Merge pull request #2664 from alphagov/refactor-applications-tables

Refactor applications tables
alphagov · Jan 31, 2024 · b7dbf67 · b7dbf67
2 parents 5530c8e + 901963c
commit b7dbf67
Show file tree

Hide file tree

Showing 11 changed files with 426 additions and 182 deletions.
diff --git a/app/assets/stylesheets/application.scss b/app/assets/stylesheets/application.scss
@@ -85,3 +85,12 @@ $govuk-page-width: 1140px;
     float: right;
   }
 }
+
+.govuk-table--with-actions {
+  .govuk-table__cell:last-child {
+    display: flex;
+    justify-content: flex-end;
+    align-items: center;
+    gap: 10px;
+  }
+}
diff --git a/app/helpers/api_users_helper.rb b/app/helpers/api_users_helper.rb
@@ -19,15 +19,4 @@ def application_list(user)
       )
     end
   end
-
-  def update_permissions_link(application, user)
-    unless application.sorted_supported_permissions_grantable_from_ui(include_signin: false).empty?
-      link_to(edit_api_user_application_permissions_path(user, application), class: "govuk-link") do
-        safe_join(
-          ["Update permissions",
-           content_tag(:span, " for #{application.name}", class: "govuk-visually-hidden")],
-        )
-      end
-    end
-  end
 end
diff --git a/app/helpers/application_table_helper.rb b/app/helpers/application_table_helper.rb
@@ -0,0 +1,121 @@
+module ApplicationTableHelper
+  include Pundit::Authorization
+
+  def update_permissions_link(application, user = nil)
+    link_path = if user.nil?
+                  edit_account_application_permissions_path(application)
+                elsif user.api_user?
+                  edit_api_user_application_permissions_path(user, application)
+                else
+                  edit_user_application_permissions_path(user, application)
+                end
+
+    if application.sorted_supported_permissions_grantable_from_ui(include_signin: false).any?
+      link_to(link_path, class: "govuk-link") do
+        safe_join(
+          ["Update permissions",
+           content_tag(:span, " for #{application.name}", class: "govuk-visually-hidden")],
+        )
+      end
+    else
+      ""
+    end
+  end
+
+  def view_permissions_link(application, user = nil)
+    link_path = if user
+                  user_application_permissions_path(user, application)
+                else
+                  account_application_permissions_path(application)
+                end
+
+    link_to(link_path, class: "govuk-link") do
+      safe_join(
+        ["View permissions",
+         content_tag(:span, " for #{application.name}", class: "govuk-visually-hidden")],
+      )
+    end
+  end
+
+  def remove_access_link(application, user = nil)
+    link_path = if user
+                  delete_user_application_signin_permission_path(user, application)
+                else
+                  delete_account_application_signin_permission_path(application)
+                end
+
+    link_to(
+      link_path,
+      class: "govuk-button govuk-button--warning govuk-!-margin-0",
+      data: { module: "govuk-button" },
+    ) do
+      safe_join(["Remove access", content_tag(:span, " to #{application.name}", class: "govuk-visually-hidden")])
+    end
+  end
+
+  def account_applications_permissions_link(application)
+    if policy([:account, application]).edit_permissions?
+      update_permissions_link(application)
+    elsif policy([:account, application]).view_permissions?
+      view_permissions_link(application)
+    else
+      ""
+    end
+  end
+
+  def users_applications_permissions_link(application, user)
+    if policy(UserApplicationPermission.for(user, application)).edit?
+      update_permissions_link(application, user)
+    else
+      view_permissions_link(application, user)
+    end
+  end
+
+  def users_applications_remove_access_link(application, user)
+    if policy(UserApplicationPermission.for(user, application)).delete?
+      remove_access_link(application, user)
+    else
+      ""
+    end
+  end
+
+  def account_applications_remove_access_link(application)
+    if policy([:account, application]).remove_signin_permission?
+      remove_access_link(application)
+    else
+      ""
+    end
+  end
+
+  def grant_access_link(application, user = nil)
+    link_path = if user
+                  user_application_signin_permission_path(user, application)
+                else
+                  account_application_signin_permission_path(application)
+                end
+
+    button_to(
+      link_path,
+      class: "govuk-button govuk-!-margin-0",
+      data: { module: "govuk-button" },
+    ) do
+      safe_join(["Grant access", content_tag(:span, " to #{application.name}", class: "govuk-visually-hidden")])
+    end
+  end
+
+  def users_applications_grant_access_link(application, user)
+    if policy(UserApplicationPermission.for(user, application)).create?
+      grant_access_link(application, user)
+    else
+      ""
+    end
+  end
+
+  def account_applications_grant_access_link(application)
+    if policy([:account, Doorkeeper::Application]).grant_signin_permission?
+      grant_access_link(application)
+    else
+      ""
+    end
+  end
+end
diff --git a/app/views/account/applications/index.html.erb b/app/views/account/applications/index.html.erb
@@ -25,73 +25,38 @@
   <% end %>
 <% end %>
 
