Implement all_access buckets
This commit is contained in:
@@ -22,7 +22,7 @@ class BucketsController < ApplicationController
|
||||
|
||||
def update
|
||||
@bucket.update! bucket_params
|
||||
@bucket.accesses.revise granted: grantees, revoked: revokees
|
||||
@bucket.accesses.revise(granted: grantees, revoked: revokees) unless @bucket.all_access?
|
||||
|
||||
redirect_to bubbles_path(bucket_ids: [ @bucket ])
|
||||
end
|
||||
@@ -38,7 +38,7 @@ class BucketsController < ApplicationController
|
||||
end
|
||||
|
||||
def bucket_params
|
||||
params.expect(bucket: [ :name ])
|
||||
params.expect(bucket: [ :name ]).merge(all_access: params[:bucket].fetch(:all_access, false))
|
||||
end
|
||||
|
||||
def grantees
|
||||
|
||||
@@ -7,6 +7,12 @@ module BucketScoped
|
||||
|
||||
private
|
||||
def set_bucket
|
||||
@bucket = Current.user.buckets.find(params[:bucket_id])
|
||||
bucket = Current.account.buckets.find params[:bucket_id]
|
||||
|
||||
if bucket.visible_to? Current.user
|
||||
@bucket = bucket
|
||||
else
|
||||
head :forbidden
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
@@ -21,6 +21,18 @@ module Bucket::Accessible
|
||||
|
||||
has_many :users, through: :accesses
|
||||
|
||||
scope :all_access, -> { where(all_access: true) }
|
||||
|
||||
after_create -> { accesses.grant_to creator }
|
||||
after_save_commit :grant_access_to_everyone
|
||||
end
|
||||
|
||||
def visible_to?(user)
|
||||
(account == user.account && all_access?) || user.bucket_ids.include?(id)
|
||||
end
|
||||
|
||||
private
|
||||
def grant_access_to_everyone
|
||||
accesses.grant_to(account.users) if all_access_previously_changed?(to: true)
|
||||
end
|
||||
end
|
||||
|
||||
@@ -21,6 +21,8 @@ class User < ApplicationRecord
|
||||
validates_presence_of :email_address
|
||||
normalizes :email_address, with: ->(value) { value.strip.downcase }
|
||||
|
||||
after_create_commit :grant_access_to_buckets
|
||||
|
||||
scope :active, -> { where(active: true) }
|
||||
scope :alphabetically, -> { order("LOWER(name)") }
|
||||
|
||||
@@ -48,4 +50,8 @@ class User < ApplicationRecord
|
||||
def deactived_email_address
|
||||
email_address.sub(/@/, "-deactivated-#{SecureRandom.uuid}@")
|
||||
end
|
||||
|
||||
def grant_access_to_buckets
|
||||
Access.insert_all(account.buckets.all_access.pluck(:id).collect { |bucket_id| { bucket_id: bucket_id, user_id: id } })
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,14 +0,0 @@
|
||||
<h1>Users on <%= @bucket.name %></h1>
|
||||
|
||||
<%= form_with url: bucket_access_path, method: :put do |form| %>
|
||||
<ul>
|
||||
<% Current.account.users.active.each do |user| %>
|
||||
<li>
|
||||
<%= check_box_tag "user_ids[]", user.id, @bucket.users.include?(user), id: nil, disabled: user == Current.user %>
|
||||
<%= user.name %>
|
||||
</li>
|
||||
<% end %>
|
||||
</ul>
|
||||
|
||||
<%= form.submit %>
|
||||
<% end %>
|
||||
@@ -42,13 +42,11 @@
|
||||
|
||||
<hr class="separator--horizontal flex-item-grow" style="--border-color: var(--color-subtle-dark); --border-style: dashed" aria-hidden="true" />
|
||||
|
||||
<%= link_to nil, class: "btn--faux flex-inline", tabindex: "-1" do %>
|
||||
<label class="switch">
|
||||
<input type="checkbox" lass="switch__input">
|
||||
<span class="switch__btn round"></span>
|
||||
<span class="for-screen-reader">Give everyone access to this project</span>
|
||||
</label>
|
||||
<% end %>
|
||||
<label for="bucket_all_access" class="switch">
|
||||
<%= form.check_box :all_access, class: "switch__input", checked: @bucket.all_access? %>
|
||||
<span class="switch__btn round"></span>
|
||||
<span class="for-screen-reader">Give everyone access to this project</span>
|
||||
</label>
|
||||
</li>
|
||||
|
||||
<hr class="separator--horizontal full-width" style="--border-color: var(--color-subtle-dark);" aria-hidden="true" />
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
class AddAllAccessToBucket < ActiveRecord::Migration[8.1]
|
||||
def change
|
||||
add_column :buckets, :all_access, :boolean, default: false, null: false
|
||||
end
|
||||
end
|
||||
Generated
+2
-1
@@ -10,7 +10,7 @@
|
||||
#
|
||||
# It's strongly recommended that you check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema[8.0].define(version: 2024_11_20_222444) do
|
