From 9e1376b192f2ff2b69866c54458f873414114415 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Tue, 18 Feb 2025 08:45:01 -0700 Subject: [PATCH 01/21] Updated organization user table to show edit options for super admins that are part of the org --- app/views/users/_organization_user.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/users/_organization_user.html.erb b/app/views/users/_organization_user.html.erb index a467180850..a591c184ed 100644 --- a/app/views/users/_organization_user.html.erb +++ b/app/views/users/_organization_user.html.erb @@ -8,7 +8,7 @@ <%= user.invitation_status %> <%= reinvite_user_link(user) %> - <% unless user.has_role?(Role::SUPER_ADMIN) || user.has_role?(Role::ORG_ADMIN, current_organization) %> + <% unless user.has_role?(Role::ORG_ADMIN, current_organization) %>
- + <% end %>
<% end %> <% if current_user.is_admin?(current_organization) && user.has_role?(Role::ORG_ADMIN, current_organization) %> - <%= edit_button_to demote_to_user_organization_path(user_id: user.id, organization_name: current_organization.short_name), - {text: 'Demote to User'}, - {method: :post, rel: "nofollow", data: {confirm: 'This will demote the admin to user status. Are you sure that you want to submit this?', size: 'xs'}} unless user.id == current_user.id %> + <% if current_user.has_cached_role?(Role::SUPER_ADMIN) %> + <%= edit_button_to(edit_admin_user_path(user), { text: 'Edit User' }) %> + <% else %> + <%= edit_button_to demote_to_user_organization_path(user_id: user.id, organization_name: current_organization.short_name), + {text: 'Demote to User'}, + {method: :post, rel: "nofollow", data: {confirm: 'This will demote the admin to user status. Are you sure that you want to submit this?', size: 'xs'}} unless user.id == current_user.id %> + <% end %> <% end %> From 156e02ba4e7d1f0321ff0e4afbfde5090e046664 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Tue, 18 Feb 2025 10:23:01 -0700 Subject: [PATCH 04/21] Added tests to specify org admins can promote and demote users --- spec/system/organization_system_spec.rb | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/spec/system/organization_system_spec.rb b/spec/system/organization_system_spec.rb index 6316da2567..a39d8c829b 100644 --- a/spec/system/organization_system_spec.rb +++ b/spec/system/organization_system_spec.rb @@ -32,5 +32,29 @@ expect(page).to have_content("User has been removed!") expect(user.has_role?(Role::ORG_USER)).to be false end + + it "can promote a user from the organization" do + user = create(:user, name: "User to be promoted", organization: organization) + visit organization_path + accept_confirm do + click_button dom_id(user, "dropdownMenu") + click_link "Promote to Admin" + end + + expect(page).to have_content("User has been promoted!") + expect(user.has_role?(Role::ORG_ADMIN, organization)).to be true + end + + it "can demote a user from the organization" do + user = create(:organization_admin, name: "User to be demoted", organization: organization) + visit organization_path + accept_confirm do + click_link "Demote to User" + end + + expect(page).to have_content("User has been demoted!") + expect(user.has_role?(Role::ORG_ADMIN, organization)).to be false + end + end end From a97ebc10191c53f93d8de0fd420bb7578c9a2088 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Wed, 19 Feb 2025 07:05:01 -0700 Subject: [PATCH 05/21] Updated tests to run on both normal and super admin users --- spec/system/organization_system_spec.rb | 61 +++++++++++++++---------- 1 file changed, 36 insertions(+), 25 deletions(-) diff --git a/spec/system/organization_system_spec.rb b/spec/system/organization_system_spec.rb index a39d8c829b..77d4546c55 100644 --- a/spec/system/organization_system_spec.rb +++ b/spec/system/organization_system_spec.rb @@ -21,39 +21,50 @@ expect(page).to have_content("invited to organization") end - it "can remove a user from the organization" do - user = create(:user, name: "User to be deactivated", organization: organization) - visit organization_path - accept_confirm do - click_button dom_id(user, "dropdownMenu") - click_link "Remove User" + shared_examples "organization role management checks" do |user_factory| + + let!(:managed_user) { create(user_factory, name: "User to be managed", organization: organization) } + + it 'can remove that user from the organization' do + visit organization_path + accept_confirm do + click_button dom_id(managed_user, "dropdownMenu") + click_link "Remove User" + end + + expect(page).to have_content("User has been removed!") + expect(managed_user.has_role?(Role::ORG_USER)).to be false end - expect(page).to have_content("User has been removed!") - expect(user.has_role?(Role::ORG_USER)).to be false - end + it "can promote that user from the organization" do + visit organization_path + accept_confirm do + click_button dom_id(managed_user, "dropdownMenu") + click_link "Promote to Admin" + end - it "can promote a user from the organization" do - user = create(:user, name: "User to be promoted", organization: organization) - visit organization_path - accept_confirm do - click_button dom_id(user, "dropdownMenu") - click_link "Promote to Admin" + expect(page).to have_content("User has been promoted!") + expect(managed_user.has_role?(Role::ORG_ADMIN, organization)).to be true end - expect(page).to have_content("User has been promoted!") - expect(user.has_role?(Role::ORG_ADMIN, organization)).to be true - end + it "can demote that user from the organization" do + managed_user.add_role(Role::ORG_ADMIN, organization) + visit organization_path + accept_confirm do + click_link "Demote to User" + end - it "can demote a user from the organization" do - user = create(:organization_admin, name: "User to be demoted", organization: organization) - visit organization_path - accept_confirm do - click_link "Demote to User" + expect(page).to have_content("User has been demoted!") + expect(managed_user.has_role?(Role::ORG_ADMIN, organization)).to be false end + end + + context "managing a user from the organization" do + include_examples "organization role management checks", :user + end - expect(page).to have_content("User has been demoted!") - expect(user.has_role?(Role::ORG_ADMIN, organization)).to be false + context "managing a super admin user from the organization" do + include_examples "organization role management checks", :super_admin end end From ccab0f068d534adefbee582374514b9ef4e61f9d Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Thu, 20 Feb 2025 07:51:34 -0700 Subject: [PATCH 06/21] Updated organisation request tests to run on both normal and super admin users --- spec/requests/organization_requests_spec.rb | 66 +++++++++++++++------ 1 file changed, 49 insertions(+), 17 deletions(-) diff --git a/spec/requests/organization_requests_spec.rb b/spec/requests/organization_requests_spec.rb index 692c2c8f86..1ad0cb87cc 100644 --- a/spec/requests/organization_requests_spec.rb +++ b/spec/requests/organization_requests_spec.rb @@ -333,39 +333,71 @@ end describe "POST #promote_to_org_admin" do - subject { post promote_to_org_admin_organization_path(user_id: user.id) } + shared_examples "promote to admin checks" do |user_factory| + let!