| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
ImportPolicy changing *.imports →' imports.*
|
|
|
|
|
|
Refs #4543
|
|
Refs #4543
|
|
Fixes: #4431@0.16666666666666666h;
|
|
4446 spec features api keys
|
|
* Make failing /delete_api_key_feature_spec pending
- Seems Capybara only sees html from the partial api_keys/_form, but not
the parent api_keys/edit, which happens to contain the delete link :(
* ApiKeyPolicy adapted
- update? depends on record's organisation as no referential present
- create? depends on user's permission only as organisation will be correct anyway
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Duplication of Route is triggered by link and UI forwarded to edit of duplicatee
- Changing route, only POST duplicate_referential_line_route --> RoutesController#duplicate
- Removing route GET duplicate_referential_line_route --> RoutesController#duplicate
- Removing controller action RoutesController#post_duplicate
* Link in Route Decorator depends on new policy RoutePolicy#decorate?
* Adapting specs
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Decorator Spec Setup `spec/support/decortor_helpers.rb`
- Speced
- Fixed
|
|
- Fixes remaining issues with LinePolicy, CalenderPolicy & RoutePolicy
- Dead Code elimination
|
|
Policy Refactoring and Policy Test Completion
- All policies (and all permissions) under test.
- Common patterns and potential problems identified...
- ... and documented in DEVNOTES.md
- some simply refactorings
|
|
- All permissions tied to `!archived?`
- Tests adapted
- Policies refactored
? Is `create?` permission bound to `organisation_match?`
|
|
- PolicyChecker authorizes(*) all now
- Untied ApplicationPolicy#index? from show?
- mv access_point_policy.rb to access_point_policy.rb fixing an invisible name curruption (local problem?)
* to authorize: to allow (not here), to undergo the process of authorization (here)
|
|
models and actions
- ApplicationPolicy nondestructive permission depend on model existance
- ApplicationPolicy destructive permission default to `false`
- Tied Policy permissions at ApplicationPolicy Level: edit? → update?, new? → create?, index? → show?
- ApplicationPolicy convenience methods `delete?` & `authorizes_action?(action)`
- Refactoring of `spec/helpers/table_builder_helper_spec.rb` accordingly
- Stubbing scope in specs (cannot switch to referential with a `build_stubbed` instance)
|
|
|
|
to moving authoriation BL into policies
|
|
|
|
newapplication helper default authorization, (no if) ->
* DefaultPolicy (all true)
* Add some policies (LinePolicy)
* Use `boiv:read` pour show, index
* Adapted `table_builder`
|
|
+ ApplicationController provides Pundit's UserContext's referential with `@referential` instead of `current_referential`,
(`@referential` is computed from the URL, while `current_referential` was aliased to different methods, **not always**
pointing to `Referential` instances)
+ ApplicationPolicy uses the record's referential in its `referential method` iff it is an instance of `Referential` else
it uses the abovely provided referential, locally named `@current_referential` (as it should be named in the Ctrl too)
This assures, in combination with the Ctrl Change, that `referential` **always** returns an instance of `Referential`!
- TODO: Review my understanding of _Referential Setup_ inside the Ctrls
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
