cleanup: remove dead code
This commit is contained in:
Paul Chavard
parent
c0da8d1556
commit
580002e5f5
4 changed files with 0 additions and 192 deletions
|
|
@ -1,45 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class ChampPolicy < ApplicationPolicy
|
||||
# Scope for WRITING to a champ.
|
||||
#
|
||||
# (If the need for a scope to READ a champ emerges, we can implement another scope
|
||||
# in this file, following this example: https://github.com/varvet/pundit/issues/368#issuecomment-196111115)
|
||||
class Scope < ApplicationScope
|
||||
def resolve
|
||||
if user.blank?
|
||||
return scope.none
|
||||
end
|
||||
|
||||
# The join must be the same for all elements of the WHERE clause.
|
||||
#
|
||||
# NB: here we want to do `.left_outer_joins(dossier: [:invites, { :groupe_instructeur: :instructeurs }]))`,
|
||||
# but for some reasons ActiveRecord <= 5.2 generates bogus SQL. Hence the manual version of it below.
|
||||
joined_scope = scope
|
||||
.joins('LEFT OUTER JOIN dossiers ON dossiers.id = champs.dossier_id')
|
||||
.joins('LEFT OUTER JOIN invites ON invites.dossier_id = dossiers.id OR invites.dossier_id = dossiers.editing_fork_origin_id')
|
||||
.joins('LEFT OUTER JOIN groupe_instructeurs ON groupe_instructeurs.id = dossiers.groupe_instructeur_id')
|
||||
.joins('LEFT OUTER JOIN assign_tos ON assign_tos.groupe_instructeur_id = groupe_instructeurs.id')
|
||||
.joins('LEFT OUTER JOIN instructeurs ON instructeurs.id = assign_tos.instructeur_id')
|
||||
|
||||
# Users can access public champs on their own dossiers.
|
||||
resolved_scope = joined_scope
|
||||
.where('dossiers.user_id': user.id, private: false)
|
||||
|
||||
# Invited users can access public champs on dossiers they are invited to
|
||||
invite_clause = joined_scope
|
||||
.where('invites.user_id': user.id, private: false)
|
||||
resolved_scope = resolved_scope.or(invite_clause)
|
||||
|
||||
if instructeur.present?
|
||||
# Additionnaly, instructeurs can access private champs
|
||||
# on dossiers they are allowed to instruct.
|
||||
instructeur_clause = joined_scope
|
||||
.where('instructeurs.id': instructeur.id, private: true)
|
||||
resolved_scope = resolved_scope.or(instructeur_clause)
|
||||
end
|
||||
|
||||
resolved_scope.or(joined_scope.where('dossiers.for_procedure_preview': true))
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class TypeDeChampPolicy < ApplicationPolicy
|
||||
class Scope < ApplicationScope
|
||||
def resolve
|
||||
if administrateur.present?
|
||||
scope
|
||||
.joins(procedure: [:administrateurs])
|
||||
.where({ administrateurs: { id: administrateur.id } })
|
||||
else
|
||||
scope.none
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -1,100 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
describe ChampPolicy do
|
||||
let(:procedure) { create(:procedure, :with_type_de_champ, :with_type_de_champ_private) }
|
||||
let(:dossier) { create(:dossier, procedure: procedure, user: dossier_owner) }
|
||||
let(:dossier_owner) { create(:user) }
|
||||
|
||||
let(:signed_in_user) { create(:user) }
|
||||
let(:account) { { user: signed_in_user } }
|
||||
|
||||
subject { Pundit.policy_scope(account, Champ) }
|
||||
|
||||
let(:champ) { dossier.project_champs_public.first }
|
||||
let(:champ_private) { dossier.project_champs_private.first }
|
||||
|
||||
shared_examples_for 'they can access a public champ' do
|
||||
it { expect(subject.find_by(id: champ.id)).to eq(champ) }
|
||||
end
|
||||
|
||||
shared_examples_for 'they can’t access a public champ' do
|
||||
it { expect(subject.find_by(id: champ.id)).to eq(nil) }
|
||||
end
|
||||
|
||||
shared_examples_for 'they can access a private champ' do
|
||||
it { expect(subject.find_by(id: champ_private.id)).to eq(champ_private) }
|
||||
end
|
||||
|
||||
