From f0ea96772d8acf32deac7d9d992ab558c914be76 Mon Sep 17 00:00:00 2001 From: Paul Chavard Date: Wed, 5 Feb 2020 17:38:24 +0100 Subject: [PATCH] Only invite experts to dossiers instructeur have access to --- .../concerns/create_avis_concern.rb | 2 +- app/models/dossier.rb | 4 +++ .../instructeurs/avis/instruction.html.haml | 2 +- .../instructeurs/dossiers/avis.html.haml | 2 +- .../instructeurs/avis_controller_spec.rb | 26 ++++++++++++++----- spec/factories/dossier.rb | 2 +- spec/features/instructeurs/expert_spec.rb | 3 +++ 7 files changed, 31 insertions(+), 10 deletions(-) diff --git a/app/controllers/concerns/create_avis_concern.rb b/app/controllers/concerns/create_avis_concern.rb index 81c7dd3a9..e12f007ef 100644 --- a/app/controllers/concerns/create_avis_concern.rb +++ b/app/controllers/concerns/create_avis_concern.rb @@ -14,7 +14,7 @@ module CreateAvisConcern allowed_dossiers = [dossier] if create_avis_params[:invite_linked_dossiers].present? - allowed_dossiers += dossier.linked_dossiers + allowed_dossiers += dossier.linked_dossiers_for(current_instructeur) end create_results = Avis.create( diff --git a/app/models/dossier.rb b/app/models/dossier.rb index 8a9b41352..e582f31ca 100644 --- a/app/models/dossier.rb +++ b/app/models/dossier.rb @@ -588,6 +588,10 @@ class Dossier < ApplicationRecord Dossier.where(id: champs.filter(&:dossier_link?).map(&:value).compact) end + def linked_dossiers_for(instructeur) + instructeur.dossiers.where(id: champs.filter(&:dossier_link?).map(&:value).compact) + end + def hash_for_deletion_mail { id: self.id, procedure_libelle: self.procedure.libelle } end diff --git a/app/views/instructeurs/avis/instruction.html.haml b/app/views/instructeurs/avis/instruction.html.haml index 713082704..62344dcc9 100644 --- a/app/views/instructeurs/avis/instruction.html.haml +++ b/app/views/instructeurs/avis/instruction.html.haml @@ -31,7 +31,7 @@ = f.submit 'Envoyer votre avis', class: 'button send' - if !@dossier.termine? - = render partial: "instructeurs/shared/avis/form", locals: { url: avis_instructeur_avis_path(@avis), linked_dossiers: @dossier.linked_dossiers, must_be_confidentiel: @avis.confidentiel?, avis: @new_avis } + = render partial: "instructeurs/shared/avis/form", locals: { url: avis_instructeur_avis_path(@avis), linked_dossiers: @dossier.linked_dossiers_for(current_instructeur), must_be_confidentiel: @avis.confidentiel?, avis: @new_avis } - if @dossier.avis_for(current_instructeur).present? = render partial: 'instructeurs/shared/avis/list', locals: { avis: @dossier.avis_for(current_instructeur), avis_seen_at: nil } diff --git a/app/views/instructeurs/dossiers/avis.html.haml b/app/views/instructeurs/dossiers/avis.html.haml index 65d661582..6b84208ce 100644 --- a/app/views/instructeurs/dossiers/avis.html.haml +++ b/app/views/instructeurs/dossiers/avis.html.haml @@ -4,7 +4,7 @@ .container - if !@dossier.termine? - = render partial: "instructeurs/shared/avis/form", locals: { url: avis_instructeur_dossier_path(@dossier.procedure, @dossier), linked_dossiers: @dossier.linked_dossiers, must_be_confidentiel: false, avis: @avis } + = render partial: "instructeurs/shared/avis/form", locals: { url: avis_instructeur_dossier_path(@dossier.procedure, @dossier), linked_dossiers: @dossier.linked_dossiers_for(current_instructeur), must_be_confidentiel: false, avis: @avis } - if @dossier.avis.present? = render partial: 'instructeurs/shared/avis/list', locals: { avis: @dossier.avis, avis_seen_at: @avis_seen_at } diff --git a/spec/controllers/instructeurs/avis_controller_spec.rb b/spec/controllers/instructeurs/avis_controller_spec.rb index 1c7c9d007..a071a0cef 100644 --- a/spec/controllers/instructeurs/avis_controller_spec.rb +++ b/spec/controllers/instructeurs/avis_controller_spec.rb @@ -196,16 +196,30 @@ describe Instructeurs::AvisController, type: :controller do context 'checked' do let(:invite_linked_dossiers) { true } - let(:created_avis) { Avis.last(2).first } - let(:linked_avis) { Avis.last } - let(:linked_dossier) { dossier.reload.linked_dossiers.first } - it do + context 'and can access linked dossiers' do + let(:created_avis) { Avis.last(2).first } + let(:linked_avis) { Avis.last } + let(:linked_dossier) { dossier.reload.linked_dossiers.first } + let(:invite_linked_dossiers) do + instructeur.assign_to_procedure(linked_dossier.procedure) + true + end + + it 'sends two avis invitations' do + expect(flash.notice).to eq("Une demande d'avis a été envoyée à a@b.com") + expect(Avis.count).to eq(old_avis_count + 2) + expect(created_avis.email).to eq("a@b.com") + expect(created_avis.dossier).to eq(dossier) + expect(linked_avis.dossier).to eq(linked_dossier) + end + end + + it 'and can not access linked dossiers' do expect(flash.notice).to eq("Une demande d'avis a été envoyée à a@b.com") - expect(Avis.count).to eq(old_avis_count + 2) + expect(Avis.count).to eq(old_avis_count + 1) expect(created_avis.email).to eq("a@b.com") expect(created_avis.dossier).to eq(dossier) - expect(linked_avis.dossier).to eq(linked_dossier) end end end diff --git a/spec/factories/dossier.rb b/spec/factories/dossier.rb index c0b563521..1316e8d81 100644 --- a/spec/factories/dossier.rb +++ b/spec/factories/dossier.rb @@ -68,7 +68,7 @@ FactoryBot.define do trait :with_dossier_link do after(:create) do |dossier, _evaluator| # create linked dossier - linked_dossier = create(:dossier) + linked_dossier = create(:dossier, :en_construction) # find first type de champ dossier_link type_de_champ = dossier.procedure.types_de_champ.find do |t| diff --git a/spec/features/instructeurs/expert_spec.rb b/spec/features/instructeurs/expert_spec.rb index abb43423e..0ba386e4f 100644 --- a/spec/features/instructeurs/expert_spec.rb +++ b/spec/features/instructeurs/expert_spec.rb @@ -12,6 +12,9 @@ feature 'Inviting an expert:' do context 'as an Instructeur' do scenario 'I can invite an expert' do + # assign instructeur to linked dossier + instructeur.assign_to_procedure(dossier.reload.linked_dossiers.first.procedure) + login_as instructeur.user, scope: :user visit instructeur_dossier_path(procedure, dossier)