Merge branch 'publishers' into 'master'

Publishers

See merge request portalmec/portalmec!489

app/models/user.rb

@@ -160,6 +160,13 @@ class User < ApplicationRecord
     false
   end
 
+  def is_publisher?
+    roles.each do |role|
+      return true if role.name == 'publisher'
+    end
+    false
+  end
+
   def is_partner?
     roles.each do |role|
       return true if role.name == 'partner'

app/policies/application_policy.rb

@@ -74,12 +74,20 @@ class ApplicationPolicy
     raise 'You must implement this method!'
   end
 
+  def user_can_create?
+    (user_exists? && user.is_submitter?) || (user_exists? && user.is_publisher?)
+  end
+
   def user_can_edit?
     user.is_admin? || user.is_editor?
   end
 
   def user_can_update?
-    (owns? && user.is_submitter?) || (owns? && user.is_partner?) || user.is_admin?
+    (owns? && user.is_publisher?) || (owns? && user.is_submitter?) || (owns? && user.is_partner?) || user.is_admin?
+  end
+
+  def user_can_publish?
+    (user_can_curate? && record.submitted?) || (owns? && user.is_publisher?)
   end
 
   def user_can_curate?

app/policies/learning_object_policy.rb

@@ -38,7 +38,7 @@ class LearningObjectPolicy < ApplicationPolicy
   end
 
   def create?
-    record if (user_exists? && user.is_submitter?)
+    record if user_can_create?
   end
 
   def update?
@@ -46,7 +46,7 @@ class LearningObjectPolicy < ApplicationPolicy
   end
 
   def publish?
-    record if (user_can_curate? && record.submitted?)
+    record if user_can_publish?
   end
 
   def destroy?

db/seeds.rb

@@ -33,6 +33,7 @@ Role.create(name: 'supervisor', description: 'This role represents an user Super
 Role.create(name: 'editor', description: 'This role represents a content Supervisor in Portal MEC, with less privileges than admin.')
 Role.create(name: 'submitter', description: 'This role represents a content submitter in Portal MEC.')
 Role.create(name: 'partner', description: 'This role represents a partner Portal MEC.')
+Role.create(name: 'publisher', description: 'This role represents a content publisher without supervision in Portal MEC.')
 
 # create the default admin
 User.create(

spec/acceptance/learning_objects_spec.rb

@@ -60,7 +60,7 @@ resource 'Learning Objects' do
   end
 
   post '/v1/learning_objects' do
-    include_context "authenticate_user_submitter"
+    include_context "authenticate_user_publisher"
 
     parameter :author, 'The author of a educational content', scope: :learning_object
     parameter :name, 'The name of the learning object', scope: :learning_object
@@ -98,7 +98,7 @@ resource 'Learning Objects' do
   end
 
   put '/v1/learning_objects/:id' do
-    include_context "authenticate_user_submitter"
+    include_context "authenticate_user_publisher"
 
     parameter :author, 'The author of a educational content'
     parameter :name, 'The name of the learning object'
@@ -178,7 +178,7 @@ resource 'Learning Objects' do
    end
 
   post '/v1/learning_objects/:id/publish' do
-    include_context "authenticate_user_curator"
+    include_context "authenticate_user_publisher"
 
     let(:id) { @learning_object.id }
 

spec/shared/contexts.rb

@@ -61,6 +61,19 @@ RSpec.shared_context "authenticate_user_submitter", shared_context: :metadata do
 
 end
 
+RSpec.shared_context "authenticate_user_publisher", shared_context: :metadata do
+  let(:auth_client) { @auth_headers['client'] }
+  let(:uid) { @auth_headers['uid'] }
+  let(:access_token) { @auth_headers['access-token'] }
+  let(:role) { Role.all }
+
+  before do
+    @user = create(:user, roles: [role.find_by(name: 'publisher')])
+    @auth_headers = @user.create_new_auth_token
+  end
+
+end
+
 RSpec.shared_context "authenticate_user_curator", shared_context: :metadata do
   let(:auth_client) { @auth_headers['client'] }
   let(:uid) { @auth_headers['uid'] }