Add moderator role and add pundit policies for admin actions (#5635)

* Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n
author: Eugen Rochko <eugen@zeonfederated.com> 2017-11-11 20:23:33 +0100
committer: GitHub <noreply@github.com> 2017-11-11 20:23:33 +0100
commit: 7bb8b0b2fc0e2e42a4234fed18198cbb7439fe9f (patch)
tree: f629ef40a5e7253c3d7bf353959951c93e5aad6f /app/controllers/admin/accounts_controller.rb
parent: 2b1190065c54f071ae384f6e05b4a087987febba (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/app/controllers/admin/accounts_controller.rb b/app/controllers/admin/accounts_controller.rb
index 7503b880d2a..0829bc769f4 100644
--- a/app/controllers/admin/accounts_controller.rb
+++ b/app/controllers/admin/accounts_controller.rb
@@ -7,40 +7,49 @@ module Admin
     before_action :require_local_account!, only: [:enable, :disable, :memorialize]
 
     def index
+      authorize :account, :index?
       @accounts = filtered_accounts.page(params[:page])
     end
 
     def show
+      authorize @account, :show?
       @account_moderation_note = current_account.account_moderation_notes.new(target_account: @account)
       @moderation_notes = @account.targeted_moderation_notes.latest
     end
 
     def subscribe
+      authorize @account, :subscribe?
       Pubsubhubbub::SubscribeWorker.perform_async(@account.id)
       redirect_to admin_account_path(@account.id)
     end
 
     def unsubscribe
+      authorize @account, :unsubscribe?
       Pubsubhubbub::UnsubscribeWorker.perform_async(@account.id)
       redirect_to admin_account_path(@account.id)
     end
 
     def memorialize
+      authorize @account, :memorialize?
       @account.memorialize!
       redirect_to admin_account_path(@account.id)
     end
 
     def enable
+      authorize @account.user, :enable?
       @account.user.enable!
       redirect_to admin_account_path(@account.id)
     end
 
     def disable
+      authorize @account.user, :disable?
       @account.user.disable!
       redirect_to admin_account_path(@account.id)
     end
 
     def redownload
+      authorize @account, :redownload?
+
       @account.reset_avatar!
       @account.reset_header!
       @account.save!
author	Eugen Rochko <eugen@zeonfederated.com>	2017-11-11 20:23:33 +0100
committer	GitHub <noreply@github.com>	2017-11-11 20:23:33 +0100
commit	7bb8b0b2fc0e2e42a4234fed18198cbb7439fe9f (patch)
tree	f629ef40a5e7253c3d7bf353959951c93e5aad6f /app/controllers/admin/accounts_controller.rb
parent	2b1190065c54f071ae384f6e05b4a087987febba (diff)