diff --git a/app/controllers/sdg_management/base_controller.rb b/app/controllers/sdg_management/base_controller.rb index 4fcfb39be..4fff2b0f2 100644 --- a/app/controllers/sdg_management/base_controller.rb +++ b/app/controllers/sdg_management/base_controller.rb @@ -12,6 +12,6 @@ class SDGManagement::BaseController < ApplicationController private def verify_sdg_manager - raise CanCan::AccessDenied unless current_user&.administrator? + raise CanCan::AccessDenied unless current_user&.sdg_manager? || current_user&.administrator? end end diff --git a/app/helpers/users_helper.rb b/app/helpers/users_helper.rb index 1b3c4751d..29e91cc6e 100644 --- a/app/helpers/users_helper.rb +++ b/app/helpers/users_helper.rb @@ -51,6 +51,10 @@ module UsersHelper current_user&.manager? end + def current_sdg_manager? + current_user&.sdg_manager? + end + def current_poll_officer? current_user&.poll_officer? end @@ -58,7 +62,7 @@ module UsersHelper def show_admin_menu?(user = nil) unless namespace == "officing" current_administrator? || current_moderator? || current_valuator? || current_manager? || - (user&.administrator?) || current_poll_officer? + (user&.administrator?) || current_poll_officer? || current_sdg_manager? end end diff --git a/app/views/shared/_admin_login_items.html.erb b/app/views/shared/_admin_login_items.html.erb index 5c764ebf5..b79be6cf4 100644 --- a/app/views/shared/_admin_login_items.html.erb +++ b/app/views/shared/_admin_login_items.html.erb @@ -33,7 +33,7 @@ <% end %> - <% if feature?(:sdg) && current_user.administrator? %> + <% if feature?(:sdg) && (current_user.administrator? || current_user.sdg_manager?) %>
  • <%= link_to t("sdg_management.header.title"), sdg_management_root_path %>
    • diff --git a/spec/system/sdg_management_spec.rb b/spec/system/sdg_management_spec.rb new file mode 100644 index 000000000..1e109aa14 --- /dev/null +++ b/spec/system/sdg_management_spec.rb @@ -0,0 +1,76 @@ +require "rails_helper" + +describe "SDGManagement", :js do + let(:user) { create(:user) } + + before { Setting["feature.sdg"] = true } + + context "Access" do + scenario "Access as regular user is not authorized" do + login_as(user) + visit root_path + + expect(page).not_to have_link("Menu") + expect(page).not_to have_link("SDG content") + visit sdg_management_root_path + + expect(page).not_to have_current_path(sdg_management_root_path) + expect(page).to have_current_path(root_path) + expect(page).to have_content "You do not have permission to access this page" + end + + scenario "Access as manager is not authorized" do + create(:manager, user: user) + login_as(user) + visit root_path + click_on "Menu" + + expect(page).not_to have_link("SDG content") + visit sdg_management_root_path + + expect(page).not_to have_current_path(sdg_management_root_path) + expect(page).to have_current_path(root_path) + expect(page).to have_content "You do not have permission to access this page" + end + + scenario "Access as a sdg manager is authorized" do + create(:sdg_manager, user: user) + login_as(user) + visit root_path + + click_on "Menu" + click_on "SDG content" + + expect(page).to have_current_path(sdg_management_root_path) + expect(page).not_to have_content "You do not have permission to access this page" + end + end + + scenario "Valuation access links" do + create(:sdg_manager, user: user) + + login_as(user) + visit root_path + click_on "Menu" + + expect(page).to have_link("SDG content") + expect(page).not_to have_link("Administration") + expect(page).not_to have_link("Moderation") + expect(page).not_to have_link("Valuation") + end + + scenario "Valuation dashboard" do + create(:sdg_manager, user: user) + + login_as(user) + visit root_path + click_on "Menu" + click_on "SDG content" + + expect(page).to have_current_path(sdg_management_root_path) + expect(page).to have_css(".sdg-content-menu") + expect(page).not_to have_css("#valuation_menu") + expect(page).not_to have_css("#admin_menu") + expect(page).not_to have_css("#moderation_menu") + end +end