• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

MushroomObserver / mushroom-observer / 20732222673

05 Jan 2026 11:19PM UTC coverage: 95.6% (+0.002%) from 95.598%
20732222673

Pull #3714

github

nimmolo
Update the FormObject model_name, use base class
Pull Request #3714: Phlex `AdminSessionForm`

22 of 22 new or added lines in 5 files covered. (100.0%)

1 existing line in 1 file now uncovered.

32351 of 33840 relevant lines covered (95.6%)

695.91 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

93.48
/app/controllers/admin/session_controller.rb
1
# frozen_string_literal: true
2

3
# =============== Controls access to admin mode ================
4
#
5
# NOTE:
6
# Unlike controllers inheriting from AdminController, this controller's
7
# actions do not require current user to be an admin already in admin mode,
8
#        i.e. a user where     @user.admin && in_admin_mode
9
#
10
# This controller is for turning admin mode on and off, and switching users.
11
# (If an admin switches to another user, that user may not be an admin.)
12

13
module Admin
1✔
14
  class SessionController < ApplicationController
1✔
15
    before_action :login_required
1✔
16

17
    # The route to turn admin mode on or off. Takes params.
18
    def create
1✔
19
      if params[:turn_on]
23✔
20
        session[:admin] = true if @user&.admin && !in_admin_mode?
21✔
21
      elsif params[:turn_off]
2✔
22
        session[:admin] = nil
2✔
23
      end
24

25
      redirect_back_or_default("/")
23✔
26
    end
27

28
    # Form for admins to switch users
29
    def edit
1✔
30
      redirect_back_or_default("/") if
31
        !@user&.admin && session[:real_user_id].blank?
3✔
32
      @form = FormObject::AdminSession.new(id: @id)
3✔
33
    end
34

35
    # Action to switch the apparent logged-in user, session[:user_id]
36
    # Stores the admin's session[:user_id] as session[:real_user_id]
37
    def update
1✔
38
      @id = (params.dig(:admin_session, :id) || params[:id]).to_s
9✔
39
      # autocomplete returns "nathan <Nathan Wilson>" - we only want the login
40
      @id = @id.split(" <")[0].strip if @id.is_a?(String) && @id.exclude?("@")
9✔
41

42
      new_user = find_user_by_id_login_or_email(@id)
9✔
43
      if new_user.blank? && @id.present?
9✔
44
        flash_error("Couldn't find \"#{@id}\".  Play again?")
2✔
45
        @form = FormObject::AdminSession.new(id: @id)
2✔
46
        render(action: :edit)
2✔
47
      # Allow non-admin that's already in "switch user mode" to switch to
48
      # another user. This is a weird case which only comes up if you switch to
49
      # another admin user.  But if you do so the Switch User mechanism should
50
      # behave in a reasonable way, and this seems the most appropriate way.
51
      elsif !@user&.admin && session[:real_user_id].blank?
7✔
52
        redirect_back_or_default("/")
×
53
      elsif new_user.present?
7✔
54
        switch_to_user_if_verified(new_user)
7✔
55
        @form = FormObject::AdminSession.new(id: @id)
7✔
56
        render(action: :edit)
7✔
57
      end
58
    end
59

60
    private
1✔
61

62
    def switch_to_user_if_verified(new_user)
1✔
63
      if new_user.verified
7✔
64
        switch_to_user(new_user)
5✔
65
      else
66
        flash_error("This user is not verified yet!")
2✔
67
      end
68
    end
69

70
    def switch_to_user(new_user)
1✔
71
      # This happens if an admin switches to another user from themselves.
72
      if session[:real_user_id].blank?
5✔
73
        session[:real_user_id] = User.current_id
3✔
74
        session[:admin] = nil
3✔
75
      # This happens if an admin in "switch user mode" logs out or explicitly.
76
      # switches back to themselves.
77
      elsif session[:real_user_id] == new_user.id
2✔
78
        session[:real_user_id] = nil
×
UNCOV
79
        session[:admin] = true
×
80
      end
81
      # This happens if an admin already in "switch user mode" switches to yet
82
      # another user.
83
      # Update both @user and User.current so views show the correct user.
84
      @user = new_user
5✔
85
      User.current = new_user
5✔
86
      session_user_set(new_user)
5✔
87
    end
88

89
    def find_user_by_id_login_or_email(str)
1✔
90
      if str.blank?
9✔
91
        nil
92
      elsif str.match?(/^\d+$/)
9✔
93
        User.safe_find(str)
1✔
94
      else
95
        User.find_by(login: str) || User.find_by(email: str.sub(/ <.*>$/, ""))
8✔
96
      end
97
    end
98
  end
99
end
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc