search

rubyforgood / mutual-aid

Mutual aid management platform for groups who build, support, and strengthen community resilience.
https://github.com/rubyforgood/mutual-aid/projects/4
MIT License
54 stars 61 forks source link

Newly registered user is presented a Feedback option but not authorized to access it #992

Closed solebared closed 2 years ago

solebared commented 3 years ago

Steps to recreate:

  1. Register for a new account, confirm email
  2. Click on the Feedback button in the nav bar

Actual: User is shown the following message:

Sorry, you aren't authorized to do that. If you think this is wrong, please contact your administrator.

Expected: User is either able to provide feedback or not shown the feedback button

H/T @vurtn for reporting in #963 .

bobmazanec commented 2 years ago

Reproduced in 81ba8f0

Expected: User is either able to provide feedback or not shown the feedback button

I see that SoftwareFeedbacksController is derived from AdminController, so my first (newbie!) guess is that this is meant only for Admin users, and I expect few new Users are created as Admins.

So—in newbie-friendly (over-?)specificity 🤓—is this the desired/expected behavior?

Admin user sees Feedback button

Given I am signed in as an Admin User When I am on a page with the navbar (e.g., /announcements, /community_resources) Then

image

Non-Admin user does not see Feedback button

Given I am signed in as a non-Admin User When I am on a page with the navbar (e.g., /announcements, /community_resources) Then I do not see the [Feedback] navbar button

?