- Administrateur can't show only his procedures

- Gestionnaire can't show only files of his Administrateur's procedures

app/controllers/admin/procedures_controller.rb

@@ -2,7 +2,7 @@ class Admin::ProceduresController < ApplicationController
   before_action :authenticate_administrateur!
 
   def index
-    @procedures = Procedure.all
+    @procedures = current_administrateur.procedures
   end
 
   def show

app/controllers/backoffice_controller.rb

@@ -1,9 +1,12 @@
 class BackofficeController < ApplicationController
 
   def index
-    redirect_to(controller: '/gestionnaires/sessions', action: :new) unless gestionnaire_signed_in?
+    if !gestionnaire_signed_in?
-    @dossiers_a_traiter = Dossier.a_traiter.decorate
+      redirect_to(controller: '/gestionnaires/sessions', action: :new)
-    @dossiers_en_attente = Dossier.en_attente.decorate
+    else
-    @dossiers_termine = Dossier.termine.decorate
+      @dossiers_a_traiter = Dossier.a_traiter(current_gestionnaire).decorate
+      @dossiers_en_attente = Dossier.en_attente(current_gestionnaire).decorate
+      @dossiers_termine = Dossier.termine(current_gestionnaire).decorate
+    end
   end
 end

app/models/dossier.rb

@@ -116,16 +116,16 @@ class Dossier < ActiveRecord::Base
     state
   end
 
-  def self.a_traiter
+  def self.a_traiter current_gestionnaire
-    Dossier.where("state='initiated' OR state='updated' OR state='submitted'").order('updated_at ASC')
+    Dossier.joins(:procedure).where("(state='initiated' OR state='updated' OR state='submitted') AND dossiers.procedure_id = procedures.id AND procedures.administrateur_id = #{current_gestionnaire.administrateur_id}").order('updated_at ASC')
   end
 
-  def self.en_attente
+  def self.en_attente current_gestionnaire
-    Dossier.where("state='replied' OR state='validated'").order('updated_at ASC')
+    Dossier.joins(:procedure).where("(state='replied' OR state='validated') AND dossiers.procedure_id = procedures.id AND procedures.administrateur_id = #{current_gestionnaire.administrateur_id}").order('updated_at ASC')
   end
 
-  def self.termine
+  def self.termine current_gestionnaire
-    Dossier.where("state='closed'").order('updated_at ASC')
+    Dossier.joins(:procedure).where("state='closed' AND dossiers.procedure_id = procedures.id AND procedures.administrateur_id = #{current_gestionnaire.administrateur_id}").order('updated_at ASC')
   end
 
   private

spec/features/backoffice/connection_spec.rb

@@ -20,7 +20,9 @@ feature 'when gestionnaire come to /backoffice and is not authenticated' do
     end
   end
   context 'when user enter good credentials' do
-    let(:gestionnaire) { create(:gestionnaire) }
+    let(:administrateur) { create(:administrateur) }
+    let(:gestionnaire) { create(:gestionnaire, administrateur: administrateur) }
+
     before do
       page.find_by_id(:gestionnaire_email).set  gestionnaire.email
       page.find_by_id(:gestionnaire_password).set  gestionnaire.password

spec/features/backoffice/navigate_to_dossier_spec.rb

@@ -1,16 +1,18 @@
 require 'spec_helper'
 
 feature 'on backoffice page' do
-  let(:procedure) { create(:procedure) }
+  let(:administrateur) { create(:administrateur) }
+  let(:gestionnaire) { create(:gestionnaire, administrateur: administrateur) }
+  let(:procedure) { create(:procedure, administrateur: administrateur) }
+
   let!(:dossier) { create(:dossier, :with_user, :with_entreprise, procedure: procedure, state: 'replied') }
   before do
     visit backoffice_path
   end
   context 'when gestionnaire is logged in' do
-    let(:gestionnaire) { create(:gestionnaire) }
     before do
-      page.find_by_id(:gestionnaire_email).set  gestionnaire.email
+      page.find_by_id(:gestionnaire_email).set gestionnaire.email
-      page.find_by_id(:gestionnaire_password).set  gestionnaire.password
+      page.find_by_id(:gestionnaire_password).set gestionnaire.password
       page.click_on 'Se connecter'
     end
     context 'when he click on first dossier' do

