raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-02-03 22:06:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use admin flag instead of user role

Browse Source
This commit is contained in:
Maikel Linke
2025-01-07 13:43:31 +11:00
parent 920002e084
commit d49cea5e3d
23 changed files with 24 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
app/controllers/spree/admin/users_controller.rb
View File

@@ -20,17 +20,9 @@ module Spree
end
def create
if params[:user]
roles = params[:user].delete("spree_role_ids")
end
@user = Spree::User.new(user_params)
if @user.save
if roles
@user.spree_roles = roles.compact_blank.collect{ |r| Spree::Role.find(r) }
end
flash[:success] = Spree.t(:created_successfully)
redirect_to edit_admin_user_path(@user)
else
@@ -39,15 +31,7 @@ module Spree
end
def update
if params[:user]
roles = params[:user].delete("spree_role_ids")
end
if @user.update(user_params)
if roles
@user.spree_roles = roles.compact_blank.collect{ |r| Spree::Role.find(r) }
end
flash[:success] = update_message
redirect_to edit_admin_user_path(@user)
else
@@ -131,7 +115,7 @@ module Spree
def user_params
::PermittedAttributes::User.new(params).call(
%i[enterprise_limit show_api_key_view]
%i[admin enterprise_limit show_api_key_view]
)
end
end

11
app/models/spree/user.rb
View File

@@ -18,15 +18,11 @@ module Spree
belongs_to :ship_address, class_name: 'Spree::Address'
belongs_to :bill_address, class_name: 'Spree::Address'
has_and_belongs_to_many :spree_roles,
join_table: 'spree_roles_users',
class_name: "Spree::Role"
before_validation :set_login
after_create :associate_customers, :associate_orders
before_destroy :check_completed_orders
scope :admin, lambda { includes(:spree_roles).where("spree_roles.name" => "admin") }
scope :admin, -> { where(admin: true) }
has_many :enterprise_roles, dependent: :destroy
has_many :enterprises, through: :enterprise_roles
@@ -58,11 +54,6 @@ module Spree
User.admin.count > 0
end
# Checks whether the specified user is a superadmin, with full control of the instance
def admin?
spree_roles.any? { |role| role.name == "admin" }
end
# Send devise-based user emails asyncronously via ActiveJob
# See: https://github.com/heartcombo/devise/tree/v3.5.10#activejob-integration
def send_devise_notification(notification, *args)

9
app/views/spree/admin/users/_form.html.haml
View File

@@ -5,13 +5,8 @@
= f.email_field :email, class: "fullwidth"
= error_message_on :user, :email
.field
= label_tag nil, t(".roles")
%ul
- [Spree::Role.admin].each do |role|
%li
= check_box_tag "user[spree_role_ids][]", role.id, @user.spree_roles.include?(role), id: "user_spree_role_#{role.name}"
= label_tag role.name
= hidden_field_tag "user[spree_role_ids][]", ""
= f.label :admin, t(".admin")
= f.check_box :admin
= f.field_container :locale do
= f.label :locale, t(".locale")
= f.select :locale, locale_options, class: "fullwidth"

2
config/locales/en.yml
View File

@@ -4660,7 +4660,7 @@ See the %{link} to find out more about %{sitename}'s features and to start using
form:
disabled: "Disabled?"
email: "Email"
roles: "Roles"
admin: "Super admin?"
enterprise_limit: "Enterprise Limit"
confirm_password: "Confirm Password"
password: "Password"

2
db/default/users.rb
View File

@@ -60,7 +60,6 @@ def create_admin_user
ValidEmail2::Address.define_method(:valid_mx?) { true }
if admin.save
admin.spree_roles << Spree::Role.admin
say "New admin user persisted!"
else
say "There was some problems with persisting new admin user:"
@@ -81,6 +80,7 @@ def read_user_attributes
end
{
admin: true,
password:,
password_confirmation: password,
email:,

6
spec/controllers/admin/order_cycles_controller_spec.rb
View File

@@ -431,11 +431,7 @@ module Admin
describe "notifying producers" do
let(:user) { create(:user) }
let(:admin_user) do
user = create(:user)
user.spree_roles << Spree::Role.find_or_create_by!(name: 'admin')
user
end
let(:admin_user) { create(:admin_user) }
let(:order_cycle) { create(:simple_order_cycle) }
before do

2
spec/controllers/spree/admin/payment_methods_controller_spec.rb
View File

@@ -235,8 +235,6 @@ module Spree
let(:user) do
new_user = create(:user, email: 'enterprise@hub.com', password: 'blahblah',
password_confirmation: 'blahblah', )
# for some reason unbeknown to me, this new user gets admin permissions by default.
new_user.spree_roles = []
new_user.enterprise_roles.build(enterprise:).save
new_user.save
new_user

