Refs: #3478@1h removed boiv-read-offer and BoivPolicy

21 files changed, 55 insertions, 82 deletions

diff --git a/app/models/user.rb b/app/models/user.rb
index 31fc4ef78..9cd4f64d6 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -31,7 +31,7 @@ class User < ActiveRecord::Base
   @@edit_offer_permissions = ['routes.create', 'routes.edit', 'routes.destroy', 'journey_patterns.create', 'journey_patterns.edit', 'journey_patterns.destroy',
     'vehicle_journeys.create', 'vehicle_journeys.edit', 'vehicle_journeys.destroy', 'time_tables.create', 'time_tables.edit', 'time_tables.destroy',
     'footnotes.edit', 'footnotes.create', 'footnotes.destroy', 'routing_constraint_zones.create', 'routing_constraint_zones.edit',
-    'routing_constraint_zones.destroy', 'referentials.create', 'referentials.edit', 'referentials.destroy', 'boiv:edit-offer', 'boiv:read-offer']
+    'routing_constraint_zones.destroy', 'referentials.create', 'referentials.edit', 'referentials.destroy', 'boiv:edit-offer']
   mattr_reader :edit_offer_permissions
 
   def self.all_permissions
@@ -44,8 +44,6 @@ class User < ActiveRecord::Base
     self.name         = extra[:full_name]
     self.email        = extra[:email]
     self.organisation = Organisation.sync_update extra[:organisation_code], extra[:organisation_name], extra[:functional_scope]
-      # TODO: Discuss the following behavior in the light of how the portal's permissions will evolve
-      # boiv:edit-offer does not imply boiv:read-offer, which needs to be provided specifically for any connection rights
     self.permissions  = extra[:permissions].include?('boiv:edit-offer') ? @@edit_offer_permissions : []
   end
 
@@ -74,8 +72,6 @@ class User < ActiveRecord::Base
       user.locked_at    = el['locked_at']
       user.organisation = Organisation.sync_update el['organization_code'], el['organization_name'], el['functional_scope']
       user.synced_at    = Time.now
-      # TODO: Discuss the following behavior in the light of how the portal's permissions will evolve
-      # boiv:edit-offer does not imply boiv:read-offer, which needs to be provided specifically for any connection rights
       user.permissions  = el['permissions'].include?('boiv:edit-offer') ? @@edit_offer_permissions : []
       user.save
     end
diff --git a/app/policies/acces_point_policy.rb b/app/policies/acces_point_policy.rb
index 08af5981a..904b7a242 100644
--- a/app/policies/acces_point_policy.rb
+++ b/app/policies/acces_point_policy.rb
@@ -1,4 +1,4 @@
-class AccessPointPolicy < BoivPolicy
+class AccessPointPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/access_link_policy.rb b/app/policies/access_link_policy.rb
index 654739d06..73b2d1baa 100644
--- a/app/policies/access_link_policy.rb
+++ b/app/policies/access_link_policy.rb
@@ -1,4 +1,4 @@
-class AccessLinkPolicy < BoivPolicy
+class AccessLinkPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb
index 532004296..e8d7f5f30 100644
--- a/app/policies/application_policy.rb
+++ b/app/policies/application_policy.rb
@@ -6,6 +6,18 @@ class ApplicationPolicy
     destroy?
   end
 
+  # Tie edit and update together, #edit?, do not override #edit?,
+  # unless you want to break this tie on purpose
+  def edit?
+    update?
+  end
+
+  # Tie new and create together, do not override #new?,
+  # unless you want to break this tie on purpose
+  def new?
+    create?
+  end
+
 
 
   def initialize(user_context, record)
@@ -28,7 +40,7 @@ class ApplicationPolicy
   end
 
   def index?
-    false
+    show?
   end
 
   def show?
@@ -59,10 +71,6 @@ class ApplicationPolicy
     Pundit.policy_scope!(user, record.class)
   end
 
