decidim 0.0.1.alpha4 → 0.0.1.alpha5
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of decidim might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.codeclimate.yml +1 -0
- data/.gitignore +2 -0
- data/.travis.yml +2 -1
- data/Dockerfile +1 -12
- data/Gemfile +8 -3
- data/Gemfile.common +1 -0
- data/Gemfile.lock +49 -38
- data/README.md +1 -0
- data/decidim-admin/Gemfile +3 -14
- data/decidim-admin/Rakefile +0 -5
- data/decidim-admin/app/assets/javascripts/decidim/admin.js +4 -3
- data/decidim-admin/app/commands/decidim/admin/create_participatory_process.rb +47 -0
- data/decidim-admin/app/commands/decidim/admin/update_participatory_process.rb +49 -0
- data/decidim-admin/app/controllers/concerns/decidim/needs_authorization.rb +50 -0
- data/decidim-admin/app/controllers/decidim/admin/application_controller.rb +2 -0
- data/decidim-admin/app/controllers/decidim/admin/dashboard_controller.rb +11 -0
- data/decidim-admin/app/controllers/decidim/admin/participatory_processes_controller.rb +85 -0
- data/decidim-admin/app/forms/decidim/admin/participatory_process_form.rb +37 -0
- data/decidim-admin/app/helpers/decidim/admin/application_helper.rb +2 -0
- data/decidim-admin/app/helpers/decidim/admin/attributes_display_helper.rb +62 -0
- data/decidim-admin/app/policies/decidim/admin/dashboard_policy.rb +15 -0
- data/decidim-admin/app/policies/decidim/admin/participatory_process_policy.rb +57 -0
- data/decidim-admin/app/views/decidim/admin/participatory_processes/_form.html.erb +23 -0
- data/decidim-admin/app/views/decidim/admin/participatory_processes/edit.html.erb +11 -0
- data/decidim-admin/app/views/decidim/admin/participatory_processes/index.html.erb +34 -0
- data/decidim-admin/app/views/decidim/admin/participatory_processes/new.html.erb +11 -0
- data/decidim-admin/app/views/decidim/admin/participatory_processes/show.html.erb +20 -0
- data/decidim-admin/app/views/layouts/decidim/admin/_sidebar.html.erb +1 -0
- data/decidim-admin/config/locales/ca.yml +40 -0
- data/decidim-admin/config/locales/en.yml +32 -0
- data/decidim-admin/config/locales/es.yml +40 -0
- data/decidim-admin/config/routes.rb +4 -1
- data/decidim-admin/decidim-admin.gemspec +1 -2
- data/decidim-admin/lib/decidim/admin/engine.rb +1 -1
- data/decidim-admin/spec/features/admin_invite_spec.rb +2 -6
- data/decidim-admin/spec/features/manage_participatory_processes_spec.rb +127 -0
- data/decidim-admin/spec/policies/dashboard_policy_spec.rb +23 -0
- data/decidim-admin/spec/policies/participatory_process_policy_spec.rb +153 -0
- data/decidim-dev/Gemfile +3 -14
- data/decidim-dev/decidim-dev.gemspec +2 -3
- data/decidim-dev/lib/decidim/test/i18n_spec.rb +16 -0
- data/decidim-dev/lib/decidim/test/rspec_support/action_mailer.rb +3 -2
- data/decidim-dev/lib/decidim/test/rspec_support/warden.rb +1 -0
- data/decidim-system/Gemfile +3 -14
- data/decidim-system/Rakefile +0 -5
- data/decidim-system/app/assets/javascripts/decidim/system.js +4 -3
- data/decidim-system/app/commands/decidim/system/register_organization.rb +1 -0
- data/decidim-system/app/forms/decidim/system/register_organization_form.rb +2 -1
- data/decidim-system/app/views/decidim/system/organizations/new.html.erb +4 -0
- data/decidim-system/config/locales/ca.yml +60 -0
- data/decidim-system/config/locales/es.yml +60 -0
- data/decidim-system/decidim-system.gemspec +1 -2
- data/decidim-system/lib/decidim/system/engine.rb +0 -1
- data/decidim-system/spec/commands/decidim/system/register_organization_spec.rb +1 -0
- data/decidim-system/spec/features/organizations_spec.rb +1 -0
- data/decidim.gemspec +1 -0
- data/lib/generators/decidim/templates/Gemfile.erb +0 -11
- metadata +43 -12
- data/common_gemfile.rb +0 -12
- data/decidim-admin/Gemfile.lock +0 -383
- data/decidim-dev/Gemfile.lock +0 -381
- data/decidim-system/Gemfile.lock +0 -377
@@ -8,6 +8,7 @@
|
|
8
8
|
|
9
9
|
<nav class="main-menu">
|
10
10
|
<%= active_link_to t("menu.dashboard", scope: "decidim.admin"), root_path, active: :exact %>
|
11
|
+
<%= active_link_to t("menu.participatory_processes", scope: "decidim.admin"), participatory_processes_path, active: :inclusive %>
|
11
12
|
</nav>
|
12
13
|
|
13
14
|
<%= render partial: 'layouts/decidim/admin/login_items' %>
|
@@ -0,0 +1,40 @@
|
|
1
|
+
---
|
2
|
+
ca:
|
3
|
+
decidim:
|
4
|
+
admin:
|
5
|
+
actions:
|
6
|
+
confirm_destroy: Segur que ho vols eliminar?