-<table class="govuk-table">
-  <caption class="govuk-table__caption govuk-table__caption--m">Apps you have access to</caption>
-  <thead class="govuk-table__head">
-    <tr class="govuk-table__row">
-      <th scope="col" class="govuk-table__header govuk-!-width-one-quarter">Name</th>
-      <th scope="col" class="govuk-table__header govuk-!-width-one-third">Description</th>
-      <th scope="col" class="govuk-table__header"><span class="govuk-visually-hidden">Permissions</span></th>
-      <th scope="col" class="govuk-table__header"><span class="govuk-visually-hidden">Remove access</span></th>
-    </tr>
-  </thead>
-  <tbody class="govuk-table__body">
-    <% @applications_with_signin.each do |application| %>
-      <tr class="govuk-table__row">
-        <td class="govuk-table__cell"><%= application.name %></td>
-        <td class="govuk-table__cell"><%= application.description %></td>
-        <td class="govuk-table__cell govuk-!-text-align-right">
-          <% if policy([:account, application]).edit_permissions? %>
-            <% unless application.sorted_supported_permissions_grantable_from_ui(include_signin: false).empty? %>
-              <%= link_to edit_account_application_permissions_path(application), class: "govuk-link" do %>
-                Update permissions<span class="govuk-visually-hidden"> for <%= application.name %></span>
-              <% end %>
-            <% end %>
-          <% elsif policy([:account, application]).view_permissions? %>
-            <%= link_to account_application_permissions_path(application), class: "govuk-link" do %>
-                View permissions<span class="govuk-visually-hidden"> for <%= application.name %></span>
-            <% end %>
-          <% end %>
-        </td>
-        <td class="govuk-table__cell govuk-!-text-align-right">
-          <% if policy([:account, application]).remove_signin_permission? %>
-            <%= link_to delete_account_application_signin_permission_path(application),
-                        class: "govuk-button govuk-button--warning govuk-!-margin-0",
-                        data: { module: "govuk-button" } do %>
-                Remove access<span class="govuk-visually-hidden"> to <%= application.name %></span>
-            <% end %>
-          <% end %>
-        </td>
-      </tr>
-    <% end %>
-  </tbody>
-</table>
+<div class="govuk-table--with-actions">
+<%= render "govuk_publishing_components/components/table", {
+    caption: "Apps you have access to",
+    head: [
+      { text: "Name" },
+      { text: "Description" },
+      { text: content_tag(:span, "Actions", class: "govuk-visually-hidden") },
+    ],
+    rows: @applications_with_signin.map do |application|
+    [
+      { text: application.name },
+      { text: application.description },
+      { text: safe_join([account_applications_permissions_link(application), account_applications_remove_access_link(application)]) },
+    ]
+    end,
+} %>
+</div>
 
