comment policy and test updates

This commit is contained in:
Mark Moser 2017-02-14 10:17:42 -06:00
parent 906b62247b
commit a8c42af3de
5 changed files with 64 additions and 19 deletions

View File

@ -15,12 +15,10 @@ module Admin
end end
def create def create
authorize QuizComment comment = QuizComment.new(comment_params.merge(user_id: current_user.id, test_hash: params[:test_hash]))
comment = QuizComment.create( authorize comment
comment_params.merge(user_id: current_user.id, test_hash: params[:test_hash])
)
flash_message = if comment.persisted? flash_message = if comment.save
{ success: "Sucessfully created comment" } { success: "Sucessfully created comment" }
else else
{ error: "Failed to save comment" } { error: "Failed to save comment" }

View File

@ -2,20 +2,18 @@
class QuizCommentPolicy < ApplicationPolicy class QuizCommentPolicy < ApplicationPolicy
# Quiz Comment Policy # Quiz Comment Policy
# #
# Anyone with access to the results can comment # Anyone who can vote on results, can comment
# Only Comment owner can edit # Only comment owner can edit her comment
def new?
user.acts_as_reviewer?
end
def create? def create?
user.acts_as_reviewer? user.acts_as_reviewer? && record.candidate.reviewers.where(id: user.id).count.positive?
end end
def update? def update?
user.acts_as_reviewer? && user.id == record.user_id user.acts_as_reviewer? && user.id == record.user_id
end end
class Scope < Scope
def resolve
true
end
end
end end

View File

@ -46,7 +46,7 @@
<div class="review-comments"> <div class="review-comments">
<h2 class="prft-heading">Comments</h2> <h2 class="prft-heading">Comments</h2>
<%= render partial: 'comment', collection: @comments, locals: { test_hash: @candidate.test_hash } %> <%= render partial: 'comment', collection: @comments, locals: { test_hash: @candidate.test_hash } %>
<% if policy(QuizComment).create? %> <% if policy(QuizComment).new? %>
<%= render partial: 'comment_form', locals: {comment: @comment, test_hash: @candidate.test_hash } %> <%= render partial: 'comment_form', locals: {comment: @comment, test_hash: @candidate.test_hash } %>
<% end %> <% end %>
</div> </div>

View File

@ -14,6 +14,17 @@ module Admin
refute_equal comment.message, QuizComment.find_by(id: comment.id).message refute_equal comment.message, QuizComment.find_by(id: comment.id).message
end end
test "should require message to update" do
auth_manager
comment = quiz_comments(:com5)
post admin_update_comment_url(test_hash: comment.test_hash, id: comment.id),
params: { quiz_comment: { message: '' } }
assert_redirected_to admin_result_url(test_hash: comment.test_hash)
assert flash[:error]
assert_equal comment.message, QuizComment.find_by(id: comment.id).message
end
test "should post create" do test "should post create" do
auth_reviewer auth_reviewer
candidate = candidates(:stacy) candidate = candidates(:stacy)
@ -26,5 +37,40 @@ module Admin
assert_redirected_to admin_result_url(test_hash: candidate.test_hash) assert_redirected_to admin_result_url(test_hash: candidate.test_hash)
assert flash[:success] assert flash[:success]
end end
test "should require comment to create" do
auth_reviewer
candidate = candidates(:stacy)
assert_difference("QuizComment.count", 0) do
post admin_create_comment_url(test_hash: candidate.test_hash),
params: { quiz_comment: { message: '' } }
end
assert_redirected_to admin_result_url(test_hash: candidate.test_hash)
assert flash[:error]
end
test "should not edit others comments" do
auth_reviewer
comment = quiz_comments(:com5)
post admin_update_comment_url(test_hash: comment.test_hash, id: comment.id),
params: { quiz_comment: { message: 'updated comment' } }
assert_redirected_to admin_login_url
assert_equal comment.message, QuizComment.find_by(id: comment.id).message
end
test "can not comment on Gustov" do
auth_reviewer
candidate = candidates(:gustov)
assert_difference("QuizComment.count", 0) do
post admin_create_comment_url(test_hash: candidate.test_hash),
params: { quiz_comment: { message: 'this is a test comment' } }
end
assert_redirected_to admin_login_url
end
end end
end end

View File

@ -9,11 +9,14 @@ class QuizCommentPolicyTest < PolicyAssertions::Test
end end
def test_create def test_create
assert_permit users(:admin), QuizComment candidate = candidates(:stacy)
assert_permit users(:manager), QuizComment comment = QuizComment.new(test_hash: candidate.test_hash)
assert_permit users(:reviewer), QuizComment
refute_permit users(:recruiter), QuizComment assert_permit users(:manager), comment
assert_permit users(:reviewer), comment
refute_permit users(:admin), comment
refute_permit users(:recruiter), comment
end end
def test_update def test_update