(:user_to_promote) { create(user_factory, name: "User to promote") } + subject { post promote_to_org_admin_organization_path(user_id: user_to_promote.id) } - it "runs successfully" do - subject - expect(user.has_role?(Role::ORG_ADMIN, organization)).to eq(true) - expect(response).to redirect_to(organization_path) - expect(flash[:notice]).to eq("User has been promoted!") + it "runs correctly" do + subject + expect(user_to_promote.reload.has_role?(Role::ORG_ADMIN, organization)).to be_truthy + expect(response).to redirect_to(organization_path) + expect(flash[:notice]).to eq("User has been promoted!") + end + end + + context "promoting a user" do + include_examples "promote to admin checks", :user + end + + context "promoting a super admin user" do + include_examples "promote to admin checks", :super_admin end end describe "POST #demote_to_user" do - subject { post demote_to_user_organization_path(user_id: admin_user.id) } + shared_examples "demote to user checks" do |user_factory| + let!(:user_to_demote) { create(user_factory, name: "User to demote", organization: organization) } + subject { post demote_to_user_organization_path(user_id: user_to_demote.id) } - it "runs correctly" do - subject - expect(admin_user.reload.has_role?(Role::ORG_ADMIN, admin_user.organization)).to be_falsey - expect(response).to redirect_to(organization_path) - expect(flash[:notice]).to eq("User has been demoted!") + it "runs correctly" do + user_to_demote.add_role(Role::ORG_ADMIN, organization) + subject + expect(user_to_demote.reload.has_role?(Role::ORG_ADMIN, organization)).to be_falsey + expect(response).to redirect_to(organization_path) + expect(flash[:notice]).to eq("User has been demoted!") + end + end + + context "demoting a user" do + include_examples "demote to user checks", :organization_admin + end + + context "demoting a super admin user" do + include_examples "demote to user checks", :super_admin end end describe "POST #remove_user" do subject { post remove_user_organization_path(user_id: user.id) } - context "when user is org user" do - it "redirects after update" do + shared_examples "remove user checks" do |user_factory| + let!(:user) { create(user_factory, name: "User to remove", organization: organization) } + subject { post remove_user_organization_path(user_id: user.id) } + + it "runs correctly" do subject + expect(user.reload.has_role?(Role::ORG_USER, organization)).to be_falsey expect(response).to redirect_to(organization_path) + expect(flash[:notice]).to eq("User has been removed!") end + end - it "removes the org user role" do - expect { subject }.to change { user.has_role?(Role::ORG_USER, organization) }.from(true).to(false) - end + context "removing a user" do + include_examples "remove user checks", :user + end + + context "removing a super admin user" do + include_examples "remove user checks", :super_admin end context "when user is not an org user" do From ed54cbae5ef22e614abe467588b6b211ee462c86 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Mon, 24 Feb 2025 08:58:04 -0700 Subject: [PATCH 07/21] Moved checks on request handled by admin controller to more appropriate sub directory, updated tests for organization path visited by super admin to only expect edit button for users --- .../admin/organizations_requests_spec.rb | 4 +++ spec/requests/organization_requests_spec.rb | 27 ++----------------- 2 files changed, 6 insertions(+), 25 deletions(-) diff --git a/spec/requests/admin/organizations_requests_spec.rb b/spec/requests/admin/organizations_requests_spec.rb index ff49d755c5..c96b6b661b 100644 --- a/spec/requests/admin/organizations_requests_spec.rb +++ b/spec/requests/admin/organizations_requests_spec.rb @@ -100,6 +100,10 @@ it "returns http success" do get admin_organizations_path expect(response).to be_successful + expect(response.body).to include(organization.name) + expect(response.body).to include(organization.email) + expect(response.body).to include(organization.created_at.strftime("%Y-%m-%d")) + expect(response.body).to include(organization.display_last_distribution_date) end end diff --git a/spec/requests/organization_requests_spec.rb b/spec/requests/organization_requests_spec.rb index 1ad0cb87cc..64ad19d4de 100644 --- a/spec/requests/organization_requests_spec.rb +++ b/spec/requests/organization_requests_spec.rb @@ -454,32 +454,9 @@ end describe "GET #show" do - before { get admin_organizations_path(id: organization.id) } - - it { expect(response).to be_successful } - - it 'organization details' do - expect(response.body).to include(organization.name) - expect(response.body).to include(organization.email) - expect(response.body).to include(organization.created_at.strftime("%Y-%m-%d")) - expect(response.body).to include(organization.display_last_distribution_date) - end - it "can see 'Edit User' button for users" do - within(".content") do - expect(response.body).to have_link("Actions") - end - - within "#dropdown-toggle" do - expect(response.body).to have_link("Edit User") - expect(response.body).to have_link("Remove User") - end - end - - it "can see 'Demote User' button for organization admins" do - within(".content") do - expect(response.body).to have_link("Demote to User") - end + get organization_path + expect(response.body).to include("Edit User") end end From a40b86528a4b993b038699fb48f5af0438915170 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Mon, 24 Feb 2025 09:00:32 -0700 Subject: [PATCH 08/21] Added user factory to create super admin that is also an org admin --- spec/factories/users.rb | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/spec/factories/users.rb b/spec/factories/users.rb index 9177937b23..99c78a6afc 100644 --- a/spec/factories/users.rb +++ b/spec/factories/users.rb @@ -76,6 +76,13 @@ resource_type: Role::ORG_ADMIN) end end + + factory :super_admin_org_admin do + name { "Administrative User And Org Admin" } + after(:create) do |user| + user.add_role(Role::SUPER_ADMIN) + end + end end factory :super_admin do From 151337f872ec57d3cceb769f499337923abae879 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Mon, 24 Feb 2025 09:13:22 -0700 Subject: [PATCH 09/21] Updated shared_examples to handle both normal users and super admins as the ones making the request, updated tests for when super admins are logged in to run on both normal and super admin users --- spec/requests/organization_requests_spec.rb | 152 ++++++++++++-------- 1 file changed, 95 insertions(+), 57 deletions(-) diff --git a/spec/requests/organization_requests_spec.rb b/spec/requests/organization_requests_spec.rb index 64ad19d4de..936cb7fec1 100644 --- a/spec/requests/organization_requests_spec.rb +++ b/spec/requests/organization_requests_spec.rb @@ -6,6 +6,61 @@ let!