Merge pull request #385 from sul-dlss/super-destroy

Add superadmin and the ability to destroy exhibits.
projectblacklight · Feb 28, 2014 · d31d7ad · d31d7ad
2 parents 364f422 + f5a7c91
commit d31d7ad
Show file tree

Hide file tree

Showing 9 changed files with 52 additions and 13 deletions.
diff --git a/app/controllers/spotlight/exhibits_controller.rb b/app/controllers/spotlight/exhibits_controller.rb
@@ -20,6 +20,17 @@ def update
     end
   end
 
+  def destroy
+    @exhibit.destroy
+
+    redirect_path = if @exhibit.default?
+      spotlight.exhibit_root_path(exhibit_id: Spotlight::Exhibit.default)
+    else
+      main_app.root_url
+    end
+    redirect_to redirect_path, notice: 'Exhibit was successfully destroyed.'
+  end
+
   protected
 
   def exhibit_params

diff --git a/app/controllers/spotlight/roles_controller.rb b/app/controllers/spotlight/roles_controller.rb
@@ -5,12 +5,12 @@ class RolesController < Spotlight::ApplicationController
     load_and_authorize_resource through: :exhibit, except: [:update_all]
 
     def index
-      # every admin should at least see themseleves
-      raise CanCan::AccessDenied if @roles.empty?
+      role = @exhibit.roles.build
+      authorize! :edit, role
+
       add_breadcrumb t(:'spotlight.exhibits.breadcrumb', title: @exhibit.title), @exhibit
       add_breadcrumb t(:'spotlight.administration.sidebar.header'), exhibit_dashboard_path(@exhibit)
       add_breadcrumb t(:'spotlight.administration.sidebar.users'), exhibit_roles_path(@exhibit)
-      @exhibit.roles.build
     end
 
     def update_all

diff --git a/app/models/concerns/spotlight/user.rb b/app/models/concerns/spotlight/user.rb
@@ -4,6 +4,10 @@ module Spotlight::User
     has_many :roles, class_name: 'Spotlight::Role'
   end
 
+  def superadmin?
+    admin_roles.where(exhibit_id: nil).any?
+  end
+
   def admin_roles
     roles.where(role: 'admin')
   end

diff --git a/app/models/spotlight/ability.rb b/app/models/spotlight/ability.rb
@@ -4,6 +4,10 @@ module Spotlight::Ability
   def initialize(user)
     user ||= ::User.new
 
+    if user.superadmin?
+      can :manage, :all
+    end
+
     # This is the "right" way to do it. But it doesn't work in rails 4
     # until this PR is merged: https://github.com/ryanb/cancan/pull/917
     # can :create, Spotlight::Exhibit, admin_roles: { id: user.role_ids } 

diff --git a/app/models/spotlight/exhibit.rb b/app/models/spotlight/exhibit.rb
@@ -5,19 +5,19 @@ class Spotlight::Exhibit < ActiveRecord::Base
   friendly_id :title, use: [:slugged,:finders]
 
   DEFAULT = 'default'.freeze
-  has_many :roles
-  has_many :searches
-  has_many :pages
+  has_many :roles, dependent: :delete_all
+  has_many :searches, dependent: :delete_all
+  has_many :pages, dependent: :delete_all
   has_many :about_pages
   has_many :feature_pages
   has_one :home_page
   has_many :home_pages
   has_many :users, through: :roles, class_name: '::User'
-  has_many :custom_fields
-  has_many :contacts       # These are the contacts who appear in the sidebar
-  has_many :contact_emails # These are the contacts who get "Contact us" emails 
-  has_many :attachments
-  has_one :blacklight_configuration, class_name: Spotlight::BlacklightConfiguration
+  has_many :custom_fields, dependent: :delete_all
+  has_many :contacts, dependent: :delete_all       # These are the contacts who appear in the sidebar
+  has_many :contact_emails, dependent: :delete_all # These are the contacts who get "Contact us" emails 
+  has_many :attachments, dependent: :destroy
+  has_one :blacklight_configuration, class_name: Spotlight::BlacklightConfiguration, dependent: :delete
 
   accepts_nested_attributes_for :blacklight_configuration
   accepts_nested_attributes_for :searches
@@ -56,6 +56,10 @@ def to_s
     title
   end
 
+  def default?
+    name == DEFAULT
+  end
+
   protected
 
   def initialize_config

diff --git a/app/views/spotlight/exhibits/edit.html.erb b/app/views/spotlight/exhibits/edit.html.erb
@@ -14,11 +14,11 @@
     <% end %>
 
     <div class="form-actions">
+      <%= delete_link @exhibit, class: 'btn btn-danger' %>
       <div class="primary-actions">
         <%= f.submit nil, class: 'btn btn-primary' %>
       </div>
     </div>
   </div>
 <% end %>
 </div>
-
diff --git a/config/routes.rb b/config/routes.rb
@@ -3,7 +3,7 @@
   devise_for :contact_email, class_name: "Spotlight::ContactEmail", only: [:confirmations]
   get '/:exhibit_id' => 'home_pages#show', as: :exhibit_root
 
-  resources :exhibits, path: '/', only: [:edit, :update] do
+  resources :exhibits, path: '/', only: [:edit, :update, :destroy] do
     resources :attachments, only: :create
     resource :contact_form, path: "contact", only: [:new, :create]
     resource :blacklight_configuration, only: [:update]

diff --git a/lib/tasks/spotlight_tasks.rake b/lib/tasks/spotlight_tasks.rake
@@ -6,6 +6,7 @@ namespace :spotlight do
     email = $stdin.gets.chomp
     password = prompt_password
     u = User.create!(email: email, password: password)
+    Spotlight::Role.create(user: u, exhibit: nil, role: 'admin')
     Spotlight::Role.create(user: u, exhibit: Spotlight::Exhibit.default, role: 'admin')
     puts "User created."
   end

diff --git a/spec/controllers/spotlight/exhibits_controller_spec.rb b/spec/controllers/spotlight/exhibits_controller_spec.rb
@@ -31,6 +31,12 @@
       end
     end
 
+    describe "#destroy" do
+      it "should not be allowed" do
+        delete :destroy, id: exhibit 
+        expect(response).to redirect_to main_app.new_user_session_path
+      end
+    end
   end
 
   describe "when signed in" do
@@ -61,5 +67,14 @@
         end
       end
     end
+
+    describe "#destroy" do
+      it "should be successful" do
+        delete :destroy, id: exhibit
+        expect(Spotlight::Exhibit.exists?(exhibit.id)).to be_false
+        expect(flash[:notice]).to eq "Exhibit was successfully destroyed."
+        expect(response).to redirect_to exhibit_root_path(Spotlight::Exhibit.default)
+      end
+    end
   end
 end