Merge pull request #2098 from consul/admin-officer-menu

Admin officer menu
2017-10-23 10:28:07 +02:00
parent e46a1eff7e 47d626619f
commit e6384bd5df
5 changed files with 37 additions and 25 deletions
--- a/app/controllers/officing/base_controller.rb
+++ b/app/controllers/officing/base_controller.rb
@@ -7,6 +7,6 @@ class Officing::BaseController < ApplicationController
  skip_authorization_check

  def verify_officer
-    raise CanCan::AccessDenied unless current_user.try(:poll_officer?) || current_user.try(:administrator?)
+    raise CanCan::AccessDenied unless current_user.try(:poll_officer?)
  end
 end
--- a/app/helpers/users_helper.rb
+++ b/app/helpers/users_helper.rb
@@ -52,12 +52,8 @@ module UsersHelper
    current_user && current_user.manager?
  end

-  def current_poll_officer?
-    current_user && current_user.poll_officer?
-  end
-
  def show_admin_menu?
-    current_administrator? || current_moderator? || current_valuator? || current_manager? || current_poll_officer?
+    current_administrator? || current_moderator? || current_valuator? || current_manager?
  end

  def interests_title_text(user)
--- a/app/views/admin/shared/_admin_shortcuts.html.erb
+++ b/app/views/admin/shared/_admin_shortcuts.html.erb
@@ -1,10 +1,12 @@
-<li>
-  <%= link_to admin_stats_path, title: t("admin.menu.stats") do %>
-    <span class="icon-stats"></span>
-  <% end %>
-</li>
-<li>
-  <%= link_to admin_settings_path, title: t("admin.menu.settings") do %>
-    <span class="icon-settings"></span>
-  <% end %>
-</li>
+<% if current_user.administrator? %>
+  <li>
+    <%= link_to admin_stats_path, title: t("admin.menu.stats") do %>
+      <span class="icon-stats"></span>
+    <% end %>
+  </li>
+  <li>
+    <%= link_to admin_settings_path, title: t("admin.menu.settings") do %>
+      <span class="icon-settings"></span>
+    <% end %>
+  </li>
+<% end %>
--- a/app/views/shared/_admin_login_items.html.erb
+++ b/app/views/shared/_admin_login_items.html.erb
@@ -26,12 +26,11 @@
          <%= link_to t("layouts.header.management"), management_sign_in_path %>
        </li>
      <% end %>
-
-      <% if current_user.administrator? || current_user.poll_officer? %>
-        <li>
-          <%= link_to t("layouts.header.officing"), officing_root_path %>
-        </li>
-      <% end %>
    </ul>
  </li>
 <% end %>
+<% if current_user && current_user.poll_officer? %>
+  <li>
+    <%= link_to t("layouts.header.officing"), officing_root_path %>
+  </li>
+<% end %>
--- a/spec/features/officing_spec.rb
+++ b/spec/features/officing_spec.rb
@@ -55,7 +55,22 @@ feature 'Poll Officing' do
    expect(page).to have_content "You do not have permission to access this page"
  end

-  scenario 'Access as an poll officer is authorized' do
+  scenario 'Access as an administrator is not authorized' do
+    create(:administrator, user: user)
+    create(:poll)
+    login_as(user)
+    visit root_path
+
+    expect(page).to_not have_link("Polling officers")
+    visit officing_root_path
+
+    expect(current_path).not_to eq(officing_root_path)
+    expect(current_path).to eq(root_path)
+    expect(page).to have_content "You do not have permission to access this page"
+  end
+
+  scenario 'Access as an administrator with poll officer role is authorized' do
+    create(:administrator, user: user)
    create(:poll_officer, user: user)
    create(:poll)
    login_as(user)
@@ -68,8 +83,8 @@ feature 'Poll Officing' do
    expect(page).to_not have_content "You do not have permission to access this page"
  end

-  scenario 'Access as an administrator is authorized' do
-    create(:administrator, user: user)
+  scenario 'Access as an poll officer is authorized' do
+    create(:poll_officer, user: user)
    create(:poll)
    login_as(user)
    visit root_path