Add RolePermission creation on Role create (#4058)

* Initial commit * Remove Gemfile from commit * Rubocop * Remove service and add method in model * Fix specs * Move before block inside specs * Rubocop

Add RolePermission creation on Role create (#4058)
c54bc3ee · Samuel Couillard · GitHub · ee08501f · c54bc3ee · c54bc3ee
Unverified Commit c54bc3ee authored Nov 2, 2022 by Samuel Couillard Committed by GitHub Nov 2, 2022
--- a/app/controllers/api/v1/admin/roles_controller.rb
+++ b/app/controllers/api/v1/admin/roles_controller.rb
@@ -40,7 +40,7 @@ module Api
        # Does: Creates a role.

        def create
-          role = Role.new role_params.merge(provider: current_provider)
+          role = Role.new(name: role_params[:name], provider: current_provider)

          return render_error errors: role.errors.to_a, status: :bad_request unless role.save

@@ -67,6 +67,7 @@ module Api
          return render_error errors: @role.errors.to_a, status: :method_not_allowed if undeletable_roles.include?(@role.name)

          @role.destroy!
+
          render_data status: :ok
        end


--- a/app/models/role.rb
+++ b/app/models/role.rb
@@ -10,6 +10,8 @@ class Role < ApplicationRecord

  before_validation :set_random_color, on: :create

+  after_create :create_role_permissions
+
  scope :with_provider, ->(current_provider) { where(provider: current_provider) }

  def self.search(input)
@@ -18,6 +20,22 @@ class Role < ApplicationRecord
    all
  end

+  # Populate the Role Permissions with default values on Role creation.
+  # The created Role has the same permissions as the 'User' role
+  def create_role_permissions
+    Permission.all.find_each do |permission|
+      value = case permission.name
+              when 'CreateRoom', 'SharedList', 'CanRecord'
+                'true'
+              when 'RoomLimit'
+                '100'
+              else
+                'false'
+              end
+      RolePermission.create(role: self, permission:, value:)
+    end
+  end
+
  private

  def set_random_color

--- a/spec/controllers/admin/roles_controller_spec.rb
+++ b/spec/controllers/admin/roles_controller_spec.rb
@@ -119,6 +119,11 @@ RSpec.describe Api::V1::Admin::RolesController, type: :controller do
      expect(JSON.parse(response.body)['errors']).not_to be_empty
    end

+    it 'calls create_role_permissions on role' do
+      expect_any_instance_of(Role).to receive(:create_role_permissions)
+      post :create, params: { role: { name: 'Test Role' } }
+    end
+
    context 'user without ManageRoles permission' do
      before do
        sign_in_user(user)

--- a/spec/controllers/recordings_controller_spec.rb
+++ b/spec/controllers/recordings_controller_spec.rb
@@ -3,14 +3,15 @@
 require 'rails_helper'

 RSpec.describe Api::V1::RecordingsController, type: :controller do
-  let(:user) { create(:user) }
-  let(:user_with_manage_recordings_permission) { create(:user, :with_manage_recordings_permission) }
-
  before do
    request.headers['ACCEPT'] = 'application/json'
+    create_default_permissions
    sign_in_user(user)
  end

+  let(:user) { create(:user) }
+  let(:user_with_manage_recordings_permission) { create(:user, :with_manage_recordings_permission) }
+
  describe '#index' do
    it 'returns recordings ids that belong to current_user' do
      recordings = create_list(:recording, 5)

--- a/spec/controllers/rooms_controller_spec.rb
+++ b/spec/controllers/rooms_controller_spec.rb
@@ -3,15 +3,16 @@
 require 'rails_helper'

 RSpec.describe Api::V1::RoomsController, type: :controller do
-  let(:user) { create(:user) }
-  let(:user_with_manage_rooms_permission) { create(:user, :with_manage_rooms_permission) }
-  let(:user_with_manage_users_permission) { create(:user, :with_manage_users_permission) }
-
  before do
    request.headers['ACCEPT'] = 'application/json'
+    create_default_permissions
    sign_in_user(user)
  end

