Verified Commit 89a2393d authored by Kaspar Vollenweider's avatar Kaspar Vollenweider 👻
Browse files

do not show the terminated assignment index button to department manager

parent 54bc63fd
Pipeline #19968 passed with stage
in 38 minutes and 25 seconds
......@@ -8,32 +8,28 @@ class AssignmentPolicy < ApplicationPolicy
end
# controller action policies
alias_method :index?, :superadmin_or_department_manager?
alias_method :terminated_index?, :superadmin_or_department_manager?
alias_method :volunteer_search?, :superadmin_or_department_manager?
alias_method :client_search?, :superadmin_or_department_manager?
alias_method :new?, :superadmin_or_department_manager?
alias_method :create?, :superadmin_or_department_manager?
alias_method :find_client?, :superadmin_or_department_manager?
alias_method :show_comments?, :superadmin_or_department_manager?
alias_method :index?, :superadmin_or_department_manager?
alias_method :terminated_index?, :superadmin_or_department_manager?
alias_method :volunteer_search?, :superadmin_or_department_manager?
alias_method :client_search?, :superadmin_or_department_manager?
alias_method :new?, :superadmin_or_department_manager?
alias_method :create?, :superadmin_or_department_manager?
alias_method :find_client?, :superadmin_or_department_manager?
alias_method :show?,
:superadmin_or_department_manager_creation_or_volunteer_related?
alias_method :edit?,
:superadmin_or_department_manager_creation?
alias_method :update?,
:superadmin_or_department_manager_creation?
alias_method :terminate?,
:superadmin_or_department_manager_creation?
alias_method :update_terminated_at?,
:superadmin_or_department_manager_creation?
alias_method :verify_termination?,
:superadmin?
alias_method :show?, :superadmin_or_department_manager_creation_or_volunteer_related?
alias_method :edit?, :superadmin_or_department_manager_creation?
alias_method :update?, :superadmin_or_department_manager_creation?
alias_method :terminate?, :superadmin_or_department_manager_creation?
alias_method :update_terminated_at?, :superadmin_or_department_manager_creation?
alias_method :verify_termination?, :superadmin?
alias_method :update_submitted_at?,
:superadmin_or_department_manager_creation_or_volunteer_related?
alias_method :last_submitted_hours_and_feedbacks?,
:superadmin_or_department_manager_creation_or_volunteer_related?
alias_method :hours_and_feedbacks_submitted?,
:superadmin_or_department_manager_or_volunteer?
alias_method :hours_and_feedbacks_submitted?, :superadmin_or_department_manager_or_volunteer?
# non action policies
alias_method :show_comments?, :superadmin_or_department_manager?
alias_method :show_terminated_button?, :superadmin?
end
......@@ -15,7 +15,6 @@ class GroupAssignmentPolicy < ApplicationPolicy
alias_method :create?, :superadmin_or_department_manager_offer?
alias_method :terminated_index?, :superadmin_or_department_manager?
alias_method :show_comments?, :superadmin_or_department_manager?
alias_method :edit?, :superadmin_or_department_manager_creation?
alias_method :set_end_today?, :superadmin_or_department_manager_creation?
......@@ -27,4 +26,8 @@ class GroupAssignmentPolicy < ApplicationPolicy
alias_method :update_terminated_at?, :superadmin_or_department_manager_creation_or_volunteer_related?
alias_method :last_submitted_hours_and_feedbacks?, :superadmin_or_department_manager_creation_or_volunteer_related?
alias_method :hours_and_feedbacks_submitted?, :superadmin_or_department_manager_or_volunteer?
# non action policies
alias_method :show_comments?, :superadmin_or_department_manager?
alias_method :show_terminated_button?, :superadmin?
end
......@@ -19,7 +19,8 @@ nav.navbar.section-navigation.hidden-print
= custom_filter_dropdown('Status',
{ q: :active_or_not_yet_active, text: 'Aktiv', value: 'true' },
{ q: :inactive, text: 'Inaktiv', value: 'true' })
li= button_link 'Beendete Begleitungen', terminated_index_assignments_path, dimension: :sm
- if policy(Assignment).show_terminated_button?
li= button_link 'Beendete Begleitungen', terminated_index_assignments_path, dimension: :sm
li= button_link navigation_fa_icon(:xlsx), url_for(format: :xlsx, q: search_parameters), dimension: :sm
li= link_to navigation_glyph(:print), url_for(print: :true, q: search_parameters), { class: 'btn btn-default btn-sm', target: '_blank' }
......
