Allow sdg_manager access to sdg management section

app/controllers/sdg_management/base_controller.rb

@@ -12,6 +12,6 @@ class SDGManagement::BaseController < ApplicationController
   private
 
     def verify_sdg_manager
-      raise CanCan::AccessDenied unless current_user&.administrator?
+      raise CanCan::AccessDenied unless current_user&.sdg_manager? || current_user&.administrator?
     end
 end

app/helpers/users_helper.rb

@@ -51,6 +51,10 @@ module UsersHelper
     current_user&.manager?
   end
 
+  def current_sdg_manager?
+    current_user&.sdg_manager?
+  end
+
   def current_poll_officer?
     current_user&.poll_officer?
   end
@@ -58,7 +62,7 @@ module UsersHelper
   def show_admin_menu?(user = nil)
     unless namespace == "officing"
       current_administrator? || current_moderator? || current_valuator? || current_manager? ||
-        (user&.administrator?) || current_poll_officer?
+        (user&.administrator?) || current_poll_officer? || current_sdg_manager?
     end
   end
 

app/views/shared/_admin_login_items.html.erb

@@ -33,7 +33,7 @@
         </li>
       <% end %>
 
-      <% if feature?(:sdg) && current_user.administrator? %>
+      <% if feature?(:sdg) && (current_user.administrator? || current_user.sdg_manager?) %>
         <li>
           <%= link_to t("sdg_management.header.title"), sdg_management_root_path %>
         </li>

spec/system/sdg_management_spec.rb

@@ -0,0 +1,76 @@
+require "rails_helper"
+
+describe "SDGManagement", :js do
+  let(:user) { create(:user) }
+
+  before { Setting["feature.sdg"] = true }
+
+  context "Access" do
+    scenario "Access as regular user is not authorized" do
+      login_as(user)
+      visit root_path
+
+      expect(page).not_to have_link("Menu")
+      expect(page).not_to have_link("SDG content")
+      visit sdg_management_root_path
+
+      expect(page).not_to have_current_path(sdg_management_root_path)
+      expect(page).to have_current_path(root_path)
+      expect(page).to have_content "You do not have permission to access this page"
+    end
+
+    scenario "Access as manager is not authorized" do
+      create(:manager, user: user)
+      login_as(user)
+      visit root_path
+      click_on "Menu"
+
+      expect(page).not_to have_link("SDG content")
+      visit sdg_management_root_path
+
+      expect(page).not_to have_current_path(sdg_management_root_path)
+      expect(page).to have_current_path(root_path)
+      expect(page).to have_content "You do not have permission to access this page"
+    end
+
+    scenario "Access as a sdg manager is authorized" do
+      create(:sdg_manager, user: user)
+      login_as(user)
+      visit root_path
+
+      click_on "Menu"
+      click_on "SDG content"
+
+      expect(page).to have_current_path(sdg_management_root_path)
+      expect(page).not_to have_content "You do not have permission to access this page"
+    end
+  end
+
+  scenario "Valuation access links" do
+    create(:sdg_manager, user: user)
+
+    login_as(user)
+    visit root_path
+    click_on "Menu"
+
+    expect(page).to have_link("SDG content")
+    expect(page).not_to have_link("Administration")
+    expect(page).not_to have_link("Moderation")
+    expect(page).not_to have_link("Valuation")
+  end
+
+  scenario "Valuation dashboard" do
+    create(:sdg_manager, user: user)
+
+    login_as(user)
+    visit root_path
+    click_on "Menu"
+    click_on "SDG content"
+
+    expect(page).to have_current_path(sdg_management_root_path)
+    expect(page).to have_css(".sdg-content-menu")
+    expect(page).not_to have_css("#valuation_menu")
+    expect(page).not_to have_css("#admin_menu")
+    expect(page).not_to have_css("#moderation_menu")
+  end
+end