From e88c86c2327cc79bed806c07db5025412976eb3b Mon Sep 17 00:00:00 2001
From: pabois <pierreandre.boissinot@noesya.coop>
Date: Mon, 17 Jan 2022 17:23:15 +0100
Subject: [PATCH] close #141
---
.../education/program/role/people_controller.rb | 9 ++++++++-
.../admin/education/program/teachers_controller.rb | 7 +++++++
app/models/ability.rb | 14 ++++++++++++++
app/models/user/with_roles.rb | 2 +-
.../education/program/role/people/new.html.erb | 3 +--
.../admin/education/program/roles/_list.html.erb | 4 ++--
.../admin/education/program/roles/show.html.erb | 4 +++-
.../education/program/teachers/_form.html.erb | 3 +--
.../education/program/teachers/_list.html.erb | 4 ++--
app/views/admin/education/programs/_list.html.erb | 4 ++--
app/views/admin/education/programs/show.html.erb | 2 +-
app/views/admin/university/people/_form.html.erb | 2 +-
.../admin/university/people/_main_infos.html.erb | 2 +-
app/views/admin/users/_form.html.erb | 2 +-
config/locales/en.yml | 6 ++++++
config/locales/fr.yml | 6 ++++++
16 files changed, 57 insertions(+), 17 deletions(-)
diff --git a/app/controllers/admin/education/program/role/people_controller.rb b/app/controllers/admin/education/program/role/people_controller.rb
index 6202bf3e8..bf9002f61 100644
--- a/app/controllers/admin/education/program/role/people_controller.rb
+++ b/app/controllers/admin/education/program/role/people_controller.rb
@@ -2,7 +2,9 @@ class Admin::Education::Program::Role::PeopleController < Admin::Education::Prog
load_and_authorize_resource :role, class: Education::Program::Role, through: :program
load_and_authorize_resource class: Education::Program::Role::Person, through: :role
- include Admin::Reorderable
+ before_action :get_available_people, except: :destroy
+
+ include Admin::Reorderable
def new
breadcrumb
@@ -24,6 +26,11 @@ class Admin::Education::Program::Role::PeopleController < Admin::Education::Prog
protected
+ def get_available_people
+ used_person_ids = @role.people.where.not(id: @person.id).pluck(:person_id)
+ @available_people = current_university.people.where.not(id: used_person_ids).accessible_by(current_ability).ordered
+ end
+
def breadcrumb
super
add_breadcrumb Education::Program::Role.model_name.human(count: 2)
diff --git a/app/controllers/admin/education/program/teachers_controller.rb b/app/controllers/admin/education/program/teachers_controller.rb
index ab3cb3f3e..52d7085d5 100644
--- a/app/controllers/admin/education/program/teachers_controller.rb
+++ b/app/controllers/admin/education/program/teachers_controller.rb
@@ -1,6 +1,8 @@
class Admin::Education::Program::TeachersController < Admin::Education::Program::ApplicationController
load_and_authorize_resource class: Education::Program::Teacher, through: :program
+ before_action :get_teachers, except: :destroy
+
def new
breadcrumb
end
@@ -36,6 +38,11 @@ class Admin::Education::Program::TeachersController < Admin::Education::Program:
protected
+ def get_teachers
+ used_teacher_ids = @program.teachers.where.not(id: @teacher.id).pluck(:person_id)
+ @teachers = current_university.people.teachers.where.not(id: used_teacher_ids).accessible_by(current_ability).ordered
+ end
+
def breadcrumb
super
add_breadcrumb Education::Program::Teacher.model_name.human(count: 2)
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 63cb0f454..5829446e3 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -29,6 +29,18 @@ class Ability
can :read, User, university_id: @user.university_id
end
+ def teacher
+ can :manage, University::Person, user_id: @user.id
+ can :read, Education::Program, university_id: @user.university_id
+ can :manage, Education::Program::Teacher, person_id: @user.person&.id
+ can :read, Education::Program::Role, university_id: @user.university_id
+ can :manage, Education::Program::Role::Person, person_id: @user.person&.id
+ end
+
+ def program_manager
+
+ end
+
def admin
can :read, Administration::Qualiopi::Criterion
can :read, Administration::Qualiopi::Indicator
@@ -44,6 +56,8 @@ class Ability
can :manage, Communication::Website::Imported::Page, university_id: @user.university_id
can :manage, Communication::Website::Imported::Post, university_id: @user.university_id
can :manage, Education::Program, university_id: @user.university_id
+ can :manage, Education::Program::Role, university_id: @user.university_id
+ can :manage, Education::Program::Role::Person, university_id: @user.university_id
