Skip to content
Snippets Groups Projects
Unverified Commit c54bc3ee authored by Samuel Couillard's avatar Samuel Couillard Committed by GitHub
Browse files

Add RolePermission creation on Role create (#4058)

* Initial commit

* Remove Gemfile from commit

* Rubocop

* Remove service and add method in model

* Fix specs

* Move before block inside specs

* Rubocop
parent ee08501f
Branches
Tags
No related merge requests found
...@@ -40,7 +40,7 @@ module Api ...@@ -40,7 +40,7 @@ module Api
# Does: Creates a role. # Does: Creates a role.
def create def create
role = Role.new role_params.merge(provider: current_provider) role = Role.new(name: role_params[:name], provider: current_provider)
return render_error errors: role.errors.to_a, status: :bad_request unless role.save return render_error errors: role.errors.to_a, status: :bad_request unless role.save
...@@ -67,6 +67,7 @@ module Api ...@@ -67,6 +67,7 @@ module Api
return render_error errors: @role.errors.to_a, status: :method_not_allowed if undeletable_roles.include?(@role.name) return render_error errors: @role.errors.to_a, status: :method_not_allowed if undeletable_roles.include?(@role.name)
@role.destroy! @role.destroy!
render_data status: :ok render_data status: :ok
end end
......
...@@ -10,6 +10,8 @@ class Role < ApplicationRecord ...@@ -10,6 +10,8 @@ class Role < ApplicationRecord
before_validation :set_random_color, on: :create before_validation :set_random_color, on: :create
after_create :create_role_permissions
scope :with_provider, ->(current_provider) { where(provider: current_provider) } scope :with_provider, ->(current_provider) { where(provider: current_provider) }
def self.search(input) def self.search(input)
...@@ -18,6 +20,22 @@ class Role < ApplicationRecord ...@@ -18,6 +20,22 @@ class Role < ApplicationRecord
all all
end end
# Populate the Role Permissions with default values on Role creation.
# The created Role has the same permissions as the 'User' role
def create_role_permissions
Permission.all.find_each do |permission|
value = case permission.name
when 'CreateRoom', 'SharedList', 'CanRecord'
'true'
when 'RoomLimit'
'100'
else
'false'
end
RolePermission.create(role: self, permission:, value:)
end
end
private private
def set_random_color def set_random_color
......
...@@ -119,6 +119,11 @@ RSpec.describe Api::V1::Admin::RolesController, type: :controller do ...@@ -119,6 +119,11 @@ RSpec.describe Api::V1::Admin::RolesController, type: :controller do
expect(JSON.parse(response.body)['errors']).not_to be_empty expect(JSON.parse(response.body)['errors']).not_to be_empty
end end
it 'calls create_role_permissions on role' do
expect_any_instance_of(Role).to receive(:create_role_permissions)
post :create, params: { role: { name: 'Test Role' } }
end
context 'user without ManageRoles permission' do context 'user without ManageRoles permission' do
before do before do
sign_in_user(user) sign_in_user(user)
......
...@@ -3,14 +3,15 @@ ...@@ -3,14 +3,15 @@
require 'rails_helper' require 'rails_helper'
RSpec.describe Api::V1::RecordingsController, type: :controller do RSpec.describe Api::V1::RecordingsController, type: :controller do
let(:user) { create(:user) }
let(:user_with_manage_recordings_permission) { create(:user, :with_manage_recordings_permission) }
before do before do
request.headers['ACCEPT'] = 'application/json' request.headers['ACCEPT'] = 'application/json'
create_default_permissions
sign_in_user(user) sign_in_user(user)
end end
let(:user) { create(:user) }
let(:user_with_manage_recordings_permission) { create(:user, :with_manage_recordings_permission) }
describe '#index' do describe '#index' do
it 'returns recordings ids that belong to current_user' do it 'returns recordings ids that belong to current_user' do
recordings = create_list(:recording, 5) recordings = create_list(:recording, 5)
......
...@@ -3,15 +3,16 @@ ...@@ -3,15 +3,16 @@
require 'rails_helper' require 'rails_helper'
RSpec.describe Api::V1::RoomsController, type: :controller do RSpec.describe Api::V1::RoomsController, type: :controller do
let(:user) { create(:user) }
let(:user_with_manage_rooms_permission) { create(:user, :with_manage_rooms_permission) }
let(:user_with_manage_users_permission) { create(:user, :with_manage_users_permission) }
before do before do
request.headers['ACCEPT'] = 'application/json' request.headers['ACCEPT'] = 'application/json'
create_default_permissions
sign_in_user(user) sign_in_user(user)
end end
let(:user) { create(:user) }
let(:user_with_manage_rooms_permission) { create(:user, :with_manage_rooms_permission) }
let(:user_with_manage_users_permission) { create(:user, :with_manage_users_permission) }