(:unit) { create(:unit, name: "WolfPack", organization: organization) } let!(:store) { create(:storage_location, organization: organization) } let!(:ndbn_member) { create(:ndbn_member, ndbn_member_id: "50000", account_name: "Best Place") } + let!(:super_admin_org_admin) { create(:super_admin_org_admin, organization: organization) } + + shared_examples "promote to admin check" do |user_factory| + let!(:user_to_promote) { create(user_factory, name: "User to promote") } + + it "runs correctly", :aggregate_failures do + # Explicitly specify the organization_name, as current_organization will not + # be set for super admins + post promote_to_org_admin_organization_path( + user_id: user_to_promote.id, + organization_name: organization.short_name + ) + expect(user_to_promote.reload.has_role?(Role::ORG_ADMIN, organization)).to be_truthy + # The user_update_redirect_path will vary based on whether the logged in + # user is a super admin or not + expect(response).to redirect_to( @current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path ) + expect(flash[:notice]).to eq("User has been promoted!") + end + end + + shared_examples "demote to user check" do |user_factory| + let!(:user_to_demote) { create(user_factory, name: "User to demote", organization: organization) } + + it "runs correctly", :aggregate_failures do + # Explicitly specify the organization_name, as current_organization will not + # be set for super admins + post demote_to_user_organization_path( + user_id: user_to_demote.id, + organization_name: organization.short_name + ) + expect(user_to_demote.reload.has_role?(Role::ORG_ADMIN, organization)).to be_falsey + # The user_update_redirect_path will vary based on whether the logged in + # user is a super admin or not + expect(response).to redirect_to( @current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path ) + expect(flash[:notice]).to eq("User has been demoted!") + end + end + + shared_examples "remove user check" do |user_factory| + let!(:user_to_remove) { create(user_factory, name: "User to remove", organization: organization) } + + it "runs correctly", :aggregate_failures do + # Explicitly specify the organization_name, as current_organization will not + # be set for super admins + post remove_user_organization_path( + user_id: user_to_remove.id, + organization_name: organization.short_name + ) + expect(user_to_remove.reload.has_role?(Role::ORG_USER, organization)).to be_falsey + # The user_update_redirect_path will vary based on whether the logged in + # user is a super admin or not + expect(response).to redirect_to( @current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path ) + expect(flash[:notice]).to eq("User has been removed!") + end + end context "While signed in as a normal user" do before do @@ -87,6 +142,7 @@ context "While signed in as an organization admin" do before do sign_in(organization_admin) + @current_user = organization_admin end describe "GET #show" do @@ -333,78 +389,39 @@ end describe "POST #promote_to_org_admin" do - shared_examples "promote to admin checks" do |user_factory| - let!(:user_to_promote) { create(user_factory, name: "User to promote") } - subject { post promote_to_org_admin_organization_path(user_id: user_to_promote.id) } - - it "runs correctly" do - subject - expect(user_to_promote.reload.has_role?(Role::ORG_ADMIN, organization)).to be_truthy - expect(response).to redirect_to(organization_path) - expect(flash[:notice]).to eq("User has been promoted!") - end - end - context "promoting a user" do - include_examples "promote to admin checks", :user + include_examples "promote to admin check", :user end context "promoting a super admin user" do - include_examples "promote to admin checks", :super_admin + include_examples "promote to admin check", :super_admin end end describe "POST #demote_to_user" do - shared_examples "demote to user checks" do |user_factory| - let!(:user_to_demote) { create(user_factory, name: "User to demote", organization: organization) } - subject { post demote_to_user_organization_path(user_id: user_to_demote.id) } - - it "runs correctly" do - user_to_demote.add_role(Role::ORG_ADMIN, organization) - subject - expect(user_to_demote.reload.has_role?(Role::ORG_ADMIN, organization)).to be_falsey - expect(response).to redirect_to(organization_path) - expect(flash[:notice]).to eq("User has been demoted!") - end - end - context "demoting a user" do - include_examples "demote to user checks", :organization_admin + include_examples "demote to user check", :organization_admin end context "demoting a super admin user" do - include_examples "demote to user checks", :super_admin + include_examples "demote to user check", :super_admin_org_admin end end describe "POST #remove_user" do - subject { post remove_user_organization_path(user_id: user.id) } - - shared_examples "remove user checks" do |user_factory| - let!(:user) { create(user_factory, name: "User to remove", organization: organization) } - subject { post remove_user_organization_path(user_id: user.id) } - - it "runs correctly" do - subject - expect(user.reload.has_role?(Role::ORG_USER, organization)).to be_falsey - expect(response).to redirect_to(organization_path) - expect(flash[:notice]).to eq("User has been removed!") - end - end - context "removing a user" do - include_examples "remove user checks", :user + include_examples "remove user check", :user end context "removing a super admin user" do - include_examples "remove user checks", :super_admin + include_examples "remove user check", :super_admin end context "when user is not an org user" do let(:user) { create(:user, organization: create(:organization)) } it 'raises an error' do - subject + post remove_user_organization_path(user_id: user.id) expect(response).to be_not_found end @@ -450,7 +467,8 @@ context 'When signed in as a super admin' do before do - sign_in(create(:super_admin, organization: organization)) + sign_in(super_admin_org_admin) + @current_user = super_admin_org_admin end describe "GET #show" do @@ -461,22 +479,42 @@ end describe "POST #promote_to_org_admin" do - before { post promote_to_org_admin_organization_path(user_id: user.id, organization_name: organization.short_name) } + context "promoting a user" do + include_examples "promote to admin check", :user + end - it "promotes the user to org_admin" do - expect(user.has_role?