||||
ActiveRecord::Schema[8.1].define(version: 2024_12_09_223551) do
|
||||
create_table "accesses", force: :cascade do |t|
|
||||
t.integer "bucket_id", null: false
|
||||
t.integer "user_id", null: false
|
||||
@@ -104,6 +104,7 @@ ActiveRecord::Schema[8.0].define(version: 2024_11_20_222444) do
|
||||
t.string "name", null: false
|
||||
t.datetime "created_at", null: false
|
||||
t.datetime "updated_at", null: false
|
||||
t.boolean "all_access", default: false, null: false
|
||||
t.index ["account_id"], name: "index_buckets_on_account_id"
|
||||
t.index ["creator_id"], name: "index_buckets_on_creator_id"
|
||||
end
|
||||
|
||||
@@ -49,4 +49,17 @@ class BubblesControllerTest < ActionDispatch::IntegrationTest
|
||||
assert_equal "moon.jpg", bubble.image.filename.to_s
|
||||
assert_equal [ tags(:mobile) ], bubble.tags
|
||||
end
|
||||
|
||||
test "users can only see bubbles in buckets they have access to" do
|
||||
get bucket_bubble_url(buckets(:writebook), bubbles(:logo))
|
||||
assert_response :success
|
||||
|
||||
buckets(:writebook).accesses.revoke_from(users(:kevin)) # bucket is all-access
|
||||
get bucket_bubble_url(buckets(:writebook), bubbles(:logo))
|
||||
assert_response :success
|
||||
|
||||
buckets(:writebook).update! all_access: false
|
||||
get bucket_bubble_url(buckets(:writebook), bubbles(:logo))
|
||||
assert_response :forbidden
|
||||
end
|
||||
end
|
||||
|
||||
@@ -37,6 +37,19 @@ class BucketsControllerTest < ActionDispatch::IntegrationTest
|
||||
assert_redirected_to bubbles_path(bucket_ids: [ buckets(:writebook) ])
|
||||
assert_equal "Writebook bugs", buckets(:writebook).reload.name
|
||||
assert_equal users(:david, :jz), buckets(:writebook).users
|
||||
assert_not buckets(:writebook).all_access?
|
||||
end
|
||||
|
||||
test "update all access" do
|
||||
bucket = Current.set(session: sessions(:kevin)) do
|
||||
accounts("37s").buckets.create! name: "New bucket", all_access: false
|
||||
end
|
||||
|
||||
patch bucket_url(bucket), params: { bucket: { name: "Bugs", all_access: true } }
|
||||
|
||||
assert_redirected_to bubbles_path(bucket_ids: [ bucket ])
|
||||
assert bucket.reload.all_access?
|
||||
assert_equal accounts("37s").users, bucket.users
|
||||
end
|
||||
|
||||
test "destroy" do
|
||||
|
||||
Vendored
+1
@@ -2,3 +2,4 @@ writebook:
|
||||
name: Writebook
|
||||
account: 37s
|
||||
creator: david
|
||||
all_access: true
|
||||
|
||||
Vendored
+3
@@ -1,2 +1,5 @@
|
||||
david:
|
||||
user: david
|
||||
|
||||
kevin:
|
||||
user: kevin
|
||||
|
||||
@@ -11,4 +11,30 @@ class BucketTest < ActiveSupport::TestCase
|
||||
buckets(:writebook).accesses.revoke_from users(:kevin)
|
||||
assert_not_includes buckets(:writebook).users.reload, users(:kevin)
|
||||
end
|
||||
|
||||
test "grants access to everyone after creation" do
|
||||
bucket = Current.set(session: sessions(:david)) do
|
||||
accounts("37s").buckets.create! name: "New bucket", all_access: true
|
||||
end
|
||||
assert_equal accounts("37s").users, bucket.users
|
||||
end
|
||||
|
||||
test "grants access to everyone after update" do
|
||||
bucket = Current.set(session: sessions(:david)) do
|
||||
accounts("37s").buckets.create! name: "New bucket"
|
||||
end
|
||||
assert_equal [ users(:david) ], bucket.users
|
||||
|
||||
bucket.update! all_access: true
|
||||
assert_equal accounts("37s").users, bucket.users.reload
|
||||
end
|
||||
|
||||
test "visibility" do
|
||||
assert_not buckets(:writebook).visible_to?(User.new)
|
||||
assert buckets(:writebook).visible_to?(User.new(account: accounts("37s")))
|
||||
|
||||
buckets(:writebook).update! all_access: false
|
||||
assert_not buckets(:writebook).visible_to?(User.new(account: accounts("37s")))
|
||||
assert buckets(:writebook).visible_to?(users(:kevin))
|
||||
end
|
||||
end
|
||||
|
||||
@@ -10,6 +10,7 @@ class UserTest < ActiveSupport::TestCase
|
||||
|
||||
assert_equal accounts("37s"), user.account
|
||||
assert_equal user, User.authenticate_by(email_address: "victor@hey.com", password: "secret123456")
|
||||
assert_equal [ buckets(:writebook) ], user.buckets
|
||||
end
|
||||
|
||||
test "deactivate" do
|
||||
|
||||
Reference in New Issue
Block a user