decidim 0.0.1.alpha7 → 0.0.1.alpha8
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of decidim might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.codeclimate.yml +2 -1
- data/.eslintignore +1 -0
- data/.eslintrc.json +12 -0
- data/.github/ISSUE_TEMPLATE.md +12 -0
- data/.github/PULL_REQUEST_TEMPLATE.md +8 -11
- data/.gitignore +1 -0
- data/.hound.yml +4 -0
- data/.rubocop.yml +14 -1
- data/.travis.yml +20 -4
- data/CODE_OF_CONDUCT.md +1 -1
- data/Dockerfile +1 -0
- data/Gemfile +3 -2
- data/Gemfile.common +1 -1
- data/Gemfile.lock +68 -39
- data/LICENSE.txt +619 -21
- data/README.md +17 -13
- data/Rakefile +1 -1
- data/codecov.yml +6 -1
- data/crowdin.yaml +4 -0
- data/decidim-admin/LICENSE.txt +619 -0
- data/decidim-admin/README.md +1 -1
- data/decidim-admin/app/assets/javascripts/decidim/admin/application.js.es6 +12 -0
- data/decidim-admin/app/assets/javascripts/decidim/admin/sort_steps.js.es6 +21 -0
- data/decidim-admin/app/assets/stylesheets/decidim/admin/_tables.scss +9 -0
- data/decidim-admin/app/commands/decidim/admin/activate_participatory_process_step.rb +43 -0
- data/decidim-admin/app/commands/decidim/admin/create_participatory_process.rb +1 -0
- data/decidim-admin/app/commands/decidim/admin/create_participatory_process_step.rb +46 -0
- data/decidim-admin/app/commands/decidim/admin/deactivate_participatory_process_step.rb +35 -0
- data/decidim-admin/app/commands/decidim/admin/publish_participatory_process.rb +35 -0
- data/decidim-admin/app/commands/decidim/admin/reorder_participatory_process_steps.rb +47 -0
- data/decidim-admin/app/commands/decidim/admin/unpublish_participatory_process.rb +35 -0
- data/decidim-admin/app/commands/decidim/admin/update_participatory_process.rb +1 -0
- data/decidim-admin/app/commands/decidim/admin/update_participatory_process_step.rb +49 -0
- data/decidim-admin/app/constraints/decidim/admin/organization_dashboard_constraint.rb +1 -1
- data/decidim-admin/app/controllers/decidim/admin/application_controller.rb +4 -0
- data/decidim-admin/app/controllers/decidim/admin/dashboard_controller.rb +1 -9
- data/decidim-admin/app/controllers/decidim/admin/participatory_process_publications_controller.rb +49 -0
- data/decidim-admin/app/controllers/decidim/admin/participatory_process_step_activations_controller.rb +56 -0
- data/decidim-admin/app/controllers/decidim/admin/participatory_process_step_ordering_controller.rb +30 -0
- data/decidim-admin/app/controllers/decidim/admin/participatory_process_steps_controller.rb +81 -0
- data/decidim-admin/app/controllers/decidim/admin/participatory_processes_controller.rb +7 -12
- data/decidim-admin/app/forms/decidim/admin/participatory_process_form.rb +1 -0
- data/decidim-admin/app/forms/decidim/admin/participatory_process_step_form.rb +25 -0
- data/decidim-admin/app/helpers/decidim/admin/application_helper.rb +1 -0
- data/decidim-admin/app/mailers/decidim/admin/application_mailer.rb +1 -1
- data/decidim-admin/app/models/decidim/admin/abilities/admin.rb +21 -0
- data/decidim-admin/app/views/decidim/admin/participatory_process_steps/_form.html.erb +19 -0
- data/decidim-admin/app/views/decidim/admin/participatory_process_steps/_table.html.erb +53 -0
