Add UserTaskPolicy and tests

begedin · begedin · commit 3dcb0044e98d · 2017-02-01T05:32:12.000+01:00
diff --git a/test/policies/user_task_policy_test.exs b/test/policies/user_task_policy_test.exs
@@ -0,0 +1,131 @@
+defmodule CodeCorps.UserTaskPolicyTest do
+  @moduledoc false
+
+  use CodeCorps.PolicyCase
+
+  import CodeCorps.UserTaskPolicy, only: [create?: 2, delete?: 2]
+  import CodeCorps.UserTask, only: [create_changeset: 2]
+
+  alias CodeCorps.UserTask
+
+  defp generate_data_for(role) do
+    {user, project} = insert_user_and_project(role)
+
+    task = case role do
+      "author" -> insert(:task, project: project, user: user)
+      _ -> insert(:task, project: project)
+    end
+
+    {user, task}
+  end
+
+  defp insert_user_and_project(role) do
+    user = insert(:user)
+    organization = insert(:organization)
+    project = insert(:project, organization: organization)
+
+    insert_membership(user, organization, role)
+
+    {user, project}
+  end
+
+  defp insert_membership(_, _, role) when role in ~w(non-member author), do: nil
+  defp insert_membership(user, organization, role) do
+    insert(:organization_membership, organization: organization, member: user, role: role)
+  end
+
+  describe "create?" do
+    test "returns false when user is not member of organization" do
+      {user, task} = generate_data_for("non-member")
+
+      changeset = %UserTask{} |> create_changeset(%{task_id: task.id})
+      refute create?(user, changeset)
+    end
+
+    test "returns false when user is pending member of organization" do
+      {user, task} = generate_data_for("pending")
+
+      changeset = %UserTask{} |> create_changeset(%{task_id: task.id})
+      refute create?(user, changeset)
+    end
+
+    test "returns true when user is contributor of organization" do
+      {user, task} = generate_data_for("contributor")
+
+      changeset = %UserTask{} |> create_changeset(%{task_id: task.id})
+      assert create?(user, changeset)
+    end
+
+    test "returns true when user is admin of organization" do
+      {user, task} = generate_data_for("admin")
+
+      changeset = %UserTask{} |> create_changeset(%{task_id: task.id})
+      assert create?(user, changeset)
+    end
+
+    test "returns true when user is owner of organization" do
+      {user, task} = generate_data_for("owner")
+
+      changeset = %UserTask{} |> create_changeset(%{task_id: task.id})
+      assert create?(user, changeset)
+    end
+
+    test "returns true when user is author of task" do
+      {user, task} = generate_data_for("author")
+
+      changeset = %UserTask{} |> create_changeset(%{task_id: task.id})
+
+      assert create?(user, changeset)
+    end
+  end
+
+  describe "delete?" do
+    test "returns false when user is not member of organization" do
+      {user, task} = generate_data_for("non-member")
+
+      user_task = insert(:user_task, task: task)
+
+      refute delete?(user, user_task)
+    end
+
+    test "returns false when user is pending member of organization" do
+      {user, task} = generate_data_for("pending")
+
+      user_task = insert(:user_task, task: task)
+
+      refute delete?(user, user_task)
+    end
+
+    test "returns true when user is contributor of organization" do
+      {user, task} = generate_data_for("contributor")
+
+      user_task = insert(:user_task, task: task)
+
+      assert delete?(user, user_task)
+    end
+
+    test "returns true when user is admin of organization" do
+      {user, task} = generate_data_for("admin")
+
+      user_task = insert(:user_task, task: task)
+
+      assert delete?(user, user_task)
+    end
+
+    test "returns true when user is owner of organization" do
+      {user, task} = generate_data_for("owner")
+
+      user_task = insert(:user_task, task: task)
+
+      assert delete?(user, user_task)
+    end
+
+    test "returns true when user is author of task" do
+      {user, task} = generate_data_for("author")
+
+      user_task = insert(:user_task, task: task)
+
+      assert delete?(user, user_task)
+    end
+  end
+end
diff --git a/web/policies/user_task_policy.ex b/web/policies/user_task_policy.ex
@@ -0,0 +1,34 @@
+defmodule CodeCorps.UserTaskPolicy do
+  @moduledoc """
+  Represents an authorization policy for performing actions on UserTask records.
+  Used to authorize a controller action.
+  """
+  import CodeCorps.Helpers.Policy,
+    only: [get_project: 1, get_membership: 2, get_role: 1, contributor_or_higher?: 1]
+
+  alias CodeCorps.{Repo, Task, UserTask, User}
+  alias Ecto.Changeset
+
+  @spec create?(User.t, Changeset.t) :: boolean
+  def create?(%User{} = user, %Changeset{} = changeset) do
+    cond do
+      changeset |> get_task |> get_project |> get_membership(user) |> get_role |> contributor_or_higher? -> true
+      changeset |> get_task |> authored_by?(user) -> true
+      true -> false
+    end
+  end
+
+  @spec delete?(User.t, UserTask.t) :: boolean
+  def delete?(%User{} = user, %UserTask{} = user_task) do
+    cond do
+      user_task |> get_task |> get_project |> get_membership(user) |> get_role |> contributor_or_higher? -> true
+      user_task |> get_task |> authored_by?(user) -> true
+      true -> false
+    end
+  end
+
+  defp get_task(%UserTask{task_id: task_id}), do: Repo.get(Task, task_id)
+  defp get_task(%Changeset{changes: %{task_id: task_id}}), do: Repo.get(Task, task_id)
+
+  defp authored_by?(%Task{user_id: author_id}, %User{id: user_id}), do: user_id == author_id
+end
