From 79d5fd935ac383eeed173bbbf67e69bbbd21bef2 Mon Sep 17 00:00:00 2001 From: Maxim Colls Date: Mon, 2 Nov 2020 15:41:21 +0100 Subject: [PATCH 1/3] Fix authorizations collection to be scped by organization --- .../verification/admin/authorizations_controller.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/app/controllers/decidim/direct_verifications/verification/admin/authorizations_controller.rb b/app/controllers/decidim/direct_verifications/verification/admin/authorizations_controller.rb index 9c92666..9cec560 100644 --- a/app/controllers/decidim/direct_verifications/verification/admin/authorizations_controller.rb +++ b/app/controllers/decidim/direct_verifications/verification/admin/authorizations_controller.rb @@ -22,7 +22,12 @@ def destroy private def collection - Decidim::Authorization.where(name: "direct_verifications").includes(:user) + # Decidim::Verifications::Authorizations Query + Decidim::Verifications::Authorizations.new( + organization: current_organization, + name: "direct_verifications", + granted: true + ).query end def authorization From 2f05e00734b8bfcb14e4b5b2a4377d2757468030 Mon Sep 17 00:00:00 2001 From: Maxim Colls Date: Wed, 4 Nov 2020 09:43:10 +0100 Subject: [PATCH 2/3] Fixed test --- .../admin/admin_manages_imported_authorizations_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/system/decidim/direct_verifications/admin/admin_manages_imported_authorizations_spec.rb b/spec/system/decidim/direct_verifications/admin/admin_manages_imported_authorizations_spec.rb index 3ca8563..551dada 100644 --- a/spec/system/decidim/direct_verifications/admin/admin_manages_imported_authorizations_spec.rb +++ b/spec/system/decidim/direct_verifications/admin/admin_manages_imported_authorizations_spec.rb @@ -6,7 +6,7 @@ let(:organization) { create(:organization) } let(:user) { create(:user, :admin, :confirmed, organization: organization) } - let!(:authorization) { create(:authorization, :direct_verification) } + let!(:authorization) { create(:authorization, :direct_verification, user: user) } let!(:non_direct_authorization) { create(:authorization) } let(:scope) { "decidim.direct_verifications.verification.admin" } From b79c6557502e9cc5d2e88912b5ab2a0881fbee20 Mon Sep 17 00:00:00 2001 From: Maxim Colls Date: Wed, 4 Nov 2020 09:49:30 +0100 Subject: [PATCH 3/3] Added test to cover unscoped authorizations --- .../admin/admin_manages_imported_authorizations_spec.rb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/spec/system/decidim/direct_verifications/admin/admin_manages_imported_authorizations_spec.rb b/spec/system/decidim/direct_verifications/admin/admin_manages_imported_authorizations_spec.rb index 551dada..fa6a778 100644 --- a/spec/system/decidim/direct_verifications/admin/admin_manages_imported_authorizations_spec.rb +++ b/spec/system/decidim/direct_verifications/admin/admin_manages_imported_authorizations_spec.rb @@ -5,8 +5,10 @@ describe "Admin manages imported authorizations", type: :system do let(:organization) { create(:organization) } let(:user) { create(:user, :admin, :confirmed, organization: organization) } + let(:out_of_scope_user) { create(:user, :confirmed) } let!(:authorization) { create(:authorization, :direct_verification, user: user) } + let!(:out_of_scope_authorization) { create(:authorization, :direct_verification, user: out_of_scope_user) } let!(:non_direct_authorization) { create(:authorization) } let(:scope) { "decidim.direct_verifications.verification.admin" } @@ -36,6 +38,7 @@ end expect(page).not_to have_content(non_direct_authorization.name) + expect(page).not_to have_content(out_of_scope_authorization.user.name) end it "lets users navigate to stats and new import" do