Merge pull request #207 from solver-it-sro/GO-369/signing-group

GO-369 Systemova skupina - Podpisovatelia
slovensko-digital · Nov 28, 2023 · fea2409 · fea2409
2 parents 3e69449 + 083113d
commit fea2409
Show file tree

Hide file tree

Showing 29 changed files with 255 additions and 83 deletions.
diff --git a/app/components/admin/groups/group_rename_component.html.erb b/app/components/admin/groups/group_rename_component.html.erb
@@ -14,7 +14,7 @@
     </button>
   </div>
   <div data-dropdown-target="menu" class="transform transition hidden opacity-0 scale-95">
-    <%= form_with model: [:admin, @group.tenant, @group], method: :patch, class: "flex justify-stretch items-center absolute -top-10 gap-2" do |form| %>
+    <%= form_with model: [:admin, @group.tenant, @group], url: admin_tenant_group_path(@group.tenant, @group), method: :patch, class: "flex justify-stretch items-center absolute -top-10 gap-2" do |form| %>
       <%= form.text_field :name, class: "flex text-base text-left text-gray-400 grow rounded-md bg-white border border-gray-400" %>
       <%= button_tag type: 'submit' do %>
         <div class="flex justify-center items-center gap-2.5 px-2.5 py-1.5 rounded-md bg-blue-600">

diff --git a/app/components/admin/groups/groups_list_component.html.erb b/app/components/admin/groups/groups_list_component.html.erb
@@ -2,26 +2,26 @@
   <div class="self-stretch bg-white rounded-md border border-gray-200 flex-col justify-start items-start flex">
     <div class="self-stretch p-6 border-b border-gray-200 justify-start items-center gap-4 inline-flex">
       <div class="grow shrink basis-0 text-gray-900 text-xl font-semibold leading-[35px]">Skupiny</div>
-      <%= link_to new_admin_tenant_group_path, class: "px-3.5 py-2.5 bg-blue-600 rounded-md justify-center items-center gap-2.5 flex" do %>
+      <%= link_to new_admin_tenant_group_path, data: { turbo_frame: "modal" }, class: "px-3.5 py-2.5 bg-blue-600 rounded-md justify-center items-center gap-2.5 flex" do %>
         <p class="text-white text-base font-medium leading-normal">Vytvoriť skupinu</p>
       <% end %>
     </div>
     <div class="self-stretch flex-col justify-start items-start flex">
-      <% @custom_groups.each do |custom_group| %>
-        <%= render Admin::Groups::GroupsListRowComponent.new(custom_group) %>
+      <% @editable_groups.each do |group| %>
+        <%= render Admin::Groups::GroupsListRowComponent.new(group) %>
       <% end %>
     </div>
   </div>
   <div class="self-stretch bg-white rounded-md border border-gray-200 flex-col justify-start items-start flex">
     <div class="self-stretch p-6 border-b border-gray-200 justify-start items-center gap-4 inline-flex">
       <div class="flex-col">
-        <div class="grow shrink basis-0 text-gray-900 text-xl font-semibold leading-[35px]">Systémové skupiny</div>
-        <div class="grow shrink basis-0 text-gray-900 text-m leading-[35px]">Zakladané automaticky, nie je možné upravovať</div>
+        <div class="grow shrink basis-0 text-gray-900 text-xl font-semibold leading-[35px]">Uzamknuté skupiny</div>
+        <div class="grow shrink basis-0 text-gray-900 text-m leading-[35px]">Nie je možné upravovať</div>
       </div>
     </div>
     <div class="self-stretch flex-col justify-start items-start flex">
-      <% @system_groups.each do |system_group| %>
-        <%= render Admin::Groups::GroupsListRowComponent.new(system_group) %>
+      <% @non_editable_groups.each do |group| %>
+        <%= render Admin::Groups::GroupsListRowComponent.new(group) %>
       <% end %>
     </div>
   </div>

