As an enterprise user, when I create an enterprise, I should have management permission for it

2026-03-04 02:31:33 +00:00 · 2013-09-30 11:10:20 +10:00
parent 1d4198d402
commit f5b56617a0
5 changed files with 83 additions and 3 deletions
--- a/app/controllers/admin/enterprises_controller.rb
+++ b/app/controllers/admin/enterprises_controller.rb
@@ -2,6 +2,7 @@ module Admin
  class EnterprisesController < ResourceController
    before_filter :load_enterprise_set, :only => :index
    before_filter :load_countries, :except => :index
+    create.after :grant_management

    helper 'spree/products'

@@ -14,7 +15,17 @@ module Admin
      end
    end

+
    private
+
+    # When an enterprise user creates another enterprise, it is granted management
+    # permission for it
+    def grant_management
+      unless spree_current_user.has_spree_role? 'admin'
+        spree_current_user.enterprise_roles.create(enterprise: @object)
+      end
+    end
+
    def load_enterprise_set
      @enterprise_set = EnterpriseSet.new :collection => collection
    end
--- a/app/models/spree/ability_decorator.rb
+++ b/app/models/spree/ability_decorator.rb
@@ -54,7 +54,7 @@ class AbilityDecorator
      can [:admin, :index, :read, :create, :edit, :update], Exchange
      can [:admin, :index, :read, :create, :edit, :update], ExchangeFee

-      can [:admin, :index], Enterprise
+      can [:admin, :index, :create], Enterprise
      can [:read, :edit, :update, :bulk_update], Enterprise do |enterprise|
        user.enterprises.include? enterprise
      end
--- a/spec/controllers/admin/enterprises_controller_spec.rb
+++ b/spec/controllers/admin/enterprises_controller_spec.rb
@@ -0,0 +1,40 @@
+require 'spec_helper'
+
+module Admin
+  describe EnterprisesController do
+    let(:distributor) { create(:distributor_enterprise) }
+    let(:user) do
+      user = create(:user)
+      user.spree_roles = []
+      distributor.enterprise_roles.build(user: user).save
+      user
+    end
+    let(:admin_user) do
+      user = create(:user)
+      user.spree_roles << Spree::Role.find_or_create_by_name!('admin')
+      user
+    end
+
+    describe "creating an enterprise" do
+      let(:country) { Spree::Country.find_by_name 'Australia' }
+      let(:state) { Spree::State.find_by_name 'Victoria' }
+      let(:enterprise_params) { {enterprise: {name: 'zzz', address_attributes: {address1: 'a', city: 'a', zipcode: 'a', country_id: country.id, state_id: state.id}}} }
+
+      it "grants management permission if the current user is an enterprise user" do
+        controller.stub spree_current_user: user
+
+        spree_put :create, enterprise_params
+        enterprise = Enterprise.find_by_name 'zzz'
+        user.enterprise_roles.where(enterprise_id: enterprise).first.should be
+      end
+
+      it "does not grant management permission to admins" do
+        controller.stub spree_current_user: admin_user
+
+        spree_put :create, enterprise_params
+        enterprise = Enterprise.find_by_name 'zzz'
+        admin_user.enterprise_roles.where(enterprise_id: enterprise).should be_empty
+      end
+    end
+  end
+end
--- a/spec/features/admin/enterprises_spec.rb
+++ b/spec/features/admin/enterprises_spec.rb
@@ -180,4 +180,33 @@ feature %q{
      distributor2.reload.next_collection_at.should be_nil
    end
  end
+
+  context "as an enterprise user" do
+    let(:enterprise_user) { create_enterprise_user }
+    let(:distributor) { create(:distributor_enterprise, name: 'First Distributor') }
+
+    before(:each) do
+      enterprise_user.enterprise_roles.build(enterprise: distributor).save
+      login_to_admin_as enterprise_user
+    end
+
+    scenario "creating an enterprise" do
+      # When I create an enterprise
+      click_link 'Enterprises'
+      click_link 'New Enterprise'
+      fill_in 'enterprise_name', with: 'zzz'
+      fill_in 'enterprise_address_attributes_address1', with: 'z'
+      fill_in 'enterprise_address_attributes_city', with: 'z'
+      fill_in 'enterprise_address_attributes_zipcode', with: 'z'
+      click_button 'Create'
+
+      # Then it should be created
+      page.should have_content 'Enterprise "zzz" has been successfully created!'
+      enterprise = Enterprise.last
+      enterprise.name.should == 'zzz'
+
+      # And I should be managing it
+      Enterprise.managed_by(enterprise_user).should include enterprise
+    end
+  end
 end
--- a/spec/models/ability_spec.rb
+++ b/spec/models/ability_spec.rb
@@ -175,8 +175,8 @@ module Spree
          should_not have_ability([:read, :edit, :update, :bulk_update], for: s2)
        end

-        it 'should have the ability administrate enterpises' do
-          should have_ability([:admin, :index], for: Enterprise)
+        it 'should have the ability administrate and create enterpises' do
+          should have_ability([:admin, :index, :create], for: Enterprise)
        end
      end
    end