Browsing without login by setting environment variable

- Enable readonly browsing when DMEMO_ALLOW_ANONYMOUS_TO_READ is set
- Hide favorite tables without login user.
- Update RSpec for anonymous login

Author: kitsuyui

app/controllers/application_controller.rb

@@ -12,6 +12,7 @@ def current_user
 
   def require_login
     return if current_user
+    return if Rails.application.config.allow_anonymous_to_read && ["index", "show"].include?(params[:action])
     redirect_to google_oauth2_path(state: request.fullpath)
   end
 

app/controllers/top_controller.rb

@@ -1,6 +1,8 @@
 class TopController < ApplicationController
   def show
     @database_memos = DatabaseMemo.all.includes(:data_source, schema_memos: :table_memos).sort_by(&:display_order)
-    @favorite_tables = TableMemo.where(id: current_user.favorite_tables.pluck(:table_memo_id))
+    if current_user
+      @favorite_tables = TableMemo.where(id: current_user.favorite_tables.pluck(:table_memo_id))
+    end
   end
 end

app/views/shared/_main_sidebar.html.haml

@@ -1,10 +1,11 @@
 %aside.main-sidebar
   %section.sidebar
     .user-panel
-      .pull-left.image
-        = image_tag current_user.image_url, class: "img-rounded"
-      .pull-left.info
-        %p= current_user.name
+      - if current_user
+        .pull-left.image
+          = image_tag current_user.image_url, class: "img-rounded"
+        .pull-left.info
+          %p= current_user.name
 
     = form_for @search_result, method: :get, html: { class: "sidebar-form" } do |f|
       .input-group

app/views/shared/_navbar.html.haml

@@ -1,15 +1,21 @@
 %nav.navbar.navbar-static-top{ role: "navigation" }
   .navbar-custom-menu
     %ul.nav.navbar-nav
-      %li
-        = link_to setting_path do
-          %i.fa.fa-gear
-          Setting
-      %li
-        = link_to edit_user_path(current_user) do
-          %i.fa.fa-user
-          = current_user.name
-      %li
-        = link_to logout_path, method: :delete do
-          %i.fa.fa-sign-out
-          Sign-out
+      - if current_user
+        %li
+          = link_to setting_path do
+            %i.fa.fa-gear
+            Setting
+        %li
+          = link_to edit_user_path(current_user) do
+            %i.fa.fa-user
+            = current_user.name
+        %li
+          = link_to logout_path, method: :delete do
+            %i.fa.fa-sign-out
+            Sign-out
+      - else
+        %li
+          = link_to google_oauth2_path(state: request.fullpath) do
+            %i.fa.fa-sign-in
+            Sign-in

app/views/table_memos/_column_memo.html.haml

@@ -9,8 +9,9 @@
     - if column_memo.logs.present?
       = link_to column_memo_logs_path(column_memo.id), class: "pull-right colorbox" do
         %i.fa.fa-clock-o
-    = link_to edit_column_memo_path(column_memo), class: "pull-right colorbox" do
-      %i.fa.fa-edit
+    - if current_user
+      = link_to edit_column_memo_path(column_memo), class: "pull-right colorbox" do
+        %i.fa.fa-edit
     .column-description
       - if column_memo.description.present?
         = column_memo.description_html

app/views/table_memos/show.html.haml

@@ -1,12 +1,13 @@
 - content_for :header do
   %h1.page-header
     = @table_memo.name
-    - favorited_status = @table_memo.favorited_by?(current_user) ? "favorited" : "unfavorited"
-    %span.favorite-table-block{ class: favorited_status }
-      = link_to table_memo_favorite_table_path(@table_memo.id), method: :delete, remote: true, class: "unfavorite-table-link" do
-        %i.fa.fa-star
-      = link_to table_memo_favorite_table_path(@table_memo.id), method: :post, remote: true, class: "favorite-table-link" do
-        %i.fa.fa-star-o
+    - if current_user
+      - favorited_status = @table_memo.favorited_by?(current_user) ? "favorited" : "unfavorited"
+      %span.favorite-table-block{ class: favorited_status }
+        = link_to table_memo_favorite_table_path(@table_memo.id), method: :delete, remote: true, class: "unfavorite-table-link" do
+          %i.fa.fa-star
+        = link_to table_memo_favorite_table_path(@table_memo.id), method: :post, remote: true, class: "favorite-table-link" do
+          %i.fa.fa-star-o
     = link_to edit_table_memo_path(@table_memo) do
       %i.fa.fa-edit
 

app/views/top/show.html.haml

@@ -25,13 +25,14 @@
             %td
               = database_memo.schema_memos.map(&:table_memos).flatten.map(&:name).join(", ").truncate(100)
 
-.box
-  .box-header.with-border
-    %h2.box-title Favorite tables
+- if current_user
+  .box
+    .box-header.with-border
+      %h2.box-title Favorite tables
 
-  .box-body
-    %table.table.table-hover.table-bordered.table-striped{ role: "grid" }
-      %tr
-        %th Name
-        %th Description
-      = render partial: "table_memo", collection: @favorite_tables
+    .box-body
+      %table.table.table-hover.table-bordered.table-striped{ role: "grid" }
+        %tr
+          %th Name
+          %th Description
+        = render partial: "table_memo", collection: @favorite_tables

app/views/users/index.html.haml

@@ -27,6 +27,6 @@
             - if user.admin?
               %i.fa.fa-check
           %td
-            - if current_user.editable_user?(user.id)
+            - if current_user.try!(:editable_user?, user.id)
               = link_to edit_user_path(user) do
                 %i.fa.fa-edit

config/application.rb

@@ -18,5 +18,6 @@ class Application < Rails::Application
     config.active_record.belongs_to_required_by_default = false
 
     config.eager_load_paths << "#{Rails.root}/lib/autoload"
+    config.allow_anonymous_to_read = ENV.has_key? 'ALLOW_ANONYMOUS_TO_READ'
   end
 end

spec/requests/top_spec.rb

@@ -4,14 +4,34 @@
   before do
     FactoryBot.create(:data_source)
     SynchronizeDataSources.run
-    login!
   end
 
   describe "#show" do
-    it "shows top page" do
-      get root_path
-      expect(page).to have_content("DatabaseMEMO")
-      expect(page).to have_selector("a[href='/databases/dmemo']")
+    context "with signed-in" do
+      before { login! }
+      it "shows top page" do
+        get root_path
+        expect(page).to have_content("DatabaseMEMO")
+        expect(page).to have_selector("a[href='/databases/dmemo']")
+      end
+    end
+
+    context "with not signed-in" do
+      context 'with disallowing anonymous to read' do
+        it "redirects" do
+          get root_path
+          expect(response.location).to match('http://www.example.com/auth/google_oauth2.*?')
+        end
+      end
+
+      context 'with allowing anonymous to read' do
+        before { Rails.application.config.allow_anonymous_to_read = true }
+        it "shows top page" do
+          get root_path
+          expect(page).to have_content("DatabaseMEMO")
+          expect(page).to have_selector("a[href='/databases/dmemo']")
+        end
+      end
     end
   end
 end