diff --git a/app/components/admin/groups/groups_list_component.rb b/app/components/admin/groups/groups_list_component.rb
@@ -1,6 +1,6 @@
 class Admin::Groups::GroupsListComponent < ViewComponent::Base
-  def initialize(custom_groups:, system_groups:)
-    @custom_groups = custom_groups
-    @system_groups = system_groups
+  def initialize(editable_groups:, non_editable_groups:)
+    @editable_groups = editable_groups
+    @non_editable_groups = non_editable_groups
   end
 end
diff --git a/app/components/admin/groups/groups_list_row_component.html.erb b/app/components/admin/groups/groups_list_row_component.html.erb
@@ -4,28 +4,30 @@
   </div>
   <div class="grow shrink basis-0 flex-col justify-start items-start gap-1 inline-flex">
     <div class="text-center text-gray-900 text-lg font-medium leading-loose">
-      <% if @group.is_modifiable? %>
-        <%= render Admin::Groups::GroupRenameComponent.new(@group) if @group.is_modifiable? %>
+      <% if @group.renamable? %>
+        <%= render Admin::Groups::GroupRenameComponent.new(@group) %>
       <% else %>
         <%= @group.name %>
       <% end %>
     </div>
     <div class="text-center text-gray-500 text-base font-normal leading-normal">
-      <%= link_to (@group.is_modifiable? ? edit_admin_tenant_group_path(@group.tenant, @group) : admin_tenant_group_path(@group.tenant, @group)), data: { turbo_frame: "modal" } do %>
-        <%= t :user, count: @group.users.count %>
+      <%= link_to (@group.editable? ? edit_admin_tenant_group_path(@group.tenant, @group) : admin_tenant_group_path(@group.tenant, @group)), data: { turbo_frame: "modal" } do %>
+        <%= t("user", count: @group.users.count) %>
       <% end %>
     </div>
   </div>
   <div class="justify-start items-start gap-2 flex">
-    <% if @group.is_modifiable? %>
-      <%= link_to edit_members_admin_tenant_group_path(@group.tenant, @group) do %>
+    <% if @group.editable? %>
+      <%= link_to edit_members_admin_tenant_group_path(@group.tenant, @group), data: { turbo_frame: "modal" } do %>
         <%= render Common::EditButtonComponent.new %>
       <% end %>
-      <%= button_to admin_tenant_group_path(@group.tenant, @group), method: :delete do %>
-        <%= render Common::DeleteButtonComponent.new %>
+      <% if @group.destroyable? %>
+        <%= button_to admin_tenant_group_path(@group.tenant, @group), method: :delete, data: { turbo_confirm: "Naozaj chcete zmazať skupinu '#{@group.name}'?" } do %>
+          <%= render Common::DeleteButtonComponent.new %>
+        <% end %>
       <% end %>
     <% else %>
-      <%= link_to show_members_admin_tenant_group_path(@group.tenant, @group) do %>
+      <%= link_to show_members_admin_tenant_group_path(@group.tenant, @group), data: { turbo_frame: "modal" } do %>
         <%= render Common::ShowButtonComponent.new %>
       <% end %>
     <% end %>

diff --git a/app/components/admin/groups/new_group_form_component.html.erb b/app/components/admin/groups/new_group_form_component.html.erb
@@ -10,7 +10,7 @@
           </div>
           <%= render Common::CloseButtonComponent.new(link_to: admin_tenant_groups_path(Current.tenant)) %>
         </div>
-        <%= form_with model: [:admin, Current.tenant, @group] do |form| %>
+        <%= form_with model: [:admin, Current.tenant, @group], url: admin_tenant_groups_path(Current.tenant, @group) do |form| %>
           <div class="flex flex-col justify-start items-start self-stretch flex-grow-0 flex-shrink-0 w-400">
             <div class="flex justify-start items-center self-stretch flex-grow-0 flex-shrink-0 gap-4 p-6 border-t-0 border-r-0 border-b border-l-0 border-gray-200">
               <div class="flex flex-col justify-start items-start self-stretch flex-grow overflow-hidden gap-2 rounded-md">

diff --git a/app/components/admin/permissions/groups_list_row_component.html.erb b/app/components/admin/permissions/groups_list_row_component.html.erb
@@ -5,14 +5,10 @@
     </div>
     <div class="flex-col justify-start items-start shrink-0 w-48 gap-1 inline-flex">
       <div class="text-center text-gray-900 text-lg font-medium leading-loose">
-        <% if @group.is_modifiable? %>
-          <%= render Admin::Groups::GroupRenameComponent.new(@group) if @group.is_modifiable? %>
-        <% else %>
-          <%= @group.name %>
-        <% end %>
+        <%= @group.name %>
       </div>
       <div class="text-center text-gray-500 text-base font-normal leading-normal">
-        <%= t :user, count: @group.users.count %>
+        <%= t("user", count: @group.users.count) %>
       </div>
     </div>
     <div class="flex justify-start items-start overflow-hidden gap-2 px-4">

diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb
@@ -3,40 +3,39 @@ class Admin::GroupsController < ApplicationController
 
   def index
     authorize([:admin, Group])
-    @custom_groups = policy_scope([:admin, Group]).where(tenant_id: Current.tenant.id).where.not(group_type: %w[ALL USER])
-    @system_groups = policy_scope([:admin, Group]).where(tenant_id: Current.tenant.id, group_type: %w[ALL USER])
+
+    @editable_groups = group_policy_scope.where(tenant_id: Current.tenant.id).editable
+    @non_editable_groups = group_policy_scope.where(tenant_id: Current.tenant.id).where.not(id: @editable_groups.pluck(:id))
   end
 
   def show
-    authorize([:admin, @group])
-    @other_tags = other_tags
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
   end
 
   def new
-    @group = Current.tenant.groups.new
-    authorize([:admin, @group])
+    @group = Current.tenant.custom_groups.new
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
   end
 
   def edit
-    authorize([:admin, @group])
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
   end
 
   def edit_members
-    authorize([:admin, @group])
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
   end
 
   def show_members
-    authorize([:admin, @group])
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
   end
 
   def edit_permissions
-    authorize([:admin, @group])
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
   end
 
   def create
-    @group = Current.tenant.groups.new(group_params)
-    @group.group_type = 'CUSTOM'
-    authorize([:admin, @group])
+    @group = Current.tenant.custom_groups.new(group_params)
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
 
     if @group.save
       redirect_to edit_members_admin_tenant_group_url(Current.tenant, @group, step: :new), notice: 'Group was successfully created'
@@ -46,7 +45,7 @@ def create
   end
 
   def update
-    authorize([:admin, @group])
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
     if @group.update(group_params)
       redirect_to admin_tenant_groups_url(Current.tenant), notice: 'Group was successfully updated'
     else
@@ -55,20 +54,20 @@ def update
   end
 
   def destroy
-    authorize([:admin, @group])
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
     @group.destroy
     redirect_to admin_tenant_groups_url(Current.tenant), notice: 'Group was successfully destroyed'
   end
 
   def search_non_members
-    authorize([:admin, @group])
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
     return if params[:name_search].blank?
 
     @users = non_members_search_clause
   end
 
   def search_non_tags
-    authorize([:admin, @group])
+    authorize([:admin, @group], policy_class: Admin::GroupPolicy)
     return if params[:name_search].blank?
 
     @tags = non_tags_search_clause
@@ -77,26 +76,38 @@ def search_non_tags
   private
 
   def non_members_search_clause
-    policy_scope([:admin, User])
+    user_policy_scope
       .where(tenant: Current.tenant.id)
       .where.not(id: User.joins(:group_memberships).where(group_memberships: { group_id: @group.id }))
       .where('unaccent(name) ILIKE unaccent(?)', "%#{params[:name_search]}%")
       .order(:name)
   end
 
   def non_tags_search_clause
-    policy_scope([:admin, Tag])
+    tag_policy_scope
       .where(tenant: Current.tenant.id)
       .where.not(id: Tag.joins(:tag_groups).where(tag_groups: { group_id: @group.id }))
       .where('unaccent(name) ILIKE unaccent(?)', "%#{params[:name_search]}%")
       .order(:name)
   end
 
   def set_group
-    @group = policy_scope([:admin, Group]).find(params[:id])
+    @group = group_policy_scope.find(params[:id])
   end
 
