From bc75371b7a95f8ead5f463caf4ef7fe7db32c021 Mon Sep 17 00:00:00 2001
From: realtin <juliakbln@gmail.com>
Date: Thu, 20 Aug 2015 17:14:59 +0200
Subject: [PATCH] report controller renders index for the moderator

(#5324)
---
 app/controllers/application_controller.rb  |  7 +++++++
 app/controllers/report_controller.rb       |  2 +-
 app/models/role.rb                         |  4 ++++
 app/models/user.rb                         |  4 ++++
 spec/controllers/report_controller_spec.rb | 12 +++++++++++-
 5 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index b8e7b67ff..14996d4c0 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -92,6 +92,13 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  def redirect_unless_moderator
+    unless current_user.moderator? || current_user.admin?
+      redirect_to stream_url, :notice => 'you need to be an admin or moderator to do that'
+      return
+    end
+  end
+
   def set_grammatical_gender
     if (user_signed_in? && I18n.inflector.inflected_locale?)
       gender = current_user.gender.to_s.tr('!()[]"\'`*=|/\#.,-:', '').downcase
diff --git a/app/controllers/report_controller.rb b/app/controllers/report_controller.rb
index 5d8d7c338..c560d2e82 100644
--- a/app/controllers/report_controller.rb
+++ b/app/controllers/report_controller.rb
@@ -4,7 +4,7 @@
 
 class ReportController < ApplicationController
   before_filter :authenticate_user!
-  before_filter :redirect_unless_admin, :except => [:create]
+  before_filter :redirect_unless_moderator, :except => [:create]
 
   def index
     @reports = Report.where(reviewed: false)
diff --git a/app/models/role.rb b/app/models/role.rb
index 3f53af442..b5452e8c5 100644
--- a/app/models/role.rb
+++ b/app/models/role.rb
@@ -17,6 +17,10 @@ class Role < ActiveRecord::Base
     find_or_create_by(person_id: person.id, name: "admin")
   end
 
+  def self.moderator?(person)
+    exists?(person_id: person.id, name: "moderator")
+  end
+
   def self.add_moderator(person)
     find_or_create_by(person_id: person.id, name: "moderator")
   end
diff --git a/app/models/user.rb b/app/models/user.rb
index cf9890d74..137f7d722 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -481,6 +481,10 @@ class User < ActiveRecord::Base
     Role.is_admin?(self.person)
   end
 
+  def moderator?
+    Role.moderator?(self.person)
+  end
+
   def podmin_account?
     username == AppConfig.admins.account
   end
diff --git a/spec/controllers/report_controller_spec.rb b/spec/controllers/report_controller_spec.rb
index 6e63902e2..a10505a20 100644
--- a/spec/controllers/report_controller_spec.rb
+++ b/spec/controllers/report_controller_spec.rb
@@ -18,7 +18,7 @@ describe ReportController, :type => :controller do
         expect(response).to redirect_to stream_path
       end
     end
-    
+
     context 'admin signed in' do
       before do
         Role.add_admin(alice.person)
@@ -28,6 +28,16 @@ describe ReportController, :type => :controller do
         expect(response).to render_template('index')
       end
     end
+
+    context 'moderator signed in' do
+      before do
+        Role.add_moderator(alice.person)
+      end
+      it 'succeeds and renders index' do
+        get :index
+        expect(response).to render_template('index')
+      end
+    end
   end
 
   describe '#create' do