Feat allow admin to edit observations

[santostiago]

Task
When a flag to override observations is on, the admins can change observations in ways that are forbidden under normal circumstances.
The env var OVERRIDE_OBSERVATION_STATUS should be set to TRUE.

Pull request checklist

Please check if your PR fulfills the following requirements:

• Make sure you are requesting to pull a topic/feature/bugfix branch (right side). Don't request your master!
• Make sure you are making a pull request against the develop branch (left side). Also you should start your branch off our develop.
• Check the commit's or even all commits' message styles matches our requested structure.
• Check your code additions will fail neither code linting checks nor unit test.

Pull request type

Please check the type of change your PR introduces:

• Bugfix
• Feature
• Code style update (formatting, renaming)
• Refactoring (no functional changes, no api changes)
• Build related changes
• Documentation content changes
• Other (please describe):

What is the current behavior?

Admins cannot edit all the fields in observations

Issue Number: #181285745

What is the new behavior?

Admins can now edit all the fields in observations

Does this introduce a breaking change?

• Yes
• No

Other information

[santostiago]

@tsubik I updated the active admin addons so that we could use nested fields.
This removes the ability to have image/file rows/columns in the admin.
Maybe I could check the code of the old gem to allow displaying images/file types, but it's not super important so I didn't add it yet.

[santostiago]

Also, the field law is not dependent on the country/subcategory.
I could add some custom JS to make those ajax requests, but I thought it was too much trouble for the gains we'd get.

[tsubik]

why not just ENV.fetch('OVERRIDE_OBSERVATION_STATUS', 'false').upcase == 'TRUE' and why do we need to have it as a flag? Do you think we want to change it back and forth?

[santostiago]

@tsubik yeah, this is supposed to be for them to temporarily edit observations that were created wrongly.
I'm guessing this will happen more times in the future.

[tsubik]

indent level is weird here.

[santostiago]

@tsubik indeed... I'll check it. I think it was Rubocop that changed it.

[tsubik]

Those nested selects do not work properly, the list is not filtered

[santostiago]

@tsubik I didn't understand the screenshot. Which fields do not work? I tested it locally and it's filtering by the right field.

[tsubik]

Let me check it once again, as it was long time ago and I don't remember what was not working. Yeah, the screenshot could be better as it's not showing much.

[tsubik]

@santostiago both Operator and FMU selects do not work correctly

[santostiago]

@tsubik ohh.. now I get what you mean. The filtered query is not being used correctly, no. Because we're using a translation table, it seems like ransack cannot interpret it properly.

For example, with the Democratic Republic of Congo selected, when I search for the operator Andre the ajax query made is:
http:https://localhost:3000/admin/producers?order=operator_translations.name_desc&q[groupings][0][m]=or&q[groupings][0][operator_translations.name_contains]=andre&q[combinator]=and&q[country_id_eq]=7

I'm not sure what these 2 params do:

• q[groupings][0][m]=or
• &q[combinator]=and

I need to check ransack. I'm also not sure if the right way to query the name is by using q[groupings][0][operator_translations.name_contains]=andre. But this is done by the gem. It might be easier if I just manage to change the controller of the Operator AA resource to handle this properly.

[tsubik]

I think there is a task to remove name from translated fields for operator (maybe that would help here), not sure if FMU as well.

[santostiago]

it would solve it, yes. (I just dug into ransack code, and the issue is that when there's a query with groupings, ransack searches for the field name in his context - and he doesn't have the translations in his context).

I made a quick hack to fix it. Not an ideal solution, but I wouldn't waste more time on this.

[tsubik]

What is user type here, and where is it set to be :admin?

[tsubik]

Looks like for admin panel validation of status changes will never be invoked, right?

[santostiago]

Looks like for admin panel validation of status changes will never be invoked, right?

Yup.

[tsubik]

I meant, I have not seen setting user_type to admin anywhere that's why I'm asking if that's a mistake to check it here?

[santostiago]

@tsubik you're absolutely right.
In fact, the rules seemed to have been wrong before. We were just validating the transitions when it came from the observations tool.
I'm changing it.

[tsubik]

Changing operator is still disabled, so how this code could be invoked? Or maybe you forgot to remove disabled from operator input. I thought operator should be changeable and that was the point of the feature?

[santostiago]

@tsubik mmm... I'm not sure what you're referring to. The operator can be modified (what cannot be is the type of observation, because I didn't want to check all the consequences and I don't think that should change).

[tsubik]

I cannot modify operator, it has disabled: operator in the input. Select stays disabled in admin panel.

[santostiago]

I'm pretty sure I didn't write FactoryBot.. Could it be that Rubocop did it? (or maybe I'm going crazy :P )

[santostiago]

@tsubik I modified it, but I'll wait for Sophie to know if this is what they want.
Previously, we were allowing admins to change the status of an observation to whatever they wanted. But I'm not sure if that should be the case.
Depending on what Sophie replies, I'll update the PR.

[santostiago]

Ok, so we decided to just go with having admins and bo_admins

[tsubik]

Alright, so many modifications are needed in that case :/

[santostiago]

@tsubik ok, so:

• Admins can modify everything in the observations
• BO Managers can modify the status and admin comments
• Batch actions are hidden unless there's a flag

The only thing that was not very clear on Sophie's spec was if the admins could modify the status at will. I'm going to confirm that.

[tsubik]

Why all messages are changed to "observation approved"?

[santostiago]

Mmmm.. right. I'll change them to the previous one.

[tsubik]

If we don't need that, I would vote to just remove it and not take space here ;)

[santostiago]

Sophie said it shouldn't be done. But I'd bet it's gonna be needed again in a year or so.
Do you think we should just get rid of it?

[tsubik]

Then, maybe better to keep them without disabling?

[tsubik]

But keeping code we should also maintain it, and we should not maintain something that might be needed in future, but probably don't, so either we remove it or keep it. That's my opinion.

[santostiago]

As discussed with Sophie, let's keep this hidden under an ENV var.

[tsubik]

The form got very big and confusion, but maybe that's ok. Just thinking if for bo manager we can only show necessary fields if there are any and the fields that the user can change. Not sure if that is a good idea

[santostiago]

@tsubik I thought of it, but they need to see those in order to approve or not and to comment.

[tsubik]

Ok. Good point

[santostiago]

Going to rebase it now.

[santostiago]

@tsubik I ended up changing it to be on by default and we add the var with false in the server.
Doing it the other way was proving to be complicated to test (I was trying to remove the constant Admin::ObservationsController and then reloading the file, but I'd have to reload it using the AA loader and it wasn't working)

[tsubik]

ok

[tsubik]

• BO Managers can modify the status and admin comments

Hey @santostiago, but I see there are no valid status transitions for bo_manager.

[santostiago]

@tsubik we're sending the requests from the observations admin page as admin, so it will have the same permissions (this can be improved, because we should instead check who made the request and set the permissions there, but I'll do it in another PR).
As for the filters, they seem to be working: I just filtered by one country, and the only operators shown are for that country. There's an error though which I'm going to check now: we're sending only the first page (20 results). I'll check why now.

[santostiago]

@tsubik can you review? The solution is a bit hacky, but I didn't want to waste more time with this.

[tsubik]

Problem is not only for operator but for many other attributes that are using this component, category, subcategory and others. Let me think about it.

[tsubik]

With hotwire that would be easy to just refresh form on every country select change or other select changes.