raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-01-26 20:56:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Show enterprise to authorised platform user

Browse Source
This commit is contained in:
Maikel Linke
2025-08-07 16:05:08 +10:00
parent b16e541a81
commit 82d0e1bf68
5 changed files with 38 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
engines/dfc_provider/app/controllers/dfc_provider/application_controller.rb
View File

@@ -16,6 +16,12 @@ module DfcProvider
private
def require_permission(scope)
return true if current_user.is_a? Spree::User
current_user.permissions(scope).where(enterprise: current_enterprise).exists?
end
def check_authorization
unauthorized if current_user.nil?
end

2
engines/dfc_provider/app/controllers/dfc_provider/catalog_items_controller.rb
View File

@@ -7,6 +7,8 @@ module DfcProvider
before_action :check_enterprise
def index
require_permission "ReadProducts"
enterprises = current_user.enterprises.map do |enterprise|
EnterpriseBuilder.enterprise(enterprise)
end

7
engines/dfc_provider/app/services/api_user.rb
View File

@@ -19,7 +19,10 @@ class ApiUser
end
def enterprises
permissions = DfcPermission.where(grantee: id, scope: "ReadProducts")
Enterprise.where(dfc_permissions: permissions)
Enterprise.where(dfc_permissions: permissions("ReadEnterprise"))
end
def permissions(scope)
DfcPermission.where(grantee: id, scope:)
end
end

4
engines/dfc_provider/spec/requests/catalog_items_spec.rb
View File

@@ -76,6 +76,10 @@ RSpec.describe "CatalogItems", swagger_doc: "dfc.yaml" do
before {
login_as nil
DfcPermission.create!(
user:, enterprise_id:,
scope: "ReadEnterprise", grantee: "cqcm-dev",
)
DfcPermission.create!(
user:, enterprise_id:,
scope: "ReadProducts", grantee: "cqcm-dev",

21
engines/dfc_provider/spec/requests/enterprises_spec.rb
View File

@@ -3,6 +3,7 @@
require_relative "../swagger_helper"
RSpec.describe "Enterprises", swagger_doc: "dfc.yaml" do
let(:Authorization) { nil }
let!(:user) { create(:oidc_user) }
let!(:enterprise) do
create(
@@ -51,6 +52,26 @@ RSpec.describe "Enterprises", swagger_doc: "dfc.yaml" do
produces "application/json"
response "200", "successful" do
context "as platform user" do
let(:id) { 10_000 }
let(:sib_token) { file_fixture("startinblox_access_token.jwt").read }
let(:Authorization) { "Bearer #{sib_token}" }
before {
login_as nil
DfcPermission.create!(
user:, enterprise_id: id,
scope: "ReadEnterprise", grantee: "cqcm-dev",
)
}
around do |example|
Timecop.travel(Date.parse("2025-06-13")) { example.run }
end
run_test!
end
context "without enterprise id" do
let(:id) { "default" }