   def group_params
-    params.require(:group).permit(:name, :group_type)
+    params.require(:custom_group).permit(:name)
+  end
+
+  def group_policy_scope
+    policy_scope([:admin, Group])
+  end
+
+  def user_policy_scope
+    policy_scope([:admin, User])
+  end
+
+  def tag_policy_scope
+    policy_scope([:admin, Tag])
   end
 end
diff --git a/app/models/admin_group.rb b/app/models/admin_group.rb
@@ -0,0 +1,17 @@
+# == Schema Information
+#
+# Table name: groups
+#
+#  id         :bigint           not null, primary key
+#  group_type :enum
+#  name       :string           not null
+#  type       :string           not null
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#  tenant_id  :bigint           not null
+#
+class AdminGroup < Group
+  def name
+    I18n.t("group.names.admin")
+  end
+end
diff --git a/app/models/all_group.rb b/app/models/all_group.rb
@@ -0,0 +1,17 @@
+# == Schema Information
+#
+# Table name: groups
+#
+#  id         :bigint           not null, primary key
+#  group_type :enum
+#  name       :string           not null
+#  type       :string           not null
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#  tenant_id  :bigint           not null
+#
+class AllGroup < Group
+  def name
+    I18n.t("group.names.all")
+  end
+end
diff --git a/app/models/audit_log.rb b/app/models/audit_log.rb
@@ -1,3 +1,22 @@
+# == Schema Information
+#
+# Table name: audit_logs
+#
+#  id                 :bigint           not null, primary key
+#  actor_name         :string
+#  changeset          :jsonb
+#  happened_at        :datetime         not null
+#  new_value          :string
+#  previous_value     :string
+#  thread_id_archived :integer
+#  thread_title       :string
+#  type               :string           not null
+#  created_at         :datetime         not null
+#  updated_at         :datetime         not null
+#  actor_id           :bigint
+#  message_thread_id  :bigint
+#  tenant_id          :bigint
+#
 require "csv"
 
 class AuditLog < ApplicationRecord

diff --git a/app/models/custom_group.rb b/app/models/custom_group.rb
@@ -0,0 +1,14 @@
+# == Schema Information
+#
+# Table name: groups
+#
+#  id         :bigint           not null, primary key
+#  group_type :enum
+#  name       :string           not null
+#  type       :string           not null
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#  tenant_id  :bigint           not null
+#
+class CustomGroup < Group
+end
diff --git a/app/models/group.rb b/app/models/group.rb
@@ -3,8 +3,9 @@
 # Table name: groups
 #
 #  id         :bigint           not null, primary key
-#  group_type :enum             not null
+#  group_type :enum
 #  name       :string           not null
+#  type       :string           not null
 #  created_at :datetime         not null
 #  updated_at :datetime         not null
 #  tenant_id  :bigint           not null
@@ -16,11 +17,26 @@ class Group < ApplicationRecord
   has_many :tag_groups, dependent: :destroy
   has_many :tags, through: :tag_groups
 
+  EDITABLE_GROUP_TYPES = %w[AdminGroup SignerGroup CustomGroup]
+
+  scope :editable, -> { where(type: EDITABLE_GROUP_TYPES) }
+
   validates_presence_of :name
   validates_uniqueness_of :name, scope: :tenant_id
-  validates :group_type, inclusion: { in: ['ALL', 'USER', 'ADMIN', 'CUSTOM'], allow_blank: false }
 
-  def is_modifiable?
-    !group_type.in? %w[ALL USER]
+  def editable?
+    type.in? EDITABLE_GROUP_TYPES
+  end
+
+  def system?
+    !is_a?(CustomGroup)
+  end
+
+  def destroyable?
+    !system?
+  end
+
+  def renamable?
+    !system?
   end
 end
diff --git a/app/models/group_membership.rb b/app/models/group_membership.rb
@@ -11,9 +11,4 @@
 class GroupMembership < ApplicationRecord
   belongs_to :group
   belongs_to :user
-
-  def group_membership_modifiable?
-    # can't be removed from default groups - "TENANT_NAME"_ALL group and named user default group "USER_NAME"_USER
-    !group.group_type.in? ['ALL', 'USER'] 
-  end
 end
diff --git a/app/models/signer_group.rb b/app/models/signer_group.rb
@@ -0,0 +1,17 @@
+# == Schema Information
+#
+# Table name: groups
+#
+#  id         :bigint           not null, primary key
+#  group_type :enum
+#  name       :string           not null
+#  type       :string           not null
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#  tenant_id  :bigint           not null
+#
+class SignerGroup < Group
+  def name
+    I18n.t("group.names.signer")
+  end
+end
diff --git a/app/models/tag.rb b/app/models/tag.rb
@@ -28,7 +28,7 @@ class Tag < ApplicationRecord
 
   scope :visible, -> { where(visible: true) }
 
-  after_create_commit ->(tag) { tag.mark_readable_by_groups(tag.tenant.admin_groups) }
+  after_create_commit ->(tag) { tag.mark_readable_by_groups([tag.tenant.admin_group]) }
   after_update_commit ->(tag) { EventBus.publish(:tag_renamed, tag) if previous_changes.key?("name") }
   after_destroy ->(tag) { EventBus.publish(:tag_destroyed, tag) }