From cb2aebe2c8f03565b159712ec03e78be9480974b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javi=20Mart=C3=ADn?= <javim@elretirao.net>
Date: Thu, 12 Jan 2023 15:48:09 +0100
Subject: [PATCH] Fix current_user usage in management section

In the management section, `current_user` is the user impersonated by
the manager. We were deciding whether to show the admin menu depending
on the privileges of the current user, but this menu should be shown
according to the privileges of the manager who is impersonating the
user.

We're doing a similar (very subtle) change in the login items. We were
rendering the `login_items` partial passing `current_user: user`.
However, inside this method, we were using `user_signed_in`, which
ignored the `current_user` we were passing. The result was always the
same expect in tests where we manually sign in users, but we're changing
it anyway in order to reduce confusion.
---
 app/helpers/users_helper.rb                   | 30 ++-----------------
 app/views/devise/menu/_login_items.html.erb   |  2 +-
 app/views/users/show.html.erb                 |  2 +-
 .../layout/admin_header_component_spec.rb     |  2 --
 spec/system/management_spec.rb                | 22 ++++++++++++++
 5 files changed, 27 insertions(+), 31 deletions(-)
 create mode 100644 spec/system/management_spec.rb

diff --git a/app/helpers/users_helper.rb b/app/helpers/users_helper.rb
index 90bcc7f30..49db9cb5c 100644
--- a/app/helpers/users_helper.rb
+++ b/app/helpers/users_helper.rb
@@ -35,34 +35,10 @@ module UsersHelper
     end
   end
 
-  def current_administrator?
-    current_user&.administrator?
-  end
-
-  def current_moderator?
-    current_user&.moderator?
-  end
-
-  def current_valuator?
-    current_user&.valuator?
-  end
-
-  def current_manager?
-    current_user&.manager?
-  end
-
-  def current_sdg_manager?
-    current_user&.sdg_manager?
-  end
-
-  def current_poll_officer?
-    current_user&.poll_officer?
-  end
-
-  def show_admin_menu?(user = nil)
+  def show_admin_menu?(user)
     unless namespace == "officing"
-      current_administrator? || current_moderator? || current_valuator? || current_manager? ||
-        user&.administrator? || current_poll_officer? || current_sdg_manager?
+      user&.administrator? || user&.moderator? || user&.valuator? ||
+        (user&.manager? && namespace != "management") || user&.poll_officer? || user&.sdg_manager?
     end
   end
 
diff --git a/app/views/devise/menu/_login_items.html.erb b/app/views/devise/menu/_login_items.html.erb
index 0aed7e3a4..f5cd59fa9 100644
--- a/app/views/devise/menu/_login_items.html.erb
+++ b/app/views/devise/menu/_login_items.html.erb
@@ -1,4 +1,4 @@
-<% if user_signed_in? %>
+<% if current_user %>
   <li>
     <%= layout_menu_link_to t("layouts.header.my_activity_link"),
                               user_path(current_user),
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index 708b63275..d10b71bbc 100644
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -17,7 +17,7 @@
       <h2 class="inline-block">
         <%= avatar_image(@user, seed: @user.id, size: 60) %>
         <%= @user.name %>
-        <% if current_administrator? %>
+        <% if current_user&.administrator? %>
           <small><%= @user.email %></small>
         <% end %>
       </h2>
diff --git a/spec/components/layout/admin_header_component_spec.rb b/spec/components/layout/admin_header_component_spec.rb
index de76e21f6..bbcfa319a 100644
--- a/spec/components/layout/admin_header_component_spec.rb
+++ b/spec/components/layout/admin_header_component_spec.rb
@@ -11,7 +11,6 @@ describe Layout::AdminHeaderComponent do
   context "management section", controller: Management::BaseController do
     it "shows the menu for administrators" do
       create(:administrator, user: user)
-      sign_in(user)
 
       render_inline Layout::AdminHeaderComponent.new(user)
 
@@ -24,7 +23,6 @@ describe Layout::AdminHeaderComponent do
 
     it "does not show the menu managers" do
       create(:manager, user: user)
-      sign_in(user)
 
       render_inline Layout::AdminHeaderComponent.new(user)
 
diff --git a/spec/system/management_spec.rb b/spec/system/management_spec.rb
new file mode 100644
index 000000000..a1ac75e5a
--- /dev/null
+++ b/spec/system/management_spec.rb
@@ -0,0 +1,22 @@
+require "rails_helper"
+
+describe "Management" do
+  let(:user) { create(:user) }
+
+  scenario "Does not show the admin menu when managing users having the admin menu" do
+    create(:manager, user: user)
+    create(:moderator, user: create(:user, :in_census, document_number: "12345678M"))
+
+    login_as(user)
+    visit management_sign_in_path
+    click_link "Select user"
+    fill_in "Document number", with: "12345678M"
+    click_button "Check document"
+
+    expect(page).to have_content "This user account is already verified"
+    expect(page).not_to have_content "You don't have new notifications"
+    expect(page).not_to have_content "My content"
+    expect(page).not_to have_content "My account"
+    expect(page).not_to have_content "Sign out"
+  end
+end