otwcode · Cesium-Ice · Nov 25, 2022 · Nov 25, 2022 · Nov 25, 2022 · Nov 25, 2022
diff --git a/app/controllers/wrangling_guidelines_controller.rb b/app/controllers/wrangling_guidelines_controller.rb
@@ -3,7 +3,7 @@ class WranglingGuidelinesController < ApplicationController
 
   # GET /wrangling_guidelines
   def index
-    @wrangling_guidelines = WranglingGuideline.order('position ASC')
+    @wrangling_guidelines = WranglingGuideline.order("position ASC")
   end
 
   # GET /wrangling_guidelines/1
@@ -13,57 +13,58 @@ def show
 
   # GET /wrangling_guidelines/new
   def new
-    @wrangling_guideline = WranglingGuideline.new
+    @wrangling_guideline = authorize WranglingGuideline.new
   end
 
   # GET /wrangling_guidelines/1/edit
   def edit
-    @wrangling_guideline = WranglingGuideline.find(params[:id])
+    @wrangling_guideline = authorize WranglingGuideline.find(params[:id])
   end
 
   # GET /wrangling_guidelines/manage
   def manage
-    @wrangling_guidelines = WranglingGuideline.order('position ASC')
+    @wrangling_guidelines = authorize WranglingGuideline.order("position ASC")
   end
 
   # POST /wrangling_guidelines
   def create
-    @wrangling_guideline = WranglingGuideline.new(wrangling_guideline_params)
+    @wrangling_guideline = authorize WranglingGuideline.new(wrangling_guideline_params)
 
     if @wrangling_guideline.save
-      flash[:notice] = ts('Wrangling Guideline was successfully created.')
+      flash[:notice] = t("wrangling_guidelines.create")
       redirect_to(@wrangling_guideline)
     else
-      render action: 'new'
+      render action: "new"
     end
   end
 
   # PUT /wrangling_guidelines/1
   def update
-    @wrangling_guideline = WranglingGuideline.find(params[:id])
+    @wrangling_guideline = authorize WranglingGuideline.find(params[:id])
 
     if @wrangling_guideline.update(wrangling_guideline_params)
-      flash[:notice] = ts('Wrangling Guideline was successfully updated.')
+      flash[:notice] = t("wrangling_guidelines.update")
       redirect_to(@wrangling_guideline)
     else
-      render action: 'edit'
+      render action: "edit"
     end
   end
 
   # reorder FAQs
   def update_positions
+    authorize WranglingGuideline
     if params[:wrangling_guidelines]
       @wrangling_guidelines = WranglingGuideline.reorder_list(params[:wrangling_guidelines])
-      flash[:notice] = ts('Wrangling Guidelines order was successfully updated.')
+      flash[:notice] = t("wrangling_guidelines.reorder")
     end
     redirect_to(wrangling_guidelines_path)
   end
 
   # DELETE /wrangling_guidelines/1
   def destroy
-    @wrangling_guideline = WranglingGuideline.find(params[:id])
+    @wrangling_guideline = authorize WranglingGuideline.find(params[:id])
     @wrangling_guideline.destroy
-    flash[:notice] = ts('Wrangling Guideline was successfully deleted.')
+    flash[:notice] = t("wrangling_guidelines.delete")
     redirect_to(wrangling_guidelines_path)
   end
 
@@ -72,5 +73,4 @@ def destroy
   def wrangling_guideline_params
     params.require(:wrangling_guideline).permit(:title, :content)
   end
-
 end
diff --git a/app/policies/wrangling_guideline_policy.rb b/app/policies/wrangling_guideline_policy.rb
@@ -0,0 +1,14 @@
+class WranglingGuidelinePolicy < ApplicationPolicy
+  MANAGE_WRANGLING_GUIDELINE = %w[superadmin tag_wrangling].freeze
+
+  def new?
+    user_has_roles?(MANAGE_WRANGLING_GUIDELINE)
+  end
+
+  alias edit? new?
+  alias manage? new?
+  alias create? new?
+  alias update? new?
+  alias update_positions? new?
+  alias destroy? new?
+end
diff --git a/app/views/admin/_header.html.erb b/app/views/admin/_header.html.erb
@@ -29,7 +29,9 @@
         <% end %>
         <li><%= link_to t(".nav.posts.faqs"), archive_faqs_path %></li>
         <li><%= link_to t(".nav.posts.known_issues"), known_issues_path %></li>
-        <li><%= link_to t(".nav.posts.wrangling_guidelines"), wrangling_guidelines_path %></li>
+        <% if policy(WranglingGuideline).new? %>
+          <li><%= link_to t(".nav.posts.wrangling_guidelines"), wrangling_guidelines_path %></li>
+        <% end %>
       </ul>
     </li>
     <% if policy(AdminBlacklistedEmail).index? %>

