From b969dada92c15388f286f1abe180e2410de3bb9d Mon Sep 17 00:00:00 2001
From: LaRita Robinson <larita@scientist.com>
Date: Wed, 20 Dec 2023 07:38:17 -0500
Subject: [PATCH] Remove obsolete site roles and routes

This is a WIP.

The site/roles route is obsolete. This is an attempt to remove as much
of the obsolete logic as possible, as it has been replaced by the groups
with roles feature.

There is some confusion about which pieces may still be
in use, so further testing is needed to confirm that it doesn't remove
anything necessary.

There may be some unneeded remnants of prior roles logic in files such
as users.rb or ability.rb but this attempt cleans out some of the lower-hanging fruit.
---
 app/controllers/roles_controller.rb       | 34 -----------
 app/views/roles/index.html.erb            | 36 ------------
 config/routes.rb                          |  1 -
 spec/controllers/roles_controller_spec.rb | 69 -----------------------
 spec/features/roles_spec.rb               | 31 ----------
 spec/routing/roles_routing_spec.rb        | 16 ------
 6 files changed, 187 deletions(-)
 delete mode 100644 app/controllers/roles_controller.rb
 delete mode 100644 app/views/roles/index.html.erb
 delete mode 100644 spec/controllers/roles_controller_spec.rb
 delete mode 100644 spec/features/roles_spec.rb
 delete mode 100644 spec/routing/roles_routing_spec.rb

diff --git a/app/controllers/roles_controller.rb b/app/controllers/roles_controller.rb
deleted file mode 100644
index 473a7e95d..000000000
--- a/app/controllers/roles_controller.rb
+++ /dev/null
@@ -1,34 +0,0 @@
-# frozen_string_literal: true
-
-##
-# CRUD actions for assigning exhibit roles to
-# existing users
-class RolesController < ApplicationController
-  load_and_authorize_resource :user, parent: false
-  layout 'hyrax/dashboard'
-
-  before_action do
-    authorize! :manage, Role
-  end
-
-  def index
-    @users = User.all
-    add_breadcrumb t(:'hyrax.controls.home'), root_path
-    add_breadcrumb t(:'hyrax.dashboard.breadcrumbs.admin'), hyrax.dashboard_path
-    add_breadcrumb t(:'hyrax.admin.sidebar.roles_and_permissions'), site_roles_path
-  end
-
-  def update
-    if @user.update(user_params)
-      redirect_to site_roles_path, notice: notice
-    else
-      render action: 'index'
-    end
-  end
-
-  protected
-
-  def user_params
-    params.require(:user).permit(site_roles: [])
-  end
-end
diff --git a/app/views/roles/index.html.erb b/app/views/roles/index.html.erb
deleted file mode 100644
index 1f40a34d8..000000000
--- a/app/views/roles/index.html.erb
+++ /dev/null
@@ -1,36 +0,0 @@
-<% content_for :page_header do %>
-  <h1><span class="fa fa-user"></span> <%= t(:'hyrax.admin.sidebar.roles_and_permissions') %></h1>
-<% end %>
-
-<div class="row">
-  <div class="col-md-12">
-    <div class="card">
-      <div class="card-body">
-        <table class="table table-striped datatable">
-          <thead>
-            <tr>
-              <th>Email</th>
-              <th>Roles</th>
-            </tr>
-          </thead>
-          <tbody>
-            <% @users.each do |u| %>
-              <tr>
-                <td><%= u.email %></td>
-                <td>
-                  <%= simple_form_for u, wrapper: :horizontal_form, url: site_role_path(u.id) do |f| %>
-                    <div class="form-group">
-                      <label class="sr-only">Roles</label>
-                      <%= f.collection_select :site_roles, Role.site, :name, :name, { selected: u.site_roles.pluck(:name) }, { multiple: true, class: 'form-control' } %>
-                    </div>
-                    <%= f.submit 'Update', class: 'btn btn-primary' %>
-                  <% end %>
-                </td>
-              </tr>
-            <% end %>
-          </tbody>
-        </table>
-      </div>
-    </div>
-  </div>
-</div>
diff --git a/config/routes.rb b/config/routes.rb
index 1de3009e6..48cbdb522 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -43,7 +43,6 @@
 