spec/models/dossier_spec.rb

@@ -381,29 +381,38 @@ describe Dossier do
     end
 
     context 'gestionnaire backoffice methods' do
-      let!(:dossier1) { create(:dossier, :with_user, :with_procedure, state: 'draft')}
+      let(:admin) { create(:administrateur) }
-      let!(:dossier2) { create(:dossier, :with_user, :with_procedure, state: 'initiated')}
+      let(:admin_2) { create(:administrateur) }
-      let!(:dossier3) { create(:dossier, :with_user, :with_procedure, state: 'initiated')}
+
-      let!(:dossier4) { create(:dossier, :with_user, :with_procedure, state: 'replied')}
+      let(:gestionnaire) { create(:gestionnaire, administrateur: admin) }
-      let!(:dossier5) { create(:dossier, :with_user, :with_procedure, state: 'updated')}
+      let(:procedure_admin) { create(:procedure, administrateur: admin) }
-      let!(:dossier6) { create(:dossier, :with_user, :with_procedure, state: 'validated')}
+      let(:procedure_admin_2) { create(:procedure, administrateur: admin_2) }
-      let!(:dossier7) { create(:dossier, :with_user, :with_procedure, state: 'submitted')}
+
-      let!(:dossier8) { create(:dossier, :with_user, :with_procedure, state: 'closed')}
+      let!(:dossier1) { create(:dossier, :with_user, procedure: procedure_admin, state: 'draft')}
+      let!(:dossier2) { create(:dossier, :with_user, procedure: procedure_admin, state: 'initiated')} #a_traiter
+      let!(:dossier3) { create(:dossier, :with_user, procedure: procedure_admin, state: 'initiated')} #a_traiter
+      let!(:dossier4) { create(:dossier, :with_user, procedure: procedure_admin, state: 'replied')} #en_attente
+      let!(:dossier5) { create(:dossier, :with_user, procedure: procedure_admin, state: 'updated')} #a_traiter
+      let!(:dossier6) { create(:dossier, :with_user, procedure: procedure_admin_2, state: 'validated')} #en_attente
+      let!(:dossier7) { create(:dossier, :with_user, procedure: procedure_admin_2, state: 'submitted')} #a_traiter
+      let!(:dossier8) { create(:dossier, :with_user, procedure: procedure_admin_2, state: 'closed')} #termine
+      let!(:dossier9) { create(:dossier, :with_user, procedure: procedure_admin, state: 'closed')} #termine
+
 
       describe '#a_traiter' do
-        subject { described_class.a_traiter }
+        subject { described_class.a_traiter gestionnaire }
 
-        it { expect(subject.size).to eq(4) }
+        it { expect(subject.size).to eq(3) }
       end
 
       describe '#en_attente' do
-        subject { described_class.en_attente }
+        subject { described_class.en_attente gestionnaire }
 
-        it { expect(subject.size).to eq(2) }
+        it { expect(subject.size).to eq(1) }
       end
 
       describe '#termine' do
-        subject { described_class.termine }
+        subject { described_class.termine gestionnaire }
 
         it { expect(subject.size).to eq(1) }
       end

spec/views/backoffice/index.html.haml_spec.rb

@@ -1,16 +1,21 @@
 require 'spec_helper'
 
 describe 'backoffice/index.html.haml', type: :view do
-  let!(:procedure) { create(:procedure) }
+  let(:administrateur) { create(:administrateur) }
+  let(:gestionnaire) { create(:gestionnaire, administrateur: administrateur) }
+
+  let!(:procedure) { create(:procedure, administrateur: administrateur) }
   let!(:decorate_dossier) { create(:dossier, :with_user, procedure: procedure).decorate }
+
   before do
-    assign(:dossiers_a_traiter, Dossier.a_traiter.decorate)
+    assign(:dossiers_a_traiter, Dossier.a_traiter(gestionnaire).decorate)
-    assign(:dossiers_en_attente, Dossier.en_attente.decorate)
+    assign(:dossiers_en_attente, Dossier.en_attente(gestionnaire).decorate)
-    assign(:dossiers_termine, Dossier.termine.decorate)
+    assign(:dossiers_termine, Dossier.termine(gestionnaire).decorate)
 
     decorate_dossier.initiated!
     render
   end
+
   subject { rendered }
   it { is_expected.to have_css('#backoffice') }
   it { is_expected.to have_content(procedure.libelle) }