(Role::ORG_ADMIN, organization)).to eq(true) - expect(response).to redirect_to(admin_organization_path({ id: organization.id })) - expect(flash[:notice]).to eq("User has been promoted!") + context "promoting a super admin user" do + include_examples "promote to admin check", :super_admin end end describe "POST #demote_to_user" do - before { post demote_to_user_organization_path(user_id: admin_user.id, organization_name: organization.short_name) } + context "demoting a user" do + include_examples "demote to user check", :organization_admin + end - it "demotes the org_admin to user" do - expect(admin_user.reload.has_role?(Role::ORG_ADMIN, admin_user.organization)).to be_falsey - expect(response).to redirect_to(admin_organization_path({ id: organization.id })) - expect(flash[:notice]).to eq("User has been demoted!") + context "demoting a super admin user" do + include_examples "demote to user check", :super_admin_org_admin + end + end + + describe "POST #remove_user" do + context "removing a user" do + include_examples "remove user check", :user + end + + context "removing a super admin user" do + include_examples "remove user check", :super_admin + end + + context "when user is not an org user" do + let(:user) { create(:user, organization: create(:organization)) } + + it 'raises an error' do + post remove_user_organization_path(user_id: user.id) + + expect(response).to be_not_found + end end end end From 4f87454a594e53ada8810121ed90460af60ae5a4 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Mon, 24 Feb 2025 09:30:21 -0700 Subject: [PATCH 10/21] Forgot to have org system tests also test with a super admin logged in --- spec/system/organization_system_spec.rb | 82 +++++++++++++++---------- 1 file changed, 48 insertions(+), 34 deletions(-) diff --git a/spec/system/organization_system_spec.rb b/spec/system/organization_system_spec.rb index 77d4546c55..063bcfabfc 100644 --- a/spec/system/organization_system_spec.rb +++ b/spec/system/organization_system_spec.rb @@ -5,6 +5,44 @@ include ActionView::RecordIdentifier + shared_examples "organization role management checks" do |user_factory| + + let!(:managed_user) { create(user_factory, name: "User to be managed", organization: organization) } + + it 'can remove that user from the organization' do + visit organization_path + accept_confirm do + click_button dom_id(managed_user, "dropdownMenu") + click_link "Remove User" + end + + expect(page).to have_content("User has been removed!") + expect(managed_user.has_role?(Role::ORG_USER)).to be false + end + + it "can promote that user from the organization" do + visit organization_path + accept_confirm do + click_button dom_id(managed_user, "dropdownMenu") + click_link "Promote to Admin" + end + + expect(page).to have_content("User has been promoted!") + expect(managed_user.has_role?(Role::ORG_ADMIN, organization)).to be true + end + + it "can demote that user from the organization" do + managed_user.add_role(Role::ORG_ADMIN, organization) + visit organization_path + accept_confirm do + click_link "Demote to User" + end + + expect(page).to have_content("User has been demoted!") + expect(managed_user.has_role?(Role::ORG_ADMIN, organization)).to be false + end + end + context "while signed in as an organization admin" do before do sign_in(organization_admin) @@ -21,42 +59,19 @@ expect(page).to have_content("invited to organization") end - shared_examples "organization role management checks" do |user_factory| - - let!(:managed_user) { create(user_factory, name: "User to be managed", organization: organization) } - - it 'can remove that user from the organization' do - visit organization_path - accept_confirm do - click_button dom_id(managed_user, "dropdownMenu") - click_link "Remove User" - end - - expect(page).to have_content("User has been removed!") - expect(managed_user.has_role?(Role::ORG_USER)).to be false - end - - it "can promote that user from the organization" do - visit organization_path - accept_confirm do - click_button dom_id(managed_user, "dropdownMenu") - click_link "Promote to Admin" - end + context "managing a user from the organization" do + include_examples "organization role management checks", :user + end - expect(page).to have_content("User has been promoted!") - expect(managed_user.has_role?(Role::ORG_ADMIN, organization)).to be true - end + context "managing a super admin user from the organization" do + include_examples "organization role management checks", :super_admin + end - it "can demote that user from the organization" do - managed_user.add_role(Role::ORG_ADMIN, organization) - visit organization_path - accept_confirm do - click_link "Demote to User" - end + end - expect(page).to have_content("User has been demoted!") - expect(managed_user.has_role?(Role::ORG_ADMIN, organization)).to be false - end + context "while signed in as a super admin" do + before do + sign_in(organization_admin) end context "managing a user from the organization" do @@ -66,6 +81,5 @@ context "managing a super admin user from the organization" do include_examples "organization role management checks", :super_admin end - end end From 8841ea49f6cfd9794f931488e6e85694009477fb Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Tue, 25 Feb 2025 06:07:37 -0700 Subject: [PATCH 11/21] Fixed dropdown div always being there instead of only when the dropdown for org admins is being used --- app/views/users/_organization_user.html.erb | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/app/views/users/_organization_user.html.erb b/app/views/users/_organization_user.html.erb index 224e2cce19..38fa158ad4 100644 --- a/app/views/users/_organization_user.html.erb +++ b/app/views/users/_organization_user.html.erb @@ -9,10 +9,10 @@ <%= reinvite_user_link(user) %> <% unless user.has_role?(Role::ORG_ADMIN, current_organization) %> -
- <% if current_user.has_cached_role?(Role::SUPER_ADMIN) %> - <%= edit_button_to(edit_admin_user_path(user), { text: 'Edit User' }) %> - <% else %> + <% if current_user.has_cached_role?(Role::SUPER_ADMIN) %> + <%= edit_button_to(edit_admin_user_path(user), { text: 'Edit User' }) %> + <% else %> +
+
+ <% end %> + <% end %> <% if current_user.is_admin?(current_organization) && user.has_role?(Role::ORG_ADMIN, current_organization) %> <% if current_user.has_cached_role?(Role::SUPER_ADMIN) %> From ba34e7a4a6864b25da283675e943fa9e8b7a1447 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Wed, 26 Feb 2025 07:32:03 -0700 Subject: [PATCH 12/21] Updated admin user request tests to run on both normal and super admin users --- spec/requests/admin/users_requests_spec.rb | 39 ++++++++++++++++------ 1 file changed, 29 insertions(+), 10 deletions(-) diff --git a/spec/requests/admin/users_requests_spec.rb b/spec/requests/admin/users_requests_spec.rb index 0932934a57..df5acf819b 100644 --- a/spec/requests/admin/users_requests_spec.rb +++ b/spec/requests/admin/users_requests_spec.rb @@ -53,14 +53,16 @@ end describe '#add_role' do - context 'with no errors' do - it 'should call the service and redirect back' do + shared_examples "add role check" do |user_factory| + let!