consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updates permissions for direct messages

Browse Source
This commit is contained in:
rgarcia
2016-06-09 17:35:19 +02:00
parent 900d997000
commit fea3aef5bb
4 changed files with 26 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/direct_messages_controller.rb
View File

@@ -1,5 +1,5 @@
class DirectMessagesController < ApplicationController class DirectMessagesController < ApplicationController
skip_authorization_check load_and_authorize_resource
def new def new
@receiver = User.find(params[:user_id]) @receiver = User.find(params[:user_id])

2
app/models/abilities/common.rb
View File

@@ -46,6 +46,8 @@ module Abilities
can :vote_featured, Proposal can :vote_featured, Proposal
can :vote, SpendingProposal can :vote, SpendingProposal
can :create, SpendingProposal can :create, SpendingProposal
can :create, DirectMessage
can :show, DirectMessage, sender_id: user.id
end end
can [:new, :create, :show], ProposalNotification do |notification| can [:new, :create, :show], ProposalNotification do |notification|

7
spec/factories.rb
View File

@@ -331,4 +331,11 @@ FactoryGirl.define do
body "Please let others know so we can make it happen" body "Please let others know so we can make it happen"
proposal proposal
end end
factory :direct_message do
title "Hey!"
body "How are You doing?"
association :sender, factory: :user
association :receiver, factory: :user
end
end end

16
spec/models/abilities/common_spec.rb
View File

@@ -37,6 +37,10 @@ describe "Abilities::Common" do
it { should_not be_able_to(:comment_as_administrator, proposal) } it { should_not be_able_to(:comment_as_administrator, proposal) }
it { should_not be_able_to(:comment_as_moderator, proposal) } it { should_not be_able_to(:comment_as_moderator, proposal) }
it { should be_able_to(:new, DirectMessage) }
it { should_not be_able_to(:create, DirectMessage) }
it { should_not be_able_to(:show, DirectMessage) }
describe 'flagging content' do describe 'flagging content' do
it { should be_able_to(:flag, debate) } it { should be_able_to(:flag, debate) }
it { should be_able_to(:unflag, debate) } it { should be_able_to(:unflag, debate) }
@@ -85,6 +89,7 @@ describe "Abilities::Common" do
describe "when level 2 verified" do describe "when level 2 verified" do
let(:own_spending_proposal) { create(:spending_proposal, author: user) } let(:own_spending_proposal) { create(:spending_proposal, author: user) }
let(:own_direct_message) { create(:direct_message, sender: user) }
before{ user.update(residence_verified_at: Time.now, confirmed_phone: "1") } before{ user.update(residence_verified_at: Time.now, confirmed_phone: "1") }
it { should be_able_to(:vote, Proposal) } it { should be_able_to(:vote, Proposal) }
@@ -93,10 +98,16 @@ describe "Abilities::Common" do
it { should be_able_to(:create, SpendingProposal) } it { should be_able_to(:create, SpendingProposal) }
it { should_not be_able_to(:destroy, create(:spending_proposal)) } it { should_not be_able_to(:destroy, create(:spending_proposal)) }
it { should_not be_able_to(:destroy, own_spending_proposal) } it { should_not be_able_to(:destroy, own_spending_proposal) }
it { should be_able_to(:new, DirectMessage) }
it { should be_able_to(:create, DirectMessage) }
it { should be_able_to(:show, own_direct_message) }
it { should_not be_able_to(:show, create(:direct_message)) }
end end
describe "when level 3 verified" do describe "when level 3 verified" do
let(:own_spending_proposal) { create(:spending_proposal, author: user) } let(:own_spending_proposal) { create(:spending_proposal, author: user) }
let(:own_direct_message) { create(:direct_message, sender: user) }
before{ user.update(verified_at: Time.now) } before{ user.update(verified_at: Time.now) }
it { should be_able_to(:vote, Proposal) } it { should be_able_to(:vote, Proposal) }
@@ -105,5 +116,10 @@ describe "Abilities::Common" do
it { should be_able_to(:create, SpendingProposal) } it { should be_able_to(:create, SpendingProposal) }
it { should_not be_able_to(:destroy, create(:spending_proposal)) } it { should_not be_able_to(:destroy, create(:spending_proposal)) }
it { should_not be_able_to(:destroy, own_spending_proposal) } it { should_not be_able_to(:destroy, own_spending_proposal) }
it { should be_able_to(:new, DirectMessage) }
it { should be_able_to(:create, DirectMessage) }
it { should be_able_to(:show, own_direct_message) }
it { should_not be_able_to(:show, create(:direct_message)) }
end end
end end