diff --git a/app/views/account/applications/index.html.erb b/app/views/account/applications/index.html.erb
index 9036b1f5e..754eeb304 100644
--- a/app/views/account/applications/index.html.erb
+++ b/app/views/account/applications/index.html.erb
@@ -63,10 +63,12 @@
| <%= application.name %> |
<%= application.description %> |
- <%= button_to account_application_signin_permission_path(application),
- class: "govuk-button govuk-!-margin-0",
- data: { module: "govuk-button" } do %>
- Grant access to <%= application.name %>
+ <% if policy([:account, Doorkeeper::Application]).grant_signin_permission? %>
+ <%= button_to account_application_signin_permission_path(application),
+ class: "govuk-button govuk-!-margin-0",
+ data: { module: "govuk-button" } do %>
+ Grant access to <%= application.name %>
+ <% end %>
<% end %>
|
diff --git a/test/controllers/account/applications_controller_test.rb b/test/controllers/account/applications_controller_test.rb
index f6d27d77f..be82c30c9 100644
--- a/test/controllers/account/applications_controller_test.rb
+++ b/test/controllers/account/applications_controller_test.rb
@@ -22,4 +22,18 @@ class Account::ApplicationsControllerTest < ActionController::TestCase
assert_redirected_to "/account/applications"
end
end
+
+ context "#index" do
+ context "logged in as a publishing manager" do
+ should "not display the button to grant access to an application" do
+ application = create(:application, name: "app-name")
+ sign_in create(:organisation_admin_user)
+
+ get :index
+
+ assert_select "tr td", text: "app-name"
+ assert_select "form[action='#{account_application_signin_permission_path(application)}']", count: 0
+ end
+ end
+ end
end