diff --git a/app/views/wrangling_guidelines/index.html.erb b/app/views/wrangling_guidelines/index.html.erb
@@ -1,5 +1,5 @@
 <!--Descriptive page name, messages and instructions-->
-<% if logged_in_as_admin? %>
+<% if policy(WranglingGuideline).new? %>
   <%= render 'admin_index' %>
 <% else %>
   <h2 class="heading"><%= ts('Wrangling Guidelines') %></h2>

diff --git a/app/views/wrangling_guidelines/show.html.erb b/app/views/wrangling_guidelines/show.html.erb
@@ -8,7 +8,7 @@
 
 <!--main content-->
 <div class="admin" role="article">
-  <% if logged_in_as_admin? %>
+  <% if policy(WranglingGuideline).edit? %>
     <div class="header">
       <h3 class="heading">
         Updated: <%=h @wrangling_guideline.updated_at %> | <%= link_to ts('Edit'), edit_wrangling_guideline_path(@wrangling_guideline) %>

diff --git a/config/locales/controllers/en.yml b/config/locales/controllers/en.yml
@@ -101,3 +101,8 @@ en:
           one: You may reset your password %{count} more time.
           other: You may reset your password %{count} more times.
         user_not_found: We couldn't find an account with that email address or username. Please try again.
+  wrangling_guidelines:
+    create: Wrangling Guideline was successfully created.
+    delete: Wrangling Guideline was successfully deleted.
+    reorder: Wrangling Guidelines order was successfully updated.
+    update: Wrangling Guideline was successfully updated.
diff --git a/features/step_definitions/tag_steps.rb b/features/step_definitions/tag_steps.rb
@@ -197,7 +197,7 @@
 end
 
 Given /^I have posted a Wrangling Guideline?(?: titled "([^\"]*)")?$/ do |title|
-  step %{I am logged in as an admin}
+  step %{I am logged in as a "tag_wrangling" admin}
   visit new_wrangling_guideline_path
   if title
     fill_in("Guideline text", with: "This is a page about how we wrangle things.")

diff --git a/features/tags_and_wrangling/tag_wrangling_relationships.feature b/features/tags_and_wrangling/tag_wrangling_relationships.feature
@@ -14,7 +14,7 @@ Scenario: relationship wrangling - syns, mergers, characters, autocompletes
     And a canonical character "Zoe Washburne"
     And a canonical character "Jack Harkness"
     And a canonical character "Ianto Jones"
-    And I am logged in as an admin
+    And I am logged in as a "tag_wrangling" admin
     And I follow "Tag Wrangling"
 
   # create a new canonical relationship from tag wrangling interface

diff --git a/features/tags_and_wrangling/wrangling_guidelines.feature b/features/tags_and_wrangling/wrangling_guidelines.feature
@@ -6,7 +6,7 @@ Feature: Wrangling Guidelines
 
   Scenario: Post a Wrangling Guideline
 
-  Given I am logged in as an admin
+  Given I am logged in as a "tag_wrangling" admin
     And I am on the wrangling guidelines page
   And I follow "New Wrangling Guideline"
     And I fill in "Guideline text" with "This series of documents (Wrangling Guidelines) are intended to help tag wranglers remain consistent as they go about the business of wrangling tags by providing a set of formatting guidelines."
@@ -29,7 +29,7 @@ Feature: Wrangling Guidelines
 
   Scenario: Reorder Wrangling Guidelines
 
-  Given I am logged in as an admin
+  Given I am logged in as a "tag_wrangling" admin
     And 3 Wrangling Guidelines exist
   When I go to the Wrangling Guidelines reorder page
     And I fill in "wrangling_guidelines_1" with "3"
@@ -44,7 +44,7 @@ Feature: Wrangling Guidelines
 
   Scenario: Delete Wrangling Guideline
 
-  Given I am logged in as an admin
+  Given I am logged in as a "tag_wrangling" admin
     And I have posted a Wrangling Guideline titled "Relationship Tags"
   When I go to the Wrangling Guidelines page
     And I follow "Delete"