managers can login to /management

2016-05-10 19:10:02 +02:00
parent 9ed3fa2a22
commit d1e50d70d6
8 changed files with 51 additions and 9 deletions
--- a/app/controllers/management/sessions_controller.rb
+++ b/app/controllers/management/sessions_controller.rb
@@ -4,7 +4,7 @@ class Management::SessionsController < ActionController::Base
  def create
    destroy_session
-    if admin? || manager?
+    if admin? || manager? || authenticated_manager?
      redirect_to management_root_path
    else
      raise CanCan::AccessDenied
@@ -31,6 +31,12 @@ class Management::SessionsController < ActionController::Base
    end
    def manager?
      if current_user.try(:manager?)
        session[:manager] = {login: "manager_user_#{current_user.id}"}
      end
    end
    def authenticated_manager?
      if manager = ManagerAuthenticator.new(params).auth
        session[:manager] = manager
      end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -12,6 +12,7 @@ class User < ActiveRecord::Base
  has_one :administrator
  has_one :moderator
  has_one :valuator
  has_one :manager
  has_one :organization
  has_one :lock
  has_many :flags
@@ -104,6 +105,10 @@ class User < ActiveRecord::Base
    valuator.present?
  end
  def manager?
    manager.present?
  end
  def organization?
    organization.present?
  end
--- a/app/views/shared/_admin_login_items.html.erb
+++ b/app/views/shared/_admin_login_items.html.erb
@@ -17,7 +17,7 @@
    </li>
  <% end %>
-  <% if current_user.administrator? %>
+  <% if current_user.administrator? || current_user.manager? %>
    <li>
      <%= link_to t("layouts.header.management"), management_sign_in_path %>
    </li>
--- a/spec/controllers/management/sessions_controller_spec.rb
+++ b/spec/controllers/management/sessions_controller_spec.rb
@@ -6,31 +6,44 @@ describe Management::SessionsController do
    it "should deny access if wrong manager credentials" do
      allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(false)
      expect { get :create, login: "nonexistent" , clave_usuario: "wrong"}.to raise_error CanCan::AccessDenied
      expect(session[:manager]).to be_nil
    end
-    it "should redirect to management root path if right credentials" do
+    it "should redirect to management root path if authorized manager with right credentials" do
      manager = {login: "JJB033", user_key: "31415926" , date: "20151031135905"}
      allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(manager)
      get :create, login: "JJB033" , clave_usuario: "31415926", fecha_conexion: "20151031135905"
      expect(response).to be_redirect
      expect(session[:manager][:login]).to eq "JJB033"
    end
    it "should redirect to management root path if user is admin" do
-      sign_in create(:administrator).user
+      user = create(:administrator).user
      sign_in user
      get :create
      expect(response).to be_redirect
      expect(session[:manager][:login]).to eq "admin_user_#{user.id}"
    end
-    it "should deny access if user is not admin" do
+    it "should redirect to management root path if user is manager" do
      user = create(:manager).user
      sign_in user
      get :create
      expect(response).to be_redirect
      expect(session[:manager][:login]).to eq "manager_user_#{user.id}"
    end
    it "should deny access if user is not admin or manager" do
      sign_in create(:user)
      expect { get :create}.to raise_error CanCan::AccessDenied
      expect(session[:manager]).to be_nil
    end
  end
  describe 'Sign out' do
    it "should destroy the session data and redirect" do
-      session[:manager] = {user_key: "31415926" , date: "20151031135905", login: "JJB033"}
+      session[:manager] = {user_key: "31415926", date: "20151031135905", login: "JJB033"}
      session[:document_type] =  "1"
      session[:document_number] = "12345678Z"
--- a/spec/features/management/account_spec.rb
+++ b/spec/features/management/account_spec.rb
@@ -26,7 +26,7 @@ feature 'Account' do
    expect(page).to have_content "User account deleted."
-    expect(user.reload.erase_reason).to eq "Deleted by manager: JJB042"
+    expect(user.reload.erase_reason).to eq "Deleted by manager: manager_user_#{Manager.last.user_id}"
  end
 end
--- a/spec/features/management/users_spec.rb
+++ b/spec/features/management/users_spec.rb
@@ -59,7 +59,7 @@ feature 'Users' do
    expect(page).to have_content "User account deleted."
-    expect(level_2_user.reload.erase_reason).to eq "Deleted by manager: JJB042"
+    expect(level_2_user.reload.erase_reason).to eq "Deleted by manager: manager_user_#{Manager.last.user_id}"
    visit management_document_verifications_path
    fill_in 'document_verification_document_number', with: '13579'
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -121,6 +121,18 @@ describe User do
    end
  end
  describe "manager?" do
    it "is false when the user is not a manager" do
      expect(subject.manager?).to be false
    end
    it "is true when the user is a manager" do
      subject.save
      create(:manager, user: subject)
      expect(subject.manager?).to be true
    end
  end
  describe "organization?" do
    it "is false when the user is not an organization" do
      expect(subject.organization?).to be false
--- a/spec/support/common_actions.rb
+++ b/spec/support/common_actions.rb
@@ -24,12 +24,18 @@ module CommonActions
    click_button 'Enter'
  end
-  def login_as_manager
+  def login_as_authenticated_manager
    login, user_key, date = "JJB042", "31415926", Time.now.strftime("%Y%m%d%H%M%S")
    allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return({login: login, user_key: user_key, date: date}.with_indifferent_access)
    visit management_sign_in_path(login: login, clave_usuario: user_key, fecha_conexion: date)
  end
  def login_as_manager
    manager = create(:manager)
    login_as(manager.user)
    visit management_sign_in_path
  end
  def login_managed_user(user)
    allow_any_instance_of(Management::BaseController).to receive(:managed_user).and_return(user)
  end