From 65d6282b518b5a40cc3e48b87b9c49fe517d35ef Mon Sep 17 00:00:00 2001
From: taitus <sebastia.roig@gmail.com>
Date: Wed, 25 Nov 2020 12:09:18 +0100
Subject: [PATCH] Allow sdg_manager access to sdg management section

---
 .../sdg_management/base_controller.rb         |  2 +-
 app/helpers/users_helper.rb                   |  6 +-
 app/views/shared/_admin_login_items.html.erb  |  2 +-
 spec/system/sdg_management_spec.rb            | 76 +++++++++++++++++++
 4 files changed, 83 insertions(+), 3 deletions(-)
 create mode 100644 spec/system/sdg_management_spec.rb

diff --git a/app/controllers/sdg_management/base_controller.rb b/app/controllers/sdg_management/base_controller.rb
index 4fcfb39be..4fff2b0f2 100644
--- a/app/controllers/sdg_management/base_controller.rb
+++ b/app/controllers/sdg_management/base_controller.rb
@@ -12,6 +12,6 @@ class SDGManagement::BaseController < ApplicationController
   private
 
     def verify_sdg_manager
-      raise CanCan::AccessDenied unless current_user&.administrator?
+      raise CanCan::AccessDenied unless current_user&.sdg_manager? || current_user&.administrator?
     end
 end
diff --git a/app/helpers/users_helper.rb b/app/helpers/users_helper.rb
index 1b3c4751d..29e91cc6e 100644
--- a/app/helpers/users_helper.rb
+++ b/app/helpers/users_helper.rb
@@ -51,6 +51,10 @@ module UsersHelper
     current_user&.manager?
   end
 
+  def current_sdg_manager?
+    current_user&.sdg_manager?
+  end
+
   def current_poll_officer?
     current_user&.poll_officer?
   end
@@ -58,7 +62,7 @@ module UsersHelper
   def show_admin_menu?(user = nil)
     unless namespace == "officing"
       current_administrator? || current_moderator? || current_valuator? || current_manager? ||
-        (user&.administrator?) || current_poll_officer?
+        (user&.administrator?) || current_poll_officer? || current_sdg_manager?
     end
   end
 
diff --git a/app/views/shared/_admin_login_items.html.erb b/app/views/shared/_admin_login_items.html.erb
index 5c764ebf5..b79be6cf4 100644
--- a/app/views/shared/_admin_login_items.html.erb
+++ b/app/views/shared/_admin_login_items.html.erb
@@ -33,7 +33,7 @@
         </li>
       <% end %>
 
-      <% if feature?(:sdg) && current_user.administrator? %>
+      <% if feature?(:sdg) && (current_user.administrator? || current_user.sdg_manager?) %>
         <li>
           <%= link_to t("sdg_management.header.title"), sdg_management_root_path %>
         </li>
diff --git a/spec/system/sdg_management_spec.rb b/spec/system/sdg_management_spec.rb
new file mode 100644
index 000000000..1e109aa14
--- /dev/null
+++ b/spec/system/sdg_management_spec.rb
@@ -0,0 +1,76 @@
+require "rails_helper"
+
+describe "SDGManagement", :js do
+  let(:user) { create(:user) }
+
+  before { Setting["feature.sdg"] = true }
+
+  context "Access" do
+    scenario "Access as regular user is not authorized" do
+      login_as(user)
+      visit root_path
+
+      expect(page).not_to have_link("Menu")
+      expect(page).not_to have_link("SDG content")
+      visit sdg_management_root_path
+
+      expect(page).not_to have_current_path(sdg_management_root_path)
+      expect(page).to have_current_path(root_path)
+      expect(page).to have_content "You do not have permission to access this page"
+    end
+
+    scenario "Access as manager is not authorized" do
+      create(:manager, user: user)
+      login_as(user)
+      visit root_path
+      click_on "Menu"
+
+      expect(page).not_to have_link("SDG content")
+      visit sdg_management_root_path
+
+      expect(page).not_to have_current_path(sdg_management_root_path)
+      expect(page).to have_current_path(root_path)
+      expect(page).to have_content "You do not have permission to access this page"
+    end
+
+    scenario "Access as a sdg manager is authorized" do
+      create(:sdg_manager, user: user)
+      login_as(user)
+      visit root_path
+
+      click_on "Menu"
+      click_on "SDG content"
+
+      expect(page).to have_current_path(sdg_management_root_path)
+      expect(page).not_to have_content "You do not have permission to access this page"
+    end
+  end
+
+  scenario "Valuation access links" do
+    create(:sdg_manager, user: user)
+
+    login_as(user)
+    visit root_path
+    click_on "Menu"
+
+    expect(page).to have_link("SDG content")
+    expect(page).not_to have_link("Administration")
+    expect(page).not_to have_link("Moderation")
+    expect(page).not_to have_link("Valuation")
+  end
+
+  scenario "Valuation dashboard" do
+    create(:sdg_manager, user: user)
+
+    login_as(user)
+    visit root_path
+    click_on "Menu"
+    click_on "SDG content"
+
+    expect(page).to have_current_path(sdg_management_root_path)
+    expect(page).to have_css(".sdg-content-menu")
+    expect(page).not_to have_css("#valuation_menu")
+    expect(page).not_to have_css("#admin_menu")
+    expect(page).not_to have_css("#moderation_menu")
+  end
+end