Browse Source

Allow data coordinators to change user roles

pull/442/head
baarkerlounger 3 years ago
parent
commit
e8a3055f56
  1. 4
      app/views/users/edit.html.erb
  2. 4
      app/views/users/show.html.erb
  3. 51
      spec/requests/users_controller_spec.rb

4
app/views/users/edit.html.erb

@ -27,6 +27,10 @@
%> %>
<% if current_user.data_coordinator? %> <% if current_user.data_coordinator? %>
<%= roles = User::ROLES.map { |key, _| OpenStruct.new(id: key, name: key.to_s.humanize) }
f.govuk_collection_radio_buttons :role, roles, :id, :name, legend: { text: "Role", size: "m" }
%>
<%= f.govuk_collection_radio_buttons :is_dpo, <%= f.govuk_collection_radio_buttons :is_dpo,
[OpenStruct.new(id: false, name: "No"), OpenStruct.new(id: true, name: "Yes")], [OpenStruct.new(id: false, name: "No"), OpenStruct.new(id: true, name: "Yes")],
:id, :id,

4
app/views/users/show.html.erb

@ -42,7 +42,11 @@
<%= summary_list.row do |row| <%= summary_list.row do |row|
row.key { 'Role' } row.key { 'Role' }
row.value { @user.role.humanize } row.value { @user.role.humanize }
if current_user.data_coordinator?
row.action(visually_hidden_text: "role", href: edit_user_path, html_attributes: { "data-qa": "role" })
else
row.action() row.action()
end
end %> end %>
<%= summary_list.row do |row| <%= summary_list.row do |row|

51
spec/requests/users_controller_spec.rb

@ -121,6 +121,15 @@ RSpec.describe UsersController, type: :request do
it "show the user details" do it "show the user details" do
expect(page).to have_content("Your account") expect(page).to have_content("Your account")
end end
it "allows changing name, email and password" do
expect(page).to have_link("Change", text: "name")
expect(page).to have_link("Change", text: "email address")
expect(page).to have_link("Change", text: "password")
expect(page).not_to have_link("Change", text: "role")
expect(page).not_to have_link("Change", text: "are you a data protection officer?")
expect(page).not_to have_link("Change", text: "are you a key contact?")
end
end end
context "when the current user does not matches the user ID" do context "when the current user does not matches the user ID" do
@ -149,6 +158,14 @@ RSpec.describe UsersController, type: :request do
it "show the edit personal details page" do it "show the edit personal details page" do
expect(page).to have_content("Change your personal details") expect(page).to have_content("Change your personal details")
end end
it "has fields for name and email" do
expect(page).to have_field("user[name]")
expect(page).to have_field("user[email]")
expect(page).not_to have_field("user[role]")
expect(page).not_to have_field("user[is_dpo]")
expect(page).not_to have_field("user[is_key_contact]")
end
end end
context "when the current user does not matches the user ID" do context "when the current user does not matches the user ID" do
@ -308,6 +325,15 @@ RSpec.describe UsersController, type: :request do
it "show the user details" do it "show the user details" do
expect(page).to have_content("Your account") expect(page).to have_content("Your account")
end end
it "allows changing name, email, password, role, dpo and key contact" do
expect(page).to have_link("Change", text: "name")
expect(page).to have_link("Change", text: "email address")
expect(page).to have_link("Change", text: "password")
expect(page).to have_link("Change", text: "role")
expect(page).to have_link("Change", text: "are you a data protection officer?")
expect(page).to have_link("Change", text: "are you a key contact?")
end
end end
context "when the current user does not matches the user ID" do context "when the current user does not matches the user ID" do
@ -324,6 +350,15 @@ RSpec.describe UsersController, type: :request do
it "shows the user details page" do it "shows the user details page" do
expect(page).to have_content("#{other_user.name}’s account") expect(page).to have_content("#{other_user.name}’s account")
end end
it "allows changing name, email, role, dpo and key contact" do
expect(page).to have_link("Change", text: "name")
expect(page).to have_link("Change", text: "email address")
expect(page).not_to have_link("Change", text: "password")
expect(page).to have_link("Change", text: "role")
expect(page).to have_link("Change", text: "are they a data protection officer?")
expect(page).to have_link("Change", text: "are they a key contact?")
end
end end
context "when the user is not part of the same organisation as the current user" do context "when the user is not part of the same organisation as the current user" do
@ -350,6 +385,14 @@ RSpec.describe UsersController, type: :request do
it "show the edit personal details page" do it "show the edit personal details page" do
expect(page).to have_content("Change your personal details") expect(page).to have_content("Change your personal details")
end end
it "has fields for name, email, role, dpo and key contact" do
expect(page).to have_field("user[name]")
expect(page).to have_field("user[email]")
expect(page).to have_field("user[role]")
expect(page).to have_field("user[is_dpo]")
expect(page).to have_field("user[is_key_contact]")
end
end end
context "when the current user does not matches the user ID" do context "when the current user does not matches the user ID" do
@ -366,6 +409,14 @@ RSpec.describe UsersController, type: :request do
it "shows the user details page" do it "shows the user details page" do
expect(page).to have_content("Change #{other_user.name}’s personal details") expect(page).to have_content("Change #{other_user.name}’s personal details")
end end
it "has fields for name, email, role, dpo and key contact" do
expect(page).to have_field("user[name]")
expect(page).to have_field("user[email]")
expect(page).to have_field("user[role]")
expect(page).to have_field("user[is_dpo]")
expect(page).to have_field("user[is_key_contact]")
end
end end
context "when the user is not part of the same organisation as the current user" do context "when the user is not part of the same organisation as the current user" do

Loading…
Cancel
Save