Merge pull request #1018 from glebm/master

Resque Authentication + iFrame view

7 files changed, 28 insertions, 11 deletions

diff --git a/app/controllers/admin/resque_controller.rb b/app/controllers/admin/resque_controller.rb
new file mode 100644
index 00000000000..dc575cc27b2
--- /dev/null
+++ b/app/controllers/admin/resque_controller.rb
@@ -0,0 +1,5 @@
+class Admin::ResqueController < ApplicationController
+  layout 'admin'
+  def show
+  end
+end
\ No newline at end of file
diff --git a/app/views/admin/dashboard/index.html.haml b/app/views/admin/dashboard/index.html.haml
index 0b0709ba4e0..886943be6de 100644
--- a/app/views/admin/dashboard/index.html.haml
+++ b/app/views/admin/dashboard/index.html.haml
@@ -4,7 +4,7 @@
       %h5
         Resque Workers
       .data.padded
-        = link_to "/info/resque" do
+        = link_to admin_resque_path do
           %h1{:class => @workers.present? ? "cgreen" : "cred"}
             = @workers.count
         %hr
diff --git a/app/views/admin/resque/show.html.haml b/app/views/admin/resque/show.html.haml
new file mode 100644
index 00000000000..267129530bd
--- /dev/null
+++ b/app/views/admin/resque/show.html.haml
@@ -0,0 +1,2 @@
+%h3 Resque
+%iframe{:src => "/info/resque", :width => 1168, :height => 600, :style => "border: none"}
\ No newline at end of file
diff --git a/app/views/layouts/admin.html.haml b/app/views/layouts/admin.html.haml
index e48903a6c06..bac3e716861 100644
--- a/app/views/layouts/admin.html.haml
+++ b/app/views/layouts/admin.html.haml
@@ -6,10 +6,10 @@
     = render "layouts/head_panel", :title => "Admin area"
     .container
       %nav.main_menu
-        = link_to "Stats", admin_root_path, :class => "home #{controller.controller_name == "dashboard" ? "current" : nil}"
-        = link_to "Projects", admin_projects_path, :class => controller.controller_name == "projects" ? "current" : nil
-        = link_to "Users", admin_users_path, :class => controller.controller_name == "users" ? "current" : nil
-        = link_to "Emails", admin_emails_path, :class => controller.controller_name == "mailer" ? "current" : nil
-        = link_to "Resque", "/info/resque"
+        = link_to "Stats", admin_root_path, :class => "home #{'current' if controller.controller_name == "dashboard"}"
+        = link_to "Projects", admin_projects_path, :class => ('current' if controller.controller_name == "projects")
+        = link_to "Users", admin_users_path, :class => ('current' if controller.controller_name == 'users')
+        = link_to "Emails", admin_emails_path, :class => ('current' if controller.controller_name == 'mailer')
+        = link_to "Resque", admin_resque_path, :class => ('current' if controller.controller_name == 'resque')
 
       .content= yield
diff --git a/config/initializers/protect_resque.rb b/config/initializers/protect_resque.rb
deleted file mode 100644
index d52815ffa9c..00000000000
--- a/config/initializers/protect_resque.rb
+++ /dev/null
@@ -1,5 +0,0 @@
-require 'resque/server'
-Resque::Server.use(Rack::Auth::Basic) do |user, password|
-  user == "gitlab"
-  password == "5iveL!fe"
-end
diff --git a/config/initializers/resque_authentication.rb b/config/initializers/resque_authentication.rb
new file mode 100644
index 00000000000..a439d322804
--- /dev/null
+++ b/config/initializers/resque_authentication.rb
@@ -0,0 +1,14 @@
+require 'resque/server'
+class Authentication
+  def initialize(app)
+    @app = app
+  end
+
+  def call(env)
+    account = env['warden'].authenticate!(:database_authenticatable, :rememberable, scope: :user)
+    raise "Access denied" if !account.admin?
+    @app.call(env)
+  end
+end
+
+Resque::Server.use Authentication
\ No newline at end of file
diff --git a/config/routes.rb b/config/routes.rb
index 454b3cd290f..f657b1d2ed8 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -50,6 +50,7 @@ Gitlab::Application.routes.draw do
     get 'mailer/preview_note'
     get 'mailer/preview_user_new'
     get 'mailer/preview_issue_new'
+    resource :resque, :controller => 'resque'
     root :to => "dashboard#index"
   end