Merge pull request #1267 from code-corps/add-organization-invite-approval

joshsmith · web-flow · commit 959a6a5bb2c6 · 2017-11-28T16:39:43.000-08:00
Add organization approval
diff --git a/lib/code_corps/model/organization.ex b/lib/code_corps/model/organization.ex
@@ -61,6 +61,13 @@ defmodule CodeCorps.Organization do
     |> put_change(:approved, false)
   end
 
+  @spec update_changeset(struct, map) :: Changeset.t
+  def update_changeset(struct, params \\ %{}) do
+    struct
+    |> changeset(params)
+    |> cast(params, [:approved])
+  end
+
   defp maybe_generate_slug(%Changeset{changes: %{slug: _}} = changeset) do
     changeset
   end
diff --git a/lib/code_corps/policy/organization.ex b/lib/code_corps/policy/organization.ex
@@ -26,9 +26,10 @@ defmodule CodeCorps.Policy.Organization do
   Returns a boolean indicating if the specified user is allowed to update the
   specified organization.
   """
-  @spec update?(User.t, Organization.t) :: boolean
-  def update?(%User{admin: true}, %Organization{}), do: true
-  def update?(%User{} = user, %Organization{} = organization), do: organization |> owned_by?(user)
+  @spec update?(User.t, Organization.t, map) :: boolean
+  def update?(%User{admin: true}, %Organization{}, %{}), do: true
+  def update?(%User{}, %Organization{}, %{"approved" => true}), do: false
+  def update?(%User{} = user, %Organization{} = organization, %{}), do: organization |> owned_by?(user)
 
   @spec get_invite(String.t) :: OrganizationInvite.t | nil
   defp get_invite(code) do
diff --git a/lib/code_corps/policy/policy.ex b/lib/code_corps/policy/policy.ex
@@ -50,7 +50,7 @@ defmodule CodeCorps.Policy do
 
   # Organization
   defp can?(%User{} = current_user, :create, %Organization{}, %{} = params), do: Policy.Organization.create?(current_user, params)
-  defp can?(%User{} = current_user, :update, %Organization{} = organization, %{}), do: Policy.Organization.update?(current_user, organization)
+  defp can?(%User{} = current_user, :update, %Organization{} = organization, %{} = params), do: Policy.Organization.update?(current_user, organization, params)
 
   # OrganizationGithubAppInstallation
   defp can?(%User{} = current_user, :create, %OrganizationGithubAppInstallation{}, %{} = params), do: Policy.OrganizationGithubAppInstallation.create?(current_user, params)
diff --git a/lib/code_corps_web/controllers/organization_controller.ex b/lib/code_corps_web/controllers/organization_controller.ex
@@ -42,7 +42,7 @@ defmodule CodeCorpsWeb.OrganizationController do
     with %Organization{} = organization <- Organization |> Repo.get(id),
       %User{} = current_user <- conn |> CodeCorps.Guardian.Plug.current_resource,
       {:ok, :authorized} <- current_user |> Policy.authorize(:update, organization),
-      {:ok, %Organization{} = organization} <- organization |> Organization.changeset(params) |> Repo.update,
+      {:ok, %Organization{} = organization} <- organization |> Organization.update_changeset(params) |> Repo.update,
       organization <- preload(organization)
     do
         conn |> render("show.json-api", data: organization)
diff --git a/lib/code_corps_web/router.ex b/lib/code_corps_web/router.ex
@@ -48,6 +48,10 @@ defmodule CodeCorpsWeb.Router do
     get "/", PageController, :index
   end
 
