-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Allow Mitglieder::Schreibrecht to edit mailing_lists in layer (#1396)
* allow person with schreibrechte mailing lists in same group * allow person with schreibrechte mailing lists in same group * draft ability test for schreibrecht in mailing lists * implement ability test for schreibrecht in mailing list * fix rubocop issue * allow member with schreibrecht to modify subgroups
- Loading branch information
1 parent
abf4574
commit 5115e8d
Showing
3 changed files
with
84 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| # frozen_string_literal: true | ||
|
|
||
| # Copyright (c) 2024, Schweizer Alpen-Club. | ||
| # This file is part of hitobito_sac_cas and | ||
| # licensed under the Affero General Public License version 3 | ||
| # or later. See the COPYING file at the top-level directory or at | ||
| # https://github.com/hitobito/hitobito_sac_cas. | ||
|
|
||
| module SacCas::MailingListAbility | ||
| extend ActiveSupport::Concern | ||
| include AbilityDsl::Constraints::Group | ||
|
|
||
| prepended do | ||
| on(MailingList) do | ||
| permission(:group_and_below_full) | ||
| .may(:show, :index_subscriptions, :create, :update, :destroy, :export_subscriptions) | ||
| .schreibrecht_in_main_group? | ||
| end | ||
| end | ||
|
|
||
| # Checks if a user has a Schreibrecht for the mailing list in the same main group | ||
| # | ||
| # For example if users are members of SAC Hitobito and have Schreibrecht, they | ||
| # can manage the mailing list of SAC Hitobito. | ||
| def schreibrecht_in_main_group? | ||
| user.roles.any? do |r| | ||
| r.is_a?(Group::SektionsMitglieder::Schreibrecht) && r.group.layer_group_id == group.layer_group_id | ||
| end | ||
| end | ||
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| # frozen_string_literal: true | ||
|
|
||
| # Copyright (c) 2024, Schweizer Alpen-Club. This file is part of | ||
| # hitobito_sac_cas and licensed under the Affero General Public License version 3 | ||
| # or later. See the COPYING file at the top-level directory or at | ||
| # https://github.com/hitobito/hitobito_sac_cas | ||
|
|
||
| require "spec_helper" | ||
|
|
||
| describe MailingListAbility do | ||
| let(:mitglied_with_schreibrecht) do | ||
| Fabricate( | ||
| Group::SektionsMitglieder::Schreibrecht.sti_name.to_sym, | ||
| group: groups(:bluemlisalp_mitglieder) | ||
| ).person | ||
| end | ||
|
|
||
| let(:mitglied_without_schreibrecht) do | ||
| Fabricate( | ||
| Group::SektionsMitglieder::Mitglied.sti_name.to_sym, | ||
| group: groups(:bluemlisalp_mitglieder) | ||
| ).person | ||
| end | ||
| let(:mailing_list) { Fabricate(:mailing_list, group: groups(:bluemlisalp)) } | ||
| let(:mailing_list_in_other_sub_group) { Fabricate(:mailing_list, group: groups(:bluemlisalp_funktionaere)) } | ||
| let(:mailing_list_in_foreign_group) { Fabricate(:mailing_list, group: groups(:matterhorn)) } | ||
|
|
||
| subject(:ability) { Ability.new(person.reload) } | ||
|
|
||
| context "mitglied with Schreibrecht" do | ||
| let(:person) { mitglied_with_schreibrecht } | ||
|
|
||
| it "is permitted to manage main group abos" do | ||
| expect(ability).to be_able_to(:create, mailing_list) | ||
| end | ||
|
|
||
| it "is permitted to manage sub group abos in same main group" do | ||
| expect(ability).to be_able_to(:create, mailing_list_in_other_sub_group) | ||
| end | ||
|
|
||
| it "is denied to manage foreign main group abos" do | ||
| expect(ability).not_to be_able_to(:create, mailing_list_in_foreign_group) | ||
| end | ||
| end | ||
|
|
||
| context "mitglied without Schreibrecht" do | ||
| let(:person) { mitglied_without_schreibrecht } | ||
|
|
||
| it "is denied to manage main group abos" do | ||
| expect(ability).not_to be_able_to(:create, mailing_list) | ||
| end | ||
| end | ||
| end |