-<h2 class="govuk-heading-m" id="other-apps-table-heading">Apps you don't have access to</h2>
-
-<table class="govuk-table" aria-labelledby="other-apps-table-heading">
-  <thead class="govuk-table__head">
-    <tr class="govuk-table__row">
-      <th scope="col" class="govuk-table__header govuk-!-width-one-quarter">Name</th>
-      <th scope="col" class="govuk-table__header govuk-!-width-one-third">Description</th>
-      <th scope="col" class="govuk-table__header"><span class="govuk-visually-hidden">Grant access</span></th>
-    </tr>
-  </thead>
-  <tbody class="govuk-table__body">
-    <% @applications_without_signin.each do |application| %>
-      <tr class="govuk-table__row">
-        <td class="govuk-table__cell"><%= application.name %></td>
-        <td class="govuk-table__cell"><%= application.description %></td>
-        <td class="govuk-table__cell govuk-!-text-align-right">
-          <% if policy([:account, Doorkeeper::Application]).grant_signin_permission? %>
-            <%= button_to account_application_signin_permission_path(application),
-                          class: "govuk-button govuk-!-margin-0",
-                          data: { module: "govuk-button" } do %>
-                Grant access<span class="govuk-visually-hidden"> to <%= application.name %></span>
-            <% end %>
-          <% end %>
-        </td>
-      </tr>
-    <% end %>
-  </tbody>
-</table>
+<div class="govuk-table--with-actions">
+<%= render "govuk_publishing_components/components/table", {
+    caption: "Apps you don't have access to",
+    head: [
+      { text: "Name" },
+      { text: "Description" },
+      { text: content_tag(:span, "Actions", class: "govuk-visually-hidden") }
+    ],
+    rows: @applications_without_signin.map do |application|
+    [
+      { text: application.name },
+      { text: application.description },
+      { text: account_applications_grant_access_link(application) }
+    ]
+    end,
+} %>
+</div>
diff --git a/app/views/api_users/applications/index.html.erb b/app/views/api_users/applications/index.html.erb
@@ -30,18 +30,20 @@
   <% end %>
 <% end %>
 
+<div class="govuk-table--with-actions">
 <%= render "govuk_publishing_components/components/table", {
     caption: "Apps #{@api_user.name} has access to",
     head: [
       { text: "Name" },
       { text: "Description" },
-      { text: content_tag(:span, "Permissions", class: "govuk-visually-hidden") },
+      { text: content_tag(:span, "Actions", class: "govuk-visually-hidden") },
     ],
     rows: @applications.map do |application|
     [
       { text: application.name },
       { text: application.description },
-      { text: update_permissions_link(application, @api_user) || "" }
+      { text: update_permissions_link(application, @api_user) }
     ]
     end,
 } %>
+</div>
diff --git a/app/views/users/applications/index.html.erb b/app/views/users/applications/index.html.erb
@@ -30,73 +30,38 @@
   <% end %>
 <% end %>
 
