Add maintenance feature

app/controllers/application_controller.rb

@@ -1,6 +1,6 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class ApplicationController < ActionController::Base
-	before_filter :set_locale
+	before_filter :set_locale, :redirect_to_maintenance
 
 	protect_from_forgery
 
@@ -19,6 +19,15 @@ class ApplicationController < ActionController::Base
 		end
 	end
 
+	def redirect_to_maintenance
+		if (Settings&.maintenance&.maintenance_mode && !current_user)
+			unless (self.class == Users::SessionsController &&
+							(params[:maintenance_token] == Settings.maintenance.maintenance_token || params[:format] == 'json'))
+				redirect_to Settings.maintenance.maintenance_page
+			end
+		end
+	end
+
 protected
 
 	def json_saved(model, msg=nil)

spec/requests/maintenance_spec.rb

@@ -0,0 +1,105 @@
+# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
+require 'rails_helper'
+require 'controllers/support/shared_user_context'
+
+describe 'Maintenance Mode' do
+  page = "http://commet"
+  token = "thoathioa"
+  include_context :shared_user_context
+  around(:each) do |example|
+    example.run
+    Settings.reload!
+  end
+
+  describe OnboardController, type: :controller do
+    describe '(Onboard is just a basic example controller)'
+    it 'not in maintenance mode' do
+      get :index
+      assert_response 200
+    end
+
+    describe 'in maintenance' do
+      before(:each) do
+        Settings.merge!({maintenance:
+                             {maintenance_mode: true,
+                              maintenance_token: token,
+                              maintenance_page: page}})
+      end
+
+      it 'redirects for onboard' do
+        get :index
+        assert_redirected_to page
+      end
+
+      it 'allows access to non-sign_in pages if youre logged in' do
+        sign_in user_as_np_associate
+        get :index
+        assert_response 200
+      end
+    end
+  end
+
+  describe Users::SessionsController, type: :controller do
+    describe 'in maintenance' do
+      include_context :shared_user_context
+      around(:each) do |example|
+        example.run
+        Settings.reload!
+      end
+
+      before(:each) do
+        @request.env["devise.mapping"] = Devise.mappings[:user]
+      end
+
+      describe 'in maintenance' do
+        before(:each) do
+          Settings.merge!({maintenance:
+                               {maintenance_mode: true,
+                                maintenance_token: token,
+                                maintenance_page: page}})
+        end
+
+        it 'redirects sign_in if the token is wrong' do
+          get(:new, {maintenance_token: "#{token}3"})
+          expect(response.code).to eq "302"
+          expect(response.location).to eq page
+        end
+
+        it 'redirects for login' do
+          get(:new)
+          expect(response.code).to eq "302"
+          expect(response.location).to eq page
+        end
+
+
+        it 'redirects sign_in if the token is passed in wrong param' do
+          get(:new, {maintnancerwrwer_token: "#{token}"})
+          expect(response.code).to eq "302"
+          expect(response.location).to eq page
+        end
+
+        it 'allows sign_in if the token is passed' do
+          get(:new, {maintenance_token: "#{token}"})
+          expect(response.code).to eq '200'
+        end
+
+        it 'allows sign_in.json' do
+          get(:new, {maintenance_token: "#{token}", format: 'json'})
+          expect(response.code).to eq '406'
+        end
+      end
+    end
+
+  end
+
+  # it 'redirect to general user' do
+  #   nonprofit
+  #   unauth_user.create_profile
+  #   sign_in unauth_user
+  #   get(:index)
+  #   expect(response).to redirect_to profile_url(unauth_user.profile.id)
+  # end
+
+
+end
+