(:user_to_modify) { create(user_factory, name: "User to modify", organization: organization) } + + it "should call the service and redirect back", :aggregate_failures do allow(AddRoleService).to receive(:call) - post admin_user_add_role_path(user_id: user.id, + post admin_user_add_role_path(user_id: user_to_modify.id, resource_type: Role::ORG_ADMIN, resource_id: organization.id), headers: { 'HTTP_REFERER' => '/back/url'} - expect(AddRoleService).to have_received(:call).with(user_id: user.id.to_s, + expect(AddRoleService).to have_received(:call).with(user_id: user_to_modify.id.to_s, resource_type: Role::ORG_ADMIN.to_s, resource_id: organization.id.to_s) expect(flash[:notice]).to eq('Role added!') @@ -68,6 +70,13 @@ end end + context 'with no errors' do + include_examples "add role check", :user + context "modifying another super admin" do + include_examples "add role check", :super_admin + end + end + context 'with errors' do it 'should redirect back with error' do allow(AddRoleService).to receive(:call).and_raise('OH NOES') @@ -85,19 +94,29 @@ end describe '#remove_role' do - context 'with no errors' do - it 'should call the service and redirect back' do + shared_examples "remove role check" do |user_factory| + let!(:user_to_modify) { create(user_factory, name: "User to modify", organization: organization) } + + it "should call the service and redirect back", :aggregate_failures do + role_to_remove_id = user_to_modify.roles.find_by( name: Role::ORG_ADMIN, resource_id: organization.id ).id allow(RemoveRoleService).to receive(:call) - delete admin_user_remove_role_path(user_id: user.id, - role_id: 123), + delete admin_user_remove_role_path(user_id: user_to_modify.id, + role_id: role_to_remove_id), headers: { 'HTTP_REFERER' => '/back/url'} - expect(RemoveRoleService).to have_received(:call).with(user_id: user.id.to_s, - role_id: '123') + expect(RemoveRoleService).to have_received(:call).with(user_id: user_to_modify.id.to_s, + role_id: role_to_remove_id.to_s) expect(flash[:notice]).to eq('Role removed!') expect(response).to redirect_to('/back/url') end end + context 'with no errors' do + include_examples "remove role check", :organization_admin + context 'modifying another super admin' do + include_examples "remove role check", :super_admin_org_admin + end + end + context 'with errors' do it 'should redirect back with error' do allow(RemoveRoleService).to receive(:call).and_raise('OH NOES') From 2043e09cbc0346cb392241f5870ac4f8766060e4 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Wed, 26 Feb 2025 08:27:54 -0700 Subject: [PATCH 13/21] Updated add role system test to run on both normal and super admin users, added remove role system test --- spec/system/admin/users_system_spec.rb | 49 +++++++++++++++++++------- 1 file changed, 37 insertions(+), 12 deletions(-) diff --git a/spec/system/admin/users_system_spec.rb b/spec/system/admin/users_system_spec.rb index 581430e1bb..ed25878cad 100644 --- a/spec/system/admin/users_system_spec.rb +++ b/spec/system/admin/users_system_spec.rb @@ -39,18 +39,43 @@ expect(users_table).to have_text("TestUser") end - it 'adds a role' do - user = create(:user, name: 'User 123', organization: organization) - create(:partner, name: 'Partner ABC', organization: organization) - - visit edit_admin_user_path(user) - expect(page).to have_content('User 123') - select "Partner", from: "resource_type" - find("div.input-group:has(.select2-container)").click - find("li.select2-results__option", text: "Partner ABC").click - click_on 'Add Role' - - expect(page.find('.alert')).to have_content('Role added') + shared_examples "add role check" do |user_factory| + let!(:user_to_modify) { create(user_factory, name: "User to modify", organization: organization) } + + it "adds a role", :aggregate_failures do + create(:partner, name: 'Partner ABC', organization: organization) + visit edit_admin_user_path(user_to_modify) + expect(page).to have_content('User to modify') + select "Partner", from: "resource_type" + find("div.input-group:has(.select2-container)").click + find("li.select2-results__option", text: "Partner ABC").click + click_on 'Add Role' + + expect(page.find('.alert')).to have_content('Role added') + end + end + + include_examples "add role check", :user + context 'modifying another super admin' do + include_examples "add role check", :super_admin + end + + shared_examples "remove role check" do |user_factory| + let!(:user_to_modify) { create(user_factory, name: "User to modify", organization: organization) } + + it "removes a role", :aggregate_failures do + visit edit_admin_user_path(user_to_modify) + expect(page).to have_content('User to modify') + accept_confirm do + click_on 'Delete', match: :first # For users that have multiple roles + end + expect(page.find('.alert')).to have_content('Role removed!') + end + end + + include_examples "remove role check", :user + context 'modifying another super admin' do + include_examples "remove role check", :super_admin end it "filters users by name" do From da536156a6637d3e17dedc2e577322bb02a0eb76 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Wed, 26 Feb 2025 08:44:08 -0700 Subject: [PATCH 14/21] Changes made by linter --- spec/requests/admin/users_requests_spec.rb | 2 +- spec/requests/organization_requests_spec.rb | 6 +++--- spec/system/organization_system_spec.rb | 2 -- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/spec/requests/admin/users_requests_spec.rb b/spec/requests/admin/users_requests_spec.rb index df5acf819b..1fd325806d 100644 --- a/spec/requests/admin/users_requests_spec.rb +++ b/spec/requests/admin/users_requests_spec.rb @@ -98,7 +98,7 @@ let!(:user_to_modify) { create(user_factory, name: "User to modify", organization: organization) } it "should call the service and redirect back", :aggregate_failures do - role_to_remove_id = user_to_modify.roles.find_by( name: Role::ORG_ADMIN, resource_id: organization.id ).id + role_to_remove_id = user_to_modify.roles.find_by(name: Role::ORG_ADMIN, resource_id: organization.id).id allow(RemoveRoleService).to receive(:call) delete admin_user_remove_role_path(user_id: user_to_modify.id, role_id: role_to_remove_id), diff --git a/spec/requests/organization_requests_spec.rb b/spec/requests/organization_requests_spec.rb index 936cb7fec1..738e8a1fc8 100644 --- a/spec/requests/organization_requests_spec.rb +++ b/spec/requests/organization_requests_spec.rb @@ -21,7 +21,7 @@ expect(user_to_promote.reload.has_role?(Role::ORG_ADMIN, organization)).to be_truthy # The user_update_redirect_path will vary based on whether the logged in # user is a super admin or not - expect(response).to redirect_to( @current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path ) + expect(response).to redirect_to(@current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path) expect(flash[:notice]).to eq("User has been promoted!") end end @@ -39,7 +39,7 @@ expect(user_to_demote.reload.has_role?