diff --git a/app/controllers/officing/base_controller.rb b/app/controllers/officing/base_controller.rb
index 97ef23d30..07cf4cfa5 100644
--- a/app/controllers/officing/base_controller.rb
+++ b/app/controllers/officing/base_controller.rb
@@ -7,6 +7,6 @@ class Officing::BaseController < ApplicationController
skip_authorization_check
def verify_officer
- raise CanCan::AccessDenied unless current_user.try(:poll_officer?) || current_user.try(:administrator?)
+ raise CanCan::AccessDenied unless current_user.try(:poll_officer?)
end
end
\ No newline at end of file
diff --git a/app/helpers/users_helper.rb b/app/helpers/users_helper.rb
index 111a80267..da340bb46 100644
--- a/app/helpers/users_helper.rb
+++ b/app/helpers/users_helper.rb
@@ -52,12 +52,8 @@ module UsersHelper
current_user && current_user.manager?
end
- def current_poll_officer?
- current_user && current_user.poll_officer?
- end
-
def show_admin_menu?
- current_administrator? || current_moderator? || current_valuator? || current_manager? || current_poll_officer?
+ current_administrator? || current_moderator? || current_valuator? || current_manager?
end
def interests_title_text(user)
diff --git a/app/views/admin/shared/_admin_shortcuts.html.erb b/app/views/admin/shared/_admin_shortcuts.html.erb
index 7ead6d419..8a292d6bb 100644
--- a/app/views/admin/shared/_admin_shortcuts.html.erb
+++ b/app/views/admin/shared/_admin_shortcuts.html.erb
@@ -1,10 +1,12 @@
-
- <%= link_to admin_stats_path, title: t("admin.menu.stats") do %>
-
- <% end %>
-
-
- <%= link_to admin_settings_path, title: t("admin.menu.settings") do %>
-
- <% end %>
-
+<% if current_user.administrator? %>
+
+ <%= link_to admin_stats_path, title: t("admin.menu.stats") do %>
+
+ <% end %>
+
+
+ <%= link_to admin_settings_path, title: t("admin.menu.settings") do %>
+
+ <% end %>
+
+<% end %>
\ No newline at end of file
diff --git a/app/views/shared/_admin_login_items.html.erb b/app/views/shared/_admin_login_items.html.erb
index 9634874f9..a9e6fa4b9 100644
--- a/app/views/shared/_admin_login_items.html.erb
+++ b/app/views/shared/_admin_login_items.html.erb
@@ -26,12 +26,11 @@
<%= link_to t("layouts.header.management"), management_sign_in_path %>
<% end %>
-
- <% if current_user.administrator? || current_user.poll_officer? %>
-
- <%= link_to t("layouts.header.officing"), officing_root_path %>
-
- <% end %>
<% end %>
+<% if current_user && current_user.poll_officer? %>
+
+ <%= link_to t("layouts.header.officing"), officing_root_path %>
+
+<% end %>
diff --git a/spec/features/officing_spec.rb b/spec/features/officing_spec.rb
index 338b416ea..b208b735c 100644
--- a/spec/features/officing_spec.rb
+++ b/spec/features/officing_spec.rb
@@ -55,7 +55,22 @@ feature 'Poll Officing' do
expect(page).to have_content "You do not have permission to access this page"
end
- scenario 'Access as an poll officer is authorized' do
+ scenario 'Access as an administrator is not authorized' do
+ create(:administrator, user: user)
+ create(:poll)
+ login_as(user)
+ visit root_path
+
+ expect(page).to_not have_link("Polling officers")
+ visit officing_root_path
+
+ expect(current_path).not_to eq(officing_root_path)
+ expect(current_path).to eq(root_path)
+ expect(page).to have_content "You do not have permission to access this page"
+ end
+
+ scenario 'Access as an administrator with poll officer role is authorized' do
+ create(:administrator, user: user)
create(:poll_officer, user: user)
create(:poll)
login_as(user)
@@ -68,8 +83,8 @@ feature 'Poll Officing' do
expect(page).to_not have_content "You do not have permission to access this page"
end
- scenario 'Access as an administrator is authorized' do
- create(:administrator, user: user)
+ scenario 'Access as an poll officer is authorized' do
+ create(:poll_officer, user: user)
create(:poll)
login_as(user)
visit root_path