move recruiter to admin/candidate
This commit is contained in:
parent
47d7188a2f
commit
9078c463f4
70
app/controllers/admin/candidate_controller.rb
Normal file
70
app/controllers/admin/candidate_controller.rb
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
module Admin
|
||||||
|
class CandidateController < AdminController
|
||||||
|
before_action :collect_quizzes, except: [:login, :auth]
|
||||||
|
|
||||||
|
def index
|
||||||
|
@candidates = policy_scope current_recruiter.candidates
|
||||||
|
end
|
||||||
|
|
||||||
|
def new
|
||||||
|
authorize Candidate
|
||||||
|
@candidate = Candidate.new
|
||||||
|
render :new
|
||||||
|
end
|
||||||
|
|
||||||
|
def create
|
||||||
|
authorize Candidate
|
||||||
|
@candidate = Candidate.create(candidate_params.merge(recruiter_id: current_recruiter.id))
|
||||||
|
|
||||||
|
if @candidate.persisted?
|
||||||
|
send_notifications @candidate
|
||||||
|
redirect_to admin_candidate_path,
|
||||||
|
flash: { success: "Sucessfully created candidate #{@candidate.name}" }
|
||||||
|
else
|
||||||
|
flash[:error] = "Failed to save candidate."
|
||||||
|
render :new
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def edit
|
||||||
|
authorize Candidate
|
||||||
|
@candidate = Candidate.find_by(id: params[:id])
|
||||||
|
end
|
||||||
|
|
||||||
|
def update
|
||||||
|
authorize Candidate
|
||||||
|
@candidate = Candidate.find_by(id: params[:id])
|
||||||
|
@candidate.update(candidate_params)
|
||||||
|
|
||||||
|
if @candidate.save
|
||||||
|
redirect_to admin_candidate_path, flash: { success: "#{@candidate.name} updated!" }
|
||||||
|
else
|
||||||
|
flash[:error] = "Failed to save candidate."
|
||||||
|
render :edit
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def resend_welcome
|
||||||
|
authorize Candidate
|
||||||
|
candidate = Candidate.find_by(id: params[:id])
|
||||||
|
CandidateMailer.welcome(candidate).deliver_later
|
||||||
|
render json: { message: "Email queued!" }.to_json
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def candidate_params
|
||||||
|
params.require(:candidate).permit(:name, :email, :experience, :quiz_id)
|
||||||
|
end
|
||||||
|
|
||||||
|
def collect_quizzes
|
||||||
|
@quizzes ||= Quiz.order(:name)
|
||||||
|
end
|
||||||
|
|
||||||
|
def send_notifications candidate
|
||||||
|
CandidateMailer.welcome(candidate).deliver_later
|
||||||
|
RecruiterMailer.candidate_created(candidate).deliver_later
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
@ -1,80 +0,0 @@
|
|||||||
# frozen_string_literal: true
|
|
||||||
class RecruiterController < ApplicationController
|
|
||||||
before_action :authorize_recruiter, except: [:login, :auth]
|
|
||||||
before_action :collect_quizzes, except: [:login, :auth]
|
|
||||||
|
|
||||||
def index
|
|
||||||
@candidates = current_recruiter.candidates
|
|
||||||
end
|
|
||||||
|
|
||||||
def new
|
|
||||||
@candidate = Candidate.new
|
|
||||||
render :new
|
|
||||||
end
|
|
||||||
|
|
||||||
def create
|
|
||||||
@candidate = Candidate.create(candidate_params.merge(recruiter_id: current_recruiter.id))
|
|
||||||
|
|
||||||
if @candidate.persisted?
|
|
||||||
CandidateMailer.welcome(@candidate).deliver_later
|
|
||||||
RecruiterMailer.candidate_created(@candidate).deliver_later
|
|
||||||
redirect_to recruiter_path, flash: { success: "Sucessfully created candidate #{@candidate.name}" }
|
|
||||||
else
|
|
||||||
flash[:error] = "Failed to save candidate."
|
|
||||||
render :new
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def edit
|
|
||||||
@candidate = Candidate.find_by(id: params[:id])
|
|
||||||
end
|
|
||||||
|
|
||||||
def update
|
|
||||||
@candidate = Candidate.find_by(id: params[:id])
|
|
||||||
@candidate.update(candidate_params)
|
|
||||||
|
|
||||||
if @candidate.save
|
|
||||||
redirect_to recruiter_path, flash: { success: "#{@candidate.name} updated!" }
|
|
||||||
else
|
|
||||||
flash[:error] = "Failed to save candidate."
|
|
||||||
render :edit
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def login
|
|
||||||
redirect_to recruiter_path unless current_recruiter.nil?
