diff --git a/app/controllers/account/applications_controller.rb b/app/controllers/account/applications_controller.rb new file mode 100644 index 0000000000..da4734bf2b --- /dev/null +++ b/app/controllers/account/applications_controller.rb @@ -0,0 +1,11 @@ +class Account::ApplicationsController < ApplicationController + layout "admin_layout" + + before_action :authenticate_user! + + def index + authorize :account_applications + + @applications = ::Doorkeeper::Application.where(show_on_dashboard: true).can_signin(current_user) + end +end diff --git a/app/policies/account_applications_policy.rb b/app/policies/account_applications_policy.rb new file mode 100644 index 0000000000..69902efd23 --- /dev/null +++ b/app/policies/account_applications_policy.rb @@ -0,0 +1,5 @@ +class AccountApplicationsPolicy < BasePolicy + def index? + current_user.govuk_admin? + end +end diff --git a/app/views/account/applications/index.html.erb b/app/views/account/applications/index.html.erb new file mode 100644 index 0000000000..1083c967ca --- /dev/null +++ b/app/views/account/applications/index.html.erb @@ -0,0 +1,34 @@ +<% content_for :title, "GOV.UK apps" %> + +<% content_for :breadcrumbs, + render("govuk_publishing_components/components/breadcrumbs", { + collapse_on_mobile: true, + breadcrumbs: [ + { + title: "Dashboard", + url: root_path, + }, + { + title: "GOV.UK apps", + } + ] + }) +%> + + + + + + + + + + + <% @applications.each do |application| %> + + + + + <% end %> + +
Apps you have access to
NameDescription
<%= application.name %><%= application.description %>
diff --git a/config/routes.rb b/config/routes.rb index 6449514107..6ee78fad9d 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -50,6 +50,9 @@ resource :user, only: [:show] resource :account, only: [:show] + namespace :account do + resources :applications, only: [:index] + end resources :batch_invitations, only: %i[new create show] resources :bulk_grant_permission_sets, only: %i[new create show] diff --git a/test/integration/account_applications_test.rb b/test/integration/account_applications_test.rb new file mode 100644 index 0000000000..1dde97a9ab --- /dev/null +++ b/test/integration/account_applications_test.rb @@ -0,0 +1,37 @@ +require "test_helper" + +class AccountApplicationsTest < ActionDispatch::IntegrationTest + context "#index" do + should "not be accessible to signed out users" do + visit account_applications_path + + assert_current_url new_user_session_path + end + + should "list the applications the user has access to" do + app = FactoryBot.create(:application, name: "app-name", description: "app-description") + user = FactoryBot.create(:admin_user) + user.supported_permissions << app.signin_permission + + visit new_user_session_path + signin_with user + + visit account_applications_path + + assert page.has_content?("app-name") + assert page.has_content?("app-description") + end + + should "not list the applications the user does not have access to" do + FactoryBot.create(:application, name: "app-name") + user = FactoryBot.create(:admin_user) + + visit new_user_session_path + signin_with user + + visit account_applications_path + + assert_not page.has_content?("app-name") + end + end +end diff --git a/test/policies/account_applications_policy_test.rb b/test/policies/account_applications_policy_test.rb new file mode 100644 index 0000000000..b0dd4252f0 --- /dev/null +++ b/test/policies/account_applications_policy_test.rb @@ -0,0 +1,30 @@ +require "test_helper" +require "support/policy_helpers" + +class AccountApplicationsPolicyTest < ActiveSupport::TestCase + include PolicyHelpers + + context "accessing index?" do + context "for govuk admins" do + setup do + @current_user = FactoryBot.build(:admin_user) + end + + should "be permitted" do + assert permit?(@current_user, nil, :index) + end + end + + %i[user super_organisation_admin_user organisation_admin_user].each do |user_role| + context "for #{user_role} users" do + setup do + @current_user = FactoryBot.build(user_role) + end + + should "be denied" do + assert forbid?(@current_user, nil, :index) + end + end + end + end +end