- data/decidim-admin/app/views/decidim/admin/participatory_process_steps/edit.html.erb +11 -0
- data/decidim-admin/app/views/decidim/admin/participatory_process_steps/new.html.erb +11 -0
- data/decidim-admin/app/views/decidim/admin/participatory_process_steps/show.html.erb +22 -0
- data/decidim-admin/app/views/decidim/admin/participatory_processes/_form.html.erb +4 -0
- data/decidim-admin/app/views/decidim/admin/participatory_processes/index.html.erb +22 -2
- data/decidim-admin/app/views/decidim/admin/participatory_processes/show.html.erb +21 -2
- data/decidim-admin/config/i18n-tasks.yml +2 -2
- data/decidim-admin/config/locales/ca.yml +55 -2
- data/decidim-admin/config/locales/en.yml +55 -2
- data/decidim-admin/config/locales/es.yml +56 -3
- data/decidim-admin/config/routes.rb +10 -1
- data/decidim-admin/decidim-admin.gemspec +6 -7
- data/decidim-admin/lib/decidim/admin/engine.rb +6 -1
- data/decidim-admin/spec/commands/activate_participatory_process_step_spec.rb +44 -0
- data/decidim-admin/spec/commands/deactivate_participatory_process_step_spec.rb +35 -0
- data/decidim-admin/spec/commands/publish_participatory_process_spec.rb +35 -0
- data/decidim-admin/spec/commands/reorder_participatory_process_steps_spec.rb +53 -0
- data/decidim-admin/spec/commands/unpublish_participatory_process_spec.rb +35 -0
- data/decidim-admin/spec/controllers/participatory_processes_controller_spec.rb +32 -0
- data/decidim-admin/spec/features/manage_participatory_process_steps_spec.rb +151 -0
- data/decidim-admin/spec/features/manage_participatory_processes_spec.rb +87 -39
- data/decidim-admin/spec/forms/participatory_process_form_spec.rb +122 -0
- data/decidim-admin/spec/forms/participatory_process_step_form_spec.rb +113 -0
- data/decidim-admin/spec/models/abilities/admin_spec.rb +25 -0
- data/decidim-admin/spec/spec_helper.rb +0 -1
- data/decidim-admin/vendor/assets/javascripts/html.sortable.min.js +2 -0
- data/decidim-api/.gitignore +7 -0
- data/decidim-api/LICENSE.txt +619 -0
- data/decidim-api/README.md +28 -0
- data/decidim-api/Rakefile +27 -0
- data/decidim-api/app/controllers/decidim/api/application_controller.rb +9 -0
- data/decidim-api/app/controllers/decidim/api/queries_controller.rb +33 -0
- data/decidim-api/app/schemas/decidim/api/schema.rb +9 -0
- data/decidim-api/app/types/decidim/api/localized_string_type.rb +13 -0
- data/decidim-api/app/types/decidim/api/process_step_type.rb +26 -0
- data/decidim-api/app/types/decidim/api/process_type.rb +18 -0
- data/decidim-api/app/types/decidim/api/query_type.rb +19 -0
- data/decidim-api/app/types/decidim/api/translated_field_type.rb +44 -0
- data/decidim-api/bin/rails +14 -0
- data/decidim-api/config/routes.rb +6 -0
- data/decidim-api/decidim-api.gemspec +27 -0
- data/decidim-api/lib/decidim/api.rb +9 -0
- data/decidim-api/lib/decidim/api/engine.rb +22 -0
- data/decidim-api/lib/tasks/decidim/api_tasks.rake +5 -0
- data/decidim-api/spec/controllers/queries_controller_spec.rb +22 -0
- data/decidim-api/spec/factories.rb +1 -0
- data/decidim-api/spec/schemas/schema_spec.rb +38 -0
- data/decidim-api/spec/spec_helper.rb +2 -0
- data/decidim-api/spec/support/type_helpers.rb +46 -0
- data/decidim-api/spec/types/localized_string_type_spec.rb +30 -0
