From a0c8f46bb77f2e93fa640ae855de67340e48af14 Mon Sep 17 00:00:00 2001
From: Colin Darie <colin@darie.eu>
Date: Wed, 24 May 2023 16:53:51 +0200
Subject: [PATCH] fix(fork): allow invited on dossier origin to resolve champs
 of forks

---
 app/policies/champ_policy.rb       |  2 +-
 spec/policies/champ_policy_spec.rb | 17 +++++++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/app/policies/champ_policy.rb b/app/policies/champ_policy.rb
index b0e720341..1376abe40 100644
--- a/app/policies/champ_policy.rb
+++ b/app/policies/champ_policy.rb
@@ -15,7 +15,7 @@ class ChampPolicy < ApplicationPolicy
       # but for some reasons ActiveRecord <= 5.2 generates bogus SQL. Hence the manual version of it below.
       joined_scope = scope
         .joins('LEFT OUTER JOIN dossiers ON dossiers.id = champs.dossier_id')
-        .joins('LEFT OUTER JOIN invites ON invites.dossier_id = dossiers.id')
+        .joins('LEFT OUTER JOIN invites ON invites.dossier_id = dossiers.id OR invites.dossier_id = dossiers.editing_fork_origin_id')
         .joins('LEFT OUTER JOIN groupe_instructeurs ON groupe_instructeurs.id = dossiers.groupe_instructeur_id')
         .joins('LEFT OUTER JOIN assign_tos ON assign_tos.groupe_instructeur_id = groupe_instructeurs.id')
         .joins('LEFT OUTER JOIN instructeurs ON instructeurs.id = assign_tos.instructeur_id')
diff --git a/spec/policies/champ_policy_spec.rb b/spec/policies/champ_policy_spec.rb
index bff4c118a..a0be8263c 100644
--- a/spec/policies/champ_policy_spec.rb
+++ b/spec/policies/champ_policy_spec.rb
@@ -78,4 +78,21 @@ describe ChampPolicy do
       it_behaves_like 'they can’t access a private champ'
     end
   end
+
+  context 'when the champ is on a forked dossier' do
+    let(:signed_in_user) { dossier_owner }
+    let(:origin) { create(:dossier, procedure: procedure, user: dossier_owner) }
+    let(:dossier) { origin.find_or_create_editing_fork(dossier_owner) }
+
+    it_behaves_like 'they can access a public champ'
+    it_behaves_like 'they can’t access a private champ'
+
+    context 'when the user is invited on the origin dossier' do
+      let(:invite) { create(:invite, :with_user, dossier: origin) }
+      let(:signed_in_user) { invite.user }
+
+      it_behaves_like 'they can access a public champ'
+      it_behaves_like 'they can’t access a private champ'
+    end
+  end
 end