A few enhancements to allow GAP account users to better use the system (

#1911)
pulibrary · Aug 22, 2024 · a8ab55b · a8ab55b
1 parent 94cb55d
commit a8ab55b
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 13 deletions.
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -80,7 +80,10 @@ def user_id_from_url
 
     # Only allow a list of trusted parameters through.
     def user_params
-      @user_params ||= params.require(:user).permit([:given_name, :full_name, :family_name, :orcid, :email_messages_enabled, groups_with_messaging: {}])
+      @user_params ||= params.require(:user).permit([
+                                                      :given_name, :full_name, :family_name, :orcid, :email_messages_enabled,
+                                                      :email, :default_group_id, groups_with_messaging: {}
+                                                    ])
     end
 
     def can_edit?

diff --git a/app/views/users/_form.html.erb b/app/views/users/_form.html.erb
@@ -77,18 +77,25 @@
 
   <div class="field">
     Email<br />
-    <input id="email" type="text" class="user-edit-long-field" disabled value="<%= @user.email %>" />
+    <%= form.text_field :email, class: "user-edit-long-field" %>
   </div>
 
   <div class="field">
     Princeton Net ID<br />
-    <input id="netid" type="text" class="user-edit-long-field" disabled value="<%= @user.uid %>" />
+    <%= form.text_field :uid, class: "user-edit-long-field", readonly: true %>
   </div>
 
-  <div class="field">
-    Default group<br />
-    <input id="default_group" type="text" class="user-edit-long-field" disabled value="<%= @user.default_group.title %>" />
-  </div>
+  <% if current_user.moderator? || current_user.super_admin? %>
+    <div class="field">
+      Default group<br />
+      <%= form.collection_select :default_group_id, Group.order(:title), :id, :title, {include_blank: false}, {class: "user-edit-long-field"} %>
+    </div>
+  <% else %>
+    <div class="field">
+      Default group<br />
+      <input type="text" class="user-edit-long-field" readonly value="<%= @user.default_group.title %>" />
+    </div>
+  <% end %>
 
   <div class="text-left">
     <%= form.submit "Save", class: "btn btn-primary" %>

diff --git a/spec/system/user_edit_spec.rb b/spec/system/user_edit_spec.rb
@@ -19,12 +19,37 @@
 
     it "shows user fields", js: true do
       visit edit_user_path(user_admin)
-      # These fields are disabled so we cannot target them with
-      # RSpec `have_field`, but once we make them editable we
-      # could use the more common syntax.
-      expect(page.html.include?(user_admin.email)).to be true
-      expect(page.html.include?(user_admin.uid)).to be true
-      expect(page.html.include?(user_admin.default_group.title)).to be true
+      expect(page).to have_field :user_email
+      expect(page).to have_field :user_uid
+      expect(page).to have_field :user_default_group_id
+    end
+
+    it "allows to change other users' default group" do
+      visit edit_user_path(user)
+      expect(user.default_group.title).to eq Group.research_data.title
+      select Group.plasma_laboratory.title, from: :user_default_group_id
+      click_on "Save"
+      user.reload
+      expect(user.default_group.title).to eq Group.plasma_laboratory.title
+    end
+  end
+
+  describe "Non-admin users" do
+    let(:user) { FactoryBot.create :princeton_submitter }
+
+    before { sign_in user }
+
+    it "allows user to change their email", js: true do
+      visit edit_user_path(user)
+      fill_in "user_email", with: "[email protected]"
+      click_on "Save"
+      user.reload
+      expect(user.email).to eq "[email protected]"
+    end
+
+    it "does not allow user to change their default group", js: true do
+      visit edit_user_path(user)
+      expect(page.html.include?("user_default_group_id")).to be false
     end
   end