- data/decidim-api/spec/types/process_step_type_spec.rb +50 -0
- data/decidim-api/spec/types/process_type_spec.rb +39 -0
- data/decidim-api/spec/types/query_type_spec.rb +24 -0
- data/decidim-api/spec/types/translated_field_type_spec.rb +68 -0
- data/decidim-dev/README.md +1 -1
- data/decidim-dev/decidim-dev.gemspec +5 -3
- data/decidim-dev/lib/decidim/dummy_authorization_handler.rb +18 -0
- data/decidim-dev/lib/decidim/test/authorization_shared_examples.rb +31 -0
- data/decidim-dev/lib/decidim/test/base_spec_helper.rb +6 -1
- data/decidim-dev/lib/decidim/test/rspec_support/authenticated_controller_context.rb +9 -0
- data/decidim-dev/lib/decidim/test/rspec_support/authorization_handlers.rb +7 -0
- data/decidim-dev/lib/decidim/test/rspec_support/bullet.rb +15 -0
- data/decidim-dev/lib/decidim/test/rspec_support/engine_routes.rb +30 -0
- data/decidim-dev/lib/decidim/test/rspec_support/translation_helpers.rb +12 -0
- data/decidim-dev/lib/generators/decidim/dummy_generator.rb +10 -0
- data/decidim-dev/lib/generators/decidim/templates/bullet.rb +6 -0
- data/decidim-system/LICENSE.txt +619 -0
- data/decidim-system/README.md +1 -1
- data/decidim-system/app/assets/javascripts/decidim/system/application.js.es6 +10 -0
- data/decidim-system/app/mailers/decidim/system/application_mailer.rb +1 -1
- data/decidim-system/decidim-system.gemspec +4 -4
- data/decidim.gemspec +3 -2
- data/lib/decidim.rb +1 -6
- data/lib/generators/decidim/app_generator.rb +13 -1
- data/lib/generators/decidim/install_generator.rb +11 -2
- data/lib/generators/decidim/templates/Gemfile.erb +5 -2
- data/lib/generators/decidim/templates/authorization_handler.rb +50 -0
- data/lib/generators/decidim/templates/carrierwave.rb +27 -0
- data/lib/generators/decidim/templates/decidim.scss.erb +3 -0
- data/lib/generators/decidim/templates/initializer.rb +3 -1
- data/package.json +21 -0
- data/yarn.lock +890 -0
- metadata +102 -21
- data/.eslintrc +0 -213
- data/decidim-admin/app/assets/javascripts/decidim/admin/application.js +0 -22
- data/decidim-admin/app/controllers/concerns/decidim/needs_authorization.rb +0 -50
- data/decidim-admin/app/policies/decidim/admin/application_policy.rb +0 -20
- data/decidim-admin/app/policies/decidim/admin/dashboard_policy.rb +0 -15
- data/decidim-admin/app/policies/decidim/admin/organization_policy.rb +0 -15
- data/decidim-admin/app/policies/decidim/admin/participatory_process_policy.rb +0 -57
- data/decidim-admin/spec/policies/dashboard_policy_spec.rb +0 -23
- data/decidim-admin/spec/policies/organization_policy_spec.rb +0 -41
- data/decidim-admin/spec/policies/participatory_process_policy_spec.rb +0 -153
- data/decidim-system/app/assets/javascripts/decidim/system/application.js +0 -22
@@ -1,22 +0,0 @@
|
|
1
|
-
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
-
// listed below.
|
3
|
-
//
|
4
|
-
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
-
// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
|
6
|
-
//
|
7
|
-
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
-
// compiled file. JavaScript code in this file should be added after the last require_* statement.
|
9
|
-
//
|
10
|
-
// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
|
11
|
-
// about supported directives.