+  let(:user) { create(:user) }
+  let(:user_with_manage_rooms_permission) { create(:user, :with_manage_rooms_permission) }
+  let(:user_with_manage_users_permission) { create(:user, :with_manage_users_permission) }
+
  describe '#index' do
    it 'ids of rooms in response are matching room ids that belong to current_user' do
      shared_rooms = create_list(:room, 2)
@@ -211,7 +212,6 @@ RSpec.describe Api::V1::RoomsController, type: :controller do

    context 'user has reached the room limit set for their role' do
      it 'room is not created since room limit has been reached' do
-        user = create(:user)
        permission_id = user.role.permissions.find_by(name: 'RoomLimit').id
        user.role.role_permissions.find_by(permission_id:).update(value: '3')


--- a/spec/controllers/shared_accesses_controller_spec.rb
+++ b/spec/controllers/shared_accesses_controller_spec.rb
@@ -3,13 +3,14 @@
 require 'rails_helper'

 RSpec.describe Api::V1::SharedAccessesController, type: :controller do
-  let(:user) { create(:user) }
-
  before do
    request.headers['ACCEPT'] = 'application/json'
+    create_default_permissions
    sign_in_user(user)
  end

+  let(:user) { create(:user) }
+
  describe '#create' do
    it 'shares a room with a user' do
      room = create(:room)
@@ -73,36 +74,35 @@ RSpec.describe Api::V1::SharedAccessesController, type: :controller do
      expect(response).to have_http_status(:bad_request)
    end

-    it 'does not return the users without SharedList permission' do
+    it 'returns the users that the room can be shared to' do
      room = create(:room)
      room.shared_users = create_list(:user, 5)
      shareable_users = create_list(:user, 5, name: 'John Doe')
-      shareable_users << user

-      get :shareable_users, params: { friendly_id: room.friendly_id, search: 'John' }
+      get :shareable_users, params: { friendly_id: room.friendly_id, search: 'John Doe' }
      response_users_ids = JSON.parse(response.body)['data'].map { |user| user['id'] }
-      expect(response_users_ids).to match_array([])
+      expect(response_users_ids).to match_array(shareable_users.pluck(:id))
    end

-    context 'users with SharedList permission' do
-      it 'returns the users that the room can be shared to' do
+    it 'returns the shareable users according to the query' do
      room = create(:room)
-        room.shared_users = create_list(:user, 5, :with_shared_list_permission)
-        shareable_users = create_list(:user, 5, :with_shared_list_permission, name: 'John Doe')
+      room.shared_users = create_list(:user, 5)
+      shareable_users = create_list(:user, 5, name: 'Jane Doe')

-        get :shareable_users, params: { friendly_id: room.friendly_id, search: 'John' }
+      get :shareable_users, params: { friendly_id: room.friendly_id, search: 'Jane Doe' }
      response_users_ids = JSON.parse(response.body)['data'].map { |user| user['id'] }
      expect(response_users_ids).to match_array(shareable_users.pluck(:id))
    end

-      it 'returns the shareable users according to the query' do
+    context 'user without SharedList permission' do
+      it 'does not return the users without SharedList permission' do
        room = create(:room)
        room.shared_users = create_list(:user, 5)
-        shareable_users = create_list(:user, 5, :with_shared_list_permission, name: 'Jane Doe')
+        create(:user, :without_shared_list_permission, name: 'John Doe')

-        get :shareable_users, params: { friendly_id: room.friendly_id, search: 'Jane Doe' }
+        get :shareable_users, params: { friendly_id: room.friendly_id, search: 'John Doe' }
        response_users_ids = JSON.parse(response.body)['data'].map { |user| user['id'] }
-        expect(response_users_ids).to match_array(shareable_users.pluck(:id))
+        expect(response_users_ids).to match_array([])
      end
    end
  end

