From 8ec418429fbb79dc556256fc50d50db6efc8dedb Mon Sep 17 00:00:00 2001 From: Dave Arter Date: Tue, 12 Nov 2024 20:45:45 +0000 Subject: [PATCH] [Notts Police] Allow staff to manage available states For FD-4703 --- .../Cobrand/NottinghamshirePolice.pm | 32 +++++++++++++++++++ t/cobrand/nottinghamshirepolice.t | 19 +++++++++++ 2 files changed, 51 insertions(+) diff --git a/perllib/FixMyStreet/Cobrand/NottinghamshirePolice.pm b/perllib/FixMyStreet/Cobrand/NottinghamshirePolice.pm index dc7242efb67..05e438812a0 100644 --- a/perllib/FixMyStreet/Cobrand/NottinghamshirePolice.pm +++ b/perllib/FixMyStreet/Cobrand/NottinghamshirePolice.pm @@ -190,4 +190,36 @@ sub example_places { return [ 'NG2 3DZ', 'Meadows Way, Nottingham' ]; } +=head2 available_permissions + +Add the manage_states permission to the list of available permissions. + +=cut + +sub available_permissions { + my $self = shift; + my $perms = $self->next::method(); + $perms->{Problems}->{manage_states} = "Add/remove states"; + return $perms; +} + +=head2 admin_pages + +Users with the manage_states permission can access the states admin page. + +=cut + +sub admin_pages { + my $self = shift; + my $pages = $self->next::method(); + + if ( $self->{c}->user->has_body_permission_to('manage_states') ) { + $pages->{states} = [ _('States'), 102 ]; + }; + + return $pages; +} + + + 1; diff --git a/t/cobrand/nottinghamshirepolice.t b/t/cobrand/nottinghamshirepolice.t index 2bb7b618591..66c78d3ac30 100644 --- a/t/cobrand/nottinghamshirepolice.t +++ b/t/cobrand/nottinghamshirepolice.t @@ -94,6 +94,25 @@ FixMyStreet::override_config { $report->discard_changes; is $report->get_extra_metadata('sent_to_council'), 'Gedling Borough Council'; }; + + subtest 'check new permission is available' => sub { + $mech->log_in_ok($staff->email); + $staff->user_body_permissions->create({ body => $notts_police, permission_type => 'user_edit' }); + $staff->user_body_permissions->create({ body => $notts_police, permission_type => 'user_manage_permissions' }); + + $mech->get("/admin/users/" . $staff->id); + $mech->content_contains('Add/remove states'); + }; + + subtest 'check states page behind permission' => sub { + $mech->log_in_ok($staff->email); + + $mech->get("/admin/states"); + is $mech->status, 404, "Staff user can't access states page without permission"; + + $staff->user_body_permissions->create({ body => $notts_police, permission_type => 'manage_states' }); + $mech->get_ok("/admin/states"); + }; }; subtest 'Permissions for report updates' => sub {