|
|
||||||
end
|
|
||||||
|
|
||||||
def auth
|
|
||||||
recruiter = User.find_by(email: auth_params[:email], role: %w(admin recruiter))
|
|
||||||
|
|
||||||
if recruiter && recruiter.authenticate(auth_params[:password])
|
|
||||||
session[:user] = recruiter.to_i
|
|
||||||
redirect_to recruiter_path
|
|
||||||
else
|
|
||||||
redirect_to recruiter_login_path,
|
|
||||||
flash: { error: "Sorry, incorrect email or password. Please try again." }
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def logout
|
|
||||||
reset_session
|
|
||||||
redirect_to recruiter_login_path
|
|
||||||
end
|
|
||||||
|
|
||||||
def resend_welcome
|
|
||||||
candidate = Candidate.find_by(id: params[:id])
|
|
||||||
CandidateMailer.welcome(candidate).deliver_later
|
|
||||||
render json: { message: "Email queued!" }.to_json
|
|
||||||
end
|
|
||||||
|
|
||||||
private
|
|
||||||
|
|
||||||
def candidate_params
|
|
||||||
params.require(:candidate).permit(:name, :email, :experience, :quiz_id)
|
|
||||||
end
|
|
||||||
|
|
||||||
def collect_quizzes
|
|
||||||
@quizzes ||= Quiz.order(:name)
|
|
||||||
end
|
|
||||||
end
|
|
@ -20,7 +20,15 @@ class User < ApplicationRecord
|
|||||||
'admin' == role
|
'admin' == role
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def acts_as_admin?
|
||||||
|
'admin' == role
|
||||||
|
end
|
||||||
|
|
||||||
def manager?
|
def manager?
|
||||||
|
'manager' == role
|
||||||
|
end
|
||||||
|
|
||||||
|
def acts_as_manager?
|
||||||
%w(admin manager).include? role
|
%w(admin manager).include? role
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -28,10 +36,18 @@ class User < ApplicationRecord
|
|||||||
'recruiter' == role
|
'recruiter' == role
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def acts_as_recruiter?
|
||||||
|
%w(admin recruiter).include? role
|
||||||
|
end
|
||||||
|
|
||||||
def reviewer?
|
def reviewer?
|
||||||
'reviewer' == role
|
'reviewer' == role
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def acts_as_reviewer?
|
||||||
|
%w(admin reviewer).include? role
|
||||||
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def gen_reset_token
|
def gen_reset_token
|
||||||
|
33
app/policies/candidate_policy.rb
Normal file
33
app/policies/candidate_policy.rb
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
class CandidatePolicy < ApplicationPolicy
|
||||||
|
# Candidate Access Policy
|
||||||
|
#
|
||||||
|
# Only Recruiters and Admins can view, create, or update, candidates
|
||||||
|
|
||||||
|
def index?
|
||||||
|
user.acts_as_recruiter?
|
||||||
|
end
|
||||||
|
|
||||||
|
def view?
|
||||||
|
user.acts_as_recruiter?
|
||||||
|
end
|
||||||
|
|
||||||
|
def create?
|
||||||
|
user.acts_as_recruiter?
|
||||||
|
end
|
||||||
|
|
||||||
|
def update?
|
||||||
|
user.acts_as_recruiter?
|
||||||
|
end
|
||||||
|
|
||||||
|
def resend_welcome?
|
||||||
|
user.acts_as_recruiter?
|
||||||
|
end
|
||||||
|
|
||||||
|
class Scope < Scope
|
||||||
|
def resolve
|
||||||
|
return scope if user.acts_as_recruiter?
|
||||||
|
raise Pundit::NotAuthorizedError, "No Access to Resource"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
@ -8,27 +8,27 @@ class QuestionPolicy < ApplicationPolicy
|
|||||||
|
|
||||||
def view?
|
def view?
|
||||||
return false if user.recruiter?
|
return false if user.recruiter?
|
||||||
return true if user.admin? || user.manager?
|
return true if user.acts_as_manager?
|
||||||
user.quizzes.include? record.quiz
|
user.quizzes.include? record.quiz
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def options?
|
||||||
|
view?
|
||||||
|
end
|
||||||
|
|
||||||
def create?
|
def create?
|
||||||
user.manager? || user.admin?
|
user.acts_as_manager?
|
||||||
end
|
end
|
||||||
|
|
||||||
def update?
|
def update?
|
||||||
user.manager? || user.admin?
|
user.acts_as_manager?
|
||||||
end
|
|
||||||
|
|
||||||
def options?
|
|
||||||
!user.recruiter?
|
|
||||||
end
|
end
|
||||||
|
|
||||||
class Scope < Scope
|
class Scope < Scope
|
||||||
def resolve
|
def resolve
|
||||||
raise(Pundit::NotAuthorizedError, 'No Access to resource.') if user.recruiter?
|
raise(Pundit::NotAuthorizedError, 'No Access to resource.') if user.recruiter?
|
||||||
|
|
||||||
if user.admin? || user.manager?
|
if user.acts_as_manager?
|
||||||
scope
|
scope
|
||||||
else
|
else
|
||||||
scope.where(quiz_id: user.quizzes.map(&:id))
|
scope.where(quiz_id: user.quizzes.map(&:id))
|
||||||
|
@ -11,16 +11,16 @@ class QuizPolicy < ApplicationPolicy
|
|||||||
end
|
end
|
||||||
|
|
||||||
def view?
