Merge pull request #368 from umts/werebus/current-user

Add Current class for holding current user

app/controllers/application_controller.rb

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
 class ApplicationController < ActionController::Base
-  attr_accessor :current_user
-
   before_action :check_primary_account, :set_current_user, :set_roster, :set_paper_trail_whodunnit
 
   def self.api_accessible(**options)
@@ -11,7 +9,7 @@ def self.api_accessible(**options)
   end
 
   def confirm_change(object, message = nil)
-    change = object.versions.where(whodunnit: @current_user).last
+    change = object.versions.where(whodunnit: Current.user).last
     flash[:change] = change.try(:id)
     # If we know what change occurred, use it to write the message.
     # If we don't, try and infer from the current controller action.
@@ -40,20 +38,20 @@ def report_errors(object, fallback_location:)
   # 3. Admins of specifically the current roster
 
   def require_admin
-    render file: 'public/401.html', status: :unauthorized unless @current_user.admin?
+    render file: 'public/401.html', status: :unauthorized unless Current.user.admin?
   end
 
   def require_admin_in_roster
-    render file: 'public/401.html', status: :unauthorized unless @current_user.admin_in? @roster
+    render file: 'public/401.html', status: :unauthorized unless Current.user.admin_in? @roster
   end
 
   def set_current_user
     if session.key? :user_id
-      @current_user = User.find_by id: session[:user_id]
+      Current.user = User.find_by id: session[:user_id]
     else
-      @current_user = User.find_by spire: request.env['fcIdNumber']
-      if @current_user.present?
-        session[:user_id] = @current_user.id
+      Current.user = User.find_by spire: request.env['fcIdNumber']
+      if Current.user.present?
+        session[:user_id] = Current.user.id
       else
         redirect_to unauthenticated_session_path
       end
@@ -66,7 +64,7 @@ def set_current_user
   # rubocop:disable Naming/MemoizedInstanceVariableName
   def set_roster
     @roster = Roster.friendly.find(params[:roster_id], allow_nil: true)
-    @roster ||= @current_user&.rosters&.first
+    @roster ||= Current.user&.rosters&.first
     @roster ||= Roster.first
   end
   # rubocop:enable Naming/MemoizedInstanceVariableName

app/controllers/assignments_controller.rb

@@ -41,7 +41,7 @@ def generate_rotation
     end
     @roster.generate_assignments(user_ids, start_date,
                                  end_date, start_user).each do |assignment|
-      assignment.notify :owner, of: :new_assignment, by: @current_user
+      assignment.notify :owner, of: :new_assignment, by: Current.user
     end
     flash[:message] = 'Rotation has been generated.'
     redirect_to roster_assignments_path(@roster, date: start_date)
@@ -72,7 +72,7 @@ def create
 
     if assignment.save
       confirm_change(assignment)
-      assignment.notify :owner, of: :new_assignment, by: @current_user
+      assignment.notify :owner, of: :new_assignment, by: Current.user
       redirect_to roster_assignments_path(@roster)
     else
       report_errors(assignment, fallback_location: roster_assignments_path)
@@ -99,8 +99,8 @@ def rotation_generator
   end
 
   def destroy
-    if @current_user.admin_in?(@roster)
-      @assignment.notify :owner, of: :deleted_assignment, by: @current_user
+    if Current.user.admin_in?(@roster)
+      @assignment.notify :owner, of: :deleted_assignment, by: Current.user
       @assignment.destroy
       confirm_change(@assignment)
       redirect_to roster_assignments_path(@roster)
@@ -134,9 +134,7 @@ def set_roster_users
   end
 
   def index_html
-    @assignments = @current_user.assignments.in(@roster)
-                                .upcoming
-                                .order :start_date
+    @assignments = Current.user.assignments.in(@roster).upcoming.order :start_date
     @current_assignment = @roster.assignments.current
     @fallback_user = @roster.fallback_user
   end
@@ -153,11 +151,10 @@ def index_json
   # and telling the new owner that they're newly responsible now.
   def notify_appropriate_users
     if @assignment.user == @previous_owner
-      @assignment.notify :owner, of: :changed_assignment, by: @current_user
+      @assignment.notify :owner, of: :changed_assignment, by: Current.user
     else
-      @assignment.notify :owner, of: :new_assignment, by: @current_user
-      @assignment.notify @previous_owner, of: :deleted_assignment,
-                                          by: @current_user
+      @assignment.notify :owner, of: :new_assignment, by: Current.user
+      @assignment.notify @previous_owner, of: :deleted_assignment, by: Current.user
     end
   end
 
@@ -167,7 +164,7 @@ def render_ics_feed
   end
 
   def require_taking_ownership
-    return true if @current_user.admin_in?(@roster) || taking_ownership?
+    return true if Current.user.admin_in?(@roster) || taking_ownership?
 
