kosiakkatrina
2 years ago
committed by
GitHub
11 changed files with 213 additions and 133 deletions
@ -0,0 +1,36 @@
|
||||
class UserPolicy |
||||
attr_reader :current_user, :user |
||||
|
||||
def initialize(current_user, user) |
||||
@current_user = current_user |
||||
@user = user |
||||
end |
||||
|
||||
def edit_password? |
||||
@current_user == @user |
||||
end |
||||
|
||||
def edit_roles? |
||||
(@current_user.data_coordinator? || @current_user.support?) && @user.active? |
||||
end |
||||
|
||||
%w[ |
||||
edit_roles? |
||||
edit_dpo? |
||||
edit_key_contact? |
||||
].each do |method_name| |
||||
define_method method_name do |
||||
(@current_user.data_coordinator? || @current_user.support?) && @user.active? |
||||
end |
||||
end |
||||
|
||||
%w[ |
||||
edit_emails? |
||||
edit_telephone_numbers? |
||||
edit_names? |
||||
].each do |method_name| |
||||
define_method method_name do |
||||
(@current_user == @user || @current_user.data_coordinator? || @current_user.support?) && @user.active? |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,103 @@
|
||||
require "rails_helper" |
||||
# rubocop:disable RSpec/RepeatedExample |
||||
|
||||
RSpec.describe UserPolicy do |
||||
subject(:policy) { described_class } |
||||
|
||||
let(:data_provider) { FactoryBot.create(:user, :data_provider) } |
||||
let(:data_coordinator) { FactoryBot.create(:user, :data_coordinator) } |
||||
let(:support) { FactoryBot.create(:user, :support) } |
||||
|
||||
permissions :edit_names? do |
||||
it "allows changing their own name" do |
||||
expect(policy).to permit(data_provider, data_provider) |
||||
end |
||||
|
||||
it "as a coordinator it allows changing other user's name" do |
||||
expect(policy).to permit(data_coordinator, data_provider) |
||||
end |
||||
|
||||
it "as a support user it allows changing other user's name" do |
||||
expect(policy).to permit(support, data_provider) |
||||
end |
||||
end |
||||
|
||||
permissions :edit_emails? do |
||||
it "allows changing their own email" do |
||||
expect(policy).to permit(data_provider, data_provider) |
||||
end |
||||
|
||||
it "as a coordinator it allows changing other user's email" do |
||||
expect(policy).to permit(data_coordinator, data_provider) |
||||
end |
||||
|
||||
it "as a support user it allows changing other user's email" do |
||||
expect(policy).to permit(support, data_provider) |
||||
end |
||||
end |
||||
|
||||
permissions :edit_password? do |
||||
it "as a provider it allows changing their own password" do |
||||
expect(policy).to permit(data_provider, data_provider) |
||||
end |
||||
|
||||
it "as a coordinator it allows changing their own password" do |
||||
expect(policy).to permit(data_coordinator, data_coordinator) |
||||
end |
||||
|
||||
it "as a support user it allows changing their own password" do |
||||
expect(policy).to permit(support, support) |
||||
end |
||||
|
||||
it "as a coordinator it does not allow changing other user's password" do |
||||
expect(policy).not_to permit(data_coordinator, data_provider) |
||||
end |
||||
|
||||
it "as a support user it does not allow changing other user's password" do |
||||
expect(policy).not_to permit(support, data_provider) |
||||
end |
||||
end |
||||
|
||||
permissions :edit_roles? do |
||||
it "as a provider it does not allow changing roles" do |
||||
expect(policy).not_to permit(data_provider, data_provider) |
||||
end |
||||
|
||||
it "as a coordinator allows changing other user's roles" do |
||||
expect(policy).to permit(data_coordinator, data_provider) |
||||
end |
||||
|
||||
it "as a support user allows changing other user's roles" do |
||||
expect(policy).to permit(support, data_provider) |
||||
end |
||||
end |
||||
|
||||
permissions :edit_dpo? do |
||||
it "as a provider it does not allow changing dpo" do |
||||
expect(policy).not_to permit(data_provider, data_provider) |
||||
end |
||||
|
||||
it "as a coordinator allows changing other user's dpo" do |
||||
expect(policy).to permit(data_coordinator, data_provider) |
||||
end |
||||
|
||||
it "as a support user allows changing other user's dpo" do |
||||
expect(policy).to permit(support, data_provider) |
||||
end |
||||
end |
||||
|
||||
permissions :edit_key_contact? do |
||||
it "as a provider it does not allow changing key_contact" do |
||||
expect(policy).not_to permit(data_provider, data_provider) |
||||
end |
||||
|
||||
it "as a coordinator allows changing other user's key_contact" do |
||||
expect(policy).to permit(data_coordinator, data_provider) |
||||
end |
||||
|
||||
it "as a support user allows changing other user's key_contact" do |
||||
expect(policy).to permit(support, data_provider) |
||||
end |
||||
end |
||||
end |
||||
# rubocop:enable RSpec/RepeatedExample |
Loading…
Reference in new issue