(Role::ORG_ADMIN, organization)).to be_falsey # The user_update_redirect_path will vary based on whether the logged in # user is a super admin or not - expect(response).to redirect_to( @current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path ) + expect(response).to redirect_to(@current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path) expect(flash[:notice]).to eq("User has been demoted!") end end @@ -57,7 +57,7 @@ expect(user_to_remove.reload.has_role?(Role::ORG_USER, organization)).to be_falsey # The user_update_redirect_path will vary based on whether the logged in # user is a super admin or not - expect(response).to redirect_to( @current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path ) + expect(response).to redirect_to(@current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path) expect(flash[:notice]).to eq("User has been removed!") end end diff --git a/spec/system/organization_system_spec.rb b/spec/system/organization_system_spec.rb index 063bcfabfc..7827e7b968 100644 --- a/spec/system/organization_system_spec.rb +++ b/spec/system/organization_system_spec.rb @@ -6,7 +6,6 @@ include ActionView::RecordIdentifier shared_examples "organization role management checks" do |user_factory| - let!(:managed_user) { create(user_factory, name: "User to be managed", organization: organization) } it 'can remove that user from the organization' do @@ -66,7 +65,6 @@ context "managing a super admin user from the organization" do include_examples "organization role management checks", :super_admin end - end context "while signed in as a super admin" do From 7ecca271bf6fdb8e4acc2850e60546f1b54a2183 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Mon, 3 Mar 2025 09:43:42 -0700 Subject: [PATCH 15/21] Changed kind to org_role as it was only used on org user list, made it only consider user vs admin roles of the org --- app/models/user.rb | 6 ++---- app/views/users/_organization_user.html.erb | 2 +- spec/models/user_spec.rb | 10 ++++++---- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 5a47d45fdb..606922f46e 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -111,13 +111,11 @@ def invitation_status "invited" if invitation_sent_at.present? end - def kind - return "super" if has_role?(Role::SUPER_ADMIN) + def org_role return "admin" if has_role?(Role::ORG_ADMIN, organization) return "normal" if has_role?(Role::ORG_USER, organization) - return "partner" if has_role?(Role::PARTNER, partner) - "normal" + "not a member" end def is_admin?(org) diff --git a/app/views/users/_organization_user.html.erb b/app/views/users/_organization_user.html.erb index 38fa158ad4..adb30b580a 100644 --- a/app/views/users/_organization_user.html.erb +++ b/app/views/users/_organization_user.html.erb @@ -3,7 +3,7 @@ <%= user.display_name %> <%= user.email %> - <%= user.kind %> + <%= user.org_role %> <%= user.current_sign_in_at&.strftime('%Y/%m/%d') %> <%= user.invitation_status %> <%= reinvite_user_link(user) %> diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index e6ea890636..1ac79e615b 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -115,10 +115,12 @@ expect(build(:user, invitation_sent_at: Time.zone.parse("2018-10-10 00:00:00"), invitation_accepted_at: Time.zone.parse("2018-10-11 00:00:00"), current_sign_in_at: Time.zone.parse("2018-10-23 00:00:00")).invitation_status).to eq("joined") end - it "#kind" do - expect(create(:super_admin).kind).to eq("super") - expect(create(:organization_admin).kind).to eq("admin") - expect(create(:user).kind).to eq("normal") + it "#org_role" do + expect(create(:super_admin).org_role).to eq("normal") + expect(create(:super_admin_org_admin).org_role).to eq("admin") + expect(create(:organization_admin).org_role).to eq("admin") + expect(create(:user).org_role).to eq("normal") + expect(create(:partner_user).org_role).to eq("not a member") end it "#reinvitable?" do From 0a34a21d55ac2b4a793c66548a1e1e82b36466a1 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Thu, 6 Mar 2025 07:56:05 -0700 Subject: [PATCH 16/21] Updated org user list to show promote/demote buttons to super admins, updated tests to reflect this --- app/views/users/_organization_user.html.erb | 53 ++++++++----------- .../admin/organizations_requests_spec.rb | 7 ++- spec/requests/organization_requests_spec.rb | 19 ++++++- 3 files changed, 44 insertions(+), 35 deletions(-) diff --git a/app/views/users/_organization_user.html.erb b/app/views/users/_organization_user.html.erb index adb30b580a..49081a1f38 100644 --- a/app/views/users/_organization_user.html.erb +++ b/app/views/users/_organization_user.html.erb @@ -9,40 +9,31 @@ <%= reinvite_user_link(user) %> <% unless user.has_role?(Role::ORG_ADMIN, current_organization) %> - <% if current_user.has_cached_role?(Role::SUPER_ADMIN) %> - <%= edit_button_to(edit_admin_user_path(user), { text: 'Edit User' }) %> - <% else %> -
- -
    -
  • - <%= edit_button_to( - promote_to_org_admin_organization_path(user_id: user.id), - {text: 'Promote to Admin'}, - {method: :post, rel: "nofollow", data: {confirm: 'This will promote the user to admin status. Are you sure that you want to submit this?', size: 'xs'}} - ) %> -
    • -
  • - <%= delete_button_to remove_user_organization_path(user_id: user.id), - {id: dom_id(user), method: :post, class: 'deactivate', text: "Remove User", rel: "nofollow", data: {confirm: 'This will revoke the user\'s organization permissions. Are you sure that you want to submit this?', size: 'xs'}} %> -
    • -
-
- <% end %> +
+ +
    +
  • + <%= edit_button_to( + promote_to_org_admin_organization_path(user_id: user.id), + {text: 'Promote to Admin'}, + {method: :post, rel: "nofollow", data: {confirm: 'This will promote the user to admin status. Are you sure that you want to submit this?', size: 'xs'}} + ) %> +
    • +
  • + <%= delete_button_to remove_user_organization_path(user_id: user.id), + {id: dom_id(user), method: :post, class: 'deactivate', text: "Remove User", rel: "nofollow", data: {confirm: 'This will revoke the user\'s organization permissions. Are you sure that you want to submit this?', size: 'xs'}} %> +
    • +
+
