From 893bfd38b39bc6cecb0aed93ddc1a80563ee44ab Mon Sep 17 00:00:00 2001 From: Eric Schultz Date: Wed, 15 Aug 2018 11:19:49 -0500 Subject: [PATCH] Fix for query_roles bug --- lib/query/query_roles.rb | 26 ++++++++++----------- spec/lib/query/query_roles_spec.rb | 37 ++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+), 13 deletions(-) create mode 100644 spec/lib/query/query_roles_spec.rb diff --git a/lib/query/query_roles.rb b/lib/query/query_roles.rb index fde5ea9b..01db6251 100644 --- a/lib/query/query_roles.rb +++ b/lib/query/query_roles.rb @@ -1,27 +1,27 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module QueryRoles - def self.user_has_role?(user_id, role_names, host_id=nil) - expr = Qx.select("COUNT(roles)").from(:roles) - .where("name IN ($names)", names: Array(role_names)) - .and_where(user_id: user_id) - expr = expr.and_where(host_id: host_id) if host_id - return expr.execute.first['count'] > 0 + def self.user_has_role?(user_id, role_names, host_id=nil) + expr = Qx.select("COUNT(roles)").from(:roles) + .where("name IN ($names)", names: Array(role_names)) + .and_where(user_id: user_id) + expr = expr.and_where(host_id: host_id) if host_id + return expr.execute.first['count'] > 0 end - # Get host tables -- host can be nonprofit, campaign, event + # Get host tables -- host can be nonprofit, campaign, event def self.host_ids(user_id, role_names) - Qx.select("host_id").from(:roles) - .where(user_id: user_id) - .and_where("roles.name IN ($names)", names: role_names) - .execute.map{|h| h['host_id']} + Qx.select("host_id").from(:roles) + .where(user_id: user_id) + .and_where("roles.name IN ($names)", names: role_names) + .execute.map{|h| h['host_id']} end def self.is_nonprofit_user?(user_id, np_id) - user_has_role?(user_id, [:nonprofit_admin, :nonprofit_user], np_id) + user_has_role?(user_id, [:nonprofit_admin, :nonprofit_associate], np_id) end def self.is_authorized_for_nonprofit?(user_id, np_id) user_has_role?(user_id, [:super_admin]) || is_nonprofit_user?(user_id, np_id) end -end +end \ No newline at end of file diff --git a/spec/lib/query/query_roles_spec.rb b/spec/lib/query/query_roles_spec.rb new file mode 100644 index 00000000..18aa6a9a --- /dev/null +++ b/spec/lib/query/query_roles_spec.rb @@ -0,0 +1,37 @@ +# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later +require 'rails_helper' + +describe QueryRoles do + include_context :shared_donation_charge_context + let(:nonprofit_admin_role) {force_create(:role, user: user, host: nonprofit, name: :nonprofit_admin)} + let(:other_nonprofit_admin_role) {force_create(:role, user: user, host: other_nonprofit, name: :nonprofit_admin)} + let(:nonprofit_associate_role) {force_create(:role, user: user, host: nonprofit, name: :nonprofit_associate)} + let(:other_nonprofit_associate_role) {force_create(:role, user: user, host: other_nonprofit, name: :nonprofit_associate)} + + describe 'is_nonprofit_user?' do + it 'false for no role' do + expect(QueryRoles.is_nonprofit_user?(user.id, nonprofit.id)).to be_falsey + end + + it 'false for other nonprofit admin' do + other_nonprofit_admin_role + expect(QueryRoles.is_nonprofit_user?(user.id, nonprofit.id)).to be_falsey + end + + it 'false for other nonprofit associate' do + other_nonprofit_associate_role + expect(QueryRoles.is_nonprofit_user?(user.id, nonprofit.id)).to be_falsey + end + + it 'true for nonprofit admin' do + nonprofit_admin_role + expect(QueryRoles.is_nonprofit_user?(user.id, nonprofit.id)).to be_truthy + end + + it 'true for nonprofit admin' do + nonprofit_associate_role + expect(QueryRoles.is_nonprofit_user?(user.id, nonprofit.id)).to be_truthy + end + end + +end \ No newline at end of file