Start out by reusing the solidus_backend authentication method in the…

… new admin
solidusio · Jul 13, 2023 · af6b6db · af6b6db
1 parent 61b39e6
commit af6b6db
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 5 deletions.
diff --git a/admin/app/controllers/solidus_admin/auth_adapters/backend.rb b/admin/app/controllers/solidus_admin/auth_adapters/backend.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module SolidusAdmin::AuthAdapters::Backend
+  extend ActiveSupport::Concern
+
+  included do
+    delegate :admin_logout_path, to: :spree
+    helper_method :admin_logout_path
+  end
+
+  private
+
+  def authenticate_solidus_backend_user!
+    if respond_to?(:model_class, true) && model_class
+      record = model_class
+    else
+      record = controller_name.to_sym
+    end
+    authorize! :admin, record
+    authorize! action_name.to_sym, record
+  rescue CanCan::AccessDenied
+    instance_exec(&Spree::Admin::BaseController.unauthorized_redirect)
+  end
+
+  # Needs to be overriden so that we use Spree's Ability rather than anyone else's.
+  def current_ability
+    @current_ability ||= Spree::Ability.new(spree_current_user)
+  end
+
+  def store_location
+    Spree::UserLastUrlStorer.new(self).store_location
+  end
+end
diff --git a/admin/lib/solidus_admin/configuration.rb b/admin/lib/solidus_admin/configuration.rb
@@ -84,20 +84,20 @@ def main_nav
 
     # The method used to authenticate the user in the admin interface, it's expected to redirect the user to the login method
     # in case the authentication fails.
-    preference :authentication_method, :string, default: nil
+    preference :authentication_method, :string, default: :authenticate_solidus_backend_user!
 
     # The method used to retrieve the current user in the admin interface.
-    preference :current_user_method, :string, default: nil
+    preference :current_user_method, :string, default: :spree_current_user
 
     # The path used to logout the user in the admin interface.
-    preference :logout_link_path, :string, default: nil
+    preference :logout_link_path, :string, default: :admin_logout_path
 
     # The HTTP method used to logout the user in the admin interface.
-    preference :logout_link_method, :string, default: nil
+    preference :logout_link_method, :string, default: :delete
 
     # A module that will be included in the BaseController to add authentication support
     # methods, can be `nil` if no module is needed.
-    preference :authentication_adapter, :string, default: nil
+    preference :authentication_adapter, :string, default: 'SolidusAdmin::AuthAdapters::Backend'
   end
 end