......@@ -27,8 +27,8 @@ nav.navbar.section-navigation#filters
= custom_filter_dropdown('Intern/Extern',
{ q: :offer_type_eq, text: 'Extern', value: 'external_offer'},
{ q: :offer_type_eq, text: 'Intern', value: 'internal_offer'})
= button_link 'Beendete Einsätze',
terminated_index_group_assignments_path, dimension: :sm
- if policy(GroupAssignment).show_terminated_button?
li= button_link 'Beendete Einsätze', terminated_index_group_assignments_path, dimension: :sm
hr
= bootstrap_paginate(@group_offers)
......
......@@ -2,7 +2,7 @@ require 'test_helper'
class AssignmentPolicyTest < PolicyAssertions::Test
test 'superadmin_can_use_all_actions' do
assert_permit(create(:user), Assignment, *actions_list, 'show_comments?')
assert_permit(create(:user), Assignment, *actions_list, 'show_comments?', 'show_terminated_button?')
end
test 'department_manager_has_limited_access' do
......@@ -24,11 +24,11 @@ class AssignmentPolicyTest < PolicyAssertions::Test
:show, :edit, :update, :update_submitted_at, :terminate,
:update_terminated_at, :last_submitted_hours_and_feedbacks
))
refute_permit(department_manager, Assignment, *actions_list(:verify_termination))
refute_permit(department_manager, Assignment, *actions_list(:verify_termination), 'show_terminated_button?')
end
test 'social_worker_has_no_access' do
refute_permit(create(:social_worker), Assignment, *actions_list, 'show_comments?')
refute_permit(create(:social_worker), Assignment, *actions_list, 'show_comments?', 'show_terminated_button?')
end
test 'volunteer_has_limited_access' do
......@@ -41,7 +41,7 @@ class AssignmentPolicyTest < PolicyAssertions::Test
:hours_and_feedbacks_submitted
))
refute_permit(volunteer.user, Assignment,
'show_comments?', *actions_list(
'show_comments?', 'show_terminated_button?', *actions_list(
:index, :terminated_index, :volunteer_search, :client_search,
:new, :create, :edit, :update,
:terminate, :update_terminated_at, :verify_termination
......
......@@ -2,14 +2,14 @@ require 'test_helper'
class GroupAssignmentPolicyTest < PolicyAssertions::Test
test 'superadmin_can_use_all_actions' do
assert_permit(create(:user), GroupAssignment, *actions_list, 'show_comments?')
assert_permit(create(:user), GroupAssignment, *actions_list, 'show_comments?', 'show_terminated_button?')
end
test 'department_manager_has_limited_access' do
department_manager = create :department_manager
department_manager_group_assignment = create :group_assignment,
group_offer: create(:group_offer, creator: department_manager)
refute_permit(department_manager, GroupAssignment, *actions_list(:verify_termination))
refute_permit(department_manager, GroupAssignment, *actions_list(:verify_termination), 'show_terminated_button?')
assert_permit(department_manager, GroupAssignment, *actions_list(:terminated_index), 'show_comments?')
assert_permit(department_manager, department_manager_group_assignment,
*actions_list(except: [:verify_termination, :terminated_index]), 'show_comments?')
......@@ -20,21 +20,17 @@ class GroupAssignmentPolicyTest < PolicyAssertions::Test
end
test 'social_worker_has_no_access' do
refute_permit(create(:social_worker), GroupAssignment, *actions_list, 'show_comments?')
refute_permit(create(:social_worker), GroupAssignment, *actions_list, 'show_comments?', 'show_terminated_button?')
end
test 'volunteer_has_limited_access' do
volunteer = create :volunteer_with_user
volunteer_group_assignment = create :group_assignment, volunteer: volunteer
refute_permit(volunteer.user, GroupAssignment,
'show_comments?', *actions_list(
:verify_termination, :terminated_index, :edit, :set_end_today, :update
))
refute_permit(volunteer.user, GroupAssignment, 'show_comments?', 'show_terminated_button?',
*actions_list(:verify_termination, :terminated_index, :edit, :set_end_today, :update))
assert_permit(volunteer.user, volunteer_group_assignment,
*actions_list(
:terminate, :update_submitted_at, :show, :update_terminated_at,
:last_submitted_hours_and_feedbacks, :hours_and_feedbacks_submitted
))
*actions_list(:terminate, :update_submitted_at, :show, :update_terminated_at,
:last_submitted_hours_and_feedbacks, :hours_and_feedbacks_submitted))
refute_permit(volunteer.user, create(:group_assignment),
'show_comments?', *actions_list(
:terminate, :update_submitted_at, :show, :update_terminated_at,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment