mirror of
https://github.com/openfoodfoundation/openfoodnetwork
synced 2026-03-01 02:03:22 +00:00
make groups editable by group owners
This commit is contained in:
@@ -3,6 +3,7 @@ module Admin
|
||||
before_filter :load_countries, :except => :index
|
||||
|
||||
def index
|
||||
@enterprise_groups = @enterprise_groups.managed_by(spree_current_user)
|
||||
end
|
||||
|
||||
def move_up
|
||||
|
||||
@@ -38,6 +38,13 @@ class EnterpriseGroup < ActiveRecord::Base
|
||||
|
||||
scope :by_position, order('position ASC')
|
||||
scope :on_front_page, where(on_front_page: true)
|
||||
scope :managed_by, lambda { |user|
|
||||
if user.has_spree_role?('admin')
|
||||
scoped
|
||||
else
|
||||
where('owner_id = ?', user.id);
|
||||
end
|
||||
}
|
||||
|
||||
def set_unused_address_fields
|
||||
address.firstname = address.lastname = 'unused' if address.present?
|
||||
|
||||
@@ -6,6 +6,7 @@ class AbilityDecorator
|
||||
def initialize(user)
|
||||
add_base_abilities user if is_new_user? user
|
||||
add_enterprise_management_abilities user if can_manage_enterprises? user
|
||||
add_group_management_abilities user if can_manage_groups? user
|
||||
add_product_management_abilities user if can_manage_products? user
|
||||
add_order_management_abilities user if can_manage_orders? user
|
||||
add_relationship_management_abilities user if can_manage_relationships? user
|
||||
@@ -21,6 +22,11 @@ class AbilityDecorator
|
||||
user.enterprises.present?
|
||||
end
|
||||
|
||||
# Users can manage a group if they have one.
|
||||
def can_manage_groups?(user)
|
||||
user.owned_groups.present?
|
||||
end
|
||||
|
||||
# Users can manage products if they have an enterprise that is not a profile.
|
||||
def can_manage_products?(user)
|
||||
can_manage_enterprises?(user) &&
|
||||
@@ -41,6 +47,14 @@ class AbilityDecorator
|
||||
can [:create], Enterprise
|
||||
end
|
||||
|
||||
def add_group_management_abilities(user)
|
||||
can [:admin, :index], :overview
|
||||
can [:admin, :index], EnterpriseGroup
|
||||
can [:read, :edit, :update], EnterpriseGroup do |group|
|
||||
user.owned_groups.include? group
|
||||
end
|
||||
end
|
||||
|
||||
def add_enterprise_management_abilities(user)
|
||||
# Spree performs authorize! on (:create, nil) when creating a new order from admin, and also (:search, nil)
|
||||
# when searching for variants to add to the order
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
/ insert_bottom "[data-hook='admin_tabs'], #admin_tabs[data-hook]"
|
||||
= tab :groups, :url => main_app.admin_enterprise_groups_path
|
||||
= tab :enterprise_groups, :url => main_app.admin_enterprise_groups_path, label: 'groups'
|
||||
|
||||
@@ -27,8 +27,10 @@
|
||||
= link_to '', main_app.edit_admin_enterprise_group_path(enterprise_group), class: 'edit-enterprise-group icon-edit no-text'
|
||||
= link_to_delete enterprise_group, no_text: true
|
||||
|
||||
- if enterprise_group.last?
|
||||
.blank-action
|
||||
- else
|
||||
= link_to_with_icon 'icon-arrow-down', '', main_app.admin_enterprise_group_move_down_path(enterprise_group), class: 'move-down no-text'
|
||||
= link_to_with_icon 'icon-arrow-up', '', main_app.admin_enterprise_group_move_up_path(enterprise_group), class: 'move-up no-text' unless enterprise_group.first?
|
||||
- if spree_current_user.admin?
|
||||
- if enterprise_group.last?
|
||||
.blank-action
|
||||
- else
|
||||
= link_to_with_icon 'icon-arrow-down', '', main_app.admin_enterprise_group_move_down_path(enterprise_group), class: 'move-down no-text'
|
||||
- if enterprise_group.first?
|
||||
= link_to_with_icon 'icon-arrow-up', '', main_app.admin_enterprise_group_move_up_path(enterprise_group), class: 'move-up no-text'
|
||||
|
||||
@@ -51,6 +51,15 @@ describe EnterpriseGroup do
|
||||
|
||||
EnterpriseGroup.on_front_page.should == [eg1]
|
||||
end
|
||||
|
||||
it "finds a user's enterprise groups" do
|
||||
user = create(:user)
|
||||
user.spree_roles = []
|
||||
eg1 = create(:enterprise_group, owner: user)
|
||||
eg2 = create(:enterprise_group)
|
||||
|
||||
EnterpriseGroup.managed_by(user).should == [eg1]
|
||||
end
|
||||
end
|
||||
|
||||
describe "urls" do
|
||||
|
||||
Reference in New Issue
Block a user