Skip to content

Commit

Permalink
Merge pull request #1736 from DFE-Digital/professional-standing-reque…
Browse files Browse the repository at this point in the history 
…st-policy

Add professional standing request policy
  • Loading branch information
@thomasleese
thomasleese authored Oct 5, 2023
2 parents c004ee9 + cd8114d commit e2b1955
Show file tree
Hide file tree
Showing 5 changed files with 137 additions and 9 deletions.
8 changes: 4 additions & 4 deletions app/controllers/assessor_interface/professional_standing_requests_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ class ProfessionalStandingRequestsController < BaseController
before_action :set_variables

def edit_location
authorize :note, :edit?
authorize [:assessor_interface, professional_standing_request], :show?

@form =
ProfessionalStandingRequestLocationForm.new(
Expand All @@ -18,7 +18,7 @@ def edit_location
end

def update_location
authorize :note, :update?
authorize [:assessor_interface, professional_standing_request], :show?

@form =
ProfessionalStandingRequestLocationForm.new(
Expand All @@ -33,7 +33,7 @@ def update_location
end

def edit_review
authorize :assessor, :edit?
authorize [:assessor_interface, professional_standing_request]

@form =
RequestableReviewForm.new(
Expand All @@ -45,7 +45,7 @@ def edit_review
end

def update_review
authorize :assessor, :update?
authorize [:assessor_interface, professional_standing_request]

@form =
RequestableReviewForm.new(
Expand Down
25 changes: 25 additions & 0 deletions app/policies/assessor_interface/professional_standing_request_policy.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# frozen_string_literal: true

class AssessorInterface::ProfessionalStandingRequestPolicy < ApplicationPolicy
def show?
true
end

def update_request?
user.verify_permission
end

alias_method :edit_request?, :update_request?

def update_verify?
user.verify_permission
end

alias_method :edit_verify?, :update_verify?

def update_review?
user.award_decline_permission
end

alias_method :edit_review?, :update_review?
end
2 changes: 1 addition & 1 deletion spec/factories/staff.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@
support_console_permission { true }
end

trait :with_verification_permission do
trait :with_verify_permission do
verify_permission { true }
end

Expand Down
91 changes: 91 additions & 0 deletions spec/policies/assessor_interface/professional_standing_request_policy_spec.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
# frozen_string_literal: true

require "rails_helper"

RSpec.describe AssessorInterface::ProfessionalStandingRequestPolicy do
it_behaves_like "a policy"

let(:user) { nil }
let(:record) { nil }

subject(:policy) { described_class.new(user, record) }

describe "#index?" do
subject(:index?) { policy.index? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be false }
end

describe "#show?" do
subject(:show?) { policy.show? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be true }
end

describe "#create?" do
subject(:create?) { policy.create? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be false }
end

describe "#new?" do
subject(:new?) { policy.new? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be false }
end

describe "#update?" do
subject(:update?) { policy.update? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be false }
end

describe "#edit?" do
subject(:edit?) { policy.edit? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be false }
end

describe "#update_request?" do
subject(:update_request?) { policy.update_request? }
it_behaves_like "a policy method requiring the verify permission"
end

describe "#edit_request?" do
subject(:edit_request?) { policy.edit_request? }
it_behaves_like "a policy method requiring the verify permission"
end

describe "#update_verify?" do
subject(:update_review?) { policy.update_verify? }
it_behaves_like "a policy method requiring the verify permission"
end

describe "#edit_verify?" do
subject(:edit_review?) { policy.edit_verify? }
it_behaves_like "a policy method requiring the verify permission"
end

describe "#update_review?" do
subject(:update_review?) { policy.update_review? }
it_behaves_like "a policy method requiring the award decline permission"
end

describe "#edit_review?" do
subject(:edit_review?) { policy.edit_review? }
it_behaves_like "a policy method requiring the award decline permission"
end

describe "#destroy?" do
subject(:destroy?) { policy.destroy? }

let(:user) { create(:staff, :confirmed) }
it { is_expected.to be false }
end
end
20 changes: 16 additions & 4 deletions spec/support/shared_examples/policy.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,26 +64,38 @@
end
end

RSpec.shared_examples "a policy method requiring the withdraw permission" do
RSpec.shared_examples "a policy method requiring the support console permission" do
context "without permission" do
let(:user) { create(:staff) }
it { is_expected.to be false }
end

context "with permission" do
let(:user) { create(:staff, :with_withdraw_permission) }
let(:user) { create(:staff, :with_support_console_permission) }
it { is_expected.to be true }
end
end

RSpec.shared_examples "a policy method requiring the support console permission" do
RSpec.shared_examples "a policy method requiring the verify permission" do
context "without permission" do
let(:user) { create(:staff) }
it { is_expected.to be false }
end

context "with permission" do
let(:user) { create(:staff, :with_support_console_permission) }
let(:user) { create(:staff, :with_verify_permission) }
it { is_expected.to be true }
end
end

RSpec.shared_examples "a policy method requiring the withdraw permission" do
context "without permission" do
let(:user) { create(:staff) }
it { is_expected.to be false }
end

context "with permission" do
let(:user) { create(:staff, :with_withdraw_permission) }
it { is_expected.to be true }
end
end

0 comments on commit e2b1955

Please sign in to comment.