...
 
Commits (2)
class HourPolicy < ApplicationPolicy
def index?
superadmin? || volunteer? && handle_record_or_class
superadmin? || department_manager? || volunteer? && handle_record_or_class
end
def handle_record_or_class
......@@ -10,7 +10,7 @@ class HourPolicy < ApplicationPolicy
alias_method :supervisor?, :superadmin?
# Actions
alias_method :show?, :superadmin_or_volunteer_related?
alias_method :show?, :superadmin_or_department_manager_or_volunteer_related?
alias_method :new?, :superadmin_or_volunteer_related?
alias_method :edit?, :superadmin_or_volunteer_related?
alias_method :create?, :superadmin_or_volunteer_related?
......
......@@ -28,10 +28,11 @@ ul.list-inline
td.index-action-cell.hidden-print
= button_link icon_span(:show), volunteer_hour_path(@volunteer, record),
title: 'Anzeigen'
= button_link icon_span(:edit), edit_volunteer_hour_path(@volunteer, record),
title: 'Bearbeiten'
= button_link icon_span(:delete), volunteer_hour_path(@volunteer, record),
confirm_deleting(record, 'btn btn-default').merge(title: 'Löschen')
- if policy(record).superadmin_or_volunteer_related?
= button_link icon_span(:edit), edit_volunteer_hour_path(@volunteer, record),
title: 'Bearbeiten'
= button_link icon_span(:delete), volunteer_hour_path(@volunteer, record),
confirm_deleting(record, 'btn btn-default').merge(title: 'Löschen')
- if current_user.superadmin?
td= link_to @volunteer.contact.full_name, edit_volunteer_path(@volunteer)
td
......
......@@ -26,9 +26,9 @@ class HourPolicyTest < PolicyAssertions::Test
refute_permit @department_manager, Hour.first, 'update?', 'edit?'
end
test 'Show: social worker and department manager cannot show' do
test 'Show: social worker cannot show' do
refute_permit @social_worker, Hour.first, 'show?'
refute_permit @department_manager, Hour.first, 'show?'
assert_permit @department_manager, Hour.first, 'show?'
end
test 'Show: superadmin can see all hours' do
......@@ -38,9 +38,9 @@ class HourPolicyTest < PolicyAssertions::Test
end
end
test 'Index: Only superadmin can index hours' do
test 'Index: Only superadmin and department manager can index hours' do
assert_permit @superadmin, Hour, 'index?'
refute_permit @social_worker, Hour, 'index?'
refute_permit @department_manager, Hour, 'index?'
assert_permit @department_manager, Hour, 'index?'
end
end