     flash[:errors] = t('.not_an_admin')
     redirect_back fallback_location: roster_assignments_path(@roster)
@@ -176,7 +173,7 @@ def require_taking_ownership
 
   def taking_ownership?
     new_user_id = params.require(:assignment).require(:user_id)
-    new_user_id == @current_user.id.to_s
+    new_user_id == Current.user&.id.to_s
   end
 
   def generate_by_weekday_params

app/controllers/changes_controller.rb

@@ -3,7 +3,7 @@
 class ChangesController < ApplicationController
   def undo
     version = PaperTrail::Version.find params.require(:id)
-    original_user = version.whodunnit.to_i == @current_user.id
+    original_user = version.whodunnit.to_i == Current.user&.id
     head :unauthorized and return unless original_user
 
     # Reify only returns false when the thing didn't exist beforehand.

app/controllers/rosters_controller.rb

@@ -28,7 +28,7 @@ def edit
   def create
     roster = Roster.new roster_params
     # Current user becomes admin in new roster
-    roster.users << @current_user
+    roster.users << Current.user
     roster.memberships.first.update admin: true
     if roster.save
       confirm_change(roster)

app/controllers/users_controller.rb

@@ -34,7 +34,7 @@ def update
     membership_params = user_params[:membership]
     if @user.update(user_params.except(:membership)) && update_membership(membership_params)
       confirm_change(@user)
-      if @current_user.admin_in? @roster
+      if Current.user.admin_in? @roster
         redirect_to roster_users_path(@roster)
       else
         redirect_to roster_assignments_path(@roster)
@@ -75,8 +75,8 @@ def user_params
 
       given_roster_ids = params[:roster_ids].map(&:to_i)
       params[:roster_ids] = (@user&.roster_ids || []).then do |roster_ids|
-        roster_ids.reject! { |roster_id| !roster_id.in?(given_roster_ids) && @current_user.admin_in?(roster_id) }
-        roster_ids | (given_roster_ids & @current_user.memberships.where(admin: true).map(&:roster_id))
+        roster_ids.reject! { |roster_id| !roster_id.in?(given_roster_ids) && Current.user.admin_in?(roster_id) }
+        roster_ids | (given_roster_ids & Current.user.memberships.where(admin: true).map(&:roster_id))
       end
     end
   end
@@ -86,7 +86,7 @@ def find_user
   end
 
   def update_membership(membership_params)
-    return true unless membership_params.present? && @current_user.admin_in?(@roster)
+    return true unless membership_params.present? && Current.user.admin_in?(@roster)
 
     membership = @user.membership_in @roster
     return true if membership.nil?
@@ -98,7 +98,7 @@ def update_membership(membership_params)
   end
 
   def require_admin_in_roster_or_self
-    return if @current_user == @user || @current_user.admin_in?(@roster)
+    return if Current.user == @user || Current.user.admin_in?(@roster)
 
     render file: 'public/401.html', status: :unauthorized
   end

app/models/current.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class Current < ActiveSupport::CurrentAttributes
+  attribute :user
+end

app/views/assignments/_feed_address_form.html.haml

@@ -8,7 +8,7 @@
 
   .input-group.mr-2
     - roster_name = @roster.name.parameterize
-    - token = @current_user.calendar_access_token
+    - token = Current.user&.calendar_access_token
     = text_field_tag :access_token,
       feed_url(roster: roster_name, token: token, format: :ics),
       readonly: true, class: 'form-control copy-text',

app/views/assignments/_form.html.haml

@@ -4,12 +4,12 @@
     .col-2.offset-3
       .form-group
         = f.label :user_id
-        - if @current_user.admin_in?(@roster)
+        - if Current.user.admin_in?(@roster)
           = f.collection_select :user_id, @users, :id, :last_name,
-            { selected: @assignment.user&.id || @current_user.id }, class: 'form-control custom-select'
+            { selected: @assignment.user&.id || Current.user&.id }, class: 'form-control custom-select'
         - else
-          = f.hidden_field :user_id, value: @current_user.id
-          = f.text_field :user_name, value: @current_user.last_name, disabled: true, class: 'form-control'
+          = f.hidden_field :user_id, value: Current.user&.id
+          = f.text_field :user_name, value: Current.user&.last_name, disabled: true, class: 'form-control'
     .col-4
       .form-group
         = f.label :start_date

app/views/assignments/edit.haml

@@ -1,6 +1,6 @@
 %h1.title Edit assignment
 .container-fluid
-  - if @current_user.admin_in?(@roster)
+  - if Current.user&.admin_in?(@roster)
     .row.mb-4
       .col
         = button_to 'Delete assignment',

