Allow admins to delete feedback

Author: xuanxu

app/controllers/feedbacks_controller.rb

@@ -1,5 +1,6 @@
 class FeedbacksController < ApplicationController
-  before_action :require_editor
+  before_action :require_editor, except: :admin_destroy
+  before_action :require_admin, only: :admin_destroy
 
   def create
     @feedback = current_editor.given_feedbacks.build(feedback_params)
@@ -20,6 +21,12 @@ def destroy
     redirect_to reviewer_path(reviewer_id), notice: "Feedback deleted"
   end
 
+  def admin_destroy
+    feedback = Feedback.find(params[:id])
+    reviewer_id = feedback.user_id
+    feedback.destroy
+    redirect_to user_path(reviewer_id), notice: "Feedback deleted"
+  end
 
   private
 

app/views/users/show.html.erb

@@ -136,6 +136,7 @@
         <td class="max-w-fit text-center">
           by: <%= github_link(feedback.editor&.github) %>
           <%= " | ".html_safe + link_to("Reference", feedback.link, target: "_blank", title: "Go to review") if feedback.link.present? %>
+          <%= " | ".html_safe + link_to("Delete", admin_destroy_feedback_path(feedback), data: { turbo_method: :delete, turbo_confirm: "Are you sure you want to delete this feedback?" })  %>
         </td>
       </tr>
     <% end %>

config/routes.rb

@@ -35,7 +35,9 @@
     get :search, on: :collection
   end
 
-  resources :feedbacks, only: [:create, :destroy]
+  resources :feedbacks, only: [:create, :destroy] do
+    delete :admin_destroy, on: :member
+  end
 
   get '/join', to: 'home#reviewer_signup', as: :reviewer_signup
   get '/lookup', to: 'home#no_reviewer_signup', as: :no_reviewer_signup

spec/system/admin_dashboard_spec.rb

@@ -265,6 +265,25 @@
       expect(page).to have_content("Domains:\nTrees, Forests")
       expect(page).to have_content("Programming languages:\nJulia")
     end
+
+    scenario "delete feedback" do
+      editor = create(:editor)
+      feedback = create(:feedback, user: @user, editor: editor, rating: "positive", comment: "A very nice comment")
+
+      visit user_path(@user)
+
+      within("#feedback-#{feedback.id}") do
+        expect(page).to have_content("A very nice comment")
+        expect(page).to have_content("Delete")
+        click_link "Delete"
+      end
+
+      expect(page).to have_content("Feedback deleted")
+      expect(page).to_not have_content("A very nice comment")
+
+      visit user_path(@user)
+      expect(page).to have_content("There's no feedback for this reviewer yet.")
+    end
   end
 
   describe "Show user page" do

spec/system/feedback_spec.rb

@@ -19,7 +19,7 @@
     @user.areas << create(:area, name: "Plant Science")
   end
 
-  scenario "Is only available to editors" do
+  scenario "Is only visible to editors" do
     visit reviewer_path(@user)
     expect(page).to have_current_path(root_path)
     expect(page).to_not have_content(@user.complete_name)
@@ -100,4 +100,29 @@
     end
   end
 
+  describe "Admins" do
+    scenario "are the only ones that can delete anything" do
+      feedback = create(:feedback, user: create(:user), editor: create(:editor), comment: "Feedback test")
+
+      expect {
+        delete admin_destroy_feedback_path(feedback)
+      }.to raise_exception(ActionController::RoutingError, "Not Found")
+
+      login_as create(:user)
+      expect {
+        delete admin_destroy_feedback_path(feedback)
+      }.to raise_exception(ActionController::RoutingError, "Not Found")
+
+      login_as create(:editor)
+      expect {
+        delete admin_destroy_feedback_path(feedback)
+      }.to raise_exception(ActionController::RoutingError, "Not Found")
+
+      login_as create(:admin)
+      expect {
+        delete admin_destroy_feedback_path(feedback)
+      }.to change { Feedback.count }.by(-1)
+    end
+  end
+
 end