From 03cb14c926cc85bb0afaffac35d26ff03c7911dd Mon Sep 17 00:00:00 2001 From: Mohamed ABDELLANI Date: Sat, 1 Apr 2023 07:25:03 +0100 Subject: [PATCH] define manage_by scope on customer model --- app/controllers/admin/customers_controller.rb | 13 ++++++- .../api/v1/customers_controller.rb | 7 +--- app/models/customer.rb | 1 + .../admin/customers_controller_spec.rb | 4 +- spec/models/customer_spec.rb | 38 +++++++++++++++++++ 5 files changed, 55 insertions(+), 8 deletions(-) diff --git a/app/controllers/admin/customers_controller.rb b/app/controllers/admin/customers_controller.rb index 3d4f47bd07..fcf32350e5 100644 --- a/app/controllers/admin/customers_controller.rb +++ b/app/controllers/admin/customers_controller.rb @@ -2,6 +2,7 @@ require 'open_food_network/address_finder' +# rubocop:disable Metrics/ClassLength module Admin class CustomersController < Admin::ResourceController before_action :load_managed_shops, only: :index, if: :html_request? @@ -67,7 +68,7 @@ module Admin def collection if json_request? && params[:enterprise_id].present? - CustomersWithBalance.new(Customer.of(managed_enterprise_id)).query. + CustomersWithBalance.new(customers).query. includes( :enterprise, { bill_address: [:state, :country] }, @@ -79,6 +80,15 @@ module Admin end end + def customers + return @customers if @customers.present? + + @customers = Customer.managed_by(spree_current_user) + return @customers if params[:enterprise_id].blank? + + @customers = @customers.where(enterprise_id: params[:enterprise_id]) + end + def managed_enterprise_id @managed_enterprise_id ||= Enterprise.managed_by(spree_current_user). select('enterprises.id').find_by(id: params[:enterprise_id]) @@ -120,3 +130,4 @@ module Admin end end end +# rubocop:enable Metrics/ClassLength diff --git a/app/controllers/api/v1/customers_controller.rb b/app/controllers/api/v1/customers_controller.rb index 53d9cb163e..37172ccbfb 100644 --- a/app/controllers/api/v1/customers_controller.rb +++ b/app/controllers/api/v1/customers_controller.rb @@ -80,12 +80,7 @@ module Api end def visible_customers - Customer.of(managed_enterprise_ids) - end - - def managed_enterprise_ids - @managed_enterprise_ids ||= Enterprise.managed_by(current_api_user). - select('enterprises.id') + Customer.managed_by(current_api_user) end def customer_params diff --git a/app/models/customer.rb b/app/models/customer.rb index 678c4a2d12..6e5468fed1 100644 --- a/app/models/customer.rb +++ b/app/models/customer.rb @@ -35,6 +35,7 @@ class Customer < ApplicationRecord uniqueness: { scope: :enterprise_id, message: I18n.t('validation_msg_is_associated_with_an_exising_customer') } scope :of, ->(enterprise) { where(enterprise_id: enterprise) } + scope :managed_by, ->(user) { user&.persisted? ? where(user: user).or(of(Enterprise.managed_by(user))) : none } before_create :associate_user diff --git a/spec/controllers/admin/customers_controller_spec.rb b/spec/controllers/admin/customers_controller_spec.rb index a60402f0bf..fa3c31656b 100644 --- a/spec/controllers/admin/customers_controller_spec.rb +++ b/spec/controllers/admin/customers_controller_spec.rb @@ -30,6 +30,8 @@ module Admin end context "and enterprise_id is given in params" do + let(:user){ enterprise.users.first } + let(:customers){ Customer.managed_by(user).where(enterprise_id: enterprise.id) } let(:params) { { format: :json, enterprise_id: enterprise.id } } it "scopes @collection to customers of that enterprise" do @@ -45,7 +47,7 @@ module Admin it 'calls CustomersWithBalance' do customers_with_balance = instance_double(CustomersWithBalance) allow(CustomersWithBalance) - .to receive(:new).with(Customer.of(enterprise)) { customers_with_balance } + .to receive(:new).with(customers) { customers_with_balance } expect(customers_with_balance).to receive(:query) { Customer.none } diff --git a/spec/models/customer_spec.rb b/spec/models/customer_spec.rb index 78d9715f50..0e71d9b131 100644 --- a/spec/models/customer_spec.rb +++ b/spec/models/customer_spec.rb @@ -69,4 +69,42 @@ describe Customer, type: :model do expect(c.user).to eq user2 end end + + describe 'scopes' do + context 'managed_by' do + let!(:admin) { create(:admin_user) } + let!(:user) { create(:user) } + let!(:enterprise) { create(:enterprise, owner: user) } + let!(:customer) { create(:customer, enterprise: enterprise, user: user) } + let!(:customer1) { create(:customer, enterprise: enterprise) } + + let!(:user1) { create(:user) } + let!(:enterprise1) { create(:enterprise, owner: user1) } + let!(:customer2) { create(:customer, enterprise: enterprise1, user: user1) } + + # manager of enterprise1 + let!(:user2) { create(:user) } + + # user who has edit profile permission on enterprise1 + let!(:user3) { create(:user) } + let!(:enterprise2) { create(:enterprise, owner: user3) } + + it 'returns customers managed by the user' do + EnterpriseRelationship.create!(parent: enterprise2, child: enterprise, + permissions_list: [:edit_profile]) + expect(Customer.managed_by(user)).to match_array [customer, customer1] + expect(Customer.managed_by(user1)).to match_array(customer2) + expect(Customer.managed_by(user3)).to match_array([]) + end + + it 'returns customers of managed enterprises' do + EnterpriseRole.create!(user: user2, enterprise: enterprise) + expect(Customer.managed_by(user2)).to match_array [customer, customer1] + end + + it 'returns all customers if the user is an admin' do + expect(Customer.managed_by(admin)).to match_array [customer, customer1, customer2] + end + end + end end