app/views/assignments/index.json.jbuilder

@@ -7,5 +7,5 @@ json.array! @assignments do |assignment|
   json.allDay true
   json.start assignment.start_date.to_fs(:iso8601)
   json.end 1.day.after(assignment.end_date).to_fs(:iso8601)
-  json.color("var(--#{assignment.user == @current_user ? :info : :secondary})")
+  json.color("var(--#{assignment.user == Current.user ? :info : :secondary})")
 end

app/views/layouts/_nav.haml

@@ -9,9 +9,9 @@
       %ul.navbar-nav.mr-auto
         - rosters.each do |roster|
           = nav_link_item roster.name, roster_assignments_path(roster)
-        - if @current_user&.admin?
+        - if Current.user&.admin?
           = nav_link_item 'Manage Rosters', rosters_path
-          - if @current_user&.admin_in? @roster
+          - if Current.user&.admin_in? @roster
             = nav_link_item 'Manage Users', roster_users_path(@roster)
             %li.nav-item.dropdown
               = link_to 'Generate', '#', role: 'button',
@@ -21,9 +21,9 @@
                 = link_to 'Rotation', rotation_generator_roster_assignments_path(@roster), class: 'dropdown-item'
                 = link_to 'By Weekday', generate_by_weekday_roster_assignments_path(@roster), class: 'dropdown-item'
       %ul.navbar-nav
-        - if @current_user.present?
+        - if Current.user.present?
           %li.nav-item.navbar-text.mx-2
-            Logged in as #{@current_user.full_name}
+            Logged in as #{Current.user.full_name}
           = nav_link_item 'Edit Profile',
-            edit_roster_user_path(@roster, @current_user)
+            edit_roster_user_path(@roster, Current.user)
         = nav_link_item 'Logout', destroy_session_path

app/views/layouts/application.haml

@@ -8,7 +8,7 @@
     = csrf_meta_tags
   %body
     = render partial: 'layouts/nav',
-      locals: { rosters: @current_user&.rosters || Roster.none }
+      locals: { rosters: Current.user&.rosters || Roster.none }
     .container
       - if flash[:message].present?
         .alert.alert-success{ role: 'alert' }

app/views/rosters/index.haml

@@ -21,7 +21,7 @@
             No fallback user!
         %td.align-middle= roster.switchover_time.strftime '%-I:%M %P'
         %td.align-middle= formatted_phone(roster.phone)
-        - if @current_user.admin_in? roster
+        - if Current.user.admin_in? roster
           %td.align-middle= link_to 'Setup Twilio Number', setup_roster_path(roster)
           %td.align-middle= link_to 'Edit', edit_roster_url(roster)
           %td.align-middle= button_to 'Destroy', roster_path(roster), method: :delete, class: 'btn btn-danger'

app/views/users/_form.html.haml

@@ -25,7 +25,7 @@
           = f.hidden_field :'roster_ids[]', value: '', id: nil
           .list-group.list-group-form
             = f.collection_check_boxes :roster_ids, Roster.all.order(:name), :id, :name, include_hidden: false do |c|
-              - user_roster_permitted = @current_user.admin_in? c.object
+              - user_roster_permitted = Current.user.admin_in? c.object
               = c.label class: ['m-0', 'list-group-item', user_roster_permitted ? 'list-group-item-action' : nil] do
                 .custom-checkbox.custom-control
                   = c.check_box checked: @user.membership_in(c.object).present?,
@@ -42,7 +42,7 @@
             = f.check_box :change_notifications_enabled, class: 'custom-control-input'
             = f.label :change_notifications_enabled,
                       'Receive notifications when your assignments are changed?', class: 'custom-control-label'
-        - if @current_user.admin_in? @roster
+        - if Current.user.admin_in? @roster
           - membership = @user.membership_in @roster
           %div
             = f.fields_for membership || :membership do |g|

coverage/.last_run.json

@@ -1,5 +1,5 @@
 {
   "result": {
-    "line": 99.25
+    "line": 99.26
   }
 }

spec/controllers/assignments_controller_spec.rb

@@ -217,11 +217,6 @@
 
       before { when_current_user_is user }
 
-      it 'assigns the correct current user' do
-        submit
-        expect(assigns.fetch(:current_user)).to eql user
-      end
-
       it 'populates assignments including upcoming assignments' do
         submit
         expect(assigns.fetch(:assignments)).to include new_assignment
@@ -266,11 +261,6 @@
 
         before { request.env['fcIdNumber'] = user.spire }
 
-        it 'assigns the correct current user' do
-          submit
-          expect(assigns.fetch(:current_user)).to eql user
-        end
-
         it 'renders the correct template' do
           submit
           expect(response).to render_template :index