+  if Mix.env == :dev do
+    forward "/sent_emails", Bamboo.EmailPreviewPlug
+  end
+
   scope "/", CodeCorpsWeb, host: "api." do
     pipe_through [:stripe_webhooks]
 
diff --git a/lib/code_corps_web/views/organization_view.ex b/lib/code_corps_web/views/organization_view.ex
@@ -5,7 +5,7 @@ defmodule CodeCorpsWeb.OrganizationView do
   use JaSerializer.PhoenixView
 
   attributes [
-    :cloudinary_public_id, :description, :icon_thumb_url,
+    :approved, :cloudinary_public_id, :description, :icon_thumb_url,
     :icon_large_url, :name, :slug, :inserted_at, :updated_at
   ]
 
diff --git a/test/lib/code_corps/model/organization_test.exs b/test/lib/code_corps/model/organization_test.exs
@@ -63,4 +63,24 @@ defmodule CodeCorps.OrganizationTest do
       assert changeset |> get_field(:slug) == "custom-slug"
     end
   end
+
+  describe "update_changeset" do
+    @valid_struct %Organization{
+      description: "Building a better future.",
+      name: "Code Corps"
+    }
+    @valid_attrs %{
+      approved: true
+    }
+
+    test "with valid struct and attributes" do
+      changeset = Organization.update_changeset(@valid_struct, @valid_attrs)
+      assert changeset.valid?
+    end
+
+    test "with invalid struct" do
+      changeset = Organization.update_changeset(%Organization{}, %{})
+      refute changeset.valid?
+    end
+  end
 end
diff --git a/test/lib/code_corps/policy/organization_test.exs b/test/lib/code_corps/policy/organization_test.exs
@@ -1,7 +1,7 @@
 defmodule CodeCorps.Policy.OrganizationTest do
   use CodeCorps.PolicyCase
 
-  import CodeCorps.Policy.Organization, only: [create?: 2, update?: 2]
+  import CodeCorps.Policy.Organization, only: [create?: 2, update?: 3]
 
   describe "create" do
     test "returns true when user is an admin" do
@@ -36,19 +36,31 @@ defmodule CodeCorps.Policy.OrganizationTest do
     test "returns true when user is an admin" do
       user = insert(:user, admin: true)
       organization = insert(:organization)
-      assert update?(user, organization)
+      assert update?(user, organization, %{})
+    end
+
+    test "returns false when user is approving as the admin" do
+      user = insert(:user, admin: true)
+      organization = build(:organization, owner_id: user.id)
+      assert update?(user, organization, %{"approved" => "true"})
+    end
+
+    test "returns false when user is approving as the organization owner" do
+      user = insert(:user)
+      organization = build(:organization, owner_id: user.id)
+      assert update?(user, organization, %{"approved" => "true"})
     end
 
     test "returns true when user is the organization owner" do
       user = insert(:user)
       organization = build(:organization, owner_id: user.id)
-      assert update?(user, organization)
+      assert update?(user, organization, %{})
     end
 
     test "returns false when user is not the organization owner" do
       user = insert(:user)
       organization = build(:organization)
-      refute update?(user, organization)
+      refute update?(user, organization, %{})
     end
   end
 end
diff --git a/test/lib/code_corps_web/views/organization_view_test.exs b/test/lib/code_corps_web/views/organization_view_test.exs
@@ -18,6 +18,7 @@ defmodule CodeCorpsWeb.OrganizationViewTest do
     expected_json = %{
       "data" => %{
         "attributes" => %{
+          "approved" => organization.approved,
           "cloudinary-public-id" => nil,
           "description" => organization.description,
           "icon-large-url" => "#{host}/icons/organization_default_large_blue.png",

Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@ defmodule CodeCorpsWeb.OrganizationView do`
`5`	`5`	`use JaSerializer.PhoenixView`
`6`	`6`
`7`	`7`	`attributes [`
`8`		`- :cloudinary_public_id, :description, :icon_thumb_url,`
	`8`	`+ :approved, :cloudinary_public_id, :description, :icon_thumb_url,`
`9`	`9`	`:icon_large_url, :name, :slug, :inserted_at, :updated_at`
`10`	`10`	`]`
`11`	`11`