-<table class="govuk-table">
-  <caption class="govuk-table__caption govuk-table__caption--m">Apps <%= @user.name %> has access to</caption>
-  <thead class="govuk-table__head">
-    <tr class="govuk-table__row">
-      <th scope="col" class="govuk-table__header govuk-!-width-one-quarter">Name</th>
-      <th scope="col" class="govuk-table__header govuk-!-width-one-third">Description</th>
-      <th scope="col" class="govuk-table__header"><span class="govuk-visually-hidden">Permissions</span></th>
-      <th scope="col" class="govuk-table__header"><span class="govuk-visually-hidden">Remove access</span></th>
-    </tr>
-  </thead>
-  <tbody class="govuk-table__body">
-    <% @applications_with_signin.each do |application| %>
-      <tr class="govuk-table__row">
-        <td class="govuk-table__cell"><%= application.name %></td>
-        <td class="govuk-table__cell"><%= application.description %></td>
-        <td class="govuk-table__cell govuk-!-text-align-right">
-          <% if policy(UserApplicationPermission.for(@user, application)).edit? %>
-            <% unless application.sorted_supported_permissions_grantable_from_ui(include_signin: false).empty? %>
-              <%= link_to edit_user_application_permissions_path(@user, application), class: "govuk-link" do %>
-                Update permissions<span class="govuk-visually-hidden"> for <%= application.name %></span>
-              <% end %>
-            <% end %>
-          <% else %>
-            <%= link_to user_application_permissions_path(@user, application), class: "govuk-link" do %>
-              View permissions<span class="govuk-visually-hidden"> for <%= application.name %></span>
-            <% end %>
-          <% end %>
-        </td>
-        <td class="govuk-table__cell govuk-!-text-align-right">
-          <% if policy(UserApplicationPermission.for(@user, application)).delete? %>
-            <%= link_to delete_user_application_signin_permission_path(@user, application),
-                        class: "govuk-button govuk-button--warning govuk-!-margin-0",
-                        data: { module: "govuk-button" } do %>
-                Remove access<span class="govuk-visually-hidden"> to <%= application.name %></span>
-            <% end %>
-          <% end %>
-        </td>
-      </tr>
-    <% end %>
-  </tbody>
-</table>
+<div class="govuk-table--with-actions">
+<%= render "govuk_publishing_components/components/table", {
+    caption: "Apps #{@user.name} has access to",
+    head: [
+      { text: "Name" },
+      { text: "Description" },
+      { text: content_tag(:span, "Actions", class: "govuk-visually-hidden") },
+    ],
+    rows: @applications_with_signin.map do |application|
+    [
+      { text: application.name },
+      { text: application.description },
+      { text: safe_join([users_applications_permissions_link(application, @user), users_applications_remove_access_link(application, @user)]) },
+    ]
+    end,
+} %>
+</div>
 
-<h2 class="govuk-heading-m" id="other-apps-table-heading">Apps <%= @user.name %> does not have access to</h2>
-
-<table class="govuk-table" aria-labelledby="other-apps-table-heading">
-  <thead class="govuk-table__head">
-    <tr class="govuk-table__row">
-      <th scope="col" class="govuk-table__header govuk-!-width-one-quarter">Name</th>
-      <th scope="col" class="govuk-table__header govuk-!-width-one-third">Description</th>
-      <th scope="col" class="govuk-table__header"><span class="govuk-visually-hidden">Grant access</span></th>
-    </tr>
-  </thead>
-  <tbody class="govuk-table__body">
-    <% @applications_without_signin.each do |application| %>
-      <tr class="govuk-table__row">
-        <td class="govuk-table__cell"><%= application.name %></td>
-        <td class="govuk-table__cell"><%= application.description %></td>
-        <td class="govuk-table__cell govuk-!-text-align-right">
-          <% if policy(UserApplicationPermission.for(@user, application)).create? %>
-            <%= button_to user_application_signin_permission_path(@user, application),
-                          class: "govuk-button govuk-!-margin-0",
-                          data: { module: "govuk-button" } do %>
-                Grant access<span class="govuk-visually-hidden"> to <%= application.name %></span>
-            <% end %>
-          <% end %>
-        </td>
-      </tr>
-    <% end %>
-  </tbody>
-</table>
+<div class="govuk-table--with-actions">
+<%= render "govuk_publishing_components/components/table", {
+    caption: "Apps #{@user.name} does not have access to",
+    head: [
+      { text: "Name" },
+      { text: "Description" },
+      { text: content_tag(:span, "Actions", class: "govuk-visually-hidden") }
+    ],
+    rows: @applications_without_signin.map do |application|
+    [
+      { text: application.name },
+      { text: application.description },
+      { text: users_applications_grant_access_link(application, @user) }
+    ]
+    end,
+} %>
+</div>
diff --git a/test/controllers/users/applications_controller_test.rb b/test/controllers/users/applications_controller_test.rb
@@ -93,8 +93,7 @@ class Users::ApplicationsControllerTest < ActionController::TestCase
 
       get :index, params: { user_id: user }
 
-      heading_id = css_select("h2:contains('Apps #{user.name} does not have access to')").attribute("id").value
-      assert_select "table[aria-labelledby='#{heading_id}']" do
+      assert_select "table:has( > caption[text()='Apps #{user.name} does not have access to'])" do
         assert_select "tr td", text: "app-name"
       end
     end