diff options
| -rw-r--r-- | .gitignore | 4 | ||||
| -rw-r--r-- | app/models/role.rb | 1 | ||||
| -rw-r--r-- | app/models/user.rb | 20 | ||||
| -rw-r--r-- | db/schema.rb | 31 | ||||
| -rw-r--r-- | spec/fixtures/users.yml | 25 | ||||
| -rw-r--r-- | spec/models/user_spec.rb | 54 |
6 files changed, 130 insertions, 5 deletions
@@ -1,4 +1,6 @@ -db +db/*.sqlite3 +db/migrate +db/seeds.rb log test app/views/taglibs/auto diff --git a/app/models/role.rb b/app/models/role.rb new file mode 100644 index 0000000..4e122d9 --- /dev/null +++ b/app/models/role.rb @@ -0,0 +1 @@ +Role = HoboFields::EnumString.for(:recruit, :mentor, :recruiter) diff --git a/app/models/user.rb b/app/models/user.rb index 7e8ade3..77eeba4 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -6,12 +6,16 @@ class User < ActiveRecord::Base name :string, :required, :unique email_address :email_address, :login => true administrator :boolean, :default => false + role Role, :default => 'recruit' timestamps end - # This gives admin rights to the first sign-up. - # Just remove it if you don't want that - before_create { |user| user.administrator = true if !Rails.env.test? && count == 0 } + # This gives admin rights and recruiter role to the first sign-up. + before_create { |user| + if !Rails.env.test? && count == 0 + user.administrator = true + user.role = :recruiter + end } # --- Signup lifecycle --- # @@ -33,6 +37,7 @@ class User < ActiveRecord::Base end + validate :only_recruiter_can_be_administrator # --- Permissions --- # @@ -41,11 +46,12 @@ class User < ActiveRecord::Base end def update_permitted? - acting_user.administrator? || + acting_user.administrator? || (acting_user == self && only_changed?(:email_address, :crypted_password, :current_password, :password, :password_confirmation)) # Note: crypted_password has attr_protected so although it is permitted to change, it cannot be changed # directly from a form submission. + end def destroy_permitted? @@ -56,4 +62,10 @@ class User < ActiveRecord::Base true end + protected + + def only_recruiter_can_be_administrator + errors.add(:administrator, 'only recruiters can be administrators' ) if administrator and !role.is_recruiter? + end + end diff --git a/db/schema.rb b/db/schema.rb new file mode 100644 index 0000000..02129e7 --- /dev/null +++ b/db/schema.rb @@ -0,0 +1,31 @@ +# This file is auto-generated from the current state of the database. Instead of editing this file, +# please use the migrations feature of Active Record to incrementally modify your database, and +# then regenerate this schema definition. +# +# Note that this schema.rb definition is the authoritative source for your database schema. If you need +# to create the application database on another system, you should be using db:schema:load, not running +# all the migrations from scratch. The latter is a flawed and unsustainable approach (the more migrations +# you'll amass, the slower it'll run and the greater likelihood for issues). +# +# It's strongly recommended to check this file into your version control system. + +ActiveRecord::Schema.define(:version => 20100520194754) do + + create_table "users", :force => true do |t| + t.string "crypted_password", :limit => 40 + t.string "salt", :limit => 40 + t.string "remember_token" + t.datetime "remember_token_expires_at" + t.string "name" + t.string "email_address" + t.boolean "administrator", :default => false + t.string "role", :default => "recruit" + t.datetime "created_at" + t.datetime "updated_at" + t.string "state", :default => "active" + t.datetime "key_timestamp" + end + + add_index "users", ["state"], :name => "index_users_on_state" + +end diff --git a/spec/fixtures/users.yml b/spec/fixtures/users.yml new file mode 100644 index 0000000..cfebdff --- /dev/null +++ b/spec/fixtures/users.yml @@ -0,0 +1,25 @@ +alice: + name: Alice + email_address: alice@admins.org + administrator: true + role: recruiter +ann: + name: Ann + email_address: ann@admins.org + administrator: true + role: recruiter +uriael: + name: Uriael + email_address: uriael@users.org +mustafa: + name: Mustafa + email_address: mustafa@mentors.org + role: mentor +ron: + name: Ron + email_address: ron@recruits.org + role: recruit +ralph: + name: Ralph Recruiter + email_address: ralph@recruiter.org + role: recruiter diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb new file mode 100644 index 0000000..5193437 --- /dev/null +++ b/spec/models/user_spec.rb @@ -0,0 +1,54 @@ +require 'spec_helper.rb' +describe 'User' do + + fixtures :users + + before(:each) do + @new_user = users(:uriael) + @admin = users(:ann) + @admin2 = users(:alice) + end + + it "should be non-admin recruit" do + @new_user.should_not be_administrator + @new_user.role.should == :recruit + end + + it "should be able to become mentor and recruiter" do + for new_role in [:mentor, :recruiter] do + @new_user.role = new_role + @new_user.should be_valid + end + end + + it "should be valid if recruiter is administrator" do + @new_user.role = :recruiter + @new_user.administrator = true + @new_user.should be_valid + end + + it "should be invalid if non-recruiter is administrator" do + @new_user.administrator = true + + for new_role in [:recruit, :mentor] + @new_user.role = new_role + @new_user.should_not be_valid + end + end + + it "should be prohibited for non-admin to change anyone role" do + for new_role in [:recruiter, :mentor] + @new_user.role = new_role + @new_user.should_not be_updatable_by(@new_user) + end + end + + it "should be allowed for admin to change anyone else role" do + for other_user in [@new_user, @admin] + for new_role in [:recruit, :mentor, :recruiter] + other_user.role = new_role + other_user.should be_updatable_by(@admin2) + end + end + end +end |