AO3-6634 Add board_assistants_team admin role

app/models/admin.rb

@@ -1,5 +1,5 @@
 class Admin < ApplicationRecord
-  VALID_ROLES = %w[superadmin board communications elections translation tag_wrangling docs support policy_and_abuse open_doors].freeze
+  VALID_ROLES = %w[superadmin board board_assistants_team communications elections translation tag_wrangling docs support policy_and_abuse open_doors].freeze
 
   serialize :roles, Array
 

app/policies/admin_banner_policy.rb

@@ -1,6 +1,6 @@
 class AdminBannerPolicy < ApplicationPolicy
   def index?
-    user_has_roles?(%w[superadmin board communications support])
+    user_has_roles?(%w[superadmin board board_assistants_team communications support])
   end
 
   alias show? index?

app/policies/admin_post_policy.rb

@@ -1,5 +1,5 @@
 class AdminPostPolicy < ApplicationPolicy
-  POSTING_ROLES = %w[superadmin board communications support translation].freeze
+  POSTING_ROLES = %w[superadmin board board_assistants_team communications support translation].freeze
 
   def can_post?
     user_has_roles?(POSTING_ROLES)

app/policies/comment_policy.rb

@@ -1,11 +1,12 @@
 class CommentPolicy < ApplicationPolicy
   DESTROY_COMMENT_ROLES = %w[superadmin board policy_and_abuse support].freeze
-  DESTROY_ADMIN_POST_COMMENT_ROLES = %w[superadmin board communications elections policy_and_abuse support].freeze
+  DESTROY_ADMIN_POST_COMMENT_ROLES = %w[superadmin board board_assistants_team communications elections policy_and_abuse support].freeze
   FREEZE_TAG_COMMENT_ROLES = %w[superadmin tag_wrangling].freeze
   FREEZE_WORK_COMMENT_ROLES = %w[superadmin policy_and_abuse].freeze
   HIDE_TAG_COMMENT_ROLES = %w[superadmin tag_wrangling].freeze
   HIDE_WORK_COMMENT_ROLES = %w[superadmin policy_and_abuse].freeze
-  SPAM_ROLES = %w[superadmin board communications elections policy_and_abuse support].freeze
+  SPAM_ADMIN_POST_COMMENT_ROLES = %w[superadmin board board_assistants_team communications elections policy_and_abuse support].freeze
+  SPAM_COMMENT_ROLES = %w[superadmin board policy_and_abuse support].freeze
 
   def can_destroy_comment?
     case record.ultimate_parent
@@ -39,7 +40,12 @@ def can_hide_comment?
   end
 
   def can_mark_comment_spam?
-    user_has_roles?(SPAM_ROLES)
+    case record.ultimate_parent
+    when AdminPost
+      user_has_roles?(SPAM_ADMIN_POST_COMMENT_ROLES)
+    else
+      user_has_roles?(SPAM_COMMENT_ROLES)
+    end
   end
 
   alias destroy? can_destroy_comment?

config/locales/models/en.yml

@@ -4,6 +4,7 @@ en:
     attributes:
       admin/role:
         board: Board
+        board_assistants_team: Board Assistants Team
         communications: Communications
         docs: AO3 Docs
         elections: Elections

spec/controllers/admin/banners_controller_spec.rb

@@ -8,21 +8,30 @@
   let(:admin_banner_params) { attributes_for(:admin_banner) }
 
   shared_examples "only authorized admins are allowed" do
-    %w[support communications superadmin board].each do |role|
+    authorized_roles = %w[superadmin board board_assistants_team communications support]
+    unauthorized_roles = Admin::VALID_ROLES - authorized_roles
+
+    authorized_roles.each do |role|
       it "succeeds for #{role} admins" do
         fake_login_admin(create(:admin, roles: [role]))
         subject
         success
       end
     end
 
-    (Admin::VALID_ROLES - %w[support communications superadmin board]).each do |role|
+    unauthorized_roles.each do |role|
       it "displays an error to #{role} admins" do
         fake_login_admin(create(:admin, roles: [role]))
         subject
         it_redirects_to_with_error(root_path, "Sorry, only an authorized admin can access the page you were trying to reach.")
       end
     end
+
+    it "displays an error to admins without roles" do
+      fake_login_admin(create(:admin))
+      subject
+      it_redirects_to_with_error(root_path, "Sorry, only an authorized admin can access the page you were trying to reach.")
+    end
   end
 
   describe "GET #index" do