|
7
|
+
destroy: Eliminar
|
8
|
+
edit: Editar
|
9
|
+
new: Nou %{name}
|
10
|
+
title: Accions
|
11
|
+
unauthorized: No tens permís per realitzar aquesta acció.
|
12
|
+
menu:
|
13
|
+
dashboard: Tauler de control
|
14
|
+
participatory_processes: Processos participatius
|
15
|
+
models:
|
16
|
+
participatory_process:
|
17
|
+
fields:
|
18
|
+
created_at: Data de creació
|
19
|
+
title: Títol
|
20
|
+
name: Procés participatiu
|
21
|
+
validations:
|
22
|
+
slug_uniqueness: Ja existeix un altre procés participatiu amb el mateix identificador
|
23
|
+
participatory_processes:
|
24
|
+
create:
|
25
|
+
error: S'ha produït un error en crear un nou procés participatiu.
|
26
|
+
success: El procés participatiu s'ha creat correctament.
|
27
|
+
destroy:
|
28
|
+
success: El procés participatiu s'ha eliminat correctament.
|
29
|
+
edit:
|
30
|
+
title: Editar procés participatiu
|
31
|
+
update: Actualitzar procés participatiu
|
32
|
+
new:
|
33
|
+
create: Crear procés participatiu
|
34
|
+
title: Nou procés participatiu
|
35
|
+
update:
|
36
|
+
error: S'ha produït un error en l'actualització d'aquest procés participatiu.
|
37
|
+
success: El procés participatiu s'ha actualitzat correctament.
|
38
|
+
titles:
|
39
|
+
dashboard: Tauler de control
|
40
|
+
participatory_processes: Processos participatius
|
@@ -2,7 +2,39 @@
|
|
2
2
|
en:
|
3
3
|
decidim:
|
4
4
|
admin:
|
5
|
+
actions:
|
6
|
+
confirm_destroy: Are you sure you want to delete this?
|
7
|
+
destroy: Destroy
|
8
|
+
edit: Edit
|
9
|
+
new: New %{name}
|
10
|
+
title: Actions
|
11
|
+
unauthorized: You are not authorized to perform this action
|
5
12
|
menu:
|
6
13
|
dashboard: Dashboard
|
14
|
+
participatory_processes: Participatory processes
|
15
|
+
models:
|
16
|
+
participatory_process:
|
17
|
+
fields:
|
18
|
+
created_at: Created at
|
19
|
+
title: Title
|
20
|
+
name: Participatory process
|
21
|
+
validations:
|
22
|
+
slug_uniqueness: Another participatory process with the same slug already exists
|
23
|
+
participatory_processes:
|
24
|
+
create:
|
25
|
+
error: There was an error creating a new participatory process.
|
26
|
+
success: Participatory process created successfully
|
27
|
+
destroy:
|
28
|
+
success: Participatory process successfully destroyed
|
29
|
+
edit:
|
30
|
+
title: Edit participatory process
|
31
|
+
update: Update participatory process
|
32
|
+
new:
|
33
|
+
create: Create participatory process
|
34
|
+
title: New participatory process
|
35
|
+
update:
|
36
|
+
error: There was an error when updating this participatory process.
