The aim of the feature tests is to check Team related behavior from user
point of view. Additional changes in code are provided as well as
authorization abstraction layer with Pundit in Rails part, and custom
workaround in BB part.
User abilities to create, update, and destroy teams depend on provided
privileges which are determined by roles.
User with the manager role in any team is able to create, update,
and destroy any team.
Integrate the following tools:
Capybara
Database Cleaner
Poltergeist
Pundit
Add the following feature specs:
Guest creates a team
Guest updates team
Guest deletes team
Manager creates a team
Manager updates team
Manager deletes team
Member creates a team
Member updates team
Member deletes team
User signs in
Add TeamPolicy authorization
Create authorization rules for the TeamsController.
Update all related tests accordingly.
Add policy tests.
Fixes:
Update Jasmine tests for Team view and Teams view to stub
user related info.
Improvements:
Rework BB current user handling
The main idea is to pass current user information within HTML layout.
This assumes that a user, once logged in, is not changed.
Update BB CurrentUserRoles collection to provide user privileges
Update BB Teams view to consider user privileges
Add the following scopes into TeamRole model:
managers, to get team members with role manager;
members, to get team members with role member;
guests, to get team members with role guests.
Add with_users trait into Teams factory
The idea is to create a team with users attached to the team with
particular roles.
By default a team with the following structure is created:
1 manager
3 members
1 guest
The behavior is configured with new factory transients.
Add #manager_of? method to User model
Handle Pundit related exceptions with proper HTTP status code.
Add the following authorization methods to the User model
to figure out whether user has manager role:
The aim of the feature tests is to check Team related behavior from user point of view. Additional changes in code are provided as well as authorization abstraction layer with Pundit in Rails part, and custom workaround in BB part. User abilities to create, update, and destroy teams depend on provided privileges which are determined by roles. User with the manager role in any team is able to create, update, and destroy any team.
Integrate the following tools:
Add the following feature specs:
Add TeamPolicy authorization Create authorization rules for the TeamsController. Update all related tests accordingly. Add policy tests.
Fixes:
Improvements:
CurrentUserRoles
collection to provide user privilegesTeams
view to consider user privilegesTeamRole
model:managers
, to get team members with rolemanager
;members
, to get team members with rolemember
;guests
, to get team members with roleguests
.with_users
trait into Teams factory The idea is to create a team with users attached to the team with particular roles. By default a team with the following structure is created:#manager_of?
method toUser
modelUser
model to figure out whether user has manager role:manager?
, in any team;manager_of?
, in particular team.Team
model withdependent: :destroy
Team
view to consider user privilegesRefactoring:
sign_in_with()
as an RSpec helper@alazarchuk , @epmlys , @JosephBuchma , @rubycop