<% end %> <% if current_user.is_admin?(current_organization) && user.has_role?(Role::ORG_ADMIN, current_organization) %> - <% if current_user.has_cached_role?(Role::SUPER_ADMIN) %> - <%= edit_button_to(edit_admin_user_path(user), { text: 'Edit User' }) %> - <% else %> - <%= edit_button_to demote_to_user_organization_path(user_id: user.id, organization_name: current_organization.short_name), - {text: 'Demote to User'}, - {method: :post, rel: "nofollow", data: {confirm: 'This will demote the admin to user status. Are you sure that you want to submit this?', size: 'xs'}} unless user.id == current_user.id %> - <% end %> + <%= edit_button_to demote_to_user_organization_path(user_id: user.id, organization_name: current_organization.short_name), + {text: 'Demote to User'}, + {method: :post, rel: "nofollow", data: {confirm: 'This will demote the admin to user status. Are you sure that you want to submit this?', size: 'xs'}} unless user.id == current_user.id %> <% end %> - diff --git a/spec/requests/admin/organizations_requests_spec.rb b/spec/requests/admin/organizations_requests_spec.rb index c96b6b661b..cae43ba119 100644 --- a/spec/requests/admin/organizations_requests_spec.rb +++ b/spec/requests/admin/organizations_requests_spec.rb @@ -176,8 +176,11 @@ it "provides links to edit the user" do get admin_organization_path({ id: organization.id }) - expect(response.body).to include("Edit User") - expect(response.body).to include(edit_admin_user_path(user.id)) + expect(response.body).to include("Actions") + expect(response.body).to include('Promote to Admin') + expect(response.body).to include(promote_to_org_admin_organization_path(user_id: user.id)) + expect(response.body).to include('Remove User') + expect(response.body).to include(remove_user_organization_path(user_id: user.id)) end end end diff --git a/spec/requests/organization_requests_spec.rb b/spec/requests/organization_requests_spec.rb index 738e8a1fc8..f59fe74437 100644 --- a/spec/requests/organization_requests_spec.rb +++ b/spec/requests/organization_requests_spec.rb @@ -472,9 +472,24 @@ end describe "GET #show" do - it "can see 'Edit User' button for users" do + before { get organization_path } + it "can see 'Demote to User' button for admins" do + create(:organization_admin, organization: organization, name: "ADMIN USER") get organization_path - expect(response.body).to include("Edit User") + expect(response.body).to include "Demote to User" + end + + it "can see 'Promote to User' button for users" do + get organization_path + + within(".content") do + expect(response.body).to have_link("Actions") + end + + within "#dropdown-toggle" do + expect(response.body).to have_link("Promote User") + expect(response.body).to have_link("Remove User") + end end end From d7d78b08bf0192409133cd87126bfc16eddd9091 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Thu, 6 Mar 2025 07:59:44 -0700 Subject: [PATCH 17/21] Fixed context not actually signing in as a super admin --- spec/system/organization_system_spec.rb | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/spec/system/organization_system_spec.rb b/spec/system/organization_system_spec.rb index 7827e7b968..3f5cec01bb 100644 --- a/spec/system/organization_system_spec.rb +++ b/spec/system/organization_system_spec.rb @@ -2,6 +2,7 @@ let(:organization) { create(:organization) } let(:user) { create(:user, organization: organization) } let(:organization_admin) { create(:organization_admin, organization: organization) } + let(:super_admin_org_admin) { create(:super_admin_org_admin, organization: organization) } include ActionView::RecordIdentifier @@ -69,7 +70,15 @@ context "while signed in as a super admin" do before do - sign_in(organization_admin) + sign_in(super_admin_org_admin) + end + + before(:each) do + visit admin_dashboard_path + within ".main-header" do + click_on super_admin_org_admin.name.to_s + end + click_link "Switch to: #{organization.name}" end context "managing a user from the organization" do From c0d9283ddbf564a19b5b89f9333a43563c39de2b Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Fri, 7 Mar 2025 07:44:24 -0700 Subject: [PATCH 18/21] Removed tests for #show while logged in as super admin as, while the super admin interface does make use of the organization controller's post actions, it doesn't use the show action --- spec/requests/organization_requests_spec.rb | 22 --------------------- 1 file changed, 22 deletions(-) diff --git a/spec/requests/organization_requests_spec.rb b/spec/requests/organization_requests_spec.rb index d7878838dc..00e29f19c9 100644 --- a/spec/requests/organization_requests_spec.rb +++ b/spec/requests/organization_requests_spec.rb @@ -483,28 +483,6 @@ @current_user = super_admin_org_admin end - describe "GET #show" do - before { get organization_path } - it "can see 'Demote to User' button for admins" do - create(:organization_admin, organization: organization, name: "ADMIN USER") - get organization_path - expect(response.body).to include "Demote to User" - end - - it "can see 'Promote to User' button for users" do - get organization_path - - within(".content") do - expect(response.body).to have_link("Actions") - end - - within "#dropdown-toggle" do - expect(response.body).to have_link("Promote User") - expect(response.body).to have_link("Remove User") - end - end - end - describe "POST #promote_to_org_admin" do context "promoting a user" do include_examples "promote to admin check", :user From 2e59b5586e10277dcd9732b24b71c8da86969285 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Fri, 7 Mar 2025 08:39:12 -0700 Subject: [PATCH 19/21] Refactored promote, demote, remove user shared_examples to explicilty be told whether the current user is a super admin or not for the sake of clarity --- spec/requests/organization_requests_spec.rb | 62 ++++++++++++++------- 1 file changed, 42 insertions(+), 20 deletions(-) diff --git a/spec/requests/organization_requests_spec.rb b/spec/requests/organization_requests_spec.rb index 00e29f19c9..edd5801fee 100644 --- a/spec/requests/organization_requests_spec.rb +++ b/spec/requests/organization_requests_spec.rb @@ -8,8 +8,16 @@ let!(:ndbn_member) { create(:ndbn_member, ndbn_member_id: "50000", account_name: "Best Place") } let!(:super_admin_org_admin) { create(:super_admin_org_admin, organization: organization) } - shared_examples "promote to admin check" do |user_factory| + shared_examples "promote to admin check" do |user_factory, current_user| let!(:user_to_promote) { create(user_factory, name: "User to promote") } + let(:response_path){ + case current_user + when :super_admin + admin_organization_path(organization.id) + when :non_super_admin + organization_path + end + } it "runs correctly", :aggregate_failures do # Explicitly specify the organization_name, as current_organization will not @@ -21,13 +29,21 @@ expect(user_to_promote.reload.has_role?(Role::ORG_ADMIN, organization)).to be_truthy # The user_update_redirect_path will vary based on whether the logged in # user is a super admin or not - expect(response).to redirect_to(@current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path) + expect(response).to redirect_to(response_path) expect(flash[:notice]).to eq("User has been promoted!") end end - shared_examples "demote to user check" do |user_factory| + shared_examples "demote to user check" do |user_factory, current_user| let!(:user_to_demote) { create(user_factory, name: "User to demote", organization: organization) } + let(:response_path){ + case current_user + when :super_admin + admin_organization_path(organization.id) + when :non_super_admin + organization_path + end + } it "runs correctly", :aggregate_failures do # Explicitly specify the organization_name, as current_organization will not @@ -39,13 +55,21 @@ expect(user_to_demote.reload.has_role?