|
def view?
|
||||||
return true if user.admin? || user.manager?
|
return true if user.acts_as_manager?
|
||||||
user.quizzes.include? record
|
user.quizzes.include? record
|
||||||
end
|
end
|
||||||
|
|
||||||
def create?
|
def create?
|
||||||
user.manager? || user.admin?
|
user.acts_as_manager?
|
||||||
end
|
end
|
||||||
|
|
||||||
def update?
|
def update?
|
||||||
user.manager? || user.admin?
|
user.acts_as_manager?
|
||||||
end
|
end
|
||||||
|
|
||||||
class Scope < Scope
|
class Scope < Scope
|
||||||
|
@ -6,29 +6,29 @@ class UserPolicy < ApplicationPolicy
|
|||||||
# All other users can only access themselves (profile interface)
|
# All other users can only access themselves (profile interface)
|
||||||
|
|
||||||
def index?
|
def index?
|
||||||
user.admin?
|
user.acts_as_admin?
|
||||||
end
|
end
|
||||||
|
|
||||||
def view?
|
def view?
|
||||||
user.admin? || user == record
|
user.acts_as_admin? || user == record
|
||||||
end
|
end
|
||||||
|
|
||||||
def create?
|
def create?
|
||||||
user.admin?
|
user.acts_as_admin?
|
||||||
end
|
end
|
||||||
|
|
||||||
def update?
|
def update?
|
||||||
user.admin? || user == record
|
user.acts_as_admin? || user == record
|
||||||
end
|
end
|
||||||
|
|
||||||
def permitted_attributes
|
def permitted_attributes
|
||||||
return [:name, :email, :role, :password, quiz_ids: []] if user.admin?
|
return [:name, :email, :role, :password, quiz_ids: []] if user.acts_as_admin?
|
||||||
[:name, :email, :password, :password_confirmation]
|
[:name, :email, :password, :password_confirmation]
|
||||||
end
|
end
|
||||||
|
|
||||||
class Scope < Scope
|
class Scope < Scope
|
||||||
def resolve
|
def resolve
|
||||||
return scope if user.admin?
|
return scope if user.acts_as_admin?
|
||||||
scope.where(id: user.id)
|
scope.where(id: user.id)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
6
app/views/admin/candidate/edit.html.erb
Normal file
6
app/views/admin/candidate/edit.html.erb
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
<main class="intro_tpl">
|
||||||
|
<h1>Edit: <%= @candidate.name %></h1>
|
||||||
|
<p><strong>Test ID: </strong><%= @candidate.test_hash %></p>
|
||||||
|
|
||||||
|
<%= render partial: 'form', locals: { action: admin_update_candidate_path(@candidate.id), candidate: @candidate, quizzes: @quizzes } %>
|
||||||
|
</main>
|
@ -1,7 +1,7 @@
|
|||||||
<main class="summary_tpl">
|
<main class="summary_tpl">
|
||||||
<h1>Candidates</h1>
|
<h1>Candidates</h1>
|
||||||
|
|
||||||
<%= link_to(new_candidate_path, { class: 'secondary-btn' }) do %>
|
<%= link_to(admin_new_candidate_path, { class: 'secondary-btn' }) do %>
|
||||||
<button>Create New Candidate</button>
|
<button>Create New Candidate</button>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
@ -18,12 +18,12 @@
|
|||||||
|
|
||||||
<% @candidates.each do |candidate| %>
|
<% @candidates.each do |candidate| %>
|
||||||
<tr>
|
<tr>
|
||||||
<td><%= link_to candidate.name, edit_candidate_path(candidate.id) %></td>
|
<td><%= link_to candidate.name, admin_edit_candidate_path(candidate.id) %></td>
|
||||||
<td><%= candidate.test_hash %></td>
|
<td><%= candidate.test_hash %></td>
|
||||||
<td>
|
<td>
|
||||||
<%= mail_to(candidate.email) %>
|
<%= mail_to(candidate.email) %>
|
||||||
<br />
|
<br />
|
||||||
<%= link_to "resend welcome email", resend_welcome_path(candidate.id), remote: true, class: '', data: { id: 'ajax-action' } %>
|
<%= link_to "resend welcome email", admin_resend_welcome_path(candidate.id), remote: true, class: '', data: { id: 'ajax-action' } %>
|
||||||
</td>
|
</td>
|
||||||
<td><%= candidate.experience %> years</td>
|
<td><%= candidate.experience %> years</td>
|
||||||
<td><%= candidate.status %></td>
|
<td><%= candidate.status %></td>
|
6
app/views/admin/candidate/new.html.erb
Normal file
6
app/views/admin/candidate/new.html.erb
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
<main class="intro_tpl">
|
||||||
|
<h1>New Candidate</h1>
|
||||||
|
|
||||||
|
<%= render partial: 'form', locals:
|
||||||
|
{ action: admin_create_candidate_path, candidate: @candidate, quizzes: @quizzes } %>
|
||||||
|
</main>
|
@ -1,6 +0,0 @@
|
|||||||
<main class="intro_tpl">
|
|