7
spec/controllers/spree/admin/users_controller_spec.rb
View File

@@ -10,23 +10,22 @@ RSpec.describe Spree::Admin::UsersController do
before do
allow(controller).to receive_messages spree_current_user: user
allow(Spree::User).to receive(:find).with(test_user.id.to_s).and_return(test_user)
user.spree_roles.clear
end
it 'should grant access to users with an admin role' do
user.spree_roles << Spree::Role.find_or_create_by(name: 'admin')
user.update!(admin: true)
spree_post :index
expect(response).to render_template :index
end
it "allows admins to update a user's show api key view" do
user.spree_roles << Spree::Role.find_or_create_by(name: 'admin')
user.update!(admin: true)
spree_put :update, id: test_user.id, user: { show_api_key_view: true }
expect(response).to redirect_to spree.edit_admin_user_path(test_user)
end
it "re-renders the edit form if error" do
user.spree_roles << Spree::Role.find_or_create_by(name: 'admin')
user.update!(admin: true)
spree_put :update, id: test_user.id, user: { password: "blah", password_confirmation: "" }
expect(response).to render_template :edit

2
spec/factories/user_factory.rb
View File

@@ -35,7 +35,7 @@ FactoryBot.define do
end
factory :admin_user do
spree_roles { [Spree::Role.find_or_create_by!(name: 'admin')] }
admin { true }
end
factory :oidc_user do

13
spec/lib/reports/customers_report_spec.rb
View File

@@ -7,11 +7,7 @@ module Reporting
module Customers
RSpec.describe Base do
context "as a site admin" do
let(:user) do
user = create(:user)
user.spree_roles << Spree::Role.find_or_create_by!(name: 'admin')
user
end
let(:user) { create(:admin_user) }
subject { Base.new user, {} }
describe "addresses report" do
@@ -198,12 +194,7 @@ module Reporting
end
context "as an enterprise user" do
let(:user) do
user = create(:user)
user.spree_roles = []
user.save!
user
end
let(:user) { create(:user) }
subject { Base.new user, {} }

6
spec/lib/reports/order_cycle_management_report_spec.rb
View File

@@ -10,11 +10,7 @@ module Reporting
subject { Base.new(user, params) }
let(:params) { {} }
let(:user) do
user = create(:user)
user.spree_roles << Spree::Role.find_or_create_by!(name: "admin")
user
end
let(:user) { create(:admin_user) }
describe "fetching orders" do
it 'calls the OutstandingBalanceQuery query object' do

13
spec/lib/reports/products_and_inventory_report_spec.rb
View File

@@ -7,11 +7,7 @@ module Reporting
module ProductsAndInventory
RSpec.describe Base do
context "As a site admin" do
let(:user) do
user = create(:user)
user.spree_roles << Spree::Role.find_or_create_by!(name: 'admin')
user
end
let(:user) { create(:admin_user) }
subject do
Base.new user, {}
end
@@ -72,7 +68,6 @@ module Reporting
let(:enterprise_user) do
user = create(:user)
user.enterprise_roles.create(enterprise: supplier)
user.spree_roles = []
user.save!
user
end
@@ -259,11 +254,7 @@ module Reporting
end
RSpec.describe AllProducts do
let(:user) do
user = create(:user)
user.spree_roles << Spree::Role.find_or_create_by!(name: 'admin')
user
end
let(:user) { create(:admin_user) }
let(:report) do
AllProducts.new user, { fields_to_hide: [] }
end

21
spec/migrations/20250107014617_copy_admin_attribute_to_users_spec.rb
View File

@@ -1,21 +0,0 @@
# frozen_string_literal: true
require 'spec_helper'
require_relative "../../db/migrate/#{File.basename(__FILE__, '_spec.rb')}"
RSpec.describe CopyAdminAttributeToUsers do
describe "#up" do
it "marks current admins as admin" do
admin = create(:admin_user)
enterprise_user = create(:enterprise_user)
customer = create(:user)
expect { subject.up }.to change {
admin.reload.admin
}.from(false).to(true)
expect(enterprise_user.reload.admin).to eq false
expect(customer.reload.admin).to eq false
end
end
end

1
spec/models/enterprise_group_spec.rb
View File

@@ -77,7 +77,6 @@ RSpec.describe EnterpriseGroup do
it "finds a user's enterprise groups" do
user = create(:user)
user.spree_roles = []
eg1 = create(:enterprise_group, owner: user)
eg2 = create(:enterprise_group)

1
spec/models/enterprise_spec.rb
View File

@@ -651,7 +651,6 @@ RSpec.describe Enterprise do
describe "managed_by" do
it "shows only enterprises for given user" do
user = create(:user)
user.spree_roles = []
e1 = create(:enterprise)
e2 = create(:enterprise)
e1.enterprise_roles.build(user:).save

6
spec/models/exchange_spec.rb
View File

@@ -107,11 +107,7 @@ RSpec.describe Exchange do
let(:oc) { create(:simple_order_cycle, coordinator:) }
describe "finding exchanges managed by a particular user" do
let(:user) do
user = create(:user)
user.spree_roles = []
user
end
let(:user) { create(:user) }
before { Exchange.destroy_all }

