diff --git a/app/models/abilities/sdg/manager.rb b/app/models/abilities/sdg/manager.rb index a3264c9f3..3958238cd 100644 --- a/app/models/abilities/sdg/manager.rb +++ b/app/models/abilities/sdg/manager.rb @@ -6,7 +6,9 @@ class Abilities::SDG::Manager can :read, ::SDG::Target can :manage, ::SDG::LocalTarget - can [:read, :update, :destroy], Widget::Card, cardable_type: "SDG::Phase" - can(:create, Widget::Card) { |card| card.cardable_type == "SDG::Phase" } + can :read, WebSection, name: "sdg" + can [:create, :update, :destroy], Widget::Card do |card| + card.cardable_type == "SDG::Phase" || card.cardable&.name == "sdg" + end end end diff --git a/spec/models/abilities/sdg/manager_spec.rb b/spec/models/abilities/sdg/manager_spec.rb index fa4febb16..fafd274d1 100644 --- a/spec/models/abilities/sdg/manager_spec.rb +++ b/spec/models/abilities/sdg/manager_spec.rb @@ -9,13 +9,19 @@ describe "Abilities::SDG::Manager" do it { should be_able_to(:read, SDG::Target) } it { should be_able_to(:manage, SDG::LocalTarget) } + it { should be_able_to(:read, WebSection.find_by!(name: "sdg")) } it { should_not be_able_to(:read, SDG::Manager) } it { should_not be_able_to(:create, SDG::Manager) } it { should_not be_able_to(:delete, SDG::Manager) } + it { should_not be_able_to(:read, WebSection.find_by!(name: "homepage")) } it { should_not be_able_to(:update, create(:widget_card)) } it { should be_able_to(:update, create(:widget_card, cardable: SDG::Phase.sample)) } + it { should be_able_to(:update, create(:widget_card, cardable: WebSection.find_by!(name: "sdg"))) } + it { should_not be_able_to(:update, create(:widget_card, cardable: WebSection.find_by!(name: "homepage"))) } it { should_not be_able_to(:create, build(:widget_card)) } it { should be_able_to(:create, build(:widget_card, cardable: SDG::Phase.sample)) } + it { should be_able_to(:create, build(:widget_card, cardable: WebSection.find_by!(name: "sdg"))) } + it { should_not be_able_to(:create, build(:widget_card, cardable: WebSection.find_by!(name: "homepage"))) } end