--- a/spec/factories/role_factory.rb
+++ b/spec/factories/role_factory.rb
@@ -2,7 +2,6 @@

 FactoryBot.define do
  factory :role do
-    # name { Faker::Lorem.unique.characters(number: 10).capitalize }
    name { Faker::Job.unique.title }
    provider { 'greenlight' }
  end

--- a/spec/factories/user_factory.rb
+++ b/spec/factories/user_factory.rb
@@ -12,14 +12,6 @@ FactoryBot.define do
    status { 0 }
    language { %w[en fr es ar].sample }

-    after(:create) do |user|
-      create(:role_permission, role: user.role, permission: create(:permission, name: 'CreateRoom'), value: 'true')
-    end
-
-    after(:create) do |user|
-      create(:role_permission, role: user.role, permission: create(:permission, name: 'RoomLimit'), value: '100')
-    end
-
    trait :with_manage_users_permission do
      after(:create) do |user|
        create(:role_permission, role: user.role, permission: create(:permission, name: 'ManageUsers'), value: 'true')
@@ -50,33 +42,21 @@ FactoryBot.define do
      end
    end

-    trait :with_shared_list_permission do
-      after(:create) do |user|
-        create(:role_permission, role: user.role, permission: create(:permission, name: 'SharedList'), value: 'true')
-      end
-    end
-
-    trait :can_record do
-      after(:create) do |user|
-        create(:role_permission, role: user.role, permission: create(:permission, name: 'CanRecord'), value: 'true')
-      end
-    end
-
-    trait :with_roomLimit_3_permission do
+    trait :without_shared_list_permission do
      after(:create) do |user|
-        create(:role_permission, role: user.role, permission: create(:permission, name: 'RoomLimit'), value: '3')
+        RolePermission.find_by(role: user.role, permission: Permission.find_by(name: 'SharedList')).update(value: 'false')
      end
    end

    trait :without_create_room_permission do
      after(:create) do |user|
-        create(:role_permission, role: user.role, permission: create(:permission, name: 'CreateRoom'), value: 'false')
+        RolePermission.find_by(role: user.role, permission: Permission.find_by(name: 'CreateRoom')).update(value: 'false')
      end
    end

-    trait :without_can_record do
+    trait :without_can_record_permission do
      after(:create) do |user|
-        create(:role_permission, role: user.role, permission: create(:permission, name: 'CanRecord'), value: 'false')
+        RolePermission.find_by(role: user.role, permission: Permission.find_by(name: 'CanRecord')).update(value: 'false')
      end
    end
  end

--- a/spec/helpers.rb
+++ b/spec/helpers.rb
@@ -4,4 +4,12 @@ module Helpers
  def sign_in_user(user)
    session[:session_token] = user.session_token
  end
+
+  # Populate the permissions that are enabled by default on the 'User' role and custom Roles
+  def create_default_permissions
+    create(:permission, name: 'CreateRoom')
+    create(:permission, name: 'CanRecord')
+    create(:permission, name: 'SharedList')
+    create(:permission, name: 'RoomLimit')
+  end
 end
--- a/spec/services/room_settings_getter_spec.rb
+++ b/spec/services/room_settings_getter_spec.rb
@@ -3,7 +3,11 @@
 require 'rails_helper'

 describe RoomSettingsGetter, type: :service do
-  let(:user) { create(:user, :can_record) }
+  before do
+    create_default_permissions
+  end
+
+  let(:user) { create(:user) }

  describe '#call' do
    context 'Normal room settings' do
@@ -211,7 +215,7 @@ describe RoomSettingsGetter, type: :service do
        context ':room_configuration infer_can_record cases' do
          it 'room_setting record value changes to false if room_configuration record value is optional and CanRecord permission is set to false' do
            room = create(:room)
-            user = create(:user, :without_can_record)
+            user = create(:user, :without_can_record_permission)
            setting1 = create(:meeting_option, name: 'record')

            create(:room_meeting_option, room:, meeting_option: setting1, value: 'true')