kosiakkatrina
2 years ago
committed by
GitHub
11 changed files with 213 additions and 133 deletions
@ -0,0 +1,36 @@ |
|||||||
|
class UserPolicy |
||||||
|
attr_reader :current_user, :user |
||||||
|
|
||||||
|
def initialize(current_user, user) |
||||||
|
@current_user = current_user |
||||||
|
@user = user |
||||||
|
end |
||||||
|
|
||||||
|
def edit_password? |
||||||
|
@current_user == @user |
||||||
|
end |
||||||
|
|
||||||
|
def edit_roles? |
||||||
|
(@current_user.data_coordinator? || @current_user.support?) && @user.active? |
||||||
|
end |
||||||
|
|
||||||
|
%w[ |
||||||
|
edit_roles? |
||||||
|
edit_dpo? |
||||||
|
edit_key_contact? |
||||||
|
].each do |method_name| |
||||||
|
define_method method_name do |
||||||
|
(@current_user.data_coordinator? || @current_user.support?) && @user.active? |
||||||
|
end |
||||||
|
end |
||||||
|
|
||||||
|
%w[ |
||||||
|
edit_emails? |
||||||
|
edit_telephone_numbers? |
||||||
|
edit_names? |
||||||
|
].each do |method_name| |
||||||
|
define_method method_name do |
||||||
|
(@current_user == @user || @current_user.data_coordinator? || @current_user.support?) && @user.active? |
||||||
|
end |
||||||
|
end |
||||||
|
end |
@ -0,0 +1,103 @@ |
|||||||
|
require "rails_helper" |
||||||
|
# rubocop:disable RSpec/RepeatedExample |
||||||
|
|
||||||
|
RSpec.describe UserPolicy do |
||||||
|
subject(:policy) { described_class } |
||||||
|
|
||||||
|
let(:data_provider) { FactoryBot.create(:user, :data_provider) } |
||||||
|
let(:data_coordinator) { FactoryBot.create(:user, :data_coordinator) } |
||||||
|
let(:support) { FactoryBot.create(:user, :support) } |
||||||
|
|
||||||
|
permissions :edit_names? do |
||||||
|
it "allows changing their own name" do |
||||||
|
expect(policy).to permit(data_provider, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a coordinator it allows changing other user's name" do |
||||||
|
expect(policy).to permit(data_coordinator, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a support user it allows changing other user's name" do |
||||||
|
expect(policy).to permit(support, data_provider) |
||||||
|
end |
||||||
|
end |
||||||
|
|
||||||
|
permissions :edit_emails? do |
||||||
|
it "allows changing their own email" do |
||||||
|
expect(policy).to permit(data_provider, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a coordinator it allows changing other user's email" do |
||||||
|
expect(policy).to permit(data_coordinator, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a support user it allows changing other user's email" do |
||||||
|
expect(policy).to permit(support, data_provider) |
||||||
|
end |
||||||
|
end |
||||||
|
|
||||||
|
permissions :edit_password? do |
||||||
|
it "as a provider it allows changing their own password" do |
||||||
|
expect(policy).to permit(data_provider, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a coordinator it allows changing their own password" do |
||||||
|
expect(policy).to permit(data_coordinator, data_coordinator) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a support user it allows changing their own password" do |
||||||
|
expect(policy).to permit(support, support) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a coordinator it does not allow changing other user's password" do |
||||||
|
expect(policy).not_to permit(data_coordinator, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a support user it does not allow changing other user's password" do |
||||||
|
expect(policy).not_to permit(support, data_provider) |
||||||
|
end |
||||||
|
end |
||||||
|
|
||||||
|
permissions :edit_roles? do |
||||||
|
it "as a provider it does not allow changing roles" do |
||||||
|
expect(policy).not_to permit(data_provider, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a coordinator allows changing other user's roles" do |
||||||
|
expect(policy).to permit(data_coordinator, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a support user allows changing other user's roles" do |
||||||
|
expect(policy).to permit(support, data_provider) |
||||||
|
end |
||||||
|
end |
||||||
|
|
||||||
|
permissions :edit_dpo? do |
||||||
|
it "as a provider it does not allow changing dpo" do |
||||||
|
expect(policy).not_to permit(data_provider, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a coordinator allows changing other user's dpo" do |
||||||
|
expect(policy).to permit(data_coordinator, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a support user allows changing other user's dpo" do |
||||||
|
expect(policy).to permit(support, data_provider) |
||||||
|
end |
||||||
|
end |
||||||
|
|
||||||
|
permissions :edit_key_contact? do |
||||||
|
it "as a provider it does not allow changing key_contact" do |
||||||
|
expect(policy).not_to permit(data_provider, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a coordinator allows changing other user's key_contact" do |
||||||
|
expect(policy).to permit(data_coordinator, data_provider) |
||||||
|
end |
||||||
|
|
||||||
|
it "as a support user allows changing other user's key_contact" do |
||||||
|
expect(policy).to permit(support, data_provider) |
||||||
|
end |
||||||
|
end |
||||||
|
end |
||||||
|
# rubocop:enable RSpec/RepeatedExample |
Loading…
Reference in new issue