Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

bugfix: feedex permissions

allow non-SPOCs who have the 'feedex' permission to access feedex
  • Loading branch information...
commit 0557995b3281ade359f695dc27c4d93214476da1 1 parent 596cee5
Jake Benilov benilovj authored
3  app/controllers/anonymous_feedback/problem_reports/explore_controller.rb
View
@@ -1,8 +1,7 @@
-require 'support/requests/anonymous/problem_report'
require 'support/requests/anonymous/explore'
class AnonymousFeedback::ProblemReports::ExploreController < AuthorisationController
- authorize_resource class: Support::Requests::Anonymous::ProblemReport
+ authorize_resource class: Support::Requests::Anonymous::Explore
def new
@explore = Support::Requests::Anonymous::Explore.new
1  lib/support/permissions/ability.rb
View
@@ -15,6 +15,7 @@ def initialize(user)
can :create, [ FoiRequest, Anonymous::ProblemReport, Anonymous::LongFormContact, Anonymous::ServiceFeedback, NamedContact ] if user.has_permission?('api_users')
can :read, Anonymous::ProblemReport if user.has_permission?('feedex')
+ can :create, Support::Requests::Anonymous::Explore if user.has_permission?('feedex')
can :create, [GeneralRequest, AnalyticsRequest, TechnicalFaultReport, UnpublishContentRequest]
end
end
7 test/unit/support/permissions/ability_test.rb
View
@@ -1,5 +1,7 @@
require 'test_helper'
require 'support/permissions/ability'
+require 'support/requests/anonymous/problem_report'
+require 'support/requests/anonymous/explore'
module Support
module Permissions
@@ -15,6 +17,11 @@ def test_feedex_users_can_read_problem_reports
ability = Ability.new(User.new(permissions: ["feedex"]))
assert ability.can?(:read, Support::Requests::Anonymous::ProblemReport)
end
+
+ def test_feedex_users_can_explore_anonymous_feedback
+ ability = Ability.new(User.new(permissions: ["feedex"]))
+ assert ability.can?(:create, Support::Requests::Anonymous::Explore)
+ end
end
end
end
Please sign in to comment.
Something went wrong with that request. Please try again.