|
12
|
-
//
|
13
|
-
//= require jquery
|
14
|
-
//= require jquery_ujs
|
15
|
-
//= require foundation
|
16
|
-
//= require turbolinks
|
17
|
-
//= require_self
|
18
|
-
|
19
|
-
$(document).on("turbolinks:load", function() {
|
20
|
-
$(function(){ $(document).foundation(); });
|
21
|
-
});
|
22
|
-
|
@@ -1,50 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "active_support/concern"
|
4
|
-
|
5
|
-
module Decidim
|
6
|
-
# Shared behaviour for controllers that need authorization to work.
|
7
|
-
module NeedsAuthorization
|
8
|
-
extend ActiveSupport::Concern
|
9
|
-
|
10
|
-
included do
|
11
|
-
include Pundit
|
12
|
-
after_action :verify_authorized
|
13
|
-
|
14
|
-
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
|
15
|
-
|
16
|
-
private
|
17
|
-
|
18
|
-
# Overwrites the `policy` method from the `pundit` gem in order to be
|
19
|
-
# able to specify which policy class should be used in each case. This is
|
20
|
-
# due to `pundit` failing to correctly identify the policy class when the
|
21
|
-
# model class name is scoped and the policy class is in a different scope
|
22
|
-
# (eg. `Decidim::ParticipatoryProcess` and
|
23
|
-
# `Decidim::Admin::ParticipatoryProcessPolicy`). The original method does
|
24
|
-
# not let us specify the correct class.
|
25
|
-
#
|
26
|
-
# Remember that, in order to make this work, you'll need to define the
|
27
|
-
# `policy_class` method in the controller, which should only return a
|
28
|
-
# policy class name.
|
29
|
-
#
|
30
|
-
# record - the record that will be evaluated against the policy class.
|
31
|
-
def policy(record)
|
32
|
-
policies[record] ||= policy_class.new(current_user, record)
|
33
|
-
end
|
34
|
-
|
35
|
-
# Needed in order to make the `policy` method work. Overwirite it in the
|
36
|
-
# given controller and make it return a Policy class.
|
37
|
-
def policy_class
|
38
|
-
raise NotImplementedError, "Define this method and make it return a policy class name in order to make it work"
|
39
|
-
end
|
40
|
-
|
41
|
-
# Handles the case when a user visits a path that is not allowed to them.
|
42
|
-
# Redirects the user to the root path and shows a flash message telling
|
43
|
-
# them they are not authorized.
|
44
|
-
def user_not_authorized
|
45
|
-
flash[:alert] = t("actions.unauthorized", scope: "decidim.admin")
|
46
|
-
redirect_to(request.referrer || decidim_admin.root_path)
|
47
|
-
end
|
48
|
-
end
|
49
|
-
end
|
50
|
-
end
|
@@ -1,20 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
module Decidim
|
3
|
-
module Admin
|
4
|
-
# Main application policy so we don't ahve to repeat the initialization
|
5
|
-
# code in each Policy. To be used with Pundit.
|
6
|
-
class ApplicationPolicy
|
7
|
-
attr_reader :user, :record
|
8
|
-
|
9
|
-
# Initializes a Policy.
|
10
|
-
#
|
11
|
-
# user - The User that we want to authorize.
|
12
|
-
# record - The record on which to perform the authorizations.
|
13
|
-
#
|
14
|
-
def initialize(user, record)
|
15
|
-
@user = user
|
16
|
-
@record = record
|
17
|
-
end
|
18
|
-
end
|
19
|
-
end
|
20
|
-
end
|
@@ -1,15 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
module Decidim
|
3
|
-
module Admin
|
4
|
-
# A policy to define all the authorizations regarding a
|
5
|
-
# ParticipatoryProcess, to be used with Pundit.
|
6
|
-
class DashboardPolicy < ApplicationPolicy
|
7
|
-
# Checks if the user can see the admin dashboard.
|
8
|
-
#
|
9
|
-
# Returns a Boolean.
|
10
|
-
def show?
|
11
|
-
user.roles.include?("admin")
|
12
|
-
end
|
13
|
-
end
|
14
|
-
end
|
15
|
-
end
|
@@ -1,15 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
module Decidim
|
3
|
-
module Admin
|
4
|
-
# A policy to define all the authorizations regarding an Organization, to
|
5
|
-
# be used with Pundit.
|
6
|
-
class OrganizationPolicy < ApplicationPolicy
|
7
|
-
# Checks if the user can update an organization.
|
8
|
-
#
|
9
|
-
# Returns a Boolean.
|
10
|
-
def update?
