undef otherwise a body is rendered with the redirect... + return $c->redirect_to('mod_login'), undef; + }); + + $mod_admin->any([qw{GET POST}], '/create') + ->to('moderator#create') + ->name('create_mod'); } 1; diff --git a/t/moderator.t b/t/moderator.t index af11fa2..7c7f52b 100644 --- a/t/moderator.t +++ b/t/moderator.t @@ -80,30 +80,30 @@ subtest Login => sub { $t->get_ok('/moderator/flagged') ->status_is(200) ->text_like(h2 => qr/Flagged Posts/) - ->element_exists('a[href*="/moderator/flagged"]') - ->element_exists('a[href*="/moderator/hidden"]' ) - ->element_exists('a[href*="/logout"]' ) - ->element_exists('a[href*="/moderator/create"]' ) + ->element_exists('a[href*="/moderator/flagged"]' ) + ->element_exists('a[href*="/moderator/hidden"]' ) + ->element_exists('a[href*="/logout"]' ) + ->element_exists('a[href*="/moderator/admin/create"]' ) }; subtest Hidden => sub { $t->get_ok('/moderator/hidden') ->status_is(200) ->text_like(h2 => qr/Hidden Posts/) - ->element_exists('a[href*="/moderator/flagged"]') - ->element_exists('a[href*="/moderator/hidden"]' ) - ->element_exists('a[href*="/logout"]' ) - ->element_exists('a[href*="/moderator/create"]' ) + ->element_exists('a[href*="/moderator/flagged"]' ) + ->element_exists('a[href*="/moderator/hidden"]' ) + ->element_exists('a[href*="/logout"]' ) + ->element_exists('a[href*="/moderator/admin/create"]' ) }; subtest Create => sub { - $t->get_ok('/moderator/create') + $t->get_ok('/moderator/admin/create') ->status_is(200) ->text_like(h2 => qr/Create Moderator/) - ->element_exists('a[href*="/moderator/flagged"]') - ->element_exists('a[href*="/moderator/hidden"]' ) - ->element_exists('a[href*="/logout"]' ) - ->element_exists('a[href*="/moderator/create"]' ) + ->element_exists('a[href*="/moderator/flagged"]' ) + ->element_exists('a[href*="/moderator/hidden"]' ) + ->element_exists('a[href*="/logout"]' ) + ->element_exists('a[href*="/moderator/admin/create"]' ) }; # Mod session ends @@ -138,7 +138,7 @@ subtest Login => sub { ->status_is(302) ->header_like(Location => qr/login/); - $t->get_ok('/moderator/create') + $t->get_ok('/moderator/admin/create') ->status_is(302) ->header_like(Location => qr/login/); }; diff --git a/templates/layouts/default.html.ep b/templates/layouts/default.html.ep index 12f3f1f..6e61eb7 100644 --- a/templates/layouts/default.html.ep +++ b/templates/layouts/default.html.ep @@ -23,7 +23,7 @@ <% } =%>
- <% if (is_mod && is_admin) { =%> + <% if (is_admin) { =%> Admin: <%= link_to Create => 'create_mod' %> <% } =%>