describe '#index' do describe '#index' do
it 'ids of rooms in response are matching room ids that belong to current_user' do it 'ids of rooms in response are matching room ids that belong to current_user' do
shared_rooms = create_list(:room, 2) shared_rooms = create_list(:room, 2)
...@@ -211,7 +212,6 @@ RSpec.describe Api::V1::RoomsController, type: :controller do ...@@ -211,7 +212,6 @@ RSpec.describe Api::V1::RoomsController, type: :controller do
context 'user has reached the room limit set for their role' do context 'user has reached the room limit set for their role' do
it 'room is not created since room limit has been reached' do it 'room is not created since room limit has been reached' do
user = create(:user)
permission_id = user.role.permissions.find_by(name: 'RoomLimit').id permission_id = user.role.permissions.find_by(name: 'RoomLimit').id
user.role.role_permissions.find_by(permission_id:).update(value: '3') user.role.role_permissions.find_by(permission_id:).update(value: '3')
......
...@@ -3,13 +3,14 @@ ...@@ -3,13 +3,14 @@
require 'rails_helper' require 'rails_helper'
RSpec.describe Api::V1::SharedAccessesController, type: :controller do RSpec.describe Api::V1::SharedAccessesController, type: :controller do
let(:user) { create(:user) }
before do before do
request.headers['ACCEPT'] = 'application/json' request.headers['ACCEPT'] = 'application/json'
create_default_permissions
sign_in_user(user) sign_in_user(user)
end end
let(:user) { create(:user) }
describe '#create' do describe '#create' do
it 'shares a room with a user' do it 'shares a room with a user' do
room = create(:room) room = create(:room)
...@@ -73,36 +74,35 @@ RSpec.describe Api::V1::SharedAccessesController, type: :controller do ...@@ -73,36 +74,35 @@ RSpec.describe Api::V1::SharedAccessesController, type: :controller do
expect(response).to have_http_status(:bad_request) expect(response).to have_http_status(:bad_request)
end end
it 'does not return the users without SharedList permission' do it 'returns the users that the room can be shared to' do
room = create(:room) room = create(:room)
room.shared_users = create_list(:user, 5) room.shared_users = create_list(:user, 5)
shareable_users = create_list(:user, 5, name: 'John Doe') shareable_users = create_list(:user, 5, name: 'John Doe')
shareable_users << user
get :shareable_users, params: { friendly_id: room.friendly_id, search: 'John' } get :shareable_users, params: { friendly_id: room.friendly_id, search: 'John Doe' }
response_users_ids = JSON.parse(response.body)['data'].map { |user| user['id'] } response_users_ids = JSON.parse(response.body)['data'].map { |user| user['id'] }
expect(response_users_ids).to match_array([]) expect(response_users_ids).to match_array(shareable_users.pluck(:id))
end end
context 'users with SharedList permission' do it 'returns the shareable users according to the query' do
it 'returns the users that the room can be shared to' do
room = create(:room) room = create(:room)
room.shared_users = create_list(:user, 5, :with_shared_list_permission) room.shared_users = create_list(:user, 5)
shareable_users = create_list(:user, 5, :with_shared_list_permission, name: 'John Doe') shareable_users = create_list(:user, 5, name: 'Jane Doe')
get :shareable_users, params: { friendly_id: room.friendly_id, search: 'John' } get :shareable_users, params: { friendly_id: room.friendly_id, search: 'Jane Doe' }
response_users_ids = JSON.parse(response.body)['data'].map { |user| user['id'] } response_users_ids = JSON.parse(response.body)['data'].map { |user| user['id'] }
expect(response_users_ids).to match_array(shareable_users.pluck(:id)) expect(response_users_ids).to match_array(shareable_users.pluck(:id))
end end
it 'returns the shareable users according to the query' do context 'user without SharedList permission' do
it 'does not return the users without SharedList permission' do
room = create(:room) room = create(:room)
room.shared_users = create_list(:user, 5) room.shared_users = create_list(:user, 5)
shareable_users = create_list(:user, 5, :with_shared_list_permission, name: 'Jane Doe') create(:user, :without_shared_list_permission, name: 'John Doe')
get :shareable_users, params: { friendly_id: room.friendly_id, search: 'Jane Doe' } get :shareable_users, params: { friendly_id: room.friendly_id, search: 'John Doe' }
response_users_ids = JSON.parse(response.body)['data'].map { |user| user['id'] } response_users_ids = JSON.parse(response.body)['data'].map { |user| user['id'] }
expect(response_users_ids).to match_array(shareable_users.pluck(:id)) expect(response_users_ids).to match_array([])