||||||
<h1>Edit: <%= @candidate.name %></h1>
|
|
||||||
<p><strong>Test ID: </strong><%= @candidate.test_hash %></p>
|
|
||||||
|
|
||||||
<%= render partial: 'form', locals: { action: update_candidate_path(@candidate.id), candidate: @candidate, quizzes: @quizzes } %>
|
|
||||||
</main>
|
|
@ -1,21 +0,0 @@
|
|||||||
<main class="intro_tpl">
|
|
||||||
<h1>Recruiter Login</h1>
|
|
||||||
|
|
||||||
<% if flash[:error].present? %>
|
|
||||||
<div class="error"><%= flash[:error] %></div>
|
|
||||||
<% end %>
|
|
||||||
|
|
||||||
<%= form_for :auth, url: recruiter_login_path do |form| %>
|
|
||||||
<div class="form-group">
|
|
||||||
<%= form.label :email %>
|
|
||||||
<%= form.email_field :email %>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<%= form.label :password %>
|
|
||||||
<%= form.password_field :password %>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<%= submit_tag "Log in" %>
|
|
||||||
<% end %>
|
|
||||||
</main>
|
|
@ -1,6 +0,0 @@
|
|||||||
<main class="intro_tpl">
|
|
||||||
<h1>New Candidate</h1>
|
|
||||||
|
|
||||||
<%= render partial: 'form', locals:
|
|
||||||
{ action: create_candidate_path, candidate: @candidate, quizzes: @quizzes } %>
|
|
||||||
</main>
|
|
@ -1,5 +1,8 @@
|
|||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
Rails.application.routes.draw do
|
Rails.application.routes.draw do
|
||||||
|
get "/styleguide", to: "application#styleguide", as: :styleguide
|
||||||
|
get "/admin/styleguide", to: "application#styleguide"
|
||||||
|
|
||||||
post "/admin/login", to: "admin/auth#auth", as: :admin_auth
|
post "/admin/login", to: "admin/auth#auth", as: :admin_auth
|
||||||
get "/admin/login", to: "admin/auth#login", as: :admin_login
|
get "/admin/login", to: "admin/auth#login", as: :admin_login
|
||||||
get "/admin/logout", to: "admin/auth#logout", as: :admin_logout
|
get "/admin/logout", to: "admin/auth#logout", as: :admin_logout
|
||||||
@ -37,6 +40,19 @@ Rails.application.routes.draw do
|
|||||||
post "/admin/profile", to: "admin/profile#update", as: :admin_update_profile
|
post "/admin/profile", to: "admin/profile#update", as: :admin_update_profile
|
||||||
get "/admin/profile/edit", to: "admin/profile#edit", as: :admin_edit_profile
|
get "/admin/profile/edit", to: "admin/profile#edit", as: :admin_edit_profile
|
||||||
|
|
||||||
|
get "/admin/candidate", to: "admin/candidate#index", as: :admin_candidate
|
||||||
|
get "/admin/candidate/new", to: "admin/candidate#new", as: :admin_new_candidate
|
||||||
|
post "/admin/candidate/new", to: "admin/candidate#create", as: :admin_create_candidate
|
||||||
|
get "/admin/candidate/:id", to: "admin/candidate#edit", as: :admin_edit_candidate
|
||||||
|
post "/admin/candidate/:id", to: "admin/candidate#update", as: :admin_update_candidate
|
||||||
|
get "/admin/candidate/:id/resend", to: "admin/candidate#resend_welcome", as: :admin_resend_welcome
|
||||||
|
|
||||||
|
get "/review/logout", to: "review#logout", as: :review_logout
|
||||||
|
post "/review/login", to: "review#auth", as: :review_auth
|
||||||
|
get "/review/login", to: "review#login", as: :review_login
|
||||||
|
get "/review", to: "review#index", as: :review
|
||||||
|
get "/review/:test_hash", to: "review#view", as: :review_test
|
||||||
|
|
||||||
get "/admin", to: "admin/dashboard#show", as: :admin
|
get "/admin", to: "admin/dashboard#show", as: :admin
|
||||||
|
|
||||||
#########################################################################################
|
#########################################################################################
|
||||||
@ -46,7 +62,6 @@ Rails.application.routes.draw do
|
|||||||
get "/welcome", to: "candidate#welcome", as: :welcome
|
get "/welcome", to: "candidate#welcome", as: :welcome
|
||||||
get "/saved", to: "candidate#saved", as: :saved
|
get "/saved", to: "candidate#saved", as: :saved
|
||||||
get "/thankyou", to: "candidate#thankyou", as: :thankyou
|
get "/thankyou", to: "candidate#thankyou", as: :thankyou
|
||||||
|
|
||||||
get "/oops", to: "candidate#oops", as: :oops
|
get "/oops", to: "candidate#oops", as: :oops
|
||||||
|
|
||||||
post "/question(/:answer_id)", to: "quiz#update_answer", as: :post_answer