|
37
|
+
success: Participatory process updated successfully
|
7
38
|
titles:
|
8
39
|
dashboard: Dashboard
|
40
|
+
participatory_processes: Participatory processes
|
@@ -0,0 +1,40 @@
|
|
1
|
+
---
|
2
|
+
es:
|
3
|
+
decidim:
|
4
|
+
admin:
|
5
|
+
actions:
|
6
|
+
confirm_destroy: ¿Seguro que lo quieres eliminar?
|
7
|
+
destroy: Eliminar
|
8
|
+
edit: Editar
|
9
|
+
new: Nuevo %{name}
|
10
|
+
title: Acciones
|
11
|
+
unauthorized: No tienes permiso para realizar esta acción.
|
12
|
+
menu:
|
13
|
+
dashboard: Panel de control
|
14
|
+
participatory_processes: Procesos participativos
|
15
|
+
models:
|
16
|
+
participatory_process:
|
17
|
+
fields:
|
18
|
+
created_at: Fecha de creación
|
19
|
+
title: Título
|
20
|
+
name: Proceso participativo
|
21
|
+
validations:
|
22
|
+
slug_uniqueness: Ya existe otro proceso participativo con el mismo identificador
|
23
|
+
participatory_processes:
|
24
|
+
create:
|
25
|
+
error: Se ha producido un error al crear un nuevo proceso participativo.
|
26
|
+
success: El proceso participativo se ha creado correctamente.
|
27
|
+
destroy:
|
28
|
+
success: El proceso participativo se ha eliminado correctamente.
|
29
|
+
edit:
|
30
|
+
title: Editar proceso participativo
|
31
|
+
update: Actualizar proceso participativo
|
32
|
+
new:
|
33
|
+
create: Crear proceso participativo
|
34
|
+
title: Nuevo proceso participativo
|
35
|
+
update:
|
36
|
+
error: Se ha producido un error en la actualización de este proceso participativo.
|
37
|
+
success: El proceso participativo se ha actualizado correctamente.
|
38
|
+
titles:
|
39
|
+
dashboard: Panel de control
|
40
|
+
participatory_processes: Procesos participativos
|
@@ -1,4 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
Decidim::Admin::Engine.routes.draw do
|
3
|
-
|
3
|
+
constraints(->(request) { Decidim::Admin::OrganizationDashboardConstraint.new(request).matches? }) do
|
4
|
+
resources :participatory_processes
|
5
|
+
root to: "dashboard#show"
|
6
|
+
end
|
4
7
|
end
|
@@ -27,12 +27,11 @@ Gem::Specification.new do |s|
|
|
27
27
|
s.add_dependency "sass-rails", "~> 5.0.0"
|
28
28
|
s.add_dependency "jquery-rails", "~> 4.0"
|
29
29
|
s.add_dependency "turbolinks", Decidim.rails_version
|
30
|
-
s.add_dependency "jquery-turbolinks", "~> 2.1.0"
|
31
30
|
s.add_dependency "jbuilder", "~> 2.5"
|
32
31
|
s.add_dependency "foundation_rails_helper", "~> 2.0.0"
|
33
32
|
s.add_dependency "active_link_to", "~> 1.0.0"
|
34
33
|
s.add_dependency "pundit", "~> 1.1.0"
|
35
34
|
|
36
|
-
s.add_development_dependency "decidim-dev"
|
35
|
+
s.add_development_dependency "decidim-dev", Decidim.version
|
37
36
|
s.add_development_dependency "pundit-matchers", "~> 1.1.0"
|
38
37
|
end
|
@@ -8,11 +8,11 @@ require "decidim/core"
|
|
8
8
|
require "jquery-rails"
|
9
9
|
require "sass-rails"
|
10
10
|
require "turbolinks"
|
11
|
-
require "jquery-turbolinks"
|
12
11
|
require "foundation-rails"
|
13
12
|
require "foundation_rails_helper"
|
14
13
|
require "jbuilder"
|
15
14
|
require "rectify"
|
15
|
+
require "pundit"
|
16
16
|
|
17
17
|
module Decidim
|
18
18
|
module Admin
|
@@ -10,6 +10,7 @@ describe "Admin invite", type: :feature do
|
|
10
10
|
{
|
11
11
|
name: "Gotham City",
|
12
12
|
host: "decide.lvh.me",
|
13
|
+
organization_admin_name: "Fiorello Henry La Guardia",
|
13
14
|
organization_admin_email: "f.laguardia@gotham.gov"
|
14
15
|
}
|
15
16
|
end
|
@@ -20,13 +21,8 @@ describe "Admin invite", type: :feature do
|
|
20
21
|
end
|
21
22
|
|
22
23
|
describe "Accept an invitation", perform_enqueued: true do
