diff --git a/app/controllers/telegram_bots_controller.rb b/app/controllers/telegram_bots_controller.rb
index 4fa4c25..9366488 100644
--- a/app/controllers/telegram_bots_controller.rb
+++ b/app/controllers/telegram_bots_controller.rb
@@ -1,9 +1,22 @@
# frozen_string_literal: true
class TelegramBotsController < ApplicationController
+ before_action :set_telegram_bot, except: :index
+
# GET /telegram_bots
def index
authorize :telegram_bot
@telegram_bots = policy_scope(TelegramBot)
end
+
+ # GET /telegram_bots/:id
+ def show
+ authorize @telegram_bot
+ end
+
+private
+
+ def set_telegram_bot
+ @telegram_bot = TelegramBot.find params[:id]
+ end
end
diff --git a/app/policies/telegram_bot_policy.rb b/app/policies/telegram_bot_policy.rb
index ee3c204..84e5ad6 100644
--- a/app/policies/telegram_bot_policy.rb
+++ b/app/policies/telegram_bot_policy.rb
@@ -5,6 +5,10 @@ class TelegramBotPolicy < ApplicationPolicy
context.account&.is_superuser?
end
+ def show?
+ context.account&.is_superuser?
+ end
+
class Scope < Scope
def resolve
return scope.all if context.account&.is_superuser?
diff --git a/app/views/telegram_bots/index.html.erb b/app/views/telegram_bots/index.html.erb
index bb207e9..f883f3c 100644
--- a/app/views/telegram_bots/index.html.erb
+++ b/app/views/telegram_bots/index.html.erb
@@ -25,7 +25,14 @@
<%= telegram_bot.secret %> |
<%= telegram_bot.api_token %> |
<%= truncate telegram_bot.username, length: 20 %> |
- |
+
+ <% if policy(telegram_bot).show? %>
+ <%= link_to telegram_bot_path(telegram_bot),
+ role: :button, class: 'btn btn-light btn-sm' do %>
+
+ <% end %>
+ <% end %>
+ |
<% end %>
diff --git a/app/views/telegram_bots/show.html.erb b/app/views/telegram_bots/show.html.erb
new file mode 100644
index 0000000..d50a9c2
--- /dev/null
+++ b/app/views/telegram_bots/show.html.erb
@@ -0,0 +1,12 @@
+
+
+ - <%= TelegramBot.human_attribute_name :secret %>
+ - <%= @telegram_bot.secret %>
+
+ - <%= TelegramBot.human_attribute_name :api_token %>
+ - <%= @telegram_bot.api_token %>
+
+ - <%= TelegramBot.human_attribute_name :username %>
+ - <%= truncate @telegram_bot.username %>
+
+
diff --git a/config/routes.rb b/config/routes.rb
index 7749ae5..cb8c70e 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -20,7 +20,7 @@ Rails.application.routes.draw do
only: %i[index create]
end
- resources :telegram_bots, only: :index
+ resources :telegram_bots, only: %i[index show]
resources :telegram_bot_updates, only: :create
end
diff --git a/spec/requests/telegram_bots/show_spec.rb b/spec/requests/telegram_bots/show_spec.rb
new file mode 100644
index 0000000..7a72435
--- /dev/null
+++ b/spec/requests/telegram_bots/show_spec.rb
@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'GET /telegram_bots/:id' do
+ let!(:telegram_bot) { create :telegram_bot }
+
+ before do
+ sign_in current_account.user if current_account&.user
+ get "/telegram_bots/#{telegram_bot.id}"
+ end
+
+ context 'when no account is authenticated' do
+ let(:current_account) { nil }
+
+ specify do
+ expect(response).to have_http_status :unauthorized
+ end
+ end
+
+ context 'when guest account is authenticated' do
+ let(:current_account) { create :guest_account }
+
+ specify do
+ expect(response).to have_http_status :unauthorized
+ end
+ end
+
+ context 'when usual account is authenticated' do
+ let(:current_account) { create :account_with_user }
+
+ specify do
+ expect(response).to have_http_status :unauthorized
+ end
+ end
+
+ context 'when superuser account is authenticated' do
+ let(:current_account) { create :superuser_account }
+
+ specify do
+ expect(response).to have_http_status :ok
+ end
+ end
+end