Implement all_access buckets

This commit is contained in:
Jose Farias
2024-12-10 19:46:40 -06:00
parent f8f320d76c
commit 59c66923f0
14 changed files with 96 additions and 25 deletions
+2 -2
View File
@@ -22,7 +22,7 @@ class BucketsController < ApplicationController
def update
@bucket.update! bucket_params
@bucket.accesses.revise granted: grantees, revoked: revokees
@bucket.accesses.revise(granted: grantees, revoked: revokees) unless @bucket.all_access?
redirect_to bubbles_path(bucket_ids: [ @bucket ])
end
@@ -38,7 +38,7 @@ class BucketsController < ApplicationController
end
def bucket_params
params.expect(bucket: [ :name ])
params.expect(bucket: [ :name ]).merge(all_access: params[:bucket].fetch(:all_access, false))
end
def grantees
+7 -1
View File
@@ -7,6 +7,12 @@ module BucketScoped
private
def set_bucket
@bucket = Current.user.buckets.find(params[:bucket_id])
bucket = Current.account.buckets.find params[:bucket_id]
if bucket.visible_to? Current.user
@bucket = bucket
else
head :forbidden
end
end
end
+12
View File
@@ -21,6 +21,18 @@ module Bucket::Accessible
has_many :users, through: :accesses
scope :all_access, -> { where(all_access: true) }
after_create -> { accesses.grant_to creator }
after_save_commit :grant_access_to_everyone
end
def visible_to?(user)
(account == user.account && all_access?) || user.bucket_ids.include?(id)
end
private
def grant_access_to_everyone
accesses.grant_to(account.users) if all_access_previously_changed?(to: true)
end
end
+6
View File
@@ -21,6 +21,8 @@ class User < ApplicationRecord
validates_presence_of :email_address
normalizes :email_address, with: ->(value) { value.strip.downcase }
after_create_commit :grant_access_to_buckets
scope :active, -> { where(active: true) }
scope :alphabetically, -> { order("LOWER(name)") }
@@ -48,4 +50,8 @@ class User < ApplicationRecord
def deactived_email_address
email_address.sub(/@/, "-deactivated-#{SecureRandom.uuid}@")
end
def grant_access_to_buckets
Access.insert_all(account.buckets.all_access.pluck(:id).collect { |bucket_id| { bucket_id: bucket_id, user_id: id } })
end
end
-14
View File
@@ -1,14 +0,0 @@
<h1>Users on <%= @bucket.name %></h1>
<%= form_with url: bucket_access_path, method: :put do |form| %>
<ul>
<% Current.account.users.active.each do |user| %>
<li>
<%= check_box_tag "user_ids[]", user.id, @bucket.users.include?(user), id: nil, disabled: user == Current.user %>
<%= user.name %>
</li>
<% end %>
</ul>
<%= form.submit %>
<% end %>
+5 -7
View File
@@ -42,13 +42,11 @@
<hr class="separator--horizontal flex-item-grow" style="--border-color: var(--color-subtle-dark); --border-style: dashed" aria-hidden="true" />
<%= link_to nil, class: "btn--faux flex-inline", tabindex: "-1" do %>
<label class="switch">
<input type="checkbox" lass="switch__input">
<span class="switch__btn round"></span>
<span class="for-screen-reader">Give everyone access to this project</span>
</label>
<% end %>
<label for="bucket_all_access" class="switch">
<%= form.check_box :all_access, class: "switch__input", checked: @bucket.all_access? %>
<span class="switch__btn round"></span>
<span class="for-screen-reader">Give everyone access to this project</span>
</label>
</li>
<hr class="separator--horizontal full-width" style="--border-color: var(--color-subtle-dark);" aria-hidden="true" />
@@ -0,0 +1,5 @@
class AddAllAccessToBucket < ActiveRecord::Migration[8.1]
def change
add_column :buckets, :all_access, :boolean, default: false, null: false
end
end
Generated
+2 -1
View File
