Push logic for checking of user super admin status down into private method

app/controllers/spree/admin/reports_controller_decorator.rb

@@ -426,10 +426,10 @@ Spree::Admin::ReportsController.class_eval do
     end
 
     # My distributors and any distributors distributing products I supply
-    @distributors = permissions.order_cycle_enterprises.is_distributor
+    @distributors = permissions.order_report_enterprises(:add_to_order_cycle).is_distributor
 
     # My suppliers and any suppliers supplying products I distribute
-    @suppliers = permissions.order_cycle_enterprises.is_primary_producer
+    @suppliers = permissions.order_report_enterprises(:add_to_order_cycle).is_primary_producer
 
     @order_cycles = OrderCycle.active_or_complete.
     involving_managed_distributors_of(spree_current_user).order('orders_close_at DESC')

lib/open_food_network/permissions.rb

@@ -17,11 +17,7 @@ module OpenFoodNetwork
 
     def enterprises_managed_or_granting_add_to_order_cycle
       # Return enterprises that the user manages and those that have granted P-OC to managed enterprises
-      if admin?
-        Enterprise.scoped
-      else
-        managed_and_related_enterprises_granting :add_to_order_cycle
-      end
+      managed_and_related_enterprises_granting :add_to_order_cycle
     end
 
     # Find enterprises for which an admin is allowed to edit their profile
@@ -132,10 +128,14 @@ module OpenFoodNetwork
     end
 
     def managed_and_related_enterprises_granting(permission)
-      managed_enterprise_ids = managed_enterprises.pluck :id
-      permitting_enterprise_ids = related_enterprises_granting(permission).pluck :id
+      if admin?
+        Enterprise.scoped
+      else
+        managed_enterprise_ids = managed_enterprises.pluck :id
+        permitting_enterprise_ids = related_enterprises_granting(permission).pluck :id
 
-      Enterprise.where('id IN (?)', managed_enterprise_ids + permitting_enterprise_ids)
+        Enterprise.where('id IN (?)', managed_enterprise_ids + permitting_enterprise_ids)
+      end
     end
 
     def managed_enterprises

spec/lib/open_food_network/permissions_spec.rb

@@ -8,23 +8,37 @@ module OpenFoodNetwork
     let(:e1) { create(:enterprise) }
     let(:e2) { create(:enterprise) }
 
+    describe "finding managed and related enterprises granting a particular permission" do
+      describe "as super admin" do
+        before { allow(user).to receive(:admin?) { true } }
+
+        it "returns all enterprises" do
+          expect(permissions.send(:managed_and_related_enterprises_granting, :some_permission)).to eq [e1, e2]
+        end
+      end
+
+      describe "as an enterprise user" do
+        let(:e3) { create(:enterprise) }
+        before { allow(user).to receive(:admin?) { false } }
+
+        it "returns only my managed enterprises any that have granting them P-OC" do
+          expect(permissions).to receive(:managed_enterprises) { Enterprise.where(id: e1) }
+          expect(permissions).to receive(:related_enterprises_granting).with(:some_permission) { Enterprise.where(id: e3) }
+          expect(permissions.send(:managed_and_related_enterprises_granting, :some_permission)).to eq [e1, e3]
+        end
+      end
+    end
+
     describe "finding enterprises that can be added to an order cycle" do
       let(:e) { double(:enterprise) }
 
       it "returns managed and related enterprises with add_to_order_cycle permission" do
-        allow(user).to receive(:admin?) { false }
         expect(permissions).to receive(:managed_and_related_enterprises_granting).
           with(:add_to_order_cycle).
           and_return([e])
 
         expect(permissions.enterprises_managed_or_granting_add_to_order_cycle).to eq [e]
       end
-
-      it "shows all enterprises for admin user" do
-        allow(user).to receive(:admin?) { true }
-
-        expect(permissions.enterprises_managed_or_granting_add_to_order_cycle).to eq [e1, e2]
-      end
     end
 
     describe "finding enterprises whose profiles can be edited" do
@@ -61,6 +75,7 @@ module OpenFoodNetwork
 
       before do
         permissions.stub(:managed_enterprises) { Enterprise.where(id: hub.id) }
+        permissions.stub(:admin?) { false }
       end
 
       it "returns enterprises as hub_id => [producer, ...]" do
@@ -167,6 +182,7 @@ module OpenFoodNetwork
       before do
         permissions.stub(:managed_enterprises) { Enterprise.where('1=0') }
         permissions.stub(:related_enterprises_granting) { Enterprise.where('1=0') }
+        permissions.stub(:admin?) { false }
       end
 
       it "returns managed enterprises" do