From f5b56617a045101792b623771560134d95fc6cbf Mon Sep 17 00:00:00 2001
From: Rohan Mitchell <rohan@rohanmitchell.com>
Date: Mon, 30 Sep 2013 11:10:20 +1000
Subject: [PATCH] As an enterprise user, when I create an enterprise, I should
 have management permission for it

---
 .../admin/enterprises_controller.rb           | 11 +++++
 app/models/spree/ability_decorator.rb         |  2 +-
 .../admin/enterprises_controller_spec.rb      | 40 +++++++++++++++++++
 spec/features/admin/enterprises_spec.rb       | 29 ++++++++++++++
 spec/models/ability_spec.rb                   |  4 +-
 5 files changed, 83 insertions(+), 3 deletions(-)
 create mode 100644 spec/controllers/admin/enterprises_controller_spec.rb

diff --git a/app/controllers/admin/enterprises_controller.rb b/app/controllers/admin/enterprises_controller.rb
index d524966d7c..3ea7b249c6 100644
--- a/app/controllers/admin/enterprises_controller.rb
+++ b/app/controllers/admin/enterprises_controller.rb
@@ -2,6 +2,7 @@ module Admin
   class EnterprisesController < ResourceController
     before_filter :load_enterprise_set, :only => :index
     before_filter :load_countries, :except => :index
+    create.after :grant_management
 
     helper 'spree/products'
 
@@ -14,7 +15,17 @@ module Admin
       end
     end
 
+
     private
+
+    # When an enterprise user creates another enterprise, it is granted management
+    # permission for it
+    def grant_management
+      unless spree_current_user.has_spree_role? 'admin'
+        spree_current_user.enterprise_roles.create(enterprise: @object)
+      end
+    end
+
     def load_enterprise_set
       @enterprise_set = EnterpriseSet.new :collection => collection
     end
diff --git a/app/models/spree/ability_decorator.rb b/app/models/spree/ability_decorator.rb
index 85682cea61..2619045ff5 100644
--- a/app/models/spree/ability_decorator.rb
+++ b/app/models/spree/ability_decorator.rb
@@ -54,7 +54,7 @@ class AbilityDecorator
       can [:admin, :index, :read, :create, :edit, :update], Exchange
       can [:admin, :index, :read, :create, :edit, :update], ExchangeFee
 
-      can [:admin, :index], Enterprise
+      can [:admin, :index, :create], Enterprise
       can [:read, :edit, :update, :bulk_update], Enterprise do |enterprise|
         user.enterprises.include? enterprise
       end
diff --git a/spec/controllers/admin/enterprises_controller_spec.rb b/spec/controllers/admin/enterprises_controller_spec.rb
new file mode 100644
index 0000000000..20482bef09
--- /dev/null
+++ b/spec/controllers/admin/enterprises_controller_spec.rb
@@ -0,0 +1,40 @@
+require 'spec_helper'
+
+module Admin
+  describe EnterprisesController do
+    let(:distributor) { create(:distributor_enterprise) }
+    let(:user) do
+      user = create(:user)
+      user.spree_roles = []
+      distributor.enterprise_roles.build(user: user).save
+      user
+    end
+    let(:admin_user) do
+      user = create(:user)
+      user.spree_roles << Spree::Role.find_or_create_by_name!('admin')
+      user
+    end
+
+    describe "creating an enterprise" do
+      let(:country) { Spree::Country.find_by_name 'Australia' }
+      let(:state) { Spree::State.find_by_name 'Victoria' }
+      let(:enterprise_params) { {enterprise: {name: 'zzz', address_attributes: {address1: 'a', city: 'a', zipcode: 'a', country_id: country.id, state_id: state.id}}} }
+
+      it "grants management permission if the current user is an enterprise user" do
+        controller.stub spree_current_user: user
+
+        spree_put :create, enterprise_params
+        enterprise = Enterprise.find_by_name 'zzz'
+        user.enterprise_roles.where(enterprise_id: enterprise).first.should be
+      end
+
+      it "does not grant management permission to admins" do
+        controller.stub spree_current_user: admin_user
+
+        spree_put :create, enterprise_params
+        enterprise = Enterprise.find_by_name 'zzz'
+        admin_user.enterprise_roles.where(enterprise_id: enterprise).should be_empty
+      end
+    end
+  end
+end
diff --git a/spec/features/admin/enterprises_spec.rb b/spec/features/admin/enterprises_spec.rb
index 38f57ec713..25ee869c1c 100644
--- a/spec/features/admin/enterprises_spec.rb
+++ b/spec/features/admin/enterprises_spec.rb
@@ -180,4 +180,33 @@ feature %q{
       distributor2.reload.next_collection_at.should be_nil
     end
   end
+
+  context "as an enterprise user" do
+    let(:enterprise_user) { create_enterprise_user }
+    let(:distributor) { create(:distributor_enterprise, name: 'First Distributor') }
+
+    before(:each) do
+      enterprise_user.enterprise_roles.build(enterprise: distributor).save
+      login_to_admin_as enterprise_user
+    end
+
+    scenario "creating an enterprise" do
+      # When I create an enterprise
+      click_link 'Enterprises'
+      click_link 'New Enterprise'
+      fill_in 'enterprise_name', with: 'zzz'
+      fill_in 'enterprise_address_attributes_address1', with: 'z'
+      fill_in 'enterprise_address_attributes_city', with: 'z'
+      fill_in 'enterprise_address_attributes_zipcode', with: 'z'
+      click_button 'Create'
+
+      # Then it should be created
+      page.should have_content 'Enterprise "zzz" has been successfully created!'
+      enterprise = Enterprise.last
+      enterprise.name.should == 'zzz'
+
+      # And I should be managing it
+      Enterprise.managed_by(enterprise_user).should include enterprise
+    end
+  end
 end
diff --git a/spec/models/ability_spec.rb b/spec/models/ability_spec.rb
index 3cca953e94..bad4d69557 100644
--- a/spec/models/ability_spec.rb
+++ b/spec/models/ability_spec.rb
@@ -175,8 +175,8 @@ module Spree
           should_not have_ability([:read, :edit, :update, :bulk_update], for: s2)
         end
 
-        it 'should have the ability administrate enterpises' do
-          should have_ability([:admin, :index], for: Enterprise)
+        it 'should have the ability administrate and create enterpises' do
+          should have_ability([:admin, :index, :create], for: Enterprise)
         end
       end
     end