|
23
|
-
let(:email_link) do
|
24
|
-
last_delivery = ActionMailer::Base.deliveries.last.body.encoded
|
25
|
-
URI.extract(last_delivery).last
|
26
|
-
end
|
27
|
-
|
28
24
|
it "asks for a password and redirects to the organization dashboard" do
|
29
|
-
visit
|
25
|
+
visit last_email_link
|
30
26
|
|
31
27
|
fill_in :user_password, with: "123456"
|
32
28
|
fill_in :user_password_confirmation, with: "123456"
|
@@ -0,0 +1,127 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "spec_helper"
|
4
|
+
|
5
|
+
describe "Manage participatory processes", type: :feature do
|
6
|
+
let(:organization) { create(:organization) }
|
7
|
+
let(:admin) { create(:user, :admin, :confirmed, organization: organization) }
|
8
|
+
let!(:participatory_process) { create(:process, organization: organization) }
|
9
|
+
|
10
|
+
before do
|
11
|
+
switch_to_host(organization.host)
|
12
|
+
login_as admin, scope: :user
|
13
|
+
visit decidim_admin.participatory_processes_path
|
14
|
+
end
|
15
|
+
|
16
|
+
it "creates a new participatory_process" do
|
17
|
+
find(".actions .new").click
|
18
|
+
|
19
|
+
within ".new_participatory_process" do
|
20
|
+
fill_in :participatory_process_title_en, with: "My participatory process"
|
21
|
+
fill_in :participatory_process_title_es, with: "Mi proceso participativo"
|
22
|
+
fill_in :participatory_process_title_ca, with: "El meu procés participatiu"
|
23
|
+
fill_in :participatory_process_subtitle_en, with: "Subtitle"
|
24
|
+
fill_in :participatory_process_subtitle_es, with: "Subtítulo"
|
25
|
+
fill_in :participatory_process_subtitle_ca, with: "Subtítol"
|
26
|
+
fill_in :participatory_process_slug, with: "slug"
|
27
|
+
fill_in :participatory_process_hashtag, with: "#hashtag"
|
28
|
+
fill_in :participatory_process_short_description_en, with: "Short description"
|
29
|
+
fill_in :participatory_process_short_description_es, with: "Descripción corta"
|
30
|
+
fill_in :participatory_process_short_description_ca, with: "Descripció curta"
|
31
|
+
fill_in :participatory_process_description_en, with: "A longer description"
|
32
|
+
fill_in :participatory_process_description_es, with: "Descripción más larga"
|
33
|
+
fill_in :participatory_process_description_ca, with: "Descripció més llarga"
|
34
|
+
|
35
|
+
find("*[type=submit]").click
|
36
|
+
end
|
37
|
+
|
38
|
+
within ".flash" do
|
39
|
+
expect(page).to have_content("successfully")
|
40
|
+
end
|
41
|
+
|
42
|
+
within "table" do
|
43
|
+
expect(page).to have_content("My participatory process")
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
it "updates an participatory_process" do
|
48
|
+
within find("tr", text: participatory_process.title["en"]) do
|
49
|
+
click_link "Edit"
|
50
|
+
end
|
51
|
+
|
52
|
+
within ".edit_participatory_process" do
|
53
|
+
fill_in :participatory_process_title_en, with: "My new title"
|
54
|
+
fill_in :participatory_process_title_es, with: "Mi nuevo título"
|
55
|
+
fill_in :participatory_process_title_ca, with: "El meu nou títol"
|
56
|
+
|
57
|
+
find("*[type=submit]").click
|
58
|
+
end
|
59
|
+
|
60
|
+
within ".flash" do
|
61
|
+
expect(page).to have_content("successfully")
|
62
|
+
end
|
63
|
+
|
64
|
+
within "table" do
|
65
|
+
expect(page).to have_content("My new title")
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
context "deleting a participatory process" do
|
70
|
+
let!(:participatory_process2) { create(:process, organization: organization) }
|
71
|
+
|
72
|
+
before do
|
73
|
+
visit decidim_admin.participatory_processes_path
|
74
|
+
end
|
75
|
+
|
