managers can login to /management

app/controllers/management/sessions_controller.rb

@@ -4,7 +4,7 @@ class Management::SessionsController < ActionController::Base
 
   def create
     destroy_session
-    if admin? || manager?
+    if admin? || manager? || authenticated_manager?
       redirect_to management_root_path
     else
       raise CanCan::AccessDenied
@@ -31,6 +31,12 @@ class Management::SessionsController < ActionController::Base
     end
 
     def manager?
+      if current_user.try(:manager?)
+        session[:manager] = {login: "manager_user_#{current_user.id}"}
+      end
+    end
+
+    def authenticated_manager?
       if manager = ManagerAuthenticator.new(params).auth
         session[:manager] = manager
       end

app/models/user.rb

@@ -12,6 +12,7 @@ class User < ActiveRecord::Base
   has_one :administrator
   has_one :moderator
   has_one :valuator
+  has_one :manager
   has_one :organization
   has_one :lock
   has_many :flags
@@ -104,6 +105,10 @@ class User < ActiveRecord::Base
     valuator.present?
   end
 
+  def manager?
+    manager.present?
+  end
+
   def organization?
     organization.present?
   end

app/views/shared/_admin_login_items.html.erb

@@ -17,7 +17,7 @@
     </li>
   <% end %>
 
-  <% if current_user.administrator? %>
+  <% if current_user.administrator? || current_user.manager? %>
     <li>
       <%= link_to t("layouts.header.management"), management_sign_in_path %>
     </li>

spec/controllers/management/sessions_controller_spec.rb

@@ -6,25 +6,38 @@ describe Management::SessionsController do
     it "should deny access if wrong manager credentials" do
       allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(false)
       expect { get :create, login: "nonexistent" , clave_usuario: "wrong"}.to raise_error CanCan::AccessDenied
+      expect(session[:manager]).to be_nil
     end
 
-    it "should redirect to management root path if right credentials" do
+    it "should redirect to management root path if authorized manager with right credentials" do
       manager = {login: "JJB033", user_key: "31415926" , date: "20151031135905"}
       allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(manager)
 
       get :create, login: "JJB033" , clave_usuario: "31415926", fecha_conexion: "20151031135905"
       expect(response).to be_redirect
+      expect(session[:manager][:login]).to eq "JJB033"
     end
 
     it "should redirect to management root path if user is admin" do
-      sign_in create(:administrator).user
+      user = create(:administrator).user
+      sign_in user
       get :create
       expect(response).to be_redirect
+      expect(session[:manager][:login]).to eq "admin_user_#{user.id}"
     end
 
-    it "should deny access if user is not admin" do
+    it "should redirect to management root path if user is manager" do
+      user = create(:manager).user
+      sign_in user
+      get :create
+      expect(response).to be_redirect
+      expect(session[:manager][:login]).to eq "manager_user_#{user.id}"
+    end
+
+    it "should deny access if user is not admin or manager" do
       sign_in create(:user)
       expect { get :create}.to raise_error CanCan::AccessDenied
+      expect(session[:manager]).to be_nil
     end
   end
 

spec/features/management/account_spec.rb

@@ -26,7 +26,7 @@ feature 'Account' do
 
     expect(page).to have_content "User account deleted."
 
-    expect(user.reload.erase_reason).to eq "Deleted by manager: JJB042"
+    expect(user.reload.erase_reason).to eq "Deleted by manager: manager_user_#{Manager.last.user_id}"
   end
 
 end

spec/features/management/users_spec.rb

@@ -59,7 +59,7 @@ feature 'Users' do
 
     expect(page).to have_content "User account deleted."
 
-    expect(level_2_user.reload.erase_reason).to eq "Deleted by manager: JJB042"
+    expect(level_2_user.reload.erase_reason).to eq "Deleted by manager: manager_user_#{Manager.last.user_id}"
 
     visit management_document_verifications_path
     fill_in 'document_verification_document_number', with: '13579'

spec/models/user_spec.rb

@@ -121,6 +121,18 @@ describe User do
     end
   end
 
+  describe "manager?" do
+    it "is false when the user is not a manager" do
+      expect(subject.manager?).to be false
+    end
+
+    it "is true when the user is a manager" do
+      subject.save
+      create(:manager, user: subject)
+      expect(subject.manager?).to be true
+    end
+  end
+
   describe "organization?" do
     it "is false when the user is not an organization" do
       expect(subject.organization?).to be false

spec/support/common_actions.rb

@@ -24,12 +24,18 @@ module CommonActions
     click_button 'Enter'
   end
 
-  def login_as_manager
+  def login_as_authenticated_manager
     login, user_key, date = "JJB042", "31415926", Time.now.strftime("%Y%m%d%H%M%S")
     allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return({login: login, user_key: user_key, date: date}.with_indifferent_access)
     visit management_sign_in_path(login: login, clave_usuario: user_key, fecha_conexion: date)
   end
 
+  def login_as_manager
+    manager = create(:manager)
+    login_as(manager.user)
+    visit management_sign_in_path
+  end
+
   def login_managed_user(user)
     allow_any_instance_of(Management::BaseController).to receive(:managed_user).and_return(user)
   end