can :manage, Research::Journal, university_id: @user.university_id
can :manage, Research::Journal::Article, university_id: @user.university_id
can :manage, Research::Journal::Volume, university_id: @user.university_id
diff --git a/app/models/user/with_roles.rb b/app/models/user/with_roles.rb
index 2853b8443..84fb51a7d 100644
--- a/app/models/user/with_roles.rb
+++ b/app/models/user/with_roles.rb
@@ -4,7 +4,7 @@ module User::WithRoles
included do
attr_accessor :modified_by
- enum role: { visitor: 0, admin: 20, server_admin: 30 }
+ enum role: { visitor: 0, teacher: 10, program_manager: 12, admin: 20, server_admin: 30 }
scope :for_role, -> (role) { where(role: role) }
diff --git a/app/views/admin/education/program/role/people/new.html.erb b/app/views/admin/education/program/role/people/new.html.erb
index 402d1727d..d2a7ac697 100644
--- a/app/views/admin/education/program/role/people/new.html.erb
+++ b/app/views/admin/education/program/role/people/new.html.erb
@@ -8,8 +8,7 @@
<h5 class="card-title mb-0"><%= t('admin.infos') %></h5>
</div>
<div class="card-body">
- <% used_person_ids = @role.people.where.not(id: @person.id).pluck(:person_id) %>
- <%= f.association :person, collection: current_university.people.where.not(id: used_person_ids).ordered %>
+ <%= f.association :person, collection: @available_people %>
</div>
</div>
</div>
diff --git a/app/views/admin/education/program/roles/_list.html.erb b/app/views/admin/education/program/roles/_list.html.erb
index 0a152d39a..c4465b657 100644
--- a/app/views/admin/education/program/roles/_list.html.erb
+++ b/app/views/admin/education/program/roles/_list.html.erb
@@ -20,12 +20,12 @@
<div class="btn-group" role="group">
<%= link_to t('edit'),
edit_admin_education_program_role_path(role, { program_id: @program.id }),
- class: button_classes %>
+ class: button_classes if can?(:edit, role) %>
<%= link_to t('delete'),
admin_education_program_role_path(role, { program_id: @program.id }),
method: :delete,
data: { confirm: t('please_confirm') },
- class: button_classes_danger %>
+ class: button_classes_danger if can?(:destroy, role) %>
</div>
</td>
</tr>
diff --git a/app/views/admin/education/program/roles/show.html.erb b/app/views/admin/education/program/roles/show.html.erb
index 051d0859a..09d1438ba 100644
--- a/app/views/admin/education/program/roles/show.html.erb
+++ b/app/views/admin/education/program/roles/show.html.erb
@@ -18,8 +18,10 @@
<h2 class="card-title mb-0 h5"><%= Education::Program::Role.human_attribute_name('people') %></h2>
</div>
<div class="card-body">
- <p><%= link_to t('create'), new_admin_education_program_role_person_path(role_id: @role.id), class: 'btn btn-primary' %></p>
<%= render 'admin/education/program/role/people/list', people: @role.people.includes(:person).ordered %>
+ <% if can? :create, Education::Program::Role::Person %>
+ <p><%= link_to t('create'), new_admin_education_program_role_person_path(role_id: @role.id), class: 'btn btn-primary' %></p>
+ <% end %>
</div>
</div>
</div>
diff --git a/app/views/admin/education/program/teachers/_form.html.erb b/app/views/admin/education/program/teachers/_form.html.erb
index 503032b23..31950531c 100644
--- a/app/views/admin/education/program/teachers/_form.html.erb
+++ b/app/views/admin/education/program/teachers/_form.html.erb
@@ -6,8 +6,7 @@
<div class="card-body">
<div class="row">
<div class="col-md-6">
- <% used_teacher_ids = @program.teachers.where.not(id: teacher.id).pluck(:person_id) %>
- <%= f.association :person, collection: current_university.people.teachers.where.not(id: used_teacher_ids).ordered %>
+ <%= f.association :person, collection: @teachers %>
</div>
<div class="col-md-6">
<%= f.input :description, as: :string %>
diff --git a/app/views/admin/education/program/teachers/_list.html.erb b/app/views/admin/education/program/teachers/_list.html.erb
index 5fb075887..cc7d9c17b 100644
--- a/app/views/admin/education/program/teachers/_list.html.erb
+++ b/app/views/admin/education/program/teachers/_list.html.erb
@@ -20,12 +20,12 @@
<div class="btn-group" role="group">
<%= link_to t('edit'),
edit_admin_education_program_teacher_path(teacher, { program_id: @program.id }),
- class: button_classes %>
+ class: button_classes if can? :update, teacher.person %>
<%= link_to t('delete'),
admin_education_program_teacher_path(teacher, { program_id: @program.id }),
