From a8f5afc35109c5f842b7fe79e558e410eee80600 Mon Sep 17 00:00:00 2001 From: Mark Hendriksen Date: Sat, 8 Nov 2025 13:54:56 +0100 Subject: [PATCH] Add new settings sections and update tests (#278) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add new settings sections and update tests Added 'Recurring', 'LLM Usage', and 'Providers' sections to the settings navigation in SettingsHelper. Updated system tests to include these new sections and added missing entries for 'Billing', 'Self-Hosting', 'Imports', and 'SimpleFin' to ensure test coverage matches the navigation. * Fix tests * fix test * Restrict advanced settings to admin users Added `admin_user?` and `self_hosted_and_admin?` helper methods. Advanced settings menu items now require admin privileges, and self-hosting settings require both self-hosted and admin status. * Show admin-only settings links for admin users Moved admin-specific settings links to be conditionally added only for admin users in the settings system test. This ensures that non-admin users do not see admin-only settings options during tests. * Update settings_test.rb * Update settings_test.rb * Update en.yml * Update settings_helper.rb * Update settings_test.rb * Update settings_test.rb * Rename 'Recurring Transactions' to 'Recurring' in settings Revert the label 'Recurring Transactions' to 'Recurring' in the settings navigation, locale file, and related system test to simplify terminology and improve consistency. * Minor formatting update in settings test No functional changes; adjusted whitespace in the admin settings links array for consistency. --------- Co-authored-by: Juan José Mata --- app/helpers/settings_helper.rb | 21 ++++++++++++---- app/views/settings/_settings_nav.html.erb | 2 +- test/system/settings_test.rb | 30 +++++++++++++++++++++-- 3 files changed, 45 insertions(+), 8 deletions(-) diff --git a/app/helpers/settings_helper.rb b/app/helpers/settings_helper.rb index 5b6f51186..d4fdca786 100644 --- a/app/helpers/settings_helper.rb +++ b/app/helpers/settings_helper.rb @@ -12,12 +12,15 @@ module SettingsHelper { name: "Tags", path: :tags_path }, { name: "Rules", path: :rules_path }, { name: "Merchants", path: :family_merchants_path }, + { name: "Recurring", path: :recurring_transactions_path }, # Advanced section - { name: "AI Prompts", path: :settings_ai_prompts_path }, - { name: "API Key", path: :settings_api_key_path }, - { name: "Self-Hosting", path: :settings_hosting_path, condition: :self_hosted? }, - { name: "Imports", path: :imports_path }, - { name: "SimpleFin", path: :simplefin_items_path }, + { name: "AI Prompts", path: :settings_ai_prompts_path, condition: :admin_user? }, + { name: "LLM Usage", path: :settings_llm_usage_path, condition: :admin_user? }, + { name: "API Key", path: :settings_api_key_path, condition: :admin_user? }, + { name: "Self-Hosting", path: :settings_hosting_path, condition: :self_hosted_and_admin? }, + { name: "Providers", path: :settings_providers_path, condition: :admin_user? }, + { name: "Imports", path: :imports_path, condition: :admin_user? }, + { name: "SimpleFin", path: :simplefin_items_path, condition: :admin_user? }, # More section { name: "Guides", path: :settings_guides_path }, { name: "What's new", path: :changelog_path }, @@ -70,4 +73,12 @@ module SettingsHelper def not_self_hosted? !self_hosted? end + + def admin_user? + Current.user&.admin? == true + end + + def self_hosted_and_admin? + self_hosted? && admin_user? + end end diff --git a/app/views/settings/_settings_nav.html.erb b/app/views/settings/_settings_nav.html.erb index 95d241b32..e937b49a5 100644 --- a/app/views/settings/_settings_nav.html.erb +++ b/app/views/settings/_settings_nav.html.erb @@ -22,7 +22,7 @@ nav_sections = [ ] }, ( - Current.user.admin? ? { + Current.user&.admin? ? { header: t(".advanced_section_title"), items: [ { label: t(".ai_prompts_label"), path: settings_ai_prompts_path, icon: "bot" }, diff --git a/test/system/settings_test.rb b/test/system/settings_test.rb index 51fb26243..4d7ab8447 100644 --- a/test/system/settings_test.rb +++ b/test/system/settings_test.rb @@ -4,6 +4,7 @@ class SettingsTest < ApplicationSystemTestCase setup do sign_in @user = users(:family_admin) + # Base settings available to all users @settings_links = [ [ "Accounts", accounts_path ], [ "Bank Sync", settings_bank_sync_path ], @@ -14,12 +15,18 @@ class SettingsTest < ApplicationSystemTestCase [ "Tags", tags_path ], [ "Rules", rules_path ], [ "Merchants", family_merchants_path ], - [ "AI Prompts", settings_ai_prompts_path ], - [ "API Key", settings_api_key_path ], [ "Guides", settings_guides_path ], [ "What's new", changelog_path ], [ "Feedback", feedback_path ] ] + + # Add admin settings if user is admin + if @user.admin? + @settings_links += [ + [ "AI Prompts", settings_ai_prompts_path ], + [ "API Key", settings_api_key_path ] + ] + end end test "can access settings from sidebar" do @@ -62,6 +69,25 @@ class SettingsTest < ApplicationSystemTestCase assert_no_selector "li", text: I18n.t("settings.settings_nav.billing_label") end + test "does not show admin settings to non-admin users" do + VCR.use_cassette("git_repository_provider/fetch_latest_release_notes") do + # Visit accounts path directly as non-admin user to avoid user menu issues + visit new_session_path + within %(form[action='#{sessions_path}']) do + fill_in "Email", with: users(:family_member).email + fill_in "Password", with: user_password_test + click_on "Log in" + end + + # Go directly to accounts (settings) page + visit accounts_path + + # Assert that admin-only settings are not present in the navigation + assert_no_selector "li", text: "AI Prompts" + assert_no_selector "li", text: "API Key" + end + end + private def open_settings_from_sidebar