|
11
|
-
user.roles.include?("admin") && user.organization == record
|
12
|
-
end
|
13
|
-
end
|
14
|
-
end
|
15
|
-
end
|
@@ -1,57 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
module Decidim
|
3
|
-
module Admin
|
4
|
-
# A policy to define all the authorizations regarding a
|
5
|
-
# ParticipatoryProcess, to be used with Pundit.
|
6
|
-
class ParticipatoryProcessPolicy < ApplicationPolicy
|
7
|
-
# Checks if the user can see the form for participatory process creation.
|
8
|
-
#
|
9
|
-
# Returns a Boolean.
|
10
|
-
def new?
|
11
|
-
user.roles.include?("admin")
|
12
|
-
end
|
13
|
-
|
14
|
-
# Checks if the user can create a participatory process.
|
15
|
-
#
|
16
|
-
# Returns a Boolean.
|
17
|
-
def create?
|
18
|
-
user.roles.include?("admin")
|
19
|
-
end
|
20
|
-
|
21
|
-
# Checks if the user can list a participatory process.
|
22
|
-
#
|
23
|
-
# Returns a Boolean.
|
24
|
-
def index?
|
25
|
-
user.roles.include?("admin") && user.organization == record.first.organization
|
26
|
-
end
|
27
|
-
|
28
|
-
# Checks if the user can see a participatory process.
|
29
|
-
#
|
30
|
-
# Returns a Boolean.
|
31
|
-
def show?
|
32
|
-
user.roles.include?("admin") && user.organization == record.organization
|
33
|
-
end
|
34
|
-
|
35
|
-
# Checks if the user can edit a participatory process.
|
36
|
-
#
|
37
|
-
# Returns a Boolean.
|
38
|
-
def edit?
|
39
|
-
user.roles.include?("admin") && user.organization == record.organization
|
40
|
-
end
|
41
|
-
|
42
|
-
# Checks if the user can update a participatory process.
|
43
|
-
#
|
44
|
-
# Returns a Boolean.
|
45
|
-
def update?
|
46
|
-
user.roles.include?("admin") && user.organization == record.organization
|
47
|
-
end
|
48
|
-
|
49
|
-
# Checks if the user can destroy a participatory process.
|
50
|
-
#
|
51
|
-
# Returns a Boolean.
|
52
|
-
def destroy?
|
53
|
-
user.roles.include?("admin") && user.organization == record.organization
|
54
|
-
end
|
55
|
-
end
|
56
|
-
end
|
57
|
-
end
|
@@ -1,23 +0,0 @@
|
|
1
|
-
require "spec_helper"
|
2
|
-
|
3
|
-
module Decidim
|
4
|
-
module Admin
|
5
|
-
describe DashboardPolicy do
|
6
|
-
subject { described_class.new(user, :dashboard) }
|
7
|
-
|
8
|
-
context "show?" do
|
9
|
-
context "being a regular user" do
|
10
|
-
let(:user) { create(:user) }
|
11
|
-
|
12
|
-
it { is_expected.to forbid_action(:show) }
|
13
|
-
end
|
14
|
-
|
15
|
-
context "being an admin" do
|
16
|
-
let(:user) { create(:user, :admin) }
|
17
|
-
|
18
|
-
it { is_expected.to permit_action(:show) }
|
19
|
-
end
|
20
|
-
end
|
21
|
-
end
|
22
|
-
end
|
23
|
-
end
|
@@ -1,41 +0,0 @@
|
|
1
|
-
require "spec_helper"
|
2
|
-
|
3
|
-
module Decidim
|
4
|
-
module Admin
|
5
|
-
describe OrganizationPolicy do
|
6
|
-
let(:organization) { create(:organization) }
|
7
|
-
|
8
|
-
subject { described_class.new(user, organization) }
|
9
|
-
|
10
|
-
context "within the same organization" do
|
11
|
-
context "being a regular user" do
|
12
|
-
let(:user) { create(:user, organization: organization) }
|
13
|
-
|
14
|
-
it { is_expected.to forbid_action(:update) }
|
15
|
-
end
|
16
|
-
|
17
|
-
context "being an admin" do
