Creations: hide/delete, view admin info

app/policies/user_creation_policy.rb

@@ -1,21 +1,23 @@
 class UserCreationPolicy < ApplicationPolicy
+  FULL_ACCESS_ROLES = %w[superadmin legal policy_and_abuse].freeze
+
   def show_admin_options?
     destroy? || hide? || edit?
   end
 
   def destroy?
-    user_has_roles?(%w[superadmin policy_and_abuse])
+    user_has_roles?(FULL_ACCESS_ROLES)
   end
 
   def hide?
-    user_has_roles?(%w[superadmin policy_and_abuse])
+    user_has_roles?(FULL_ACCESS_ROLES)
   end
 
   def show_ip_address?
-    user_has_roles?(%w[superadmin legal policy_and_abuse])
+    user_has_roles?(FULL_ACCESS_ROLES)
   end
 
   def show_original_creators?
-    user_has_roles?(%w[superadmin policy_and_abuse])
+    user_has_roles?(FULL_ACCESS_ROLES)
   end
 end

features/admins/admin_works.feature

@@ -13,10 +13,10 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
       And I press "Troubleshoot"
     Then I should see "Work sent to be reindexed."
 
-  Scenario: Can hide works
+  Scenario Outline: Can hide works
     Given I am logged in as "regular_user"
       And I post the work "ToS Violation"
-    When I am logged in as a "policy_and_abuse" admin
+    When I am logged in as a "<role>" admin
       And all emails have been delivered
       And I view the work "ToS Violation"
       And I follow "Hide Work"
@@ -26,8 +26,13 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
       And "regular_user" should see their work "ToS Violation" is hidden
       And 1 email should be delivered
       And the email should contain "you will be required to take action to correct the violation"
+
+    Examples:
+      | role             |
+      | legal            |
+      | policy_and_abuse |
 
-  Scenario: Can unhide works
+  Scenario Outline: Can unhide works
     Given I am logged in as "regular_user"
       And I post the work "ToS Violation"
     When I am logged in as a "policy_and_abuse" admin
@@ -43,7 +48,12 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
       And logged in users should see the unhidden work "ToS Violation" by "regular_user"
       And 0 emails should be delivered
 
-  Scenario: Can delete works
+    Examples:
+      | role             |
+      | legal            |
+      | policy_and_abuse |
+
+  Scenario: Deleting works as a Policy & Abuse admin
     Given I am logged in as "regular_user"
       And I post the work "ToS Violation"
     When I am logged in as a "policy_and_abuse" admin
@@ -66,7 +76,27 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
       And I am on regular_user's works page
     Then I should not see "ToS Violation"
 
-  Scenario: Can hide bookmarks
+  Scenario: Deleting works as a Legal admin
+    Given I am logged in as "regular_user"
+      And I post the work "ToS Violation"
+    When I am logged in as a "legal" admin
+      # Don't let the admin password email mess up the count.
+      And all emails have been delivered
+      And I view the work "ToS Violation"
+      And I follow "Delete Work"
+      And all indexing jobs have been run
+    Then I should see "Item was successfully deleted."
+      And 1 email should be delivered
+      And the email should contain "deleted from the Archive by a site admin"
+      And the email should not contain "translation missing"
+    When I log out
+      And I am on regular_user's works page
+    Then I should not see "ToS Violation"
+    When I am logged in
+      And I am on regular_user's works page
+    Then I should not see "ToS Violation"
+
+  Scenario Outline: Can hide bookmarks
     Given basic tags
       And I am logged in as "regular_user" with password "password1"
       And I post the work "A Nice Work"
@@ -77,7 +107,7 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
       And I press "Create"
       And all indexing jobs have been run
     Then I should see "Bookmark was successfully created"
-    When I am logged in as a "policy_and_abuse" admin
+    When I am logged in as a "<role>" admin
       And I am on bad_user's bookmarks page
     When I follow "Hide Bookmark"
       And all indexing jobs have been run
@@ -86,6 +116,35 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
       And I am on bad_user's bookmarks page
     Then I should not see "Rude comment"
 
