Make mission control only accessible for staff members

jorgemanrubia · jorgemanrubia · commit 1e738134f04f · 2025-11-26T13:40:46.000+01:00
diff --git a/app/controllers/admin/stats_controller.rb b/app/controllers/admin/stats_controller.rb
@@ -1,6 +1,4 @@
 class Admin::StatsController < AdminController
-  disallow_account_scope
-
   layout "public"
 
   def show
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb
@@ -1,3 +1,4 @@
 class AdminController < ApplicationController
+  disallow_account_scope
   before_action :ensure_staff
 end
diff --git a/config/application.rb b/config/application.rb
@@ -24,5 +24,7 @@ class Application < Rails::Application
     config.generators do |g|
       g.orm :active_record, primary_key_type: :uuid
     end
+
+    config.mission_control.jobs.http_basic_auth_enabled = false
   end
 end
diff --git a/config/initializers/mission_control.rb b/config/initializers/mission_control.rb
@@ -1,5 +1,3 @@
 Rails.application.config.before_initialize do
-  # We don't want normal tenanted authentication on mission control.
-  # Note that we're using HTTP basic auth configured via credentials.
-  MissionControl::Jobs.base_controller_class = "ActionController::Base"
+  MissionControl::Jobs.base_controller_class = "AdminController"
 end
diff --git a/test/controllers/admin/mission_control_test.rb b/test/controllers/admin/mission_control_test.rb
@@ -0,0 +1,23 @@
+require "test_helper"
+
+class Admin::MissionControlTest < ActionDispatch::IntegrationTest
+  test "staff can access mission control jobs" do
+    sign_in_as :david
+
+    untenanted do
+      get "/admin/jobs"
+    end
+
+    assert_response :success
+  end
+
+  test "non-staff cannot access mission control jobs" do
+    sign_in_as :jz
+
+    untenanted do
+      get "/admin/jobs"
+    end
+
+    assert_response :forbidden
+  end
+end
diff --git a/test/controllers/admin/stats_controller_test.rb b/test/controllers/admin/stats_controller_test.rb
@@ -0,0 +1,23 @@
+require "test_helper"
+
+class Admin::StatsControllerTest < ActionDispatch::IntegrationTest
+  test "staff can access stats" do
+    sign_in_as :david
+
+    untenanted do
+      get admin_stats_url
+    end
+
+    assert_response :success
+  end
+
+  test "non-staff cannot access stats" do
+    sign_in_as :jz
+
+    untenanted do
+      get admin_stats_url
+    end
+
+    assert_response :forbidden
+  end
+end
diff --git a/test/fixtures/identities.yml b/test/fixtures/identities.yml
@@ -1,11 +1,13 @@
 david:
   email_address: david@37signals.com
+  staff: true
 
 jz:
   email_address: jz@37signals.com
 
 kevin:
   email_address: kevin@37signals.com
+  staff: true
 
 mike:
   email_address: mike@37signals.com
