Skip to content

Commit

Permalink
Allow users to edit project queries who have the edit permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
@aaron-contreras
aaron-contreras committed Jul 5, 2024
1 parent e33e7b8 commit c8c361b
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 4 deletions.
6 changes: 3 additions & 3 deletions app/contracts/queries/projects/project_queries/base_contract.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,10 +57,10 @@ def user_is_logged_in

def allowed_to_modify_private_query
return if model.public?
return if model.user == user
return if user.allowed_in_project_query?(:edit_project_query, model)

if model.user != user
errors.add :base, :can_only_be_modified_by_owner
end
errors.add :base, :can_only_be_modified_by_owner
end

def allowed_to_modify_public_query
Expand Down
14 changes: 13 additions & 1 deletion spec/contracts/queries/projects/project_queries/shared_contract_examples.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,12 +52,24 @@
it_behaves_like "contract is invalid", name: :too_long
end

context "if the user is not the current user" do
context "if the user is not the current user and does not have the permission" do
let(:query_user) { build_stubbed(:user) }

it_behaves_like "contract is invalid", base: :can_only_be_modified_by_owner
end

context "if the user is not the current user but has the permission" do
let(:query_user) { build_stubbed(:user) }

before do
mock_permissions_for(current_user) do |mock|
mock.allow_in_project_query :edit_project_query, project_query: query
end
end

it_behaves_like "contract is valid"
end

context "if the list is public and the editing user has the permission" do
let(:query_user) { build_stubbed(:user) }

Expand Down

0 comments on commit c8c361b

Please sign in to comment.