define manage_by scope on customer model

2026-02-28 01:53:25 +00:00 · 2023-04-01 07:25:03 +01:00
parent da78e06a39
commit 03cb14c926
5 changed files with 55 additions and 8 deletions
--- a/app/controllers/admin/customers_controller.rb
+++ b/app/controllers/admin/customers_controller.rb
@@ -2,6 +2,7 @@

 require 'open_food_network/address_finder'

+# rubocop:disable Metrics/ClassLength
 module Admin
  class CustomersController < Admin::ResourceController
    before_action :load_managed_shops, only: :index, if: :html_request?
@@ -67,7 +68,7 @@ module Admin

    def collection
      if json_request? && params[:enterprise_id].present?
-        CustomersWithBalance.new(Customer.of(managed_enterprise_id)).query.
+        CustomersWithBalance.new(customers).query.
          includes(
            :enterprise,
            { bill_address: [:state, :country] },
@@ -79,6 +80,15 @@ module Admin
      end
    end

+    def customers
+      return @customers if @customers.present?
+
+      @customers = Customer.managed_by(spree_current_user)
+      return @customers if params[:enterprise_id].blank?
+
+      @customers = @customers.where(enterprise_id: params[:enterprise_id])
+    end
+
    def managed_enterprise_id
      @managed_enterprise_id ||= Enterprise.managed_by(spree_current_user).
        select('enterprises.id').find_by(id: params[:enterprise_id])
@@ -120,3 +130,4 @@ module Admin
    end
  end
 end
+# rubocop:enable Metrics/ClassLength
--- a/app/controllers/api/v1/customers_controller.rb
+++ b/app/controllers/api/v1/customers_controller.rb
@@ -80,12 +80,7 @@ module Api
      end

      def visible_customers
-        Customer.of(managed_enterprise_ids)
-      end
-
-      def managed_enterprise_ids
-        @managed_enterprise_ids ||= Enterprise.managed_by(current_api_user).
-          select('enterprises.id')
+        Customer.managed_by(current_api_user)
      end

      def customer_params
--- a/app/models/customer.rb
+++ b/app/models/customer.rb
@@ -35,6 +35,7 @@ class Customer < ApplicationRecord
                    uniqueness: { scope: :enterprise_id, message: I18n.t('validation_msg_is_associated_with_an_exising_customer') }

  scope :of, ->(enterprise) { where(enterprise_id: enterprise) }
+  scope :managed_by, ->(user) { user&.persisted? ? where(user: user).or(of(Enterprise.managed_by(user))) : none }

  before_create :associate_user

--- a/spec/controllers/admin/customers_controller_spec.rb
+++ b/spec/controllers/admin/customers_controller_spec.rb
@@ -30,6 +30,8 @@ module Admin
          end

          context "and enterprise_id is given in params" do
+            let(:user){ enterprise.users.first }
+            let(:customers){ Customer.managed_by(user).where(enterprise_id: enterprise.id) }
            let(:params) { { format: :json, enterprise_id: enterprise.id } }

            it "scopes @collection to customers of that enterprise" do
@@ -45,7 +47,7 @@ module Admin
            it 'calls CustomersWithBalance' do
              customers_with_balance = instance_double(CustomersWithBalance)
              allow(CustomersWithBalance)
-                .to receive(:new).with(Customer.of(enterprise)) { customers_with_balance }
+                .to receive(:new).with(customers) { customers_with_balance }

              expect(customers_with_balance).to receive(:query) { Customer.none }

--- a/spec/models/customer_spec.rb
+++ b/spec/models/customer_spec.rb
@@ -69,4 +69,42 @@ describe Customer, type: :model do
      expect(c.user).to eq user2
    end
  end
+
+  describe 'scopes' do
+    context 'managed_by' do
+      let!(:admin) { create(:admin_user) }
+      let!(:user) { create(:user) }
+      let!(:enterprise) { create(:enterprise, owner: user) }
+      let!(:customer) { create(:customer, enterprise: enterprise, user: user) }
+      let!(:customer1) { create(:customer, enterprise: enterprise) }
+
+      let!(:user1) { create(:user) }
+      let!(:enterprise1) { create(:enterprise, owner: user1) }
+      let!(:customer2) { create(:customer, enterprise: enterprise1, user: user1) }
+
+      # manager of enterprise1
+      let!(:user2) { create(:user) }
+
+      # user who has edit profile permission on enterprise1
+      let!(:user3) { create(:user) }
+      let!(:enterprise2) { create(:enterprise, owner: user3) }
+
+      it 'returns customers managed by the user' do
+        EnterpriseRelationship.create!(parent: enterprise2, child: enterprise,
+                                       permissions_list: [:edit_profile])
+        expect(Customer.managed_by(user)).to match_array [customer, customer1]
+        expect(Customer.managed_by(user1)).to match_array(customer2)
+        expect(Customer.managed_by(user3)).to match_array([])
+      end
+
+      it 'returns customers of managed enterprises' do
+        EnterpriseRole.create!(user: user2, enterprise: enterprise)
+        expect(Customer.managed_by(user2)).to match_array [customer, customer1]
+      end
+
+      it 'returns all customers if the user is an admin' do
+        expect(Customer.managed_by(admin)).to match_array [customer, customer1, customer2]
+      end
+    end
+  end
 end