+    Examples:
+      | role             |
+      | legal            |
+      | policy_and_abuse |
+
+  Scenario Outline: Deleting bookmarks
+    Given basic tags
+      And I am logged in as "regular_user" with password "password1"
+      And I post the work "A Nice Work"
+    When I am logged in as "bad_user"
+      And I view the work "A Nice Work"
+    When I follow "Bookmark"
+      And I fill in "bookmark_notes" with "Rude comment"
+      And I press "Create"
+      And all indexing jobs have been run
+    Then I should see "Bookmark was successfully created"
+    When I am logged in as a "<role>" admin
+      And I am on bad_user's bookmarks page
+      And I follow "Delete Bookmark"
+    Then I should see "Item was successfully deleted."
+    When I am logged in as "regular_user" with password "password1"
+      And I am on bad_user's bookmarks page
+    Then I should not see "Rude comment"
+
+    Examples:
+      | role             |
+      | legal            |
+      | policy_and_abuse |
+
   Scenario: Can edit tags on works
     Given basic tags
       And I am logged in as "regular_user"
@@ -155,15 +214,37 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
       And I should see "M/M"
       And I should see "Language: Deutsch"
 
-  Scenario: Can delete external works
+  Scenario Outline: Hiding and un-hiding external works
     Given basic tags
       And I am logged in as "regular_user"
       And I bookmark the external work "External Changes"
-    When I am logged in as a "policy_and_abuse" admin
+    When I am logged in as a "<role>" admin
+      And I view the external work "External Changes"
+      And I follow "Hide External Work"
+    Then I should see "Item has been hidden."
+      And I should see "Make External Work Visible"
+    When I follow "Make External Work Visible"
+    Then I should see "Item is no longer hidden."
+
+    Examples:
+      | role             |
+      | legal            |
+      | policy_and_abuse |
+
+  Scenario Outline: Deleting external works
+    Given basic tags
+      And I am logged in as "regular_user"
+      And I bookmark the external work "External Changes"
+    When I am logged in as a "<role>" admin
       And I view the external work "External Changes"
       And I follow "Delete External Work"
     Then I should see "Item was successfully deleted."
 
+    Examples:
+      | role             |
+      | legal            |
+      | policy_and_abuse |
+
   Scenario: Can mark a comment as spam
     Given I have no works or comments
       And the following activated users exist
@@ -300,10 +381,10 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
     And the work "Spammity Spam" should not be marked as spam
     And the work "Spammity Spam" should not be hidden
 
-  Scenario: Admin can hide a series (e.g. if the series description or notes contain a TOS Violation)
+  Scenario Outline: Admin can hide a series (e.g. if the series description or notes contain a TOS Violation)
     Given I am logged in as "tosser"
       And I add the work "Legit Work" to series "Violation"
-    When I am logged in as a "policy_and_abuse" admin
+    When I am logged in as a "<role>" admin
       And I view the series "Violation"
       And I follow "Hide Series"
     Then I should see "Item has been hidden."
@@ -328,10 +409,15 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
     When I view the series "Violation"
     Then I should see the image "title" text "Hidden by Administrator"
 
-  Scenario: Admin can un-hide a series
+    Examples:
+      | role             |
+      | legal            |
+      | policy_and_abuse |
+
+  Scenario Outline: Admin can un-hide a series
     Given I am logged in as "tosser"
       And I add the work "Legit Work" to series "Violation"
-      And I am logged in as a "policy_and_abuse" admin
+      And I am logged in as a "<role>" admin
       And I view the series "Violation"
       And I follow "Hide Series"
     When I follow "Make Series Visible"
@@ -357,6 +443,28 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
     When I view the series "Violation"
     Then I should see "Violation"
 
+    Examples:
+      | role             |
+      | legal            |
+      | policy_and_abuse |
+
+  Scenario Outline: Deleting series
+    Given I am logged in as "tosser"
+      And I add the work "Legit Work" to series "Violation"
+      And I am logged in as a "<role>" admin
+    When I view the series "Violation"
+      And I follow "Delete Series"
+    Then I should see "Item was successfully deleted."
+    When I log out
+      And I go to tosser's series page
+    Then I should see "Series (0)"
+      And I should not see "Violation"
+
+    Examples:
+      | role             |
+      | legal            |
+      | policy_and_abuse |
+
   Scenario: Admins can see when a work has too many tags
     Given the user-defined tag limit is 7
       And the work "Under the Limit"
@@ -371,8 +479,13 @@ Feature: Admin Actions for Works, Comments, Series, Bookmarks
     When I view the work "Over the Limit"
     Then I should see "Over Tag Limit: Yes"
 
-  Scenario: Policy abuse admins can see original work creators
+  Scenario Outline: Certain admins can see original work creators
     Given a work "Orphaned" with the original creator "orphaneer"
-    When I am logged in as a "policy_and_abuse" admin
+    When I am logged in as a "<role>" admin
       And I view the work "Orphaned"
     Then I should see the original creator "orphaneer"
+
+    Examples:
+      | role             |
+      | legal            |
+      | policy_and_abuse |