diff --git a/lib/algora_web/live/org/bounties_live.ex b/lib/algora_web/live/org/bounties_live.ex index 9dccffbd2..76351f26b 100644 --- a/lib/algora_web/live/org/bounties_live.ex +++ b/lib/algora_web/live/org/bounties_live.ex @@ -220,7 +220,7 @@ defmodule AlgoraWeb.Org.BountiesLive do <% end %> -
+
<.button phx-click="edit-bounty-amount" phx-value-id={bounty.id} diff --git a/test/algora_web/live/org/bounties_live_test.exs b/test/algora_web/live/org/bounties_live_test.exs new file mode 100644 index 000000000..062c3864a --- /dev/null +++ b/test/algora_web/live/org/bounties_live_test.exs @@ -0,0 +1,39 @@ +defmodule AlgoraWeb.Org.BountiesLiveTest do + use AlgoraWeb.ConnCase, async: true + + import Algora.Factory + import Phoenix.LiveViewTest + + alias AlgoraWeb.UserAuth + + setup %{conn: conn} do + conn = Phoenix.ConnTest.init_test_session(conn, %{}) + org = insert!(:organization) + repo = insert!(:repository, user: org, name: "algora") + ticket = insert!(:ticket, repository: repo, number: 238, title: "Hide unauthorized bounty actions") + bounty = insert!(:bounty, owner: org, creator: org, ticket: ticket, amount: Money.new!(2500, :USD)) + + %{conn: conn, org: org, bounty: bounty} + end + + test "hides bounty management actions from non-members", %{conn: conn, org: org} do + user = insert!(:user) + conn = UserAuth.put_current_user(conn, user) + + assert {:ok, _view, html} = live(conn, "/#{org.handle}/bounties") + assert html =~ "Hide unauthorized bounty actions" + refute html =~ "Edit Amount" + refute html =~ "delete-bounty" + end + + test "shows bounty management actions to org admins", %{conn: conn, org: org, bounty: bounty} do + admin = insert!(:user) + insert!(:member, user: admin, org: org, role: :admin) + conn = UserAuth.put_current_user(conn, admin) + + assert {:ok, _view, html} = live(conn, "/#{org.handle}/bounties") + assert html =~ "Edit Amount" + assert html =~ ~s(phx-value-id="#{bounty.id}") + assert html =~ "delete-bounty" + end +end