From 010f31a15eeb8ec7c8de04c21414c823b1038527 Mon Sep 17 00:00:00 2001
From: pabois <pierreandre.boissinot@noesya.coop>
Date: Mon, 25 Apr 2022 13:16:54 +0200
Subject: [PATCH] close #263

---
 .../admin/communication/website/posts_controller.rb |  1 +
 app/models/ability.rb                               | 13 +++++++++++++
 app/models/user/with_roles.rb                       |  2 +-
 .../communication/website/posts/_form.html.erb      | 12 +++++++++---
 .../admin/communication/websites/index.html.erb     |  2 +-
 .../admin/communication/websites/show.html.erb      |  2 +-
 app/views/admin/users/_form.html.erb                |  2 +-
 config/locales/en.yml                               |  3 +++
 config/locales/fr.yml                               |  3 +++
 9 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/app/controllers/admin/communication/website/posts_controller.rb b/app/controllers/admin/communication/website/posts_controller.rb
index f9d074f00..2c515e621 100644
--- a/app/controllers/admin/communication/website/posts_controller.rb
+++ b/app/controllers/admin/communication/website/posts_controller.rb
@@ -12,6 +12,7 @@ class Admin::Communication::Website::PostsController < Admin::Communication::Web
 
   def new
     @post.website = @website
+    @post.author_id = current_user.person&.id
     breadcrumb
   end
 
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 1aaad8c6c..643651eb8 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -30,6 +30,19 @@ class Ability
     can :read, Communication::Block, university_id: @user.university_id
   end
 
+  def contributor
+    managed_websites_ids = @user.websites_to_manage.pluck(:communication_website_id)
+    can :read, Communication::Website, university_id: @user.university_id, id: managed_websites_ids
+    can :manage, Communication::Website::Post, university_id: @user.university_id, communication_website_id: managed_websites_ids, author_id: @user.person&.id
+    cannot :publish, Communication::Website::Post
+  end
+
+  def author
+    managed_websites_ids = @user.websites_to_manage.pluck(:communication_website_id)
+    can :read, Communication::Website, university_id: @user.university_id, id: managed_websites_ids
+    can :manage, Communication::Website::Post, university_id: @user.university_id, communication_website_id: managed_websites_ids, author_id: @user.person&.id
+  end
+
   def teacher
     can :manage, University::Person, user_id: @user.id
     cannot :create, University::Person
diff --git a/app/models/user/with_roles.rb b/app/models/user/with_roles.rb
index d4c44a698..f830adcbd 100644
--- a/app/models/user/with_roles.rb
+++ b/app/models/user/with_roles.rb
@@ -4,7 +4,7 @@ module User::WithRoles
   included do
     attr_accessor :modified_by
 
-    enum role: { visitor: 0, teacher: 10, program_manager: 12, website_manager: 15, admin: 20, server_admin: 30 }
+    enum role: { visitor: 0, contributor: 4, author: 5, teacher: 10, program_manager: 12, website_manager: 15, admin: 20, server_admin: 30 }
 
     has_and_belongs_to_many :programs_to_manage,
                             class_name: 'Education::Program',
diff --git a/app/views/admin/communication/website/posts/_form.html.erb b/app/views/admin/communication/website/posts/_form.html.erb
index 32ffdeb45..711e59170 100644
--- a/app/views/admin/communication/website/posts/_form.html.erb
+++ b/app/views/admin/communication/website/posts/_form.html.erb
@@ -29,10 +29,16 @@
           <% elsif @website.languages.any? %>
             <%= f.input :language_id, as: :hidden, input_html: { value: @website.languages.first.id }, wrapper: false %>
           <% end %>
-          <%= f.input :published %>
-          <%= f.input :published_at, html5: true %>
+          <% if can? :publish, post %>
+            <%= f.input :published %>
+            <%= f.input :published_at, html5: true %>
+          <% end %>
           <%= f.input :pinned %>
-          <%= f.association :author, collection: current_university.people.ordered %>
+          <% if current_user.author? || current_user.contributor? %>
+            <%= f.input :author_id, as: :hidden, input_html: { value: current_user.person&.id }, wrapper: false %>
+          <% else %>
+            <%= f.association :author, collection: current_university.people.ordered %>
+          <% end %>
         </div>
       </div>
       <div class="card flex-fill w-100">
diff --git a/app/views/admin/communication/websites/index.html.erb b/app/views/admin/communication/websites/index.html.erb
index b4ebe5d3f..a4b8e7879 100644
--- a/app/views/admin/communication/websites/index.html.erb
+++ b/app/views/admin/communication/websites/index.html.erb
@@ -16,7 +16,7 @@
       <td><%= link_to website, [:admin, website] %></td>
       <td><%= link_to website.url, website.url, target: :_blank %></td>
       <td><%= I18n.t("activerecord.attributes.communication/website.about_#{website.about_type}") %></td>
-      <td><%= link_to website.about, [:admin, website.about] if website.about %></td>
+      <td><%= link_to_if can?(:read, website.about), website.about, [:admin, website.about] if website.about %></td>
       <td class="text-end">
         <div class="btn-group" role="group">
           <%= edit_link website %>
diff --git a/app/views/admin/communication/websites/show.html.erb b/app/views/admin/communication/websites/show.html.erb
index 5057c7241..89747b56b 100644
--- a/app/views/admin/communication/websites/show.html.erb
+++ b/app/views/admin/communication/websites/show.html.erb
@@ -6,7 +6,7 @@
   <% end %>
   <%= I18n.t("activerecord.attributes.communication/website.about_#{@website.about_type}") %>
   <% if @website.about %>
-    (<%= link_to @website.about, [:admin, @website.about] unless @website.about.nil? %>)
+    (<%= link_to_if can?(:read, @website.about), @website.about, [:admin, @website.about] unless @website.about.nil? %>)
   <% end %>
 <% end %>
 
diff --git a/app/views/admin/users/_form.html.erb b/app/views/admin/users/_form.html.erb
index 6a025d164..c2e732e90 100644
--- a/app/views/admin/users/_form.html.erb
+++ b/app/views/admin/users/_form.html.erb
@@ -37,7 +37,7 @@
                               label_method: ->(p) { sanitize p[:label] },
                               value_method: ->(p) { p[:id] } %>
           </div>
-          <div data-show-for-roles="website_manager">
+          <div data-show-for-roles="author,contributor,website_manager">
             <%= f.association :websites_to_manage,
                               as: :check_boxes,
                               collection: current_university.communication_websites.ordered
diff --git a/config/locales/en.yml b/config/locales/en.yml
index a07167520..49586fa67 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -16,11 +16,14 @@ en:
         role: Role
         roles:
           admin: Administrator
+          author: Author
+          contributor: Contributor
           program_manager: Program manager
           server_admin: Server admin
           teacher: Teacher
           visitor: Visitor
           website_manager: Website manager
+        websites_to_manage: Websites managed
     errors:
       models:
         user:
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index cfb4f9c6e..2963ff758 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -16,11 +16,14 @@ fr:
         role: RÃ´le
         roles:
           admin: Administrateur
+          author: Auteur
+          contributor: Contributeur
           program_manager: Responsable de formation
           server_admin: Administrateur du serveur
           teacher: EnseignantÂ·e
           visitor: Visiteur
           website_manager: Responsable de site web
+        websites_to_manage: Sites gÃ©rÃ©s
     errors:
       models:
         user:
-- 
GitLab