-  def boiv_read_offer?
-    organisation_match? && !(user.permissions || []).grep(%r{\Aboiv:.}).empty?
-  end
-
   def organisation_match?
     user.organisation == organisation
   end
diff --git a/app/policies/boiv_policy.rb b/app/policies/boiv_policy.rb
deleted file mode 100644
index aa3ecc50d..000000000
--- a/app/policies/boiv_policy.rb
+++ /dev/null
@@ -1,11 +0,0 @@
-class BoivPolicy < ApplicationPolicy
-
-
-  def index?
-    boiv_read_offer?
-  end
-
-  def show?
-    boiv_read_offer?
-  end
-end
diff --git a/app/policies/calendar_policy.rb b/app/policies/calendar_policy.rb
index 9d6b09a9b..4248bccc7 100644
--- a/app/policies/calendar_policy.rb
+++ b/app/policies/calendar_policy.rb
@@ -1,4 +1,4 @@
-class CalendarPolicy < BoivPolicy
+class CalendarPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/company_policy.rb b/app/policies/company_policy.rb
index 2983c6acc..3cc7822a3 100644
--- a/app/policies/company_policy.rb
+++ b/app/policies/company_policy.rb
@@ -1,4 +1,4 @@
-class CompanyPolicy < BoivPolicy
+class CompanyPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/connection_link_policy.rb b/app/policies/connection_link_policy.rb
index 21414efb9..abefd741c 100644
--- a/app/policies/connection_link_policy.rb
+++ b/app/policies/connection_link_policy.rb
@@ -1,4 +1,4 @@
-class ConnectionLinkPolicy < BoivPolicy
+class ConnectionLinkPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/group_of_line_policy.rb b/app/policies/group_of_line_policy.rb
index 86d522545..5d42a23bd 100644
--- a/app/policies/group_of_line_policy.rb
+++ b/app/policies/group_of_line_policy.rb
@@ -1,4 +1,4 @@
-class GroupOfLinePolicy < BoivPolicy
+class GroupOfLinePolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/journey_pattern_policy.rb b/app/policies/journey_pattern_policy.rb
index 01ce2cbbb..7ce2da561 100644
--- a/app/policies/journey_pattern_policy.rb
+++ b/app/policies/journey_pattern_policy.rb
@@ -1,4 +1,4 @@
-class JourneyPatternPolicy < BoivPolicy
+class JourneyPatternPolicy < ApplicationPolicy
 
   class Scope < Scope
     def resolve
diff --git a/app/policies/line_policy.rb b/app/policies/line_policy.rb
index 1b0d00cc5..a557b496c 100644
--- a/app/policies/line_policy.rb
+++ b/app/policies/line_policy.rb
@@ -1,4 +1,4 @@
-class LinePolicy < BoivPolicy
+class LinePolicy < ApplicationPolicy
 
   class Scope < Scope
     def resolve
diff --git a/app/policies/network_policy.rb b/app/policies/network_policy.rb
index 4c1ea1090..427eace93 100644
--- a/app/policies/network_policy.rb
+++ b/app/policies/network_policy.rb
@@ -1,4 +1,4 @@
-class NetworkPolicy < BoivPolicy
+class NetworkPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/referential_policy.rb b/app/policies/referential_policy.rb
index 88847a212..8e2a8f7f7 100644
--- a/app/policies/referential_policy.rb
+++ b/app/policies/referential_policy.rb
@@ -1,4 +1,4 @@
-class ReferentialPolicy < BoivPolicy
+class ReferentialPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/route_policy.rb b/app/policies/route_policy.rb
index ca9b02164..a12055aa6 100644
--- a/app/policies/route_policy.rb
+++ b/app/policies/route_policy.rb
@@ -1,4 +1,4 @@
-class RoutePolicy < BoivPolicy
+class RoutePolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/routing_constraint_zone_policy.rb b/app/policies/routing_constraint_zone_policy.rb
index da311bc03..1e7535475 100644
--- a/app/policies/routing_constraint_zone_policy.rb
+++ b/app/policies/routing_constraint_zone_policy.rb
@@ -1,4 +1,4 @@
-class RoutingConstraintZonePolicy < BoivPolicy
+class RoutingConstraintZonePolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/stop_area_policy.rb b/app/policies/stop_area_policy.rb
index 79b7178ce..4fa426ff6 100644
--- a/app/policies/stop_area_policy.rb
+++ b/app/policies/stop_area_policy.rb
@@ -1,4 +1,4 @@
-class StopAreaPolicy < BoivPolicy
+class StopAreaPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/app/policies/time_table_policy.rb b/app/policies/time_table_policy.rb
index a8f54ad48..30df8939b 100644
--- a/app/policies/time_table_policy.rb
+++ b/app/policies/time_table_policy.rb
@@ -1,4 +1,4 @@
-class TimeTablePolicy < BoivPolicy
+class TimeTablePolicy < ApplicationPolicy
 
   class Scope < Scope
     def resolve
diff --git a/app/policies/vehicle_journey_policy.rb b/app/policies/vehicle_journey_policy.rb
index de6dd7088..ae3680adf 100644
--- a/app/policies/vehicle_journey_policy.rb
+++ b/app/policies/vehicle_journey_policy.rb
@@ -1,4 +1,4 @@
-class VehicleJourneyPolicy < BoivPolicy
+class VehicleJourneyPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
       scope
diff --git a/spec/features/workbenches_spec.rb b/spec/features/workbenches_spec.rb
index cad70624f..9141b5673 100644
--- a/spec/features/workbenches_spec.rb
+++ b/spec/features/workbenches_spec.rb
@@ -121,7 +121,7 @@ describe 'Workbenches', type: :feature do
           expect(page).to_not have_content(other_referential.name)
         end
 