@@ -10,7 +10,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema[8.0].define(version: 2024_11_20_222444) do
ActiveRecord::Schema[8.1].define(version: 2024_12_09_223551) do
create_table "accesses", force: :cascade do |t|
t.integer "bucket_id", null: false
t.integer "user_id", null: false
@@ -104,6 +104,7 @@ ActiveRecord::Schema[8.0].define(version: 2024_11_20_222444) do
t.string "name", null: false
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.boolean "all_access", default: false, null: false
t.index ["account_id"], name: "index_buckets_on_account_id"
t.index ["creator_id"], name: "index_buckets_on_creator_id"
end
@@ -49,4 +49,17 @@ class BubblesControllerTest < ActionDispatch::IntegrationTest
assert_equal "moon.jpg", bubble.image.filename.to_s
assert_equal [ tags(:mobile) ], bubble.tags
end
test "users can only see bubbles in buckets they have access to" do
get bucket_bubble_url(buckets(:writebook), bubbles(:logo))
assert_response :success
buckets(:writebook).accesses.revoke_from(users(:kevin)) # bucket is all-access
get bucket_bubble_url(buckets(:writebook), bubbles(:logo))
assert_response :success
buckets(:writebook).update! all_access: false
get bucket_bubble_url(buckets(:writebook), bubbles(:logo))
assert_response :forbidden
end
end
@@ -37,6 +37,19 @@ class BucketsControllerTest < ActionDispatch::IntegrationTest
assert_redirected_to bubbles_path(bucket_ids: [ buckets(:writebook) ])
assert_equal "Writebook bugs", buckets(:writebook).reload.name
assert_equal users(:david, :jz), buckets(:writebook).users
assert_not buckets(:writebook).all_access?
end
test "update all access" do
bucket = Current.set(session: sessions(:kevin)) do
accounts("37s").buckets.create! name: "New bucket", all_access: false
end
patch bucket_url(bucket), params: { bucket: { name: "Bugs", all_access: true } }
assert_redirected_to bubbles_path(bucket_ids: [ bucket ])
assert bucket.reload.all_access?
assert_equal accounts("37s").users, bucket.users
end
test "destroy" do
+1
View File
@@ -2,3 +2,4 @@ writebook:
name: Writebook
account: 37s
creator: david
all_access: true
+3
View File
@@ -1,2 +1,5 @@
david:
user: david
kevin:
user: kevin
+26
View File
@@ -11,4 +11,30 @@ class BucketTest < ActiveSupport::TestCase
buckets(:writebook).accesses.revoke_from users(:kevin)
assert_not_includes buckets(:writebook).users.reload, users(:kevin)
end
test "grants access to everyone after creation" do
bucket = Current.set(session: sessions(:david)) do
accounts("37s").buckets.create! name: "New bucket", all_access: true
end
assert_equal accounts("37s").users, bucket.users
end
test "grants access to everyone after update" do
bucket = Current.set(session: sessions(:david)) do
accounts("37s").buckets.create! name: "New bucket"
end
assert_equal [ users(:david) ], bucket.users
bucket.update! all_access: true
assert_equal accounts("37s").users, bucket.users.reload
end
test "visibility" do
assert_not buckets(:writebook).visible_to?(User.new)
assert buckets(:writebook).visible_to?(User.new(account: accounts("37s")))
buckets(:writebook).update! all_access: false
assert_not buckets(:writebook).visible_to?(User.new(account: accounts("37s")))
assert buckets(:writebook).visible_to?(users(:kevin))
end
end
+1
View File
@@ -10,6 +10,7 @@ class UserTest < ActiveSupport::TestCase
assert_equal accounts("37s"), user.account
assert_equal user, User.authenticate_by(email_address: "victor@hey.com", password: "secret123456")
assert_equal [ buckets(:writebook) ], user.buckets
end
test "deactivate" do