   mount BrowseEverything::Engine => '/browse'
   resource :site, only: [:update] do
-    resources :roles, only: %i[index update]
     resource :labels, only: %i[edit update]
   end
 
diff --git a/spec/controllers/roles_controller_spec.rb b/spec/controllers/roles_controller_spec.rb
deleted file mode 100644
index f16b90374..000000000
--- a/spec/controllers/roles_controller_spec.rb
+++ /dev/null
@@ -1,69 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe RolesController, type: :controller do
-  before do
-    sign_in user
-  end
-
-  let(:valid_attributes) do
-    { site_roles: ['admin'] }
-  end
-
-  context 'with an unprivileged user' do
-    let(:user) { create(:user) }
-
-    describe "GET #edit" do
-      it "denies the request" do
-        get :index
-        expect(response).not_to have_http_status(:ok)
-      end
-    end
-
-    describe "PUT #update" do
-      it "denies the request" do
-        put :update, params: { id: user.id }
-        expect(response).not_to have_http_status(:created)
-      end
-    end
-  end
-
-  context 'with an administrator' do
-    let(:user) { FactoryBot.create(:admin) }
-
-    describe "GET #index" do
-      before do
-        # it should not return guest users
-        create(:guest_user)
-      end
-
-      it "assigns the users as @users" do
-        get :index
-        expect(assigns(:users)).to match_array [user]
-      end
-    end
-
-    describe "PUT #update" do
-      context "with valid params" do
-        let(:new_attributes) do
-          { site_roles: ['admin', 'superadmin'] }
-        end
-
-        it "updates the requested role" do
-          put :update, params: { id: user.id, user: new_attributes }
-          user.reload
-          expect(user.site_roles.pluck(:name)).to match_array ['admin', 'superadmin']
-        end
-
-        it "assigns the requested user as @user" do
-          put :update, params: { id: user.id, user: valid_attributes }
-          expect(assigns(:user)).to eq(user)
-        end
-
-        it "redirects to the site roles" do
-          put :update, params: { id: user.id, user: valid_attributes }
-          expect(response).to redirect_to(site_roles_path)
-        end
-      end
-    end
-  end
-end
diff --git a/spec/features/roles_spec.rb b/spec/features/roles_spec.rb
deleted file mode 100644
index 4ec8aa3b7..000000000
--- a/spec/features/roles_spec.rb
+++ /dev/null
@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-
-# NOTE: If want to run spec in browser, you have to set "js: true"
-RSpec.describe 'Site Roles', type: :feature, clean: true do
-  context 'as an administrator' do
-    let!(:user) { FactoryBot.create(:admin) }
-    let!(:another_user) { FactoryBot.create(:user) }
-
-    before do
-      login_as(user, scope: :user)
-    end
-
-    it 'lists user roles' do
-      visit site_roles_path
-
-      expect(page).to have_css 'td', text: user.email
-      expect(page).to have_css 'td', text: another_user.email
-    end
-
-    it 'updates user roles' do
-      visit site_roles_path
-
-      within "#edit_user_#{another_user.id}" do
-        select 'admin', from: 'Roles'
-        click_on 'Save'
-      end
-
-      expect(another_user.reload).to have_role :admin, Site.instance
-    end
-  end
-end
diff --git a/spec/routing/roles_routing_spec.rb b/spec/routing/roles_routing_spec.rb
deleted file mode 100644
index 495b804f8..000000000
--- a/spec/routing/roles_routing_spec.rb
+++ /dev/null
@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe RolesController, type: :routing do
-  describe "routing" do
-    it "routes to #edit" do
-      expect(get: "/site/roles").to route_to("roles#index")
-    end
-    it "routes to #update via PUT" do
-      expect(put: "/site/roles/1").to route_to("roles#update", id: "1")
-    end
-
-    it "routes to #update via PATCH" do
-      expect(patch: "/site/roles/1").to route_to("roles#update", id: "1")
-    end
-  end
-end