Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: Add Director Role #268

Draft
wants to merge 7 commits into
base: main
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 8 additions & 3 deletions app/models/ability.rb
Original file line number Diff line number Diff line change
Expand Up @@ -43,13 +43,18 @@ def initialize(user)
can :manage, ALL_RESOURCES, :year => user.year
end

# Director can manage tournaments
if user.director? then
can :manage, Tournament
end

# Staff can read anything in their own year
if user.role == 'S' then
if user.role == 'S' or user.director? then
can :read, ALL_RESOURCES, :year => user.year
end

# Admins and Staff share a few special abilities
if user.admin? or user.role == 'S' then
if %w[D S U].include?(user.role) then
can :print_official_docs, User, :year => user.year
can :check_in, :attendee
can :read, :report
Expand All @@ -59,7 +64,7 @@ def initialize(user)
# User and Staff can manage their own resources, except for
# their User record, which they can only show and update.
# Users specifically cannot :read, because that implies :index.
if %w[S U].include?(user.role) then
if %w[D S U].include?(user.role) then
can [:show, :update], User, :id => user.id
can :manage, Attendee, :user_id => user.id
cannot :list, Attendee if user.role == 'U'
Expand Down
7 changes: 6 additions & 1 deletion app/models/user.rb
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ class User < ApplicationRecord

ROLES = [
['Admin', 'A'],
['Director', 'D'],
['Staff', 'S'],
['User', 'U']
]
Expand Down Expand Up @@ -40,7 +41,7 @@ class User < ApplicationRecord
# Validations
# -----------

validates_inclusion_of :role, :in => %w[A S U]
validates_inclusion_of :role, :in => %w[A D S U]

validates :email,
:presence => true,
Expand Down Expand Up @@ -115,6 +116,10 @@ def get_invoice_total
Invoice::Invoice.new(invoice_items).total
end

def director?
role == 'D'
end

def staff?
role == 'S'
end
Expand Down
1 change: 1 addition & 0 deletions app/views/users/_form.html.haml
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
= radio_button :user, :role, r[1]
= r[0]
= "- can edit anything" if r[1] == 'A'
= "- can edit tournament and view anything" if r[1] == 'D'
= "- can view anything" if r[1] == 'S'

%br
Expand Down
4 changes: 3 additions & 1 deletion app/views/users/index.html.haml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,9 @@
can do anything.
%strong Staff
can see anything.
Do not promote too many of either.
%strong Directors
can edit tournaments and see anything.
Do not promote too many to any of these roles.

%p
There are
Expand Down
2 changes: 1 addition & 1 deletion script/admin_tasks/create_user.rb
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
# Pretend we've confirmed the new user's email
u.confirmed_at = DateTime.now

roles = { Admin: 'A', Staff: 'S', User: 'U' }
roles = { Admin: 'A', Director: 'D', Staff: 'S', User: 'U' }
u.role = prompt.select("User role:", roles)

if u.valid?
Expand Down
22 changes: 22 additions & 0 deletions spec/controllers/users_controller_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -260,6 +260,28 @@
end
end

context "as director" do
let(:director) { create :director }

before do
sign_in director
end

describe '#edit' do
it "can edit tournament" do
tournament_one = create :tournament, year: user.year
get :edit_tournament, params: { id: tournament_one.id, year: user.year }
expect(response).to be_successful
end
it "from wrong year raises RecordNotFound" do
sign_in create :staff, year: wrong_year
expect {
get :edit_tournament, params: { id: tournament_one.id, year: wrong_year }
}.to raise_error(ActiveRecord::RecordNotFound)
end
end
end

context "as an admin" do
before do
sign_in create :admin
Expand Down