raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-01-26 20:56:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5a5cbbd3181a71494de522c287a165950e9f98aa
openfoodnetwork/spec/services/permissions/order_spec.rb
Luis Ramos 8a9dae0ee2 Run rubocop autocorrect 
This is the result of bundle exec rubocop --auto-correct
2020-06-22 12:23:10 +01:00

180 lines
7.7 KiB
Ruby
Raw Blame History

require 'spec_helper'
module Permissions
describe Order do
let(:user) { double(:user) }
let(:permissions) { Permissions::Order.new(user) }
let!(:basic_permissions) { OpenFoodNetwork::Permissions.new(user) }
let(:distributor) { create(:distributor_enterprise) }
let(:coordinator) { create(:distributor_enterprise) }
let(:order_cycle) { create(:simple_order_cycle, coordinator: coordinator, distributors: [distributor]) }
let(:order_completed) { create(:completed_order_with_totals, order_cycle: order_cycle, distributor: distributor ) }
let(:order_cancelled) { create(:order, order_cycle: order_cycle, distributor: distributor, state: 'canceled' ) }
let(:order_cart) { create(:order, order_cycle: order_cycle, distributor: distributor, state: 'cart' ) }
let(:order_from_last_year) {
create(:completed_order_with_totals, order_cycle: order_cycle, distributor: distributor,
completed_at: Time.zone.now - 1.year)
}
before { allow(OpenFoodNetwork::Permissions).to receive(:new) { basic_permissions } }
describe "finding orders that are visible in reports" do
let(:random_enterprise) { create(:distributor_enterprise) }
let(:order) { create(:order, order_cycle: order_cycle, distributor: distributor ) }
let!(:line_item) { create(:line_item, order: order) }
let!(:producer) { create(:supplier_enterprise) }
before do
allow(basic_permissions).to receive(:coordinated_order_cycles) { Enterprise.where("1=0") }
end
context "as the hub through which the order was placed" do
before do
allow(basic_permissions).to receive(:managed_enterprises) { Enterprise.where(id: distributor) }
end
it "should let me see the order" do
expect(permissions.visible_orders).to include order
end
end
context "as the coordinator of the order cycle through which the order was placed" do
before do
allow(basic_permissions).to receive(:managed_enterprises) { Enterprise.where(id: coordinator) }
allow(basic_permissions).to receive(:coordinated_order_cycles) { OrderCycle.where(id: order_cycle) }
end
it "should let me see the order" do
expect(permissions.visible_orders).to include order
end
context "with search params" do
let(:search_params) { { completed_at_gt: Time.zone.now.yesterday.strftime('%Y-%m-%d') } }
let(:permissions) { Permissions::Order.new(user, search_params) }
it "only returns completed, non-cancelled orders within search filter range" do
expect(permissions.visible_orders).to include order_completed
expect(permissions.visible_orders).to_not include order_cancelled
expect(permissions.visible_orders).to_not include order_cart
expect(permissions.visible_orders).to_not include order_from_last_year
end
end
end
context "as a producer which has granted P-OC to the distributor of an order" do
before do
allow(basic_permissions).to receive(:managed_enterprises) { Enterprise.where(id: producer) }
create(:enterprise_relationship, parent: producer, child: distributor, permissions_list: [:add_to_order_cycle])
end
context "which contains my products" do
before do
line_item.product.supplier = producer
line_item.product.save
end
it "should let me see the order" do
expect(permissions.visible_orders).to include order
end
end
context "which does not contain my products" do
it "should not let me see the order" do
expect(permissions.visible_orders).to_not include order
end
end
end
context "as an enterprise that is a distributor in the order cycle, but not the distributor of the order" do
before do
allow(basic_permissions).to receive(:managed_enterprises) { Enterprise.where(id: random_enterprise) }
end
it "should not let me see the order" do
expect(permissions.visible_orders).to_not include order
end
end
end
describe "finding line items that are visible in reports" do
let(:random_enterprise) { create(:distributor_enterprise) }
let(:order) { create(:order, order_cycle: order_cycle, distributor: distributor ) }
let!(:line_item1) { create(:line_item, order: order) }
let!(:line_item2) { create(:line_item, order: order) }
let!(:producer) { create(:supplier_enterprise) }
before do
allow(basic_permissions).to receive(:coordinated_order_cycles) { Enterprise.where("1=0") }
end
context "as the hub through which the parent order was placed" do
before do
allow(basic_permissions).to receive(:managed_enterprises) { Enterprise.where(id: distributor) }
end
it "should let me see the line_items" do
expect(permissions.visible_line_items).to include line_item1, line_item2
end
end
context "as the coordinator of the order cycle through which the parent order was placed" do
before do
allow(basic_permissions).to receive(:managed_enterprises) { Enterprise.where(id: coordinator) }
allow(basic_permissions).to receive(:coordinated_order_cycles) { OrderCycle.where(id: order_cycle) }
end
it "should let me see the line_items" do
expect(permissions.visible_line_items).to include line_item1, line_item2
end
end
context "as the manager producer which has granted P-OC to the distributor of the parent order" do
before do
allow(basic_permissions).to receive(:managed_enterprises) { Enterprise.where(id: producer) }
create(:enterprise_relationship, parent: producer, child: distributor, permissions_list: [:add_to_order_cycle])
line_item1.product.supplier = producer
line_item1.product.save
end
it "should let me see the line_items pertaining to variants I produce" do
ps = permissions.visible_line_items
expect(ps).to include line_item1
expect(ps).to_not include line_item2
end
end
context "as an enterprise that is a distributor in the order cycle, but not the distributor of the parent order" do
before do
allow(basic_permissions).to receive(:managed_enterprises) { Enterprise.where(id: random_enterprise) }
end
it "should not let me see the line_items" do
expect(permissions.visible_line_items).to_not include line_item1, line_item2
end
end
context "with search params" do
let!(:line_item3) { create(:line_item, order: order_completed) }
let!(:line_item4) { create(:line_item, order: order_cancelled) }
let!(:line_item5) { create(:line_item, order: order_cart) }
let!(:line_item6) { create(:line_item, order: order_from_last_year) }
let(:search_params) { { completed_at_gt: Time.zone.now.yesterday.strftime('%Y-%m-%d') } }
let(:permissions) { Permissions::Order.new(user, search_params) }
before do
allow(user).to receive(:has_spree_role?) { "admin" }
end
it "only returns line items from completed, non-cancelled orders within search filter range" do
expect(permissions.visible_line_items).to include order_completed.line_items.first
expect(permissions.visible_line_items).to_not include order_cancelled.line_items.first
expect(permissions.visible_line_items).to_not include order_cart.line_items.first
expect(permissions.visible_line_items).to_not include order_from_last_year.line_items.first
end
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink