frontend work

app/models/user.js

@@ -14,6 +14,7 @@ export default class User extends Model {
   @attr avatar;
   @attr url;
   @attr kind;
+  @attr admin;
 
   async stats() {
     return await customAction(this, { method: 'GET', path: 'stats' });

app/router.js

@@ -30,6 +30,9 @@ Router.map(function () {
     this.route('following');
     this.route('pending-invites');
   });
+  this.route('admin', function () {
+    this.route('rate-limits');
+  });
   this.route('settings', function () {
     this.route('appearance');
     this.route('email-notifications');

app/routes/admin/index.js

@@ -0,0 +1,36 @@
+import { A } from '@ember/array';
+import { inject as service } from '@ember/service';
+import RSVP from 'rsvp';
+
+import AuthenticatedRoute from './../-authenticated-route';
+
+export default class AdminRoute extends AuthenticatedRoute {
+  @service router;
+  @service session;
+
+  async beforeModel(transition) {
+    // wait for the `loadUserTask.perform()` of either the `application` route,
+    // or the `session.login()` call
+    let result = await this.session.loadUserTask.last;
+
+    if (!result.currentUser) {
+      this.session.savedTransition = transition;
+      this.router.replaceWith('catch-all', {
+        transition,
+        loginNeeded: true,
+        title: 'This page requires admin authentication',
+      });
+    } else if (!result.currentUser.admin) {
+      this.session.savedTransition = transition;
+      this.router.replaceWith('catch-all', {
+        transition,
+        loginNeeded: false,
+        title: 'This page requires admin authentication',
+      });
+    }
+  }
+
+  redirect() {
+    this.router.replaceWith('admin.rate-limits');
+  }
+}

app/routes/admin/rate-limits.js

@@ -0,0 +1,32 @@
+import { A } from '@ember/array';
+import { inject as service } from '@ember/service';
+import RSVP from 'rsvp';
+
+import AuthenticatedRoute from './../-authenticated-route';
+
+export default class RateLimitsAdminRoute extends AuthenticatedRoute {
+  @service router;
+  @service session;
+
+  async beforeModel(transition) {
+    // wait for the `loadUserTask.perform()` of either the `application` route,
+    // or the `session.login()` call
+    let result = await this.session.loadUserTask.last;
+
+    if (!result.currentUser) {
+      this.session.savedTransition = transition;
+      this.router.replaceWith('catch-all', {
+        transition,
+        loginNeeded: true,
+        title: 'This page requires admin authentication',
+      });
+    } else if (!result.currentUser.admin) {
+      this.session.savedTransition = transition;
+      this.router.replaceWith('catch-all', {
+        transition,
+        loginNeeded: false,
+        title: 'This page requires admin authentication',
+      });
+    }
+  }
+}

app/styles/admin/rate-limits.module.css

@@ -0,0 +1,18 @@
+.rate-limit {}
+
+.page {
+    display: grid;
+    gap: 16px;
+
+    @media (--min-m) {
+        grid-template:
+            "menu content" auto /
+            200px auto;
+    }
+}
+
+.content {
+    h2:first-child {
+        margin-top: 4px;
+    }
+}

app/templates/admin/rate-limits.hbs

@@ -0,0 +1,18 @@
+{{page-title 'Admin Actions'}}
+
+<PageHeader @title="Admin Actions" data-test-heading />
+
+<div local-class="page" ...attributes>
+  <SideMenu as |menu|>
+    <menu.Item @link={{link "admin.rate-limits"}}>Increase Rate Limit</menu.Item>
+    <menu.Item>More actions coming soon</menu.Item>
+  </SideMenu>
+
+  <div local-class="content">
+    <div local-class='rate-limit'>
+      <h2>Increase Rate Limit</h2>
+      <label>email address:</label>
+    </div>
+  </div>
+
+</div>

tests/acceptance/admin-test.js

@@ -0,0 +1,97 @@
+import { click, currentURL } from '@ember/test-helpers';
+import { module, test } from 'qunit';
+
+import percySnapshot from '@percy/ember';
+
+import { setupApplicationTest } from 'cargo/tests/helpers';
+
+import { visit } from '../helpers/visit-ignoring-abort';
+
+module('Acceptance | Admin', function (hooks) {
+  setupApplicationTest(hooks);
+
+  test('shows "page requires admin authentication" error when not logged in', async function (assert) {
+    await visit('/admin');
+    assert.equal(currentURL(), '/admin');
+    assert.dom('[data-test-title]').hasText('This page requires admin authentication');
+    assert.dom('[data-test-login]').exists();
+  });
+
+  test('shows "page requires admin authentication" error when logged in but not as an admin', async function (assert) {
+    let user = this.server.create('user', {
+      login: 'johnnydee',
+      name: 'John Doe',
+      email: 'john@doe.com',
+      avatar: 'https://avatars2.githubusercontent.com/u/1234567?v=4',
+      admin: false,
+    });
+
+    this.authenticateAs(user);
+
+    await visit('/admin');
+    assert.equal(currentURL(), '/admin');
+    assert.dom('[data-test-title]').hasText('This page requires admin authentication');
+    assert.dom('[data-test-login]').doesNotExist();
+  });
+
+  test('shows admin actions when logged in as an admin', async function (assert) {
+    let user = this.server.create('user', {
+      login: 'johnnydee',
+      name: 'John Doe',
+      email: 'john@doe.com',
+      avatar: 'https://avatars2.githubusercontent.com/u/1234567?v=4',
+      admin: true,
+    });
+
+    this.authenticateAs(user);
+
+    await visit('/admin');
+    // Rate limits is the default action.
+    assert.equal(currentURL(), '/admin/rate-limits');
+    assert.dom('[data-test-heading]').hasText('Admin Actions');
+    assert.dom('[data-test-login]').doesNotExist();
+  });
+
+  module('Rate limits', function () {
+    test('shows "page requires admin authentication" error when not logged in', async function (assert) {
+      await visit('/admin/rate-limits');
+      assert.equal(currentURL(), '/admin/rate-limits');
+      assert.dom('[data-test-title]').hasText('This page requires admin authentication');
+      assert.dom('[data-test-login]').exists();
+    });
+
+    test('shows "page requires admin authentication" error when logged in but not as an admin', async function (assert) {
+      let user = this.server.create('user', {
+        login: 'johnnydee',
+        name: 'John Doe',
+        email: 'john@doe.com',
+        avatar: 'https://avatars2.githubusercontent.com/u/1234567?v=4',
+        admin: false,
+      });
+
+      this.authenticateAs(user);
+
+      await visit('/admin/rate-limits');
+      assert.equal(currentURL(), '/admin/rate-limits');
+      assert.dom('[data-test-title]').hasText('This page requires admin authentication');
+      assert.dom('[data-test-login]').doesNotExist();
+    });
+  });
+
+  test('shows rate limit actions when logged in as an admin', async function (assert) {
+    let user = this.server.create('user', {
+      login: 'johnnydee',
+      name: 'John Doe',
+      email: 'john@doe.com',
+      avatar: 'https://avatars2.githubusercontent.com/u/1234567?v=4',
+      admin: true,
+    });
+
+    this.authenticateAs(user);
+
+    await visit('/admin/rate-limits');
+    assert.equal(currentURL(), '/admin/rate-limits');
+    assert.dom('[data-test-heading]').hasText('Admin Actions');
+    assert.dom('[data-test-login]').doesNotExist();
+  });
+});