Skip to content

Commit

Permalink
Add page for listing a user's applications
Browse files Browse the repository at this point in the history
This currently only includes the applications that the user would see on
their dashboard.
  • Loading branch information
chrisroos committed Sep 4, 2023
1 parent 4d9ad73 commit 282c876
Show file tree
Hide file tree
Showing 6 changed files with 120 additions and 0 deletions.
11 changes: 11 additions & 0 deletions app/controllers/account/applications_controller.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
class Account::ApplicationsController < ApplicationController
layout "admin_layout"

before_action :authenticate_user!

def index
authorize :account_applications

@applications = ::Doorkeeper::Application.where(show_on_dashboard: true).can_signin(current_user)
end
end
5 changes: 5 additions & 0 deletions app/policies/account_applications_policy.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
class AccountApplicationsPolicy < BasePolicy
def index?
current_user.govuk_admin?
end
end
34 changes: 34 additions & 0 deletions app/views/account/applications/index.html.erb
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
<% content_for :title, "GOV.UK apps" %>

<% content_for :breadcrumbs,
render("govuk_publishing_components/components/breadcrumbs", {
collapse_on_mobile: true,
breadcrumbs: [
{
title: "Dashboard",
url: root_path,
},
{
title: "GOV.UK apps",
}
]
})
%>

<table class="govuk-table">
<caption class="govuk-table__caption govuk-table__caption--m">Apps you have access to</caption>
<thead class="govuk-table__head">
<tr class="govuk-table__row">
<th scope="col" class="govuk-table__header">Name</th>
<th scope="col" class="govuk-table__header">Description</th>
</tr>
</thead>
<tbody class="govuk-table__body">
<% @applications.each do |application| %>
<tr class="govuk-table__row">
<td class="govuk-table__cell"><%= application.name %></td>
<td class="govuk-table__cell"><%= application.description %></td>
</tr>
<% end %>
</tbody>
</table>
3 changes: 3 additions & 0 deletions config/routes.rb
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,9 @@
resource :user, only: [:show]

resource :account, only: [:show]
namespace :account do
resources :applications, only: [:index]
end

resources :batch_invitations, only: %i[new create show]
resources :bulk_grant_permission_sets, only: %i[new create show]
Expand Down
37 changes: 37 additions & 0 deletions test/integration/account_applications_test.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
require "test_helper"

class AccountApplicationsTest < ActionDispatch::IntegrationTest
context "#index" do
should "not be accessible to signed out users" do
visit account_applications_path

assert_current_url new_user_session_path
end

should "list the applications the user has access to" do
app = FactoryBot.create(:application, name: "app-name", description: "app-description")
user = FactoryBot.create(:admin_user)
user.supported_permissions << app.signin_permission

visit new_user_session_path
signin_with user

visit account_applications_path

assert page.has_content?("app-name")
assert page.has_content?("app-description")
end

should "not list the applications the user does not have access to" do
FactoryBot.create(:application, name: "app-name")
user = FactoryBot.create(:admin_user)

visit new_user_session_path
signin_with user

visit account_applications_path

assert_not page.has_content?("app-name")
end
end
end
30 changes: 30 additions & 0 deletions test/policies/account_applications_policy_test.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
require "test_helper"
require "support/policy_helpers"

class AccountApplicationsPolicyTest < ActiveSupport::TestCase
include PolicyHelpers

context "accessing index?" do
context "for govuk admins" do
setup do
@current_user = FactoryBot.build(:admin_user)
end

should "be permitted" do
assert permit?(@current_user, nil, :index)
end
end

%i[user super_organisation_admin_user organisation_admin_user].each do |user_role|
context "for #{user_role} users" do
setup do
@current_user = FactoryBot.build(user_role)
end

should "be denied" do
assert forbid?(@current_user, nil, :index)
end
end
end
end
end

0 comments on commit 282c876

Please sign in to comment.