Enterprises etched by for_order_cycle action now use permissions scoped using an order cycle or coordinator

2026-01-24 20:36:49 +00:00 · 2015-03-20 16:33:08 +11:00
parent a1aa9512a8
commit 45f6042d3d
6 changed files with 77 additions and 24 deletions
--- a/app/assets/javascripts/admin/order_cycle.js.erb.coffee
+++ b/app/assets/javascripts/admin/order_cycle.js.erb.coffee
@@ -1,6 +1,6 @@
 angular.module('admin.order_cycles', ['ngResource'])
  .controller('AdminCreateOrderCycleCtrl', ['$scope', 'OrderCycle', 'Enterprise', 'EnterpriseFee', 'ocInstance', ($scope, OrderCycle, Enterprise, EnterpriseFee, ocInstance) ->
-    $scope.enterprises = Enterprise.index()
+    $scope.enterprises = Enterprise.index(coordinator_id: ocInstance.coordinator_id)
    $scope.supplied_products = Enterprise.supplied_products
    $scope.enterprise_fees = EnterpriseFee.index()

@@ -81,11 +81,11 @@ angular.module('admin.order_cycles', ['ngResource'])
  ])

  .controller('AdminEditOrderCycleCtrl', ['$scope', '$location', 'OrderCycle', 'Enterprise', 'EnterpriseFee', ($scope, $location, OrderCycle, Enterprise, EnterpriseFee) ->
-    $scope.enterprises = Enterprise.index()
+    order_cycle_id = $location.absUrl().match(/\/admin\/order_cycles\/(\d+)/)[1]
+    $scope.enterprises = Enterprise.index(order_cycle_id: order_cycle_id)
    $scope.supplied_products = Enterprise.supplied_products
    $scope.enterprise_fees = EnterpriseFee.index()

-    order_cycle_id = $location.absUrl().match(/\/admin\/order_cycles\/(\d+)/)[1]
    $scope.order_cycle = OrderCycle.load(order_cycle_id)

    $scope.loaded = ->
--- a/app/assets/javascripts/admin/order_cycles/controllers/simple_create.js.coffee
+++ b/app/assets/javascripts/admin/order_cycles/controllers/simple_create.js.coffee
@@ -1,5 +1,5 @@
 angular.module('admin.order_cycles').controller "AdminSimpleCreateOrderCycleCtrl", ($scope, OrderCycle, Enterprise, EnterpriseFee) ->
-  $scope.enterprises = Enterprise.index (enterprises) =>
+  $scope.enterprises = Enterprise.index {}, (enterprises) =>
    $scope.init(enterprises)
  $scope.enterprise_fees = EnterpriseFee.index()
  $scope.order_cycle = OrderCycle.order_cycle
--- a/app/assets/javascripts/admin/order_cycles/services/enterprise.js.coffee
+++ b/app/assets/javascripts/admin/order_cycles/services/enterprise.js.coffee
@@ -1,24 +1,28 @@
 angular.module('admin.order_cycles').factory('Enterprise', ($resource) ->
-  Enterprise = $resource('/admin/enterprises/for_order_cycle/:enterprise_id.json', {}, {'index': {method: 'GET', isArray: true}})
-
+  Enterprise = $resource('/admin/enterprises/for_order_cycle/:enterprise_id.json', {}, {
+    'index':
+      method: 'GET'
+      isArray: true
+      params:
+        order_cycle_id: '@order_cycle_id'
+        coordinator_id: '@coordinator_id'
+  })
  {
    Enterprise: Enterprise
    enterprises: {}
    supplied_products: []
    loaded: false

-    index: (callback=null) ->
-    	service = this
-
-    	Enterprise.index (data) ->
+    index: (params={}, callback=null) ->
+    	Enterprise.index params, (data) =>
        for enterprise in data
-          service.enterprises[enterprise.id] = enterprise
+          @enterprises[enterprise.id] = enterprise

          for product in enterprise.supplied_products
-            service.supplied_products.push(product)
+            @supplied_products.push(product)

-        service.loaded = true
-        (callback || angular.noop)(service.enterprises)
+        @loaded = true
+        (callback || angular.noop)(@enterprises)

    	this.enterprises

@@ -40,4 +44,4 @@ angular.module('admin.order_cycles').factory('Enterprise', ($resource) ->
          numVariants += if product.variants.length == 0 then 1 else product.variants.length

      numVariants
-  })
+  })
--- a/app/controllers/admin/enterprises_controller.rb
+++ b/app/controllers/admin/enterprises_controller.rb
@@ -17,10 +17,6 @@ module Admin
    include ActionView::Helpers::TextHelper
    include OrderCyclesHelper