|
post "/question(/:answer_id)", to: "quiz#update_answer", as: :post_answer
|
||||||
@ -54,25 +69,6 @@ Rails.application.routes.draw do
|
|||||||
post "/summary", to: "quiz#submit_summary", as: :post_summary
|
post "/summary", to: "quiz#submit_summary", as: :post_summary
|
||||||
get "/summary", to: "quiz#summary", as: :summary
|
get "/summary", to: "quiz#summary", as: :summary
|
||||||
|
|
||||||
get "/review/logout", to: "review#logout", as: :review_logout
|
|
||||||
post "/review/login", to: "review#auth", as: :review_auth
|
|
||||||
get "/review/login", to: "review#login", as: :review_login
|
|
||||||
get "/review", to: "review#index", as: :review
|
|
||||||
get "/review/:test_hash", to: "review#view", as: :review_test
|
|
||||||
|
|
||||||
get "/resend/welcome/:id", to: "recruiter#resend_welcome", as: :resend_welcome
|
|
||||||
|
|
||||||
get "/recruiter", to: "recruiter#index", as: :recruiter
|
|
||||||
get "/recruiter/candidate", to: "recruiter#new", as: :new_candidate
|
|
||||||
post "/recruiter/candidate", to: "recruiter#create", as: :create_candidate
|
|
||||||
get "/recruiter/candidate/:id", to: "recruiter#edit", as: :edit_candidate
|
|
||||||
post "/recruiter/candidate/:id", to: "recruiter#update", as: :update_candidate
|
|
||||||
get "/recruiter/logout", to: "recruiter#logout", as: :recruiter_logout
|
|
||||||
get "/recruiter/login", to: "recruiter#login", as: :recruiter_login
|
|
||||||
post "/recruiter/login", to: "recruiter#auth", as: :recruiter_auth
|
|
||||||
|
|
||||||
get "/styleguide", to: "application#styleguide", as: :styleguide
|
|
||||||
|
|
||||||
root to: "candidate#login"
|
root to: "candidate#login"
|
||||||
|
|
||||||
# For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
|
# For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
|
||||||
|
31
test/controllers/admin/candidate_controller/index_test.rb
Normal file
31
test/controllers/admin/candidate_controller/index_test.rb
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
require 'test_helper'
|
||||||
|
|
||||||
|
module Admin
|
||||||
|
class CandidateControllerTest < ActionDispatch::IntegrationTest
|
||||||
|
test "should require auth or redirect" do
|
||||||
|
get admin_candidate_url
|
||||||
|
assert_redirected_to admin_login_url
|
||||||
|
|
||||||
|
get admin_new_candidate_url
|
||||||
|
assert_redirected_to admin_login_url
|
||||||
|
|
||||||
|
post admin_create_candidate_url, params: { candidate: { name: 'foo', email: 'bar', experience: 'baz' } }
|
||||||
|
assert_redirected_to admin_login_url
|
||||||
|
end
|
||||||
|
|
||||||
|
test "should get candidate list" do
|
||||||
|
auth_recruiter
|
||||||
|
get admin_candidate_url
|
||||||
|
assert_response :success
|
||||||
|
assert assigns(:candidates), "@candidates not present"
|
||||||
|
end
|
||||||
|
|
||||||
|
test 'should have edit links' do
|
||||||
|
auth_recruiter
|
||||||
|
get admin_candidate_url
|
||||||
|
assert_response :success
|
||||||
|
assert_select "a[href='#{admin_edit_candidate_path(candidates(:martha))}']"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
@ -0,0 +1,73 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
require 'test_helper'
|
||||||
|
|
||||||
|
module Admin
|
||||||
|
class CandidateControllerTest < ActionDispatch::IntegrationTest
|
||||||
|
include ActiveJob::TestHelper
|
||||||
|
|
||||||
|
test "should get new" do
|
||||||
|
auth_recruiter
|
||||||
|
get admin_new_candidate_url
|
||||||
|
assert_response :success
|
||||||
|
assert assigns(:candidate), "@candidate not present"
|
||||||
|
end
|
||||||
|
|
||||||
|
test "should get create" do
|
||||||
|
auth_recruiter
|
||||||
|
get admin_create_candidate_url
|
||||||
|
assert_response :success
|
||||||
|
end
|
||||||
|
|
||||||
|
test "should create new candidate" do
|
||||||
|
auth_recruiter
|
||||||
|
|
||||||
|
assert_enqueued_jobs 2 do
|
||||||
|
assert_difference("Candidate.count") do
|
||||||
|
post admin_create_candidate_path, params: { candidate:
|
||||||
|
{ name: 'new name', email: 'test@mailinator.com', experience: '0-3', quiz_id: quizzes(:fed).id } }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
assert_redirected_to admin_candidate_path
|
||||||
|
