Skip to content

Selectively allow unpublishing of historical editions [WHIT-3402] #11456

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
davidsauntson wants to merge 1 commit into
base: main
Choose a base branch
from
+46 −1
Open

Selectively allow unpublishing of historical editions [WHIT-3402] #11456

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions app/models/user.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ module Permissions
PUBLISH_SCHEDULED_EDITIONS = "Publish scheduled editions".freeze
GDS_ADMIN = "GDS Admin".freeze
SIDEKIQ_ADMIN = "Sidekiq Admin".freeze
UNPUBLISH_HISTORIC_CONTENT = "Unpublish historic content".freeze
end

def role
Expand Down Expand Up @@ -81,4 +82,8 @@ def organisation_content_id
end

attr_writer :organisation_content_id

def can_unpublish_historic_content?
has_permission?(Permissions::UNPUBLISH_HISTORIC_CONTENT)
end
end
10 changes: 9 additions & 1 deletion lib/whitehall/authority/rules/edition_rules.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,8 +88,16 @@ def can_with_an_instance?(action)

def can_with_a_historic_instance?(action)
return false if access_limit_enforced?
return true if actor.gds_admin? || actor.gds_editor?

action == :see || actor.gds_editor? || actor.gds_admin?
case action
when :see
true
when :unpublish
actor.can_unpublish_historic_content?
else
false
end
end

def access_limit_enforced?
Expand Down
8 changes: 8 additions & 0 deletions test/factories/users.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,4 +72,12 @@
]
end
end

factory :historical_unpublisher, parent: :user do
Copy link
Copy Markdown
Contributor

@TonyGDS TonyGDS May 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

historical_content_unpublisher maybe?

permissions do
[
User::Permissions::UNPUBLISH_HISTORIC_CONTENT,
]
end
end
end
24 changes: 24 additions & 0 deletions test/unit/lib/whitehall/authority/historical_unpublisher_test.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
require_relative "authority_test_helper"

class HistoricalUnpublisherTest < ActiveSupport::TestCase
include AuthorityTestHelper

setup do
@user = create(:historical_unpublisher)
end

test "can see an historical document" do
assert enforcer_for(@user, historic_edition).can?(:see)
end

test "can unpublish an historical document" do
assert enforcer_for(@user, historic_edition).can?(:unpublish)
end

test "can't perform any other action on an historical document" do
Copy link
Copy Markdown
Contributor

@TonyGDS TonyGDS May 15, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might be worth also doing something similar for GDS Admin and GDS Editors, i.e. they can do anything:

whitehall/test/unit/lib/whitehall/authority/gds_admin_test.rb

Line 38 in 3431b02

test "can modify historic editions" do

whitehall/test/unit/lib/whitehall/authority/gds_editor_test.rb

Line 160 in 0487966

test "can modify historic editions" do

denied_actions = Whitehall::Authority::Rules::EditionRules.actions - %i[see unpublish]
denied_actions.each do |action|
assert_not enforcer_for(@user, historic_edition).can?(action)
end
end
end