Skip to content

Commit

Permalink
Add ReferenceRequestPolicy
Browse files Browse the repository at this point in the history
This adds a new policy for verifying reference requests.
  • Loading branch information
thomasleese committed Dec 4, 2023
1 parent afe1f49 commit 2ad1296
Show file tree
Hide file tree
Showing 5 changed files with 84 additions and 7 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,12 @@

module AssessorInterface
class ReferenceRequestsController < BaseController
before_action :authorize_assessor, except: %i[edit update_verify_references]

before_action :set_list_variables, only: %i[index update_verify_references]
before_action :set_individual_variables, only: %i[edit update]

def index
authorize %i[assessor_interface reference_request]

@form =
VerifyReferencesForm.new(
assessment:,
Expand All @@ -18,7 +18,7 @@ def index
end

def update_verify_references
authorize :assessor, :update?
authorize %i[assessor_interface reference_request], :update?

@form =
VerifyReferencesForm.new(assessment:, **verify_references_form_params)
Expand All @@ -31,12 +31,14 @@ def update_verify_references
end

def edit
authorize :assessor, :show?
authorize [:assessor_interface, requestable]

@form = RequestableReviewForm.new(requestable:)
end

def update
authorize [:assessor_interface, requestable]

@form =
RequestableReviewForm.new(
requestable:,
Expand Down
16 changes: 16 additions & 0 deletions app/policies/assessor_interface/reference_request_policy.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# frozen_string_literal: true

class AssessorInterface::ReferenceRequestPolicy < ApplicationPolicy
def index?
user.assess_permission || user.verify_permission
end

def edit?
user.assess_permission || user.verify_permission ||
user.change_work_history_permission
end

def update?
user.assess_permission || user.verify_permission
end
end
59 changes: 59 additions & 0 deletions spec/policies/assessor_interface/reference_request_policy_spec.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
# frozen_string_literal: true

require "rails_helper"

RSpec.describe AssessorInterface::ReferenceRequestPolicy do
it_behaves_like "a policy"

let(:user) { nil }
let(:record) { nil }

subject(:policy) { described_class.new(user, record) }

describe "#index?" do
subject(:index?) { policy.index? }
it_behaves_like "a policy method requiring the assess permission"
it_behaves_like "a policy method requiring the verify permission"
end

describe "#show?" do
subject(:show?) { policy.show? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be false }
end

describe "#create?" do
subject(:create?) { policy.create? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be false }
end

describe "#new?" do
subject(:new?) { policy.new? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be false }
end

describe "#update?" do
subject(:update?) { policy.update? }
it_behaves_like "a policy method requiring the assess permission"
it_behaves_like "a policy method requiring the verify permission"
end

describe "#edit?" do
subject(:edit?) { policy.edit? }
it_behaves_like "a policy method requiring the assess permission"
it_behaves_like "a policy method requiring the change work history permission"
it_behaves_like "a policy method requiring the verify permission"
end

describe "#destroy?" do
subject(:destroy?) { policy.destroy? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be false }
end
end
4 changes: 2 additions & 2 deletions spec/policies/assessor_interface/work_history_policy_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -40,12 +40,12 @@

describe "#update?" do
subject(:update?) { policy.update? }
it_behaves_like "a policy method requiring change the work history permission"
it_behaves_like "a policy method requiring the change work history permission"
end

describe "#edit?" do
subject(:edit?) { policy.edit? }
it_behaves_like "a policy method requiring change the work history permission"
it_behaves_like "a policy method requiring the change work history permission"
end

describe "#destroy?" do
Expand Down
2 changes: 1 addition & 1 deletion spec/support/shared_examples/policy.rb
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
end
end

RSpec.shared_examples "a policy method requiring change the work history permission" do
RSpec.shared_examples "a policy method requiring the change work history permission" do
context "without permission" do
let(:user) { create(:staff) }
it { is_expected.to be false }
Expand Down

0 comments on commit 2ad1296

Please sign in to comment.