assert flash[:success]
|
||||||
|
end
|
||||||
|
|
||||||
|
test "should fail creation with improper email format" do
|
||||||
|
auth_recruiter
|
||||||
|
|
||||||
|
assert_enqueued_jobs 0 do
|
||||||
|
assert_difference("Candidate.count", 0) do
|
||||||
|
post admin_create_candidate_path, params: { candidate:
|
||||||
|
{ name: 'new name', email: 'test@mailinatorcom', experience: '0-3', quiz_id: quizzes(:fed).id } }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
assert :success
|
||||||
|
assert assigns(:candidate), "@candidate not present"
|
||||||
|
assert_match(/failed.*save/i, flash[:error])
|
||||||
|
end
|
||||||
|
|
||||||
|
test "should fail creation gracefully with empty email" do
|
||||||
|
auth_recruiter
|
||||||
|
|
||||||
|
assert_enqueued_jobs 0 do
|
||||||
|
assert_difference("Candidate.count", 0) do
|
||||||
|
post admin_create_candidate_path, params: { candidate:
|
||||||
|
{ name: 'new name', email: "", experience: '0-3', quiz_id: quizzes(:fed).id } }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
assert :success
|
||||||
|
assert assigns(:candidate), "@candidate not present"
|
||||||
|
assert_match(/failed.*save/i, flash[:error])
|
||||||
|
end
|
||||||
|
|
||||||
|
test 'should queue up a welcome email [resend]' do
|
||||||
|
auth_recruiter
|
||||||
|
|
||||||
|
assert_enqueued_jobs 1 do
|
||||||
|
get admin_resend_welcome_path(id: candidates(:peggy)), xhr: true
|
||||||
|
end
|
||||||
|
assert_response :success
|
||||||
|
data = JSON.parse(response.body)
|
||||||
|
assert_match 'queued', data["message"]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
@ -0,0 +1,36 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
require 'test_helper'
|
||||||
|
|
||||||
|
module Admin
|
||||||
|
class CandidateControllerTest < ActionDispatch::IntegrationTest
|
||||||
|
test 'should edit candidate' do
|
||||||
|
auth_recruiter
|
||||||
|
candidate = candidates(:martha)
|
||||||
|
|
||||||
|
get admin_edit_candidate_path(candidate.id)
|
||||||
|
assert_response :success
|
||||||
|
assert_select 'form'
|
||||||
|
end
|
||||||
|
|
||||||
|
test 'should update candidate, but NOT test_hash' do
|
||||||
|
auth_recruiter
|
||||||
|
candidate = candidates(:martha)
|
||||||
|
post admin_update_candidate_url(id: candidate.id), params:
|
||||||
|
{ candidate: { name: 'new name', email: "mail@martha.me", test_hash: 'SOMENEWSTRING' } }
|
||||||
|
|
||||||
|
refute_equal candidate.name, Candidate.find_by(id: candidate.id).name
|
||||||
|
assert_equal candidate.test_hash, Candidate.find_by(id: candidate.id).test_hash
|
||||||
|
assert_redirected_to admin_candidate_url
|
||||||
|
end
|
||||||
|
|
||||||
|
test 'should redirect to form on fail' do
|
||||||
|
auth_recruiter
|
||||||
|
candidate = candidates(:martha)
|
||||||
|
post admin_update_candidate_url(id: candidate.id), params:
|
||||||
|
{ candidate: { name: 'new name', email: "mail@martha" } }
|
||||||
|
|
||||||
|
assert :success
|
||||||
|
assert_match(/failed.*save/i, flash[:error])
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
@ -1,56 +0,0 @@
|
|||||||
# frozen_string_literal: true
|
|
||||||
require 'test_helper'
|
|
||||||
|
|
||||||
class RecruiterControllerTest < ActionDispatch::IntegrationTest
|
|
||||||
test "should get login" do
|
|
||||||
get recruiter_login_url
|
|
||||||
assert_response :success
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should logout and reset session' do
|
|
||||||
auth_recruiter
|
|
||||||
get recruiter_logout_path
|
|
||||||
|
|
||||||
assert :success
|
|
||||||
assert session[:user].nil?
|
|
||||||
end
|
|
||||||
|
|
||||||
test "should require auth or redirect" do
|
|
||||||
get recruiter_url
|
|
||||||
assert_redirected_to recruiter_login_path
|
|
||||||
|
|
||||||
get new_candidate_url
|
|
||||||
assert_redirected_to recruiter_login_path
|
|
||||||
|
|
||||||
post create_candidate_url, params: { candidate: { name: 'foo', email: 'bar', experience: 'baz' } }
|
|
||||||
assert_redirected_to recruiter_login_path
|
|
||||||
end
|
|
||||||
|
|
||||||
test "should auth to index" do
|
|
||||||
auth_recruiter
|
|
||||||
assert_redirected_to recruiter_path
|
|
||||||
assert session[:user].present?
