Browse Source

Allow data coordinators to change user roles

pull/442/head
baarkerlounger 3 years ago
parent
commit
e8a3055f56
  1. 4
      app/views/users/edit.html.erb
  2. 4
      app/views/users/show.html.erb
  3. 51
      spec/requests/users_controller_spec.rb

4
app/views/users/edit.html.erb

@ -27,6 +27,10 @@
%>
<% if current_user.data_coordinator? %>
<%= roles = User::ROLES.map { |key, _| OpenStruct.new(id: key, name: key.to_s.humanize) }
f.govuk_collection_radio_buttons :role, roles, :id, :name, legend: { text: "Role", size: "m" }
%>
<%= f.govuk_collection_radio_buttons :is_dpo,
[OpenStruct.new(id: false, name: "No"), OpenStruct.new(id: true, name: "Yes")],
:id,

4
app/views/users/show.html.erb

@ -42,7 +42,11 @@
<%= summary_list.row do |row|
row.key { 'Role' }
row.value { @user.role.humanize }
if current_user.data_coordinator?
row.action(visually_hidden_text: "role", href: edit_user_path, html_attributes: { "data-qa": "role" })
else
row.action()
end
end %>
<%= summary_list.row do |row|

51
spec/requests/users_controller_spec.rb

@ -121,6 +121,15 @@ RSpec.describe UsersController, type: :request do
it "show the user details" do
expect(page).to have_content("Your account")
end
it "allows changing name, email and password" do
expect(page).to have_link("Change", text: "name")
expect(page).to have_link("Change", text: "email address")
expect(page).to have_link("Change", text: "password")
expect(page).not_to have_link("Change", text: "role")
expect(page).not_to have_link("Change", text: "are you a data protection officer?")
expect(page).not_to have_link("Change", text: "are you a key contact?")
end
end
context "when the current user does not matches the user ID" do
@ -149,6 +158,14 @@ RSpec.describe UsersController, type: :request do
it "show the edit personal details page" do
expect(page).to have_content("Change your personal details")
end
it "has fields for name and email" do
expect(page).to have_field("user[name]")
expect(page).to have_field("user[email]")
expect(page).not_to have_field("user[role]")
expect(page).not_to have_field("user[is_dpo]")
expect(page).not_to have_field("user[is_key_contact]")
end
end
context "when the current user does not matches the user ID" do
@ -308,6 +325,15 @@ RSpec.describe UsersController, type: :request do
it "show the user details" do
expect(page).to have_content("Your account")
end
it "allows changing name, email, password, role, dpo and key contact" do
expect(page).to have_link("Change", text: "name")
expect(page).to have_link("Change", text: "email address")
expect(page).to have_link("Change", text: "password")
expect(page).to have_link("Change", text: "role")
expect(page).to have_link("Change", text: "are you a data protection officer?")
expect(page).to have_link("Change", text: "are you a key contact?")
end
end
context "when the current user does not matches the user ID" do
@ -324,6 +350,15 @@ RSpec.describe UsersController, type: :request do
it "shows the user details page" do
expect(page).to have_content("#{other_user.name}’s account")
end
it "allows changing name, email, role, dpo and key contact" do
expect(page).to have_link("Change", text: "name")
expect(page).to have_link("Change", text: "email address")
expect(page).not_to have_link("Change", text: "password")
expect(page).to have_link("Change", text: "role")
expect(page).to have_link("Change", text: "are they a data protection officer?")
expect(page).to have_link("Change", text: "are they a key contact?")
end
end
context "when the user is not part of the same organisation as the current user" do
@ -350,6 +385,14 @@ RSpec.describe UsersController, type: :request do
it "show the edit personal details page" do
expect(page).to have_content("Change your personal details")
end
it "has fields for name, email, role, dpo and key contact" do
expect(page).to have_field("user[name]")
expect(page).to have_field("user[email]")
expect(page).to have_field("user[role]")
expect(page).to have_field("user[is_dpo]")
expect(page).to have_field("user[is_key_contact]")
end
end
context "when the current user does not matches the user ID" do
@ -366,6 +409,14 @@ RSpec.describe UsersController, type: :request do
it "shows the user details page" do
expect(page).to have_content("Change #{other_user.name}’s personal details")
end
it "has fields for name, email, role, dpo and key contact" do
expect(page).to have_field("user[name]")
expect(page).to have_field("user[email]")
expect(page).to have_field("user[role]")
expect(page).to have_field("user[is_dpo]")
expect(page).to have_field("user[is_key_contact]")
end
end
context "when the user is not part of the same organisation as the current user" do

Loading…
Cancel
Save