shared_examples_for 'they can’t access a private champ' do
|
||||
it { expect(subject.find_by(id: champ_private.id)).to eq(nil) }
|
||||
end
|
||||
|
||||
context 'when an user only has user rights' do
|
||||
context 'as the dossier owner' do
|
||||
let(:signed_in_user) { dossier_owner }
|
||||
|
||||
it_behaves_like 'they can access a public champ'
|
||||
it_behaves_like 'they can’t access a private champ'
|
||||
end
|
||||
|
||||
context 'as a person invited on the dossier' do
|
||||
let(:invite) { create(:invite, :with_user, dossier: dossier) }
|
||||
let(:signed_in_user) { invite.user }
|
||||
|
||||
it_behaves_like 'they can access a public champ'
|
||||
it_behaves_like 'they can’t access a private champ'
|
||||
end
|
||||
|
||||
context 'as another user' do
|
||||
let(:signed_in_user) { create(:user) }
|
||||
|
||||
it_behaves_like 'they can’t access a public champ'
|
||||
it_behaves_like 'they can’t access a private champ'
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the user also has instruction rights' do
|
||||
let(:instructeur) { create(:instructeur, user: signed_in_user) }
|
||||
let(:account) { { user: signed_in_user, instructeur: instructeur } }
|
||||
|
||||
context 'as the dossier instructeur and owner' do
|
||||
let(:signed_in_user) { dossier_owner }
|
||||
before { instructeur.assign_to_procedure(dossier.procedure) }
|
||||
|
||||
it_behaves_like 'they can access a public champ'
|
||||
it_behaves_like 'they can access a private champ'
|
||||
end
|
||||
|
||||
context 'as the dossier instructeur (but not owner)' do
|
||||
let(:signed_in_user) { create(:user) }
|
||||
before { instructeur.assign_to_procedure(dossier.procedure) }
|
||||
|
||||
it_behaves_like 'they can’t access a public champ'
|
||||
it_behaves_like 'they can access a private champ'
|
||||
end
|
||||
|
||||
context 'as an instructeur not assigned to the procedure' do
|
||||
let(:signed_in_user) { create(:user) }
|
||||
|
||||
it_behaves_like 'they can’t access a public champ'
|
||||
it_behaves_like 'they can’t access a private champ'
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the champ is on a forked dossier' do
|
||||
let(:signed_in_user) { dossier_owner }
|
||||
let(:origin) { create(:dossier, procedure: procedure, user: dossier_owner) }
|
||||
let(:dossier) { origin.find_or_create_editing_fork(dossier_owner) }
|
||||
|
||||
it_behaves_like 'they can access a public champ'
|
||||
it_behaves_like 'they can’t access a private champ'
|
||||
|
||||
context 'when the user is invited on the origin dossier' do
|
||||
let(:invite) { create(:invite, :with_user, dossier: origin) }
|
||||
let(:signed_in_user) { invite.user }
|
||||
|
||||
it_behaves_like 'they can access a public champ'
|
||||
it_behaves_like 'they can’t access a private champ'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -1,32 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
describe TypeDeChampPolicy do
|
||||
let(:procedure) { create(:procedure) }
|
||||
let!(:type_de_champ) { create(:type_de_champ_text, procedure: procedure) }
|
||||
|
||||
let(:user) { create(:user) }
|
||||
let(:administrateur) { nil }
|
||||
|
||||
let(:account) do
|
||||
{
|
||||
user: user,
|
||||
administrateur: administrateur
|
||||
}.compact
|
||||
end
|
||||
|
||||
subject { Pundit.policy_scope(account, TypeDeChamp) }
|
||||
|
||||
context 'when the user has only user rights' do
|
||||
it 'can not access' do
|
||||
expect(subject.find_by(id: type_de_champ.id)).to eq(nil)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the user has administrateur rights' do
|
||||
let(:administrateur) { procedure.administrateurs.first }
|
||||
|
||||
it 'can access' do
|
||||
expect(subject.find(type_de_champ.id)).to eq(type_de_champ)
|
||||
end
|
||||
end
|
||||
end
|
||||
Loading…
Reference in a new issue