|
18
|
-
let(:user) { create(:user, :admin, organization: organization) }
|
19
|
-
|
20
|
-
it { is_expected.to permit_action(:update) }
|
21
|
-
end
|
22
|
-
end
|
23
|
-
|
24
|
-
context "in another organization" do
|
25
|
-
let(:other_organization) { create(:organization) }
|
26
|
-
|
27
|
-
context "being a regular user" do
|
28
|
-
let(:user) { create(:user, organization: other_organization) }
|
29
|
-
|
30
|
-
it { is_expected.to forbid_action(:update) }
|
31
|
-
end
|
32
|
-
|
33
|
-
context "being an admin" do
|
34
|
-
let(:user) { create(:user, :admin, organization: other_organization) }
|
35
|
-
|
36
|
-
it { is_expected.to forbid_action(:update) }
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
@@ -1,153 +0,0 @@
|
|
1
|
-
require "spec_helper"
|
2
|
-
|
3
|
-
module Decidim
|
4
|
-
module Admin
|
5
|
-
describe ParticipatoryProcessPolicy do
|
6
|
-
let(:organization) { create :organization }
|
7
|
-
let(:organization2) { create :organization }
|
8
|
-
let(:process) { create(:process, organization: organization) }
|
9
|
-
|
10
|
-
subject { described_class.new(user, process) }
|
11
|
-
|
12
|
-
context "create?" do
|
13
|
-
context "being a regular user" do
|
14
|
-
let(:user) { create(:user) }
|
15
|
-
|
16
|
-
it { is_expected.to forbid_action(:create) }
|
17
|
-
end
|
18
|
-
|
19
|
-
context "being an admin" do
|
20
|
-
let(:user) { create(:user, :admin) }
|
21
|
-
|
22
|
-
it { is_expected.to permit_action(:create) }
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
context "new?" do
|
27
|
-
context "being a regular user" do
|
28
|
-
let(:user) { create(:user) }
|
29
|
-
|
30
|
-
it { is_expected.to forbid_action(:new) }
|
31
|
-
end
|
32
|
-
|
33
|
-
context "being an admin" do
|
34
|
-
let(:user) { create(:user, :admin) }
|
35
|
-
|
36
|
-
it { is_expected.to permit_action(:new) }
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
context "index?" do
|
41
|
-
let(:process) { [create(:process, organization: organization)] }
|
42
|
-
|
43
|
-
context "being a regular user" do
|
44
|
-
let(:user) { create(:user) }
|
45
|
-
|
46
|
-
it { is_expected.to forbid_action(:index) }
|
47
|
-
end
|
48
|
-
|
49
|
-
context "being an admin" do
|
50
|
-
let(:user) { create(:user, :admin, organization: organization) }
|
51
|
-
|
52
|
-
context "with the same organization" do
|
53
|
-
it { is_expected.to permit_action(:index) }
|
54
|
-
end
|
55
|
-
|
56
|
-
context "with a different organization" do
|
57
|
-
let(:user) { create(:user, :admin, organization: organization2) }
|
58
|
-
|
59
|
-
it { is_expected.to forbid_action(:index) }
|
60
|
-
end
|
61
|
-
end
|
62
|
-
end
|
63
|
-
|
64
|
-
context "show?" do
|
65
|
-
context "being a regular user" do
|
66
|
-
let(:user) { create(:user) }
|
67
|
-
|
68
|
-
it { is_expected.to forbid_action(:show) }
|
69
|
-
end
|
70
|
-
|
71
|
-
context "being an admin" do
|
72
|
-
let(:user) { create(:user, :admin, organization: organization) }
|
73
|
-
|
74
|
-
context "with the same organization" do
|
75
|
-
it { is_expected.to permit_action(:show) }
|
76
|
-
end
|
77
|
-
|
78
|
-
context "with a different organization" do