3
spec/models/order_cycle_spec.rb
View File

@@ -62,8 +62,7 @@ RSpec.describe OrderCycle do
it "finds order cycles accessible by a user" do
e1 = create(:enterprise, is_primary_producer: true, sells: "any")
e2 = create(:enterprise, is_primary_producer: true, sells: "any")
user = create(:user, enterprises: [e2], spree_roles: [])
user.spree_roles = []
user = create(:user, enterprises: [e2])
oc_coordinated = create(:simple_order_cycle, coordinator: e2)
oc_sent = create(:simple_order_cycle, suppliers: [e2])

16
spec/models/spree/ability_spec.rb
View File

@@ -9,14 +9,6 @@ RSpec.describe Spree::Ability do
let(:subject) { Spree::Ability.new(user) }
let(:token) { nil }
before do
user.spree_roles.clear
end
after(:each) {
user.spree_roles = []
}
context 'for general resource' do
let(:resource) { Object.new }
@@ -43,7 +35,7 @@ RSpec.describe Spree::Ability do
context 'with admin user' do
it 'should be able to admin' do
user.spree_roles << Spree::Role.find_or_create_by(name: 'admin')
user.update!(admin: true)
expect(subject).to be_able_to :admin, resource
expect(subject).to be_able_to :index, resource_order
expect(subject).to be_able_to :show, resource_product
@@ -303,7 +295,6 @@ RSpec.describe Spree::Ability do
# create supplier_enterprise1 user without full admin access
let(:user) do
user = create(:user)
user.spree_roles = []
s1.enterprise_roles.build(user:).save
user
end
@@ -487,7 +478,6 @@ RSpec.describe Spree::Ability do
context "when is a distributor enterprise user" do
let(:user) do
user = create(:user)
user.spree_roles = []
d1.enterprise_roles.build(user:).save
user
end
@@ -699,7 +689,6 @@ RSpec.describe Spree::Ability do
context 'Order Cycle co-ordinator, distributor enterprise manager' do
let(:user) do
user = create(:user)
user.spree_roles = []
d1.enterprise_roles.build(user:).save
user
end
@@ -738,7 +727,6 @@ RSpec.describe Spree::Ability do
context 'enterprise manager' do
let(:user) do
user = create(:user)
user.spree_roles = []
s1.enterprise_roles.build(user:).save
user
end
@@ -797,7 +785,7 @@ RSpec.describe Spree::Ability do
let(:manage_actions) { [:admin, :index, :read, :update, :bulk_update, :bulk_reset] }
describe "when admin" do
before { user.spree_roles << Spree::Role.find_or_create_by!(name: 'admin') }
before { user.update!(admin: true) }
it "should have permission" do
is_expected.to have_ability(manage_actions, for: variant_override)

1
spec/models/spree/product_spec.rb
View File

@@ -512,7 +512,6 @@ module Spree
it "shows only products for given user" do
user = create(:user)
user.spree_roles = []
e1.enterprise_roles.build(user:).save
product = Product.managed_by user

4
spec/models/spree/user_spec.rb
View File

@@ -209,11 +209,11 @@ RSpec.describe Spree::User do
end
describe '#admin?' do
it 'returns true when the user has an admin spree role' do
it 'returns true when the user has an admin role' do
expect(create(:admin_user).admin?).to be_truthy
end
it 'returns false when the user does not have an admin spree role' do
it 'returns false when the user does not have an admin role' do
expect(create(:user).admin?).to eq(false)
end
end

7
spec/support/controller_helper.rb
View File

@@ -3,11 +3,7 @@
module OpenFoodNetwork
module ControllerHelper
def controller_login_as_admin
@admin_user ||= begin
user = create(:user)
user.spree_roles << Spree::Role.find_or_create_by!(name: 'admin')
user
end
@admin_user ||= create(:admin_user)
allow(controller).to receive_messages(spree_current_user: @admin_user)
end
@@ -15,7 +11,6 @@ module OpenFoodNetwork
def controller_login_as_enterprise_user(enterprises)
@enterprise_user ||= begin
user = create(:user)
user.spree_roles = []
enterprises.each do |enterprise|
enterprise.enterprise_roles.create!(user:)
end

1
spec/system/admin/configuration/shipping_categories_spec.rb
View File

@@ -5,7 +5,6 @@ require 'system_helper'
RSpec.describe "Shipping Categories" do
include AuthenticationHelper
include WebHelper
let(:admin_role) { Spree::Role.find_or_create_by!(name: 'admin') }
let(:admin_user) { create(:user) }
context 'user visits shipping categories page' do

4
spec/system/admin/multilingual_spec.rb
View File

@@ -5,11 +5,9 @@ require 'system_helper'
RSpec.describe 'Multilingual' do
include AuthenticationHelper
include WebHelper
let(:admin_role) { Spree::Role.find_or_create_by!(name: 'admin') }
let(:admin_user) { create(:user) }
let(:admin_user) { create(:admin_user) }
before do
admin_user.spree_roles << admin_role
login_as admin_user
visit spree.admin_dashboard_path
end