76
|
+
it "deletes a participatory_process" do
|
77
|
+
within find("tr", text: participatory_process2.title["en"]) do
|
78
|
+
click_link "Destroy"
|
79
|
+
end
|
80
|
+
|
81
|
+
within ".flash" do
|
82
|
+
expect(page).to have_content("successfully")
|
83
|
+
end
|
84
|
+
|
85
|
+
within "table" do
|
86
|
+
expect(page).to_not have_content(participatory_process2.title)
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
context "when there are multiple organizations in the system" do
|
92
|
+
let!(:external_participatory_process) { create(:process) }
|
93
|
+
|
94
|
+
before do
|
95
|
+
visit decidim_admin.participatory_processes_path
|
96
|
+
end
|
97
|
+
|
98
|
+
it "doesn't let the admin manage processes form other organizations" do
|
99
|
+
within "table" do
|
100
|
+
expect(page).to_not have_content(external_participatory_process.title)
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
context "when the user is not authorized to perform some actions" do
|
106
|
+
let(:policy_double) { double edit?: policy_edit }
|
107
|
+
let(:policy_edit) { true }
|
108
|
+
|
109
|
+
before do
|
110
|
+
allow(Decidim::Admin::ParticipatoryProcessPolicy)
|
111
|
+
.to receive(:new)
|
112
|
+
.and_return(policy_double)
|
113
|
+
end
|
114
|
+
|
115
|
+
context "it can't edit a record" do
|
116
|
+
let(:policy_edit) { false }
|
117
|
+
|
118
|
+
context 'when the user tries to manually access to the edition page' do
|
119
|
+
it "is redirected to the root path" do
|
120
|
+
visit decidim_admin.edit_participatory_process_path(participatory_process)
|
121
|
+
expect(page).to have_content("You are not authorized to perform this action")
|
122
|
+
expect(current_path).to eq decidim_admin.root_path
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|
126
|
+
end
|
127
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require "spec_helper"
|
2
|
+
|
3
|
+
module Decidim
|
4
|
+
module Admin
|
5
|
+
describe DashboardPolicy do
|
6
|
+
subject { described_class.new(user, :dashboard) }
|
7
|
+
|
8
|
+
context "show?" do
|
9
|
+
context "being a regular user" do
|
10
|
+
let(:user) { create(:user) }
|
11
|
+
|
12
|
+
it { is_expected.to forbid_action(:show) }
|
13
|
+
end
|
14
|
+
|
15
|
+
context "being an admin" do
|
16
|
+
let(:user) { create(:user, :admin) }
|
17
|
+
|
18
|
+
it { is_expected.to permit_action(:show) }
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,153 @@
|
|
1
|
+
require "spec_helper"
|
2
|
+
|
3
|
+
module Decidim
|
4
|
+
module Admin
|
5
|
+
describe ParticipatoryProcessPolicy do
|
6
|
+
let(:organization) { create :organization }
|
7
|
+
let(:organization2) { create :organization }
|
8
|
+
let(:process) { create(:process, organization: organization) }
|
9
|
+
|
10
|
+
subject { described_class.new(user, process) }
|
11
|
+
|
12
|
+
context "create?" do
|
13
|
+
context "being a regular user" do
|
14
|
+
let(:user) { create(:user) }
|
15
|
+
|
16
|
+
it { is_expected.to forbid_action(:create) }
|
17
|
+
end
|
18
|
+
|
19
|
+
context "being an admin" do
|
20
|
+
let(:user) { create(:user, :admin) }
|
21
|
+
|
22
|
+
it { is_expected.to permit_action(:create) }
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
context "new?" do
|
27
|
+
context "being a regular user" do
|
28
|
+
let(:user) { create(:user) }
|
29
|
+
|
30
|
+
it { is_expected.to forbid_action(:new) }
|
31
|
+
end
|
32
|
+
|
33
|
+
context "being an admin" do
|
34
|
+
let(:user) { create(:user, :admin) }
|
35
|
+
|
36
|
+
it { is_expected.to permit_action(:new) }
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