method: :delete,
data: { confirm: t('please_confirm') },
- class: button_classes_danger %>
+ class: button_classes_danger if can? :update, teacher.person %>
</div>
</td>
</tr>
diff --git a/app/views/admin/education/programs/_list.html.erb b/app/views/admin/education/programs/_list.html.erb
index 1694c7d61..0aa706121 100644
--- a/app/views/admin/education/programs/_list.html.erb
+++ b/app/views/admin/education/programs/_list.html.erb
@@ -15,12 +15,12 @@
<div class="btn-group" role="group">
<%= link_to t('edit'),
edit_admin_education_program_path(program),
- class: button_classes %>
+ class: button_classes if can?(:update, program) %>
<%= link_to t('delete'),
admin_education_program_path(program),
method: :delete,
data: { confirm: program.children.any? ? t('please_confirm_with_children') : t('please_confirm') },
- class: button_classes_danger %>
+ class: button_classes_danger if can?(:destroy, program) %>
</div>
</td>
</tr>
diff --git a/app/views/admin/education/programs/show.html.erb b/app/views/admin/education/programs/show.html.erb
index 1cd1e4836..4ebd03b90 100644
--- a/app/views/admin/education/programs/show.html.erb
+++ b/app/views/admin/education/programs/show.html.erb
@@ -123,7 +123,7 @@
<div class="col-md-6">
<h3 class="h5"><%= Education::Program.human_attribute_name('roles') %></h3>
<%= render 'admin/education/program/roles/list', roles: @program.roles.ordered %>
- <%= link_to t('create'), new_admin_education_program_role_path(program_id: @program.id), class: button_classes %>
+ <%= link_to t('create'), new_admin_education_program_role_path(program_id: @program.id), class: button_classes if can?(:create, Education::Program::Role) %>
</div>
<div class="col-md-6">
<h3 class="h5"><%= Education::Program.human_attribute_name('teachers') %></h3>
diff --git a/app/views/admin/university/people/_form.html.erb b/app/views/admin/university/people/_form.html.erb
index 498d34150..9c0ae01d0 100644
--- a/app/views/admin/university/people/_form.html.erb
+++ b/app/views/admin/university/people/_form.html.erb
@@ -57,7 +57,7 @@
class: 'js-slug-input',
data: { source: '#university_person_first_name, #university_person_last_name' }
} %>
- <%= f.association :user, collection: current_university.users.ordered %>
+ <%= f.association :user, collection: current_university.users.ordered if can?(:manage, User) %>
</div>
</div>
<div class="card flex-fill w-100">
diff --git a/app/views/admin/university/people/_main_infos.html.erb b/app/views/admin/university/people/_main_infos.html.erb
index bf82980bd..ac859c5ee 100644
--- a/app/views/admin/university/people/_main_infos.html.erb
+++ b/app/views/admin/university/people/_main_infos.html.erb
@@ -43,7 +43,7 @@
<% if person.best_picture_inherits_from_user? %>
<p>
<span class="small text-muted">
- <%= t 'admin.inheritance.sentence_html', link: link_to(person.user, [:admin, person.user]) %>
+ <%= t 'admin.inheritance.sentence_html', link: link_to_if(can?(:read, person.user), person.user, [:admin, person.user]) %>
</span>
</p>
<% end %>
diff --git a/app/views/admin/users/_form.html.erb b/app/views/admin/users/_form.html.erb
index 317c71523..15f7c0d6d 100644
--- a/app/views/admin/users/_form.html.erb
+++ b/app/views/admin/users/_form.html.erb
@@ -29,7 +29,7 @@
},
input_html: { autocomplete: "new-password" } %>
<%= f.input :mobile_phone %>
- <%= f.input :role, include_blank: false, collection: current_user.managed_roles %>
+ <%= f.input :role, include_blank: false, collection: current_user.managed_roles, label_method: lambda { |k| t("activerecord.attributes.user.roles.#{k[1]}")} %>
</div>
</div>
</div>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index aea1857ea..c692b52c3 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -13,6 +13,12 @@ en:
mobile_phone: Mobile phone
picture: Profile picture
role: Role
+ roles:
+ admin: Administrator
+ program_manager: Program manager
+ server_admin: Server admin
+ teacher: Teacher
+ visitor: Visitor
errors:
models:
user:
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index ebbd8d67b..768f6224d 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -13,6 +13,12 @@ fr:
mobile_phone: Téléphone portable
picture: Photo de profil
role: Rôle
+ roles:
+ admin: Administrateur
+ program_manager: Responsable de formation
+ server_admin: Administrateur du serveur
+ teacher: Enseignant·e
+ visitor: Visiteur
errors:
models:
user:
--
GitLab