Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix user restricted stock management v3.0 #4399

Merged
merged 4 commits into from
Jun 2, 2022
Merged

Fix user restricted stock management v3.0 #4399

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
c22f975
Fix context description
rmparr May 30, 2022
44322f6
Add controller spec for clearing stock locations
rmparr May 30, 2022
7e07ec8
Add hidden field for user stock locations
rmparr May 30, 2022
28d532c
Add context for restricted stock management
rmparr May 30, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions backend/app/views/spree/admin/users/_form.html.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
<%= label_tag nil, plural_resource_name(Spree::StockLocation) %>
<ul>
<% if can?(:manage, Spree::UserStockLocation) %>
<%= hidden_field_tag('user[stock_location_ids][]', nil) %>
<% @stock_locations.each do |stock_location| %>
<li>
<label>
Expand Down
9 changes: 8 additions & 1 deletion backend/spec/controllers/spree/admin/users_controller_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -321,7 +321,7 @@ def user
end
end

context "when the user can manage only some stock locations" do
context "when the user can manage only some roles" do
stub_authorization! do |_user|
can :manage, Spree.user_class
can :manage, Spree::Role
Expand Down Expand Up @@ -406,6 +406,13 @@ def user
put :update, params: { id: user.id, user: { stock_location_ids: [location2.id] } }
expect(user.reload.stock_locations).to eq([location2])
end

it "can clear stock locations" do
user.stock_locations << Spree::StockLocation.create(name: "my_location")
expect {
put :update, params: { id: user.id, user: { name: "Bob Bloggs", stock_location_ids: [""] } }
}.to change { user.reload.stock_locations.to_a }.to([])
end
end

context "when the user cannot manage stock locations" do
Expand Down
35 changes: 35 additions & 0 deletions backend/spec/features/admin/users_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,41 @@
expect(page).to have_text 'Account updated'
end

context 'when :can_restrict_stock_management is true' do
custom_authorization! do |_user|
can [:show], Spree::StockLocation
end

before do
stub_spree_preferences(Spree::Config, can_restrict_stock_management: true)
end

let!(:stock_location) { create(:stock_location, name: "location_1") }

it 'can edit user stock locations' do
click_link 'Account'

check 'user_spree_stock_locations_location_1'
click_button 'Update'
expect(page).to have_text 'Account updated'
expect(find_field('user_spree_stock_locations_location_1')).to be_checked
end

it 'can delete user stock locations' do
user_a.stock_locations << Spree::StockLocation.create(name: "dummy")
click_link 'Account'

user_a.stock_locations.each do |location|
uncheck "user_spree_stock_locations_#{location.name}"
end

click_button 'Update'
expect(page).to have_text 'Account updated'
expect(find_field('user_spree_stock_locations_dummy')).not_to be_checked
expect(user_a.reload.stock_locations).to be_empty
end
end

context 'without password permissions' do
custom_authorization! do |_user|
cannot [:update_password], Spree.user_class
Expand Down