diff options
| author | Robert | 2017-05-23 20:21:42 +0200 |
|---|---|---|
| committer | Robert | 2017-05-23 20:21:42 +0200 |
| commit | 97467efb3cfb8893f842988ece7f95e7f5b3b9b8 (patch) | |
| tree | 97504d044a260edbe06f664329fd1a67c0657885 | |
| parent | 49e8c9b65f953bf725a39193797266ac4ac717f1 (diff) | |
| download | chouette-core-97467efb3cfb8893f842988ece7f95e7f5b3b9b8.tar.bz2 | |
Refs: 3446; basic archived policy implemented and used for time_table_policies
| -rw-r--r-- | app/policies/application_policy.rb | 5 | ||||
| -rw-r--r-- | app/policies/time_table_policy.rb | 12 | ||||
| -rw-r--r-- | spec/policies/boiv_policy_spec.rb | 7 | ||||
| -rw-r--r-- | spec/policies/time_table_policy_spec.rb | 13 | ||||
| -rw-r--r-- | spec/support/pundit/shared_examples.rb | 35 |
5 files changed, 61 insertions, 11 deletions
diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb index de8a23344..00d6729f0 100644 --- a/app/policies/application_policy.rb +++ b/app/policies/application_policy.rb @@ -7,7 +7,10 @@ class ApplicationPolicy @record = record end - attr_accessor :referential + def archived? + referential.ready + end + def referential @referential ||= record_referential end diff --git a/app/policies/time_table_policy.rb b/app/policies/time_table_policy.rb index 1bb2add15..059edb8c6 100644 --- a/app/policies/time_table_policy.rb +++ b/app/policies/time_table_policy.rb @@ -6,19 +6,23 @@ class TimeTablePolicy < BoivPolicy end def create? - user.has_permission?('time_tables.create') # organisation match via referential is checked in the view + !archived? && + user.has_permission?('time_tables.create') # organisation match via referential is checked in the view end def edit? - organisation_match? && user.has_permission?('time_tables.edit') + !archived? && + organisation_match? && user.has_permission?('time_tables.edit') end def destroy? - organisation_match? && user.has_permission?('time_tables.destroy') + !archived? && + organisation_match? && user.has_permission?('time_tables.destroy') end def duplicate? - organisation_match? && create? + !archived? && + organisation_match? && create? end def update? ; edit? end diff --git a/spec/policies/boiv_policy_spec.rb b/spec/policies/boiv_policy_spec.rb index 3af82ddfe..bf09cdcd9 100644 --- a/spec/policies/boiv_policy_spec.rb +++ b/spec/policies/boiv_policy_spec.rb @@ -1,16 +1,15 @@ RSpec.describe BoivPolicy, type: :policy do - permissions :index? do - it_behaves_like 'permitted and same organisation', 'boiv:read-offer' + it_behaves_like 'permitted policy and same organisation', 'boiv:read-offer' end permissions :boiv_read_offer? do - it_behaves_like 'permitted and same organisation', 'boiv:read-offer' + it_behaves_like 'permitted policy and same organisation', 'boiv:read-offer' end permissions :show? do - it_behaves_like 'permitted and same organisation', 'boiv:read-offer' + it_behaves_like 'permitted policy and same organisation', 'boiv:read-offer' end end diff --git a/spec/policies/time_table_policy_spec.rb b/spec/policies/time_table_policy_spec.rb index 48beea75d..b73f1c662 100644 --- a/spec/policies/time_table_policy_spec.rb +++ b/spec/policies/time_table_policy_spec.rb @@ -1,7 +1,18 @@ RSpec.describe TimeTablePolicy, type: :policy do permissions :duplicate? do - it_behaves_like 'permitted and same organisation', 'time_tables.create' + it_behaves_like 'permitted policy and same organisation', 'time_tables.create', restricted_ready: true end + %w{destroy edit}.each do | permission | + permissions "#{permission}?".to_sym do + it_behaves_like 'permitted policy and same organisation', "time_tables.#{permission}", restricted_ready: true + end + end + + permissions :create? do + it_behaves_like 'permitted policy', 'time_tables.create', restricted_ready: true + end + + end diff --git a/spec/support/pundit/shared_examples.rb b/spec/support/pundit/shared_examples.rb index 9583ab30c..a5ee5f758 100644 --- a/spec/support/pundit/shared_examples.rb +++ b/spec/support/pundit/shared_examples.rb @@ -1,4 +1,5 @@ -RSpec.shared_examples "permitted and same organisation" do |permission| +RSpec.shared_examples "permitted policy and same organisation" do + | permission, restricted_ready: false| context "permission absent → " do it "denies a user with a different organisation" do @@ -23,5 +24,37 @@ RSpec.shared_examples "permitted and same organisation" do |permission| user.update_attribute :organisation, referential.organisation expect_it.to permit(user_context, referential) end + + if restricted_ready + it "removes the permission for archived referentials" do + user.update_attribute :organisation, referential.organisation + referential.update_attribute :ready, true + expect_it.not_to permit(user_context, referential) + end + end + end +end + +RSpec.shared_examples 'permitted policy' do + | permission, restricted_ready: false| + context "permission absent → " do + it "denies a user with a different organisation" do + expect_it.not_to permit(user_context, referential) + end + end + context "permission present → " do + before do + add_permissions(permission, for_user: user) + end + it "allows a user with a different organisation" do + expect_it.to permit(user_context, referential) + end + + if restricted_ready + it "removes the permission for archived referentials" do + referential.update_attribute :ready, true + expect_it.not_to permit(user_context, referential) + end + end end end |