(Role::ORG_ADMIN, organization)).to be_falsey # The user_update_redirect_path will vary based on whether the logged in # user is a super admin or not - expect(response).to redirect_to(@current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path) + expect(response).to redirect_to(response_path) expect(flash[:notice]).to eq("User has been demoted!") end end - shared_examples "remove user check" do |user_factory| + shared_examples "remove user check" do |user_factory, current_user| let!(:user_to_remove) { create(user_factory, name: "User to remove", organization: organization) } + let(:response_path){ + case current_user + when :super_admin + admin_organization_path(organization.id) + when :non_super_admin + organization_path + end + } it "runs correctly", :aggregate_failures do # Explicitly specify the organization_name, as current_organization will not @@ -57,7 +81,7 @@ expect(user_to_remove.reload.has_role?(Role::ORG_USER, organization)).to be_falsey # The user_update_redirect_path will vary based on whether the logged in # user is a super admin or not - expect(response).to redirect_to(@current_user.has_cached_role?(Role::SUPER_ADMIN) ? admin_organization_path(organization.id) : organization_path) + expect(response).to redirect_to(response_path) expect(flash[:notice]).to eq("User has been removed!") end end @@ -154,7 +178,6 @@ context "While signed in as an organization admin" do before do sign_in(organization_admin) - @current_user = organization_admin end describe "GET #show" do @@ -402,31 +425,31 @@ describe "POST #promote_to_org_admin" do context "promoting a user" do - include_examples "promote to admin check", :user + include_examples "promote to admin check", :user, :non_super_admin end context "promoting a super admin user" do - include_examples "promote to admin check", :super_admin + include_examples "promote to admin check", :super_admin, :non_super_admin end end describe "POST #demote_to_user" do context "demoting a user" do - include_examples "demote to user check", :organization_admin + include_examples "demote to user check", :organization_admin, :non_super_admin end context "demoting a super admin user" do - include_examples "demote to user check", :super_admin_org_admin + include_examples "demote to user check", :super_admin_org_admin, :non_super_admin end end describe "POST #remove_user" do context "removing a user" do - include_examples "remove user check", :user + include_examples "remove user check", :user, :non_super_admin end context "removing a super admin user" do - include_examples "remove user check", :super_admin + include_examples "remove user check", :super_admin, :non_super_admin end context "when user is not an org user" do @@ -480,36 +503,35 @@ context 'When signed in as a super admin' do before do sign_in(super_admin_org_admin) - @current_user = super_admin_org_admin end describe "POST #promote_to_org_admin" do context "promoting a user" do - include_examples "promote to admin check", :user + include_examples "promote to admin check", :user, :super_admin end context "promoting a super admin user" do - include_examples "promote to admin check", :super_admin + include_examples "promote to admin check", :super_admin, :super_admin end end describe "POST #demote_to_user" do context "demoting a user" do - include_examples "demote to user check", :organization_admin + include_examples "demote to user check", :organization_admin, :super_admin end context "demoting a super admin user" do - include_examples "demote to user check", :super_admin_org_admin + include_examples "demote to user check", :super_admin_org_admin, :super_admin end end describe "POST #remove_user" do context "removing a user" do - include_examples "remove user check", :user + include_examples "remove user check", :user, :super_admin end context "removing a super admin user" do - include_examples "remove user check", :super_admin + include_examples "remove user check", :super_admin, :super_admin end context "when user is not an org user" do From 931a89b40d35736f9654bd0350649ff44925e7f0 Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Fri, 7 Mar 2025 08:53:08 -0700 Subject: [PATCH 20/21] Forgot to run linter --- spec/requests/organization_requests_spec.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/spec/requests/organization_requests_spec.rb b/spec/requests/organization_requests_spec.rb index edd5801fee..8e0b6444ff 100644 --- a/spec/requests/organization_requests_spec.rb +++ b/spec/requests/organization_requests_spec.rb @@ -10,7 +10,7 @@ shared_examples "promote to admin check" do |user_factory, current_user| let!(:user_to_promote) { create(user_factory, name: "User to promote") } - let(:response_path){ + let(:response_path) { case current_user when :super_admin admin_organization_path(organization.id) @@ -36,7 +36,7 @@ shared_examples "demote to user check" do |user_factory, current_user| let!(:user_to_demote) { create(user_factory, name: "User to demote", organization: organization) } - let(:response_path){ + let(:response_path) { case current_user when :super_admin admin_organization_path(organization.id) @@ -62,7 +62,7 @@ shared_examples "remove user check" do |user_factory, current_user| let!(:user_to_remove) { create(user_factory, name: "User to remove", organization: organization) } - let(:response_path){ + let(:response_path) { case current_user when :super_admin admin_organization_path(organization.id) From 32ca8e24d927af889659a46cf4a5a5088a3b309d Mon Sep 17 00:00:00 2001 From: Benjamin-Couey Date: Mon, 10 Mar 2025 09:09:53 -0600 Subject: [PATCH 21/21] Undid changes that replaced has_role_cached? with has_role? --- app/models/user.rb | 4 ++-- app/views/users/_organization_user.html.erb | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 653e51cee4..26c04f8498 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -112,8 +112,8 @@ def invitation_status end def org_role - return "admin" if has_role?(Role::ORG_ADMIN, organization) - return "normal" if has_role?(Role::ORG_USER, organization) + return "admin" if has_cached_role?(Role::ORG_ADMIN, organization) + return "normal" if has_cached_role?(Role::ORG_USER, organization) "not a member" end diff --git a/app/views/users/_organization_user.html.erb b/app/views/users/_organization_user.html.erb index 9bea404692..5190838ff2 100644 --- a/app/views/users/_organization_user.html.erb +++ b/app/views/users/_organization_user.html.erb @@ -8,7 +8,7 @@ <%= user.invitation_status %> <%= reinvite_user_link(user) %> - <% unless user.has_role?(Role::ORG_ADMIN, current_organization) %> + <% unless user.has_cached_role?(Role::ORG_ADMIN, current_organization) %>