|
79
|
-
let(:user) { create(:user, :admin, organization: organization2) }
|
80
|
-
|
81
|
-
it { is_expected.to forbid_action(:show) }
|
82
|
-
end
|
83
|
-
end
|
84
|
-
end
|
85
|
-
|
86
|
-
context "edit?" do
|
87
|
-
context "being a regular user" do
|
88
|
-
let(:user) { create(:user) }
|
89
|
-
|
90
|
-
it { is_expected.to forbid_action(:edit) }
|
91
|
-
end
|
92
|
-
|
93
|
-
context "being an admin" do
|
94
|
-
let(:user) { create(:user, :admin, organization: organization) }
|
95
|
-
|
96
|
-
context "with the same organization" do
|
97
|
-
it { is_expected.to permit_action(:edit) }
|
98
|
-
end
|
99
|
-
|
100
|
-
context "with a different organization" do
|
101
|
-
let(:user) { create(:user, :admin, organization: organization2) }
|
102
|
-
|
103
|
-
it { is_expected.to forbid_action(:edit) }
|
104
|
-
end
|
105
|
-
end
|
106
|
-
end
|
107
|
-
|
108
|
-
context "update?" do
|
109
|
-
context "being a regular user" do
|
110
|
-
let(:user) { create(:user) }
|
111
|
-
|
112
|
-
it { is_expected.to forbid_action(:update) }
|
113
|
-
end
|
114
|
-
|
115
|
-
context "being an admin" do
|
116
|
-
let(:user) { create(:user, :admin, organization: organization) }
|
117
|
-
|
118
|
-
context "with the same organization" do
|
119
|
-
it { is_expected.to permit_action(:update) }
|
120
|
-
end
|
121
|
-
|
122
|
-
context "with a different organization" do
|
123
|
-
let(:user) { create(:user, :admin, organization: organization2) }
|
124
|
-
|
125
|
-
it { is_expected.to forbid_action(:update) }
|
126
|
-
end
|
127
|
-
end
|
128
|
-
end
|
129
|
-
|
130
|
-
context "destroy?" do
|
131
|
-
context "being a regular user" do
|
132
|
-
let(:user) { create(:user) }
|
133
|
-
|
134
|
-
it { is_expected.to forbid_action(:destroy) }
|
135
|
-
end
|
136
|
-
|
137
|
-
context "being an admin" do
|
138
|
-
let(:user) { create(:user, :admin, organization: organization) }
|
139
|
-
|
140
|
-
context "with the same organization" do
|
141
|
-
it { is_expected.to permit_action(:destroy) }
|
142
|
-
end
|
143
|
-
|
144
|
-
context "with a different organization" do
|
145
|
-
let(:user) { create(:user, :admin, organization: organization2) }
|
146
|
-
|
147
|
-
it { is_expected.to forbid_action(:destroy) }
|
148
|
-
end
|
149
|
-
end
|
150
|
-
end
|
151
|
-
end
|
152
|
-
end
|
153
|
-
end
|
@@ -1,22 +0,0 @@
|
|
1
|
-
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
-
// listed below.
|
3
|
-
//
|
4
|
-
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
-
// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
|
6
|
-
//
|
7
|
-
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
-
// compiled file. JavaScript code in this file should be added after the last require_* statement.
|
9
|
-
//
|
10
|
-
// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
|
11
|
-
// about supported directives.
|
12
|
-
//
|
13
|
-
//= require jquery
|
14
|
-
//= require jquery_ujs
|
15
|
-
//= require foundation
|
16
|
-
//= require turbolinks
|
17
|
-
//= require_self
|
18
|
-
|
19
|
-
$(document).on("turbolinks:load", function() {
|
20
|
-
$(document).foundation();
|
21
|
-
});
|
22
|
-
|