end end
end end
end end
......
...@@ -2,7 +2,6 @@ ...@@ -2,7 +2,6 @@
FactoryBot.define do FactoryBot.define do
factory :role do factory :role do
# name { Faker::Lorem.unique.characters(number: 10).capitalize }
name { Faker::Job.unique.title } name { Faker::Job.unique.title }
provider { 'greenlight' } provider { 'greenlight' }
end end
......
...@@ -12,14 +12,6 @@ FactoryBot.define do ...@@ -12,14 +12,6 @@ FactoryBot.define do
status { 0 } status { 0 }
language { %w[en fr es ar].sample } language { %w[en fr es ar].sample }
after(:create) do |user|
create(:role_permission, role: user.role, permission: create(:permission, name: 'CreateRoom'), value: 'true')
end
after(:create) do |user|
create(:role_permission, role: user.role, permission: create(:permission, name: 'RoomLimit'), value: '100')
end
trait :with_manage_users_permission do trait :with_manage_users_permission do
after(:create) do |user| after(:create) do |user|
create(:role_permission, role: user.role, permission: create(:permission, name: 'ManageUsers'), value: 'true') create(:role_permission, role: user.role, permission: create(:permission, name: 'ManageUsers'), value: 'true')
...@@ -50,33 +42,21 @@ FactoryBot.define do ...@@ -50,33 +42,21 @@ FactoryBot.define do
end end
end end
trait :with_shared_list_permission do trait :without_shared_list_permission do
after(:create) do |user|
create(:role_permission, role: user.role, permission: create(:permission, name: 'SharedList'), value: 'true')
end
end
trait :can_record do
after(:create) do |user|
create(:role_permission, role: user.role, permission: create(:permission, name: 'CanRecord'), value: 'true')
end
end
trait :with_roomLimit_3_permission do
after(:create) do |user| after(:create) do |user|
create(:role_permission, role: user.role, permission: create(:permission, name: 'RoomLimit'), value: '3') RolePermission.find_by(role: user.role, permission: Permission.find_by(name: 'SharedList')).update(value: 'false')
end end
end end
trait :without_create_room_permission do trait :without_create_room_permission do
after(:create) do |user| after(:create) do |user|
create(:role_permission, role: user.role, permission: create(:permission, name: 'CreateRoom'), value: 'false') RolePermission.find_by(role: user.role, permission: Permission.find_by(name: 'CreateRoom')).update(value: 'false')
end end
end end
trait :without_can_record do trait :without_can_record_permission do
after(:create) do |user| after(:create) do |user|
create(:role_permission, role: user.role, permission: create(:permission, name: 'CanRecord'), value: 'false') RolePermission.find_by(role: user.role, permission: Permission.find_by(name: 'CanRecord')).update(value: 'false')
end end
end end
end end
......
...@@ -4,4 +4,12 @@ module Helpers ...@@ -4,4 +4,12 @@ module Helpers
def sign_in_user(user) def sign_in_user(user)
session[:session_token] = user.session_token session[:session_token] = user.session_token
end end
# Populate the permissions that are enabled by default on the 'User' role and custom Roles
def create_default_permissions
create(:permission, name: 'CreateRoom')
create(:permission, name: 'CanRecord')
create(:permission, name: 'SharedList')
create(:permission, name: 'RoomLimit')
end
end end
...@@ -3,7 +3,11 @@ ...@@ -3,7 +3,11 @@
require 'rails_helper' require 'rails_helper'
describe RoomSettingsGetter, type: :service do describe RoomSettingsGetter, type: :service do
let(:user) { create(:user, :can_record) } before do
create_default_permissions
end
let(:user) { create(:user) }
describe '#call' do describe '#call' do
context 'Normal room settings' do context 'Normal room settings' do
...@@ -211,7 +215,7 @@ describe RoomSettingsGetter, type: :service do ...@@ -211,7 +215,7 @@ describe RoomSettingsGetter, type: :service do
context ':room_configuration infer_can_record cases' do context ':room_configuration infer_can_record cases' do
it 'room_setting record value changes to false if room_configuration record value is optional and CanRecord permission is set to false' do it 'room_setting record value changes to false if room_configuration record value is optional and CanRecord permission is set to false' do
room = create(:room) room = create(:room)
user = create(:user, :without_can_record) user = create(:user, :without_can_record_permission)
setting1 = create(:meeting_option, name: 'record') setting1 = create(:meeting_option, name: 'record')
create(:room_meeting_option, room:, meeting_option: setting1, value: 'true') create(:room_meeting_option, room:, meeting_option: setting1, value: 'true')
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment