Add setting to control user signups (#1068)

**What**

This allows admins to enable and disable user signups in the app.

**Why**

This will help prevent bots from creating accounts if they manage to
find a stringer instance online, as well as allowing admins to control
who can create accounts. Fixes [#1063][is].

[is]: #1063

Author: mockdeep

Diff for: Gemfile

@@ -50,4 +50,5 @@ end
 group :test do
   gem "selenium-webdriver"
   gem "webdrivers"
+  gem "with_model"
 end

Diff for: Gemfile.lock

@@ -333,6 +333,8 @@ GEM
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
     will_paginate (4.0.0)
+    with_model (2.1.6)
+      activerecord (>= 5.2)
     xpath (3.2.0)
       nokogiri (~> 1.8)
     zeitwerk (2.6.8)
@@ -376,9 +378,10 @@ DEPENDENCIES
   webdrivers
   webmock
   will_paginate
+  with_model
 
 RUBY VERSION
    ruby 3.2.2
 
 BUNDLED WITH
-   2.3.25
+   2.4.13

Diff for: app/assets/stylesheets/application.css

@@ -486,8 +486,12 @@ li.feed .remove-feed a:hover {
   padding-top: 10px;
 }
 
+.setup__label {
+  font-weight: bold;
+}
+
 .setup {
-  width: 350px;
+  width: 500px;
   margin: 0 auto;
   padding-top: 100px;
 }

Diff for: app/commands/cast_boolean.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module CastBoolean
+  TRUE_VALUES = Set.new(["true", true, "1"]).freeze
+  FALSE_VALUES = Set.new(["false", false, "0"]).freeze
+
+  def self.call(boolean)
+    unless (TRUE_VALUES + FALSE_VALUES).include?(boolean)
+      raise(ArgumentError, "cannot cast to boolean: #{boolean.inspect}")
+    end
+
+    TRUE_VALUES.include?(boolean)
+  end
+end

Diff for: app/controllers/passwords_controller.rb

@@ -3,6 +3,7 @@
 class PasswordsController < ApplicationController
   skip_before_action :complete_setup, only: [:new, :create]
   skip_before_action :authenticate_user, only: [:new, :create]
+  before_action :check_signups_enabled, only: [:new, :create]
 
   def new
     authorization.skip
@@ -35,6 +36,10 @@ def update
 
   private
 
+  def check_signups_enabled
+    redirect_to(login_path) unless Setting::UserSignup.enabled?
+  end
+
   def password_params
     params.require(:user)
           .permit(:password_challenge, :password, :password_confirmation)

Diff for: app/controllers/settings_controller.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+class SettingsController < ApplicationController
+  def index
+    authorization.skip
+  end
+
+  def update
+    authorization.skip
+
+    setting = Setting.find(params[:id])
+    setting.update!(setting_params)
+
+    redirect_to(settings_path)
+  end
+
+  private
+
+  def setting_params
+    params.require(:setting).permit(:enabled)
+  end
+end

Diff for: app/models/application_record.rb

@@ -3,6 +3,20 @@
 class ApplicationRecord < ActiveRecord::Base
   primary_abstract_class
 
+  def self.boolean_accessor(attribute, key, default: false)
+    store_accessor(attribute, key)
+
+    define_method(key) do
+      value = super()
+      value.nil? ? default : CastBoolean.call(value)
+    end
+    alias_method(:"#{key}?", :"#{key}")
+
+    define_method(:"#{key}=") do |value|
+      super(value.nil? ? default : CastBoolean.call(value))
+    end
+  end
+
   def error_messages
     errors.full_messages.join(", ")
   end

Diff for: app/models/setting.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class Setting < ApplicationRecord
+  validates :type, presence: true, uniqueness: true
+end

Diff for: app/models/setting/user_signup.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+class Setting::UserSignup < Setting
+  boolean_accessor :data, :enabled, default: false
+
+  validates :enabled, inclusion: { in: [true, false] }
+
+  def self.first
+    first_or_create!
+  end
+
+  def self.enabled?
+    first_or_create!.enabled? || User.none?
+  end
+end

Diff for: app/views/layouts/_footer.html.erb

@@ -1,6 +1,6 @@
 <div class="container">
   <div class="row-fluid">
-    <div class="span6">
+    <div class="span8">
       <ul class="footer-links">
         <% if current_user %>
           <li><a href="/logout"><%= t('layout.logout') %></a></li>
@@ -13,12 +13,16 @@
           <li class="muted">·</li>
           <li><%= link_to(t('layout.profile'), edit_profile_path) %></li>
           <li class="muted">·</li>
+          <% if current_user.admin? %>
+            <li><%= link_to(t('layout.admin_settings'), settings_path) %></li>
+            <li class="muted">·</li>
+          <% end %>
         <% end %>
 
         <li><a href="https://github.com/stringer-rss/stringer"><%= t('layout.support') %></a></li>
       </ul>
     </div>
-    <div class="span6">
+    <div class="span4">
       <p class="pull-right">
         <b><%= t('layout.hey') %></b> <%= t('layout.back_to_work') %>
       </p>

Diff for: app/views/sessions/new.erb

@@ -19,7 +19,9 @@
     <input type="submit" value="<%= t('sessions.new.fields.submit') %>" class="btn btn-primary pull-right" />
   <% end %>
 
-  <div>
-    <%= t('.sign_up_html', href: setup_password_path) %>
-  </div>
+  <% if Setting::UserSignup.enabled? %>
+    <div>
+      <%= t('.sign_up_html', href: setup_password_path) %>
+    </div>
+  <% end %>
 </div>

Diff for: app/views/settings/index.html.erb

@@ -0,0 +1,24 @@
+<div id="action-bar">
+  <%= render "feeds/action_bar" %>
+</div>
+
+<div class="setup">
+  <h1><%= t('.heading') %></h1>
+  <hr />
+  <p><%= t('.description') %></p>
+  <hr />
+  <div class="control-group">
+    <% setting = Setting::UserSignup.first %>
+    <%= form_with(model: setting, scope: :setting, url: setting_path(setting)) do |form| %>
+      <% if Setting::UserSignup.enabled? %>
+        <%= form.hidden_field :enabled, value: false %>
+        <span class='setup__label'><%= t('.signup.enabled') %></span>
+        <%= form.submit(t('.signup.disable'), class: 'btn btn-primary pull-right') %>
+      <% else %>
+        <%= form.hidden_field :enabled, value: true %>
+        <span class='setup__label'><%= t('.signup.disabled') %></span>
+        <%= form.submit(t('.signup.enable'), class: 'btn btn-primary pull-right') %>
+      <% end %>
+    <% end %>
+  </div>
+</div>

Diff for: config/locales/en.yml

@@ -66,6 +66,7 @@ en:
     subtitle: Let's setup your feeds.
     title: Welcome aboard.
   layout:
+    admin_settings: Admin Settings
     back_to_work: Get back to work, slacker!
     export: Export
     hey: Hey!
@@ -150,6 +151,15 @@ en:
       sign_up_html: Or <a href=%{href}>sign up</a>.
       subtitle: Welcome back, friend.
       title: Stringer speaks
+  settings:
+    index:
+      heading: Application Settings
+      description: Edit application wide settings
+      signup:
+        enabled: User signups are enabled
+        disabled: User signups are disabled
+        enable: Enable
+        disable: Disable
   starred:
     next: Next
     of: of

Diff for: config/routes.rb

@@ -6,6 +6,7 @@
   scope :admin, constraints: AdminConstraint.new do
     mount GoodJob::Engine => "good_job"
 
+    resources :settings, only: [:index, :update]
     get "/debug", to: "debug#index"
   end
 

Diff for: db/migrate/20230721160939_create_settings.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class CreateSettings < ActiveRecord::Migration[7.0]
+  def change
+    create_table :settings do |t|
+      t.string :type, null: false, index: { unique: true }
+      t.jsonb :data, null: false, default: {}
+
+      t.timestamps
+    end
+  end
+end

Diff for: db/schema.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+RSpec.describe CastBoolean do
+  ["true", true, "1"].each do |true_value|
+    it "returns true when passed #{true_value.inspect}" do
+      expect(described_class.call(true_value)).to be(true)
+    end
+  end
+
+  ["false", false, "0"].each do |false_value|
+    it "returns false when passed #{false_value.inspect}" do
+      expect(described_class.call(false_value)).to be(false)
+    end
+  end
+
+  it "raises an error when passed non-boolean value" do
+    ["butt", 0, nil, "", []].each do |bad_value|
+      expected_message = "cannot cast to boolean: #{bad_value.inspect}"
+      expect { described_class.call(bad_value) }
+        .to raise_error(ArgumentError, expected_message)
+    end
+  end
+end

Diff for: spec/commands/cast_boolean_spec.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+
+RSpec.describe ApplicationRecord do
+  describe ".boolean_accessor" do
+    with_model :Cheese, superclass: described_class do
+      table { |t| t.jsonb(:options, default: {}) }
+    end
+
+    describe "#<key>" do
+      it "returns the value when present" do
+        Cheese.boolean_accessor(:options, :stinky)
+        cheese = Cheese.new(options: { stinky: true })
+
+        expect(cheese.stinky).to be(true)
+      end
+
+      it "returns false by default" do
+        Cheese.boolean_accessor(:options, :stinky)
+        cheese = Cheese.new
+
+        expect(cheese.stinky).to be(false)
+      end
+
+      it "returns the default when value is nil" do
+        Cheese.boolean_accessor(:options, :stinky, default: true)
+        cheese = Cheese.new
+
+        expect(cheese.stinky).to be(true)
+      end
+
+      it "casts the value to a boolean" do
+        Cheese.boolean_accessor(:options, :stinky)
+        cheese = Cheese.new(options: { stinky: "true" })
+
+        expect(cheese.stinky).to be(true)
+      end
+    end
+
+    describe "#<key>=" do
+      it "sets the value" do
+        Cheese.boolean_accessor(:options, :stinky)
+        cheese = Cheese.new
+
+        cheese.stinky = true
+
+        expect(cheese.options).to eq({ "stinky" => true })
+      end
+
+      it "casts the value to a boolean" do
+        Cheese.boolean_accessor(:options, :stinky)
+        cheese = Cheese.new
+
+        cheese.stinky = "true"
+
+        expect(cheese.options).to eq({ "stinky" => true })
+      end
+
+      it "uses the default when value is nil" do
+        Cheese.boolean_accessor(:options, :stinky, default: true)
+        cheese = Cheese.new
+
+        cheese.stinky = nil
+
+        expect(cheese.options).to eq({ "stinky" => true })
+      end
+    end
+  end
+end