|
|
||||||
end
|
|
||||||
|
|
||||||
test "should fail auth with flash" do
|
|
||||||
post recruiter_auth_url, params: { auth:
|
|
||||||
{ email: 'pdr.recruiter@mailinator.com', password: 'bad-password' } }
|
|
||||||
|
|
||||||
assert_redirected_to recruiter_login_path
|
|
||||||
assert flash[:error]
|
|
||||||
end
|
|
||||||
|
|
||||||
test "should get candidate list" do
|
|
||||||
auth_recruiter
|
|
||||||
get recruiter_url
|
|
||||||
assert_response :success
|
|
||||||
assert assigns(:candidates), "@candidates not present"
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should have edit links' do
|
|
||||||
auth_recruiter
|
|
||||||
get recruiter_url
|
|
||||||
assert_response :success
|
|
||||||
assert_select "a[href='#{edit_candidate_path(candidates(:martha))}']"
|
|
||||||
end
|
|
||||||
end
|
|
@ -1,71 +0,0 @@
|
|||||||
# frozen_string_literal: true
|
|
||||||
require 'test_helper'
|
|
||||||
|
|
||||||
class RecruiterControllerTest < ActionDispatch::IntegrationTest
|
|
||||||
include ActiveJob::TestHelper
|
|
||||||
|
|
||||||
test "should get new" do
|
|
||||||
auth_recruiter
|
|
||||||
get new_candidate_url
|
|
||||||
assert_response :success
|
|
||||||
assert assigns(:candidate), "@candidate not present"
|
|
||||||
end
|
|
||||||
|
|
||||||
test "should get create" do
|
|
||||||
auth_recruiter
|
|
||||||
get create_candidate_url
|
|
||||||
assert_response :success
|
|
||||||
end
|
|
||||||
|
|
||||||
test "should create new candidate" do
|
|
||||||
auth_recruiter
|
|
||||||
|
|
||||||
assert_enqueued_jobs 2 do
|
|
||||||
assert_difference("Candidate.count") do
|
|
||||||
post create_candidate_path, params: { candidate:
|
|
||||||
{ name: 'new name', email: 'test@mailinator.com', experience: '0-3', quiz_id: quizzes(:fed).id } }
|
|
||||||
end
|
|
||||||
end
|
|
||||||
assert_redirected_to recruiter_path
|
|
||||||
assert flash[:success]
|
|
||||||
end
|
|
||||||
|
|
||||||
test "should fail creation with improper email format" do
|
|
||||||
auth_recruiter
|
|
||||||
|
|
||||||
assert_enqueued_jobs 0 do
|
|
||||||
assert_difference("Candidate.count", 0) do
|
|
||||||
post create_candidate_path, params: { candidate:
|
|
||||||
{ name: 'new name', email: 'test@mailinatorcom', experience: '0-3', quiz_id: quizzes(:fed).id } }
|
|
||||||
end
|
|
||||||
end
|
|
||||||
assert :success
|
|
||||||
assert assigns(:candidate), "@candidate not present"
|
|
||||||
assert_match(/failed.*save/i, flash[:error])
|
|
||||||
end
|
|
||||||
|
|
||||||
test "should fail creation gracefully with empty email" do
|
|
||||||
auth_recruiter
|
|
||||||
|
|
||||||
assert_enqueued_jobs 0 do
|
|
||||||
assert_difference("Candidate.count", 0) do
|
|
||||||
post create_candidate_path, params: { candidate:
|
|
||||||
{ name: 'new name', email: "", experience: '0-3', quiz_id: quizzes(:fed).id } }
|
|
||||||
end
|
|
||||||
end
|
|
||||||
assert :success
|
|
||||||
assert assigns(:candidate), "@candidate not present"
|
|
||||||
assert_match(/failed.*save/i, flash[:error])
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should queue up a welcome email [resend]' do
|
|
||||||
auth_recruiter
|
|
||||||
|
|
||||||
assert_enqueued_jobs 1 do
|
|
||||||
get resend_welcome_path(id: candidates(:peggy)), xhr: true
|
|
||||||
end
|
|
||||||
assert_response :success
|
|
||||||
data = JSON.parse(response.body)
|
|
||||||
assert_match 'queued', data["message"]
|
|
||||||
end
|
|
||||||
end
|
|
@ -1,34 +0,0 @@
|
|||||||
# frozen_string_literal: true
|
|
||||||
require 'test_helper'
|
|
||||||
|
|
||||||
class RecruiterControllerTest < ActionDispatch::IntegrationTest
|
|
||||||
test 'should edit candidate' do
|
|
||||||
auth_recruiter
|
|
||||||
candidate = candidates(:martha)
|
|
||||||
|
|
||||||
get edit_candidate_path(candidate.id)
|
|
||||||
assert_response :success
|
|
||||||
assert_select 'form'
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should update candidate, but NOT test_hash' do
|
|
||||||
auth_recruiter
|
|
||||||
candidate = candidates(:martha)
|
|
||||||
post update_candidate_url(id: candidate.id), params:
|
|
||||||
{ candidate: { name: 'new name', email: "mail@martha.me", test_hash: 'SOMENEWSTRING' } }
|
|
||||||
|
|
||||||
refute_equal candidate.name, Candidate.find_by(id: candidate.id).name
|
|
||||||
assert_equal candidate.test_hash, Candidate.find_by(id: candidate.id).test_hash
|
|
||||||
assert_redirected_to recruiter_url
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should redirect to form on fail' do
|
|
||||||
auth_recruiter
|
|
||||||
candidate = candidates(:martha)
|
|
||||||
post update_candidate_url(id: candidate.id), params:
|
|
||||||
{ candidate: { name: 'new name', email: "mail@martha" } }
|
|
||||||
|
|
||||||
assert :success
|
|
||||||
assert_match(/failed.*save/i, flash[:error])
|
|
||||||
end
|
|
||||||
end
|
|
@ -17,7 +17,7 @@ class ReviewControllerTest < ActionDispatch::IntegrationTest
|
|||||||
|
|
||||||
test "should auth to index" do
|
test "should auth to index" do
|
||||||
auth_reviewer
|
auth_reviewer
|
||||||
assert_redirected_to review_path
|
assert_redirected_to admin_path
|
||||||
assert session[:user].present?