context "index?" do
|
41
|
+
let(:process) { [create(:process, organization: organization)] }
|
42
|
+
|
43
|
+
context "being a regular user" do
|
44
|
+
let(:user) { create(:user) }
|
45
|
+
|
46
|
+
it { is_expected.to forbid_action(:index) }
|
47
|
+
end
|
48
|
+
|
49
|
+
context "being an admin" do
|
50
|
+
let(:user) { create(:user, :admin, organization: organization) }
|
51
|
+
|
52
|
+
context "with the same organization" do
|
53
|
+
it { is_expected.to permit_action(:index) }
|
54
|
+
end
|
55
|
+
|
56
|
+
context "with a different organization" do
|
57
|
+
let(:user) { create(:user, :admin, organization: organization2) }
|
58
|
+
|
59
|
+
it { is_expected.to forbid_action(:index) }
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
context "show?" do
|
65
|
+
context "being a regular user" do
|
66
|
+
let(:user) { create(:user) }
|
67
|
+
|
68
|
+
it { is_expected.to forbid_action(:show) }
|
69
|
+
end
|
70
|
+
|
71
|
+
context "being an admin" do
|
72
|
+
let(:user) { create(:user, :admin, organization: organization) }
|
73
|
+
|
74
|
+
context "with the same organization" do
|
75
|
+
it { is_expected.to permit_action(:show) }
|
76
|
+
end
|
77
|
+
|
78
|
+
context "with a different organization" do
|
79
|
+
let(:user) { create(:user, :admin, organization: organization2) }
|
80
|
+
|
81
|
+
it { is_expected.to forbid_action(:show) }
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
context "edit?" do
|
87
|
+
context "being a regular user" do
|
88
|
+
let(:user) { create(:user) }
|
89
|
+
|
90
|
+
it { is_expected.to forbid_action(:edit) }
|
91
|
+
end
|
92
|
+
|
93
|
+
context "being an admin" do
|
94
|
+
let(:user) { create(:user, :admin, organization: organization) }
|
95
|
+
|
96
|
+
context "with the same organization" do
|
97
|
+
it { is_expected.to permit_action(:edit) }
|
98
|
+
end
|
99
|
+
|
100
|
+
context "with a different organization" do
|
101
|
+
let(:user) { create(:user, :admin, organization: organization2) }
|
102
|
+
|
103
|
+
it { is_expected.to forbid_action(:edit) }
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
108
|
+
context "update?" do
|
109
|
+
context "being a regular user" do
|
110
|
+
let(:user) { create(:user) }
|
111
|
+
|
112
|
+
it { is_expected.to forbid_action(:update) }
|
113
|
+
end
|
114
|
+
|
115
|
+
context "being an admin" do
|
116
|
+
let(:user) { create(:user, :admin, organization: organization) }
|
117
|
+
|
118
|
+
context "with the same organization" do
|
119
|
+
it { is_expected.to permit_action(:update) }
|
120
|
+
end
|
121
|
+
|
122
|
+
context "with a different organization" do
|
123
|
+
let(:user) { create(:user, :admin, organization: organization2) }
|
124
|
+
|
125
|
+
it { is_expected.to forbid_action(:update) }
|
126
|
+
end
|
127
|
+
end
|
128
|
+
end
|
129
|
+
|
130
|
+
context "destroy?" do
|
131
|
+
context "being a regular user" do
|
132
|
+
let(:user) { create(:user) }
|
133
|
+
|
134
|
+
it { is_expected.to forbid_action(:destroy) }
|
135
|
+
end
|
136
|
+
|
137
|
+
context "being an admin" do
|
138
|
+
let(:user) { create(:user, :admin, organization: organization) }
|
139
|
+
|
140
|
+
context "with the same organization" do
|
141
|
+
it { is_expected.to permit_action(:destroy) }
|
142
|
+
end
|
143
|
+
|
144
|
+
context "with a different organization" do
|
145
|
+
let(:user) { create(:user, :admin, organization: organization2) }
|
146
|
+
|
147
|
+
it { is_expected.to forbid_action(:destroy) }
|
148
|
+
end
|
149
|
+
end
|
150
|
+
end
|
151
|
+
end
|
152
|
+
end
|
153
|
+
end
|