From 3d48062a7878bf8012d2d76b8cfb439e4d6893ce Mon Sep 17 00:00:00 2001 From: NewAlexandria Date: Sun, 3 Mar 2024 17:39:47 -0500 Subject: [PATCH 1/2] test for staging env acceptability --- .gitignore | 2 ++ app/controllers/rake_ui/application_controller.rb | 5 ++++- lib/rake-ui.rb | 3 +++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 4bbb9ed4..75af97ea 100644 --- a/.gitignore +++ b/.gitignore @@ -12,3 +12,5 @@ /test/dummy/tmp/development_secret.txt .byebug_history + +.DS_Store diff --git a/app/controllers/rake_ui/application_controller.rb b/app/controllers/rake_ui/application_controller.rb index 150a06e4..667f13b6 100644 --- a/app/controllers/rake_ui/application_controller.rb +++ b/app/controllers/rake_ui/application_controller.rb @@ -4,10 +4,13 @@ module RakeUi class ApplicationController < ActionController::Base before_action :black_hole_production + STAGING_OK = (Rails.env.staging? && RakeUi.configuration.allow_staging) + PROD_OK = RakeUi.configuration.allow_production + private def black_hole_production - return if Rails.env.test? || Rails.env.development? || RakeUi.configuration.allow_production + return if Rails.env.test? || Rails.env.development? || STAGING_OK || PROD_OK raise ActionController::RoutingError, "Not Found" end diff --git a/lib/rake-ui.rb b/lib/rake-ui.rb index 770e16ea..6077a44c 100644 --- a/lib/rake-ui.rb +++ b/lib/rake-ui.rb @@ -4,7 +4,10 @@ module RakeUi mattr_accessor :allow_production + mattr_accessor :allow_staging + self.allow_production = false + self.allow_staging = true def self.configuration yield(self) if block_given? From 2370e51b82f5761c05d6fb5bbb828132efddfa84 Mon Sep 17 00:00:00 2001 From: NewAlexandria Date: Sun, 3 Mar 2024 17:55:19 -0500 Subject: [PATCH 2/2] docs on allowing staging --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 45f4c5ce..313fb365 100644 --- a/README.md +++ b/README.md @@ -51,6 +51,13 @@ RakeUi.configuration do |config| config.allow_production = true end ``` +The `staging` environment will be available by default. If you determine this is a risk, you can disable that. +```rb +RakeUi.configuration do |config| + config.allow_staging = false +end +``` + We recommend adding guards in your route to ensure that the proper authentication is in place to ensure that users are authenticated so that if this were ever to be rendered in production, you would be covered. The best way for that is [router constraints](https://guides.rubyonrails.org/routing.html#specifying-constraints)