|
assert session[:user].present?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
48
test/policies/candidate_policy_test.rb
Normal file
48
test/policies/candidate_policy_test.rb
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
require 'test_helper'
|
||||||
|
|
||||||
|
class CandidatePolicyTest < PolicyAssertions::Test
|
||||||
|
test 'should require current_user' do
|
||||||
|
assert_raise Pundit::NotAuthorizedError do
|
||||||
|
CandidatePolicy.new(nil, Candidate.first).view?
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
test 'should allow admin to scope' do
|
||||||
|
scope = CandidatePolicy::Scope.new(users(:admin), Candidate).resolve
|
||||||
|
assert_equal Candidate.count, scope.count
|
||||||
|
end
|
||||||
|
|
||||||
|
test 'should allow recruiter to scope' do
|
||||||
|
scope = CandidatePolicy::Scope.new(users(:recruiter), Candidate).resolve
|
||||||
|
assert_equal Candidate.count, scope.count
|
||||||
|
end
|
||||||
|
|
||||||
|
test 'reviewer CAN NOT scope candidates' do
|
||||||
|
assert_raise Pundit::NotAuthorizedError do
|
||||||
|
CandidatePolicy::Scope.new(users(:reviewer), Candidate).resolve
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
test 'manager CAN NOT scope candidates' do
|
||||||
|
assert_raise Pundit::NotAuthorizedError do
|
||||||
|
CandidatePolicy::Scope.new(users(:manager), Candidate).resolve
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_view_and_update
|
||||||
|
assert_permit users(:admin), candidates(:roy)
|
||||||
|
assert_permit users(:recruiter), candidates(:roy)
|
||||||
|
|
||||||
|
refute_permit users(:manager), candidates(:roy)
|
||||||
|
refute_permit users(:reviewer), candidates(:roy)
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_create
|
||||||
|
assert_permit users(:admin), Candidate
|
||||||
|
assert_permit users(:recruiter), Candidate
|
||||||
|
|
||||||
|
refute_permit users(:manager), Candidate
|
||||||
|
refute_permit users(:reviewer), Candidate
|
||||||
|
end
|
||||||
|
end
|
@ -31,7 +31,7 @@ class QuestionPolicyTest < PolicyAssertions::Test
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_view
|
def test_view_and_options
|
||||||
assert_permit users(:admin), questions(:fed1)
|
assert_permit users(:admin), questions(:fed1)
|
||||||
assert_permit users(:manager), questions(:fed1)
|
assert_permit users(:manager), questions(:fed1)
|
||||||
assert_permit users(:reviewer), questions(:fed1)
|
assert_permit users(:reviewer), questions(:fed1)
|
||||||
|
@ -4,13 +4,28 @@ module AuthTestHelper
|
|||||||
post validate_candidate_url, params: { test_id: candidate.test_hash }
|
post validate_candidate_url, params: { test_id: candidate.test_hash }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def auth_user user
|
||||||
|
post admin_auth_url, params: { auth:
|
||||||
|
{ email: user.email, password: 'password' } }
|
||||||
|
end
|
||||||
|
|
||||||
|
def auth_admin
|
||||||
|
post admin_auth_url, params: { auth:
|
||||||
|
{ email: 'alan.admin@mailinator.com', password: 'password' } }
|
||||||
|
end
|
||||||
|
|
||||||
|
def auth_manager
|
||||||
|
post admin_auth_url, params: { auth:
|
||||||
|
{ email: 'mary.manager@mailinator.com', password: 'password' } }
|
||||||
|
end
|
||||||
|
|
||||||
def auth_recruiter
|
def auth_recruiter
|
||||||
post recruiter_auth_url, params: { auth:
|
post admin_auth_url, params: { auth:
|
||||||
{ email: 'pdr.recruiter@mailinator.com', password: 'password' } }
|
{ email: 'pdr.recruiter@mailinator.com', password: 'password' } }
|
||||||
end
|
end
|
||||||
|
|
||||||
def auth_reviewer
|
def auth_reviewer
|
||||||
post review_auth_url, params: { auth:
|
post admin_auth_url, params: { auth:
|
||||||
{ email: 'fed.reviewer@mailinator.com', password: 'password' } }
|
{ email: 'fed.reviewer@mailinator.com', password: 'password' } }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user