Skip to content

Commit

Permalink
Return oidc membership_verifier_url only for former or active members (
Browse files Browse the repository at this point in the history
  • Loading branch information
amaierhofer committed Dec 2, 2024
1 parent 753093a commit 6897963
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 7 deletions.
2 changes: 1 addition & 1 deletion app/domain/sac_cas/oidc_claim_setup.rb
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ def picture_url(owner)
end

def membership_verify_url(owner)
People::Membership::VerificationQrCode.new(owner).verify_url
People::Membership::VerificationQrCode.new(owner).verify_url if owner.sac_membership_anytime?
end

def phone(owner)
Expand Down
4 changes: 2 additions & 2 deletions app/views/people/_show_right_z_sac_cas.html.haml
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,9 @@
- if can?(:update, entry) && entry.sac_membership_anytime?
%section.sac-membership.row
%h2.col-md-8
= t('.section_sac_membership')
= t('.section_sac_membership')
.col-sm-4.d-flex.justify-content-end
= action_button(t('.download_pdf'), membership_path(entry, format: :pdf),
= action_button(t('.download_pdf'), membership_path(entry, format: :pdf),
:download, class: 'membership-download', target: '_blank')

.d-flex.justify-content-center.w-100
Expand Down
16 changes: 12 additions & 4 deletions spec/domain/oidc_claim_setup_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,6 @@
before do
allow(ENV).to receive(:fetch).and_call_original
allow(ENV).to receive(:fetch).with("RAILS_HOST_NAME", "localhost:3000").and_return("hitobito.example.com")
allow(ENV).to receive(:fetch).with("RAILS_HOST_NAME").and_return("hitobito.example.com")
allow_any_instance_of(People::Membership::VerificationQrCode).to receive(:membership_verify_token).and_return("aSuperSweetToken42")
end

shared_examples "shared claims" do
Expand Down Expand Up @@ -49,8 +47,18 @@
expect(claims[:picture_url]).to start_with "http://test.host/rails/active_storage/blobs/redirect"
end

it "membership_verify_url is present" do
expect(claims[:membership_verify_url]).to eq "http://hitobito.example.com/verify_membership/aSuperSweetToken42"
it "membership_verify_url is blank" do
expect(claims[:membership_verify_url]).to be_blank
end

context "mitglied" do
let(:owner) { people(:mitglied) }

before { allow_any_instance_of(People::Membership::VerificationQrCode).to receive(:membership_verify_token).and_return("aSuperSweetToken42") }

it "membership_verify_url is present" do
expect(claims[:membership_verify_url]).to eq "http://hitobito.example.com/verify_membership/aSuperSweetToken42"
end
end

it_behaves_like "shared claims"
Expand Down

0 comments on commit 6897963

Please sign in to comment.