-       it 'should keep filtering on sort' do
+        it 'should keep filtering on sort' do
           dates = referential.validity_period.to_a
           fill_validity_field dates[0], 'begin_gteq'
           fill_validity_field dates[1], 'end_lteq'
@@ -149,7 +149,7 @@ describe 'Workbenches', type: :feature do
           end
           click_button 'Filtrer'
 
-         ['begin_gteq', 'end_lteq'].each_with_index do |field, index|
+          ['begin_gteq', 'end_lteq'].each_with_index do |field, index|
             expect(find("#q_validity_period_#{field}_3i").value).to eq dates[index].day.to_s
             expect(find("#q_validity_period_#{field}_2i").value).to eq dates[index].month.to_s
             expect(find("#q_validity_period_#{field}_1i").value).to eq dates[index].year.to_s
@@ -157,37 +157,38 @@ describe 'Workbenches', type: :feature do
         end
       end
 
-    context 'permissions' do
-      before(:each) do
-        visit workbench_path(workbench)
-      end
+      context 'permissions' do
+        before(:each) do
+          visit workbench_path(workbench)
+        end
 
-      context 'user has the permission to create referentials' do
-        it 'shows the link for a new referetnial' do
-          expect(page).to have_link(I18n.t('actions.add'), href: new_referential_path(workbench_id: workbench.id))
+        context 'user has the permission to create referentials' do
+          it 'shows the link for a new referetnial' do
+            expect(page).to have_link(I18n.t('actions.add'), href: new_referential_path(workbench_id: workbench.id))
+          end
         end
-      end
 
-      context 'user does not have the permission to create referentials' do
-        it 'does not show the clone link for referential' do
-          @user.update_attribute(:permissions, [])
-          visit referential_path(referential)
-          expect(page).not_to have_link(I18n.t('actions.add'), href: new_referential_path(workbench_id: workbench.id))
+        context 'user does not have the permission to create referentials' do
+          it 'does not show the clone link for referential' do
+            @user.update_attribute(:permissions, [])
+            visit referential_path(referential)
+            expect(page).not_to have_link(I18n.t('actions.add'), href: new_referential_path(workbench_id: workbench.id))
+          end
         end
       end
-    end
 
-  describe 'create new Referential' do
-    it "create a new Referential with a specifed line and period" do
-      referential.destroy
+      describe 'create new Referential' do
+        it "create a new Referential with a specifed line and period" do
+          referential.destroy
 
-      visit workbench_path(workbench)
-      click_link I18n.t('actions.add')
-      fill_in "referential[name]", with: "Referential to test creation"
-      select workbench.lines.first.id, from: 'referential[metadatas_attributes][0][lines][]'
+          visit workbench_path(workbench)
+          click_link I18n.t('actions.add')
+          fill_in "referential[name]", with: "Referential to test creation"
+          select workbench.lines.first.id, from: 'referential[metadatas_attributes][0][lines][]'
 
-        click_button "Valider"
-        expect(page).to have_css("h1", text: "Referential to test creation")
+          click_button "Valider"
+          expect(page).to have_css("h1", text: "Referential to test creation")
+        end
       end
     end
   end
diff --git a/spec/helpers/table_builder_helper/custom_links_spec.rb b/spec/helpers/table_builder_helper/custom_links_spec.rb
index c1038b7f1..bd0bd4fcf 100644
--- a/spec/helpers/table_builder_helper/custom_links_spec.rb
+++ b/spec/helpers/table_builder_helper/custom_links_spec.rb
@@ -1,5 +1,3 @@
-require 'spec_helper'
-
 describe TableBuilderHelper::CustomLinks do
   describe "#actions_after_policy_check" do
     it "includes :show" do
@@ -8,9 +6,6 @@ describe TableBuilderHelper::CustomLinks do
         build_stubbed(
           :user,
           organisation: referential.organisation,
-          permissions: [
-            'boiv:read-offer'
-          ]
         ),
         referential: referential
       )
diff --git a/spec/policies/boiv_policy_spec.rb b/spec/policies/boiv_policy_spec.rb
deleted file mode 100644
index 6787ab2ac..000000000
--- a/spec/policies/boiv_policy_spec.rb
+++ /dev/null
@@ -1,16 +0,0 @@
-RSpec.describe BoivPolicy, type: :policy do
-
-  let( :record ){ nil }
-
-  permissions :index? do
-    it_behaves_like 'permitted policy and same organisation', 'boiv:read-offer'
-  end
-
-  permissions :boiv_read_offer? do
-    it_behaves_like 'permitted policy and same organisation', 'boiv:read-offer'
-  end
-
-  permissions :show? do
-    it_behaves_like 'permitted policy and same organisation', 'boiv:read-offer'
-  end
-end