diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb index a274251fe2..8c1cabfcca 100644 --- a/app/policies/application_policy.rb +++ b/app/policies/application_policy.rb @@ -53,9 +53,9 @@ def is_admin? def same_org? case record - when CasaOrg + when CasaOrg user.casa_org == record - when CasaAdmin, CasaCase, Volunteer, Supervisor, HearingType, ContactTypeGroup + when CasaAdmin, CasaCase, Volunteer, Supervisor, HearingType, ContactTypeGroup, ContactTopic user.casa_org == record.casa_org when CourtDate, CaseContact user.casa_org == record&.casa_case&.casa_org diff --git a/app/policies/contact_topic_policy.rb b/app/policies/contact_topic_policy.rb index eb39cdf45b..c8b0f49820 100644 --- a/app/policies/contact_topic_policy.rb +++ b/app/policies/contact_topic_policy.rb @@ -1,15 +1,8 @@ -# TODO: I have no clue what the policy should be class ContactTopicPolicy < ApplicationPolicy - class Scope < Scope - def resolve - scope.all - end - end - - alias_method :create?, :is_admin? - alias_method :destroy?, :is_admin? - alias_method :edit?, :is_admin? - alias_method :new?, :is_admin? - alias_method :show?, :is_admin? - alias_method :update?, :is_admin? + alias_method :create?, :is_admin_same_org? + alias_method :destroy?, :is_admin_same_org? + alias_method :edit?, :is_admin_same_org? + alias_method :new?, :is_admin_same_org? + alias_method :show?, :is_admin_same_org? + alias_method :update?, :is_admin_same_org? end diff --git a/spec/policies/contact_topic_policy_spec.rb b/spec/policies/contact_topic_policy_spec.rb index aa5a5d7cd3..b054d15685 100644 --- a/spec/policies/contact_topic_policy_spec.rb +++ b/spec/policies/contact_topic_policy_spec.rb @@ -2,23 +2,26 @@ RSpec.describe ContactTopicPolicy, type: :policy do subject { described_class } + # let(:contact_topic){build(:contact_topic, casa_org: organization)} + let(:contact_topic) { build(:contact_topic, casa_org: organization) } let(:organization) { build(:casa_org) } - let(:casa_admin) { build(:casa_admin, casa_org: organization) } + let(:casa_admin) { create(:casa_admin, casa_org: organization) } let(:volunteer) { build(:volunteer, casa_org: organization) } let(:supervisor) { build(:supervisor, casa_org: organization) } + # permissions :edit? do permissions :create?, :edit?, :new?, :show?, :destroy?, :update? do it "allows same org casa_admins" do - is_expected.to permit(casa_admin) + is_expected.to permit(casa_admin, contact_topic) end it "does not permit supervisor" do - is_expected.to_not permit(supervisor) + is_expected.to_not permit(supervisor, contact_topic) end it "does not permit volunteer" do - is_expected.to_not permit(volunteer) + is_expected.to_not permit(volunteer, contact_topic) end end end