-    def for_order_cycle
-      @collection = order_cycle_permitted_enterprises
-    end
-
    def set_sells
      enterprise = Enterprise.find_by_permalink(params[:id]) || Enterprise.find(params[:id])
      attributes = { sells: params[:sells] }
@@ -94,10 +90,18 @@ module Admin
    end

    def collection
-      # TODO was ordered with is_distributor DESC as well, not sure why or how we want to sort this now
-      OpenFoodNetwork::Permissions.new(spree_current_user).
-        editable_enterprises.
-        order('is_primary_producer ASC, name')
+      case action
+      when :for_order_cycle
+        return Enterprise.where("1=0") unless params[:coordinator_id] || params[:order_cycle_id]
+        options = { coordinator: Enterprise.find(params[:coordinator_id]) }
+        options = { order_cycle: OrderCycle.find(params[:order_cycle_id]) } if params[:order_cycle_id]
+        return OpenFoodNetwork::Permissions.new(spree_current_user).order_cycle_enterprises_for(options)
+      else
+        # TODO was ordered with is_distributor DESC as well, not sure why or how we want to sort this now
+        OpenFoodNetwork::Permissions.new(spree_current_user).
+          editable_enterprises.
+          order('is_primary_producer ASC, name')
+      end
    end

    def collection_actions
--- a/spec/controllers/admin/enterprises_controller_spec.rb
+++ b/spec/controllers/admin/enterprises_controller_spec.rb
@@ -360,5 +360,50 @@ module Admin
        end
      end
    end
+
+    describe "for_order_cycle" do
+      let!(:user) { create_enterprise_user }
+      let!(:enterprise) { create(:enterprise, sells: 'any', owner: user) }
+      let(:permission_mock) { double(:permission) }
+
+      before do
+        # As a user with permission
+        controller.stub spree_current_user: user
+        Enterprise.stub find: "instance of Enterprise"
+        OrderCycle.stub find: "instance of OrderCycle"
+
+        OpenFoodNetwork::Permissions.stub(:new) { permission_mock }
+        allow(permission_mock).to receive :order_cycle_enterprises_for
+      end
+
+      context "when no order_cycle or coordinator is provided in params" do
+        before { spree_get :for_order_cycle }
+        it "returns an empty scope" do
+          expect(assigns(:collection)).to be_empty
+          expect(permission_mock).to_not have_received :order_cycle_enterprises_for
+        end
+      end
+
+      context "when an order_cycle_id is provided in params" do
+        before { spree_get :for_order_cycle, order_cycle_id: 1 }
+        it "calls order_cycle_enterprises_for() with an :order_cycle option" do
+          expect(permission_mock).to have_received(:order_cycle_enterprises_for).with(order_cycle: "instance of OrderCycle")
+        end
+      end
+
+      context "when a coordinator is provided in params" do
+        before { spree_get :for_order_cycle, coordinator_id: 1 }
+        it "calls order_cycle_enterprises_for() with a :coordinator option" do
+          expect(permission_mock).to have_received(:order_cycle_enterprises_for).with(coordinator: "instance of Enterprise")
+        end
+      end
+
+      context "when both an order cycle and a coordinator are provided in params" do
+        before { spree_get :for_order_cycle, order_cycle_id: 1, coordinator_id: 1 }
+        it "calls order_cycle_enterprises_for() with an :order_cycle option" do
+          expect(permission_mock).to have_received(:order_cycle_enterprises_for).with(order_cycle: "instance of OrderCycle")
+        end
+      end
+    end
  end
 end
--- a/spec/javascripts/unit/order_cycle_spec.js.coffee
+++ b/spec/javascripts/unit/order_cycle_spec.js.coffee
@@ -330,7 +330,7 @@ describe 'OrderCycle services', ->
      inject ($injector, _$httpBackend_)->
        Enterprise = $injector.get('Enterprise')
        $httpBackend = _$httpBackend_
-        $httpBackend.whenGET('/admin/enterprises/for_order_cycle.json').respond [
+        $httpBackend.whenGET('/admin/enterprises/for_order_cycle.json?').respond [
          {id: 1, name: 'One', supplied_products: [1, 2]}
          {id: 2, name: 'Two', supplied_products: [3, 4]}
          {id: 3, name: 'Three', supplied_products: [5, 6]}