From d49f71fb4f66e7b83cfd64652c39e643e3074419 Mon Sep 17 00:00:00 2001
From: Alex Kotov <kotovalexarian@gmail.com>
Date: Mon, 2 Sep 2019 18:37:32 +0500
Subject: [PATCH] Restrict access to some pages

---
 app/policies/staff/person/account_connection_link_policy.rb     | 2 +-
 app/views/staffs/people/show.html.erb                           | 2 +-
 .../requests/staff/people/account_connection_links/show_spec.rb | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/policies/staff/person/account_connection_link_policy.rb b/app/policies/staff/person/account_connection_link_policy.rb
index f38c3a9..812b115 100644
--- a/app/policies/staff/person/account_connection_link_policy.rb
+++ b/app/policies/staff/person/account_connection_link_policy.rb
@@ -2,7 +2,7 @@
 
 class Staff::Person::AccountConnectionLinkPolicy < ApplicationPolicy
   def show?
-    account&.superuser?
+    record.person.account.nil? && account&.superuser?
   end
 
   def create?
diff --git a/app/views/staffs/people/show.html.erb b/app/views/staffs/people/show.html.erb
index 2429b3f..5ea93ba 100644
--- a/app/views/staffs/people/show.html.erb
+++ b/app/views/staffs/people/show.html.erb
@@ -24,7 +24,7 @@
 
           <% if policy([:staff,
                         @person,
-                        ]).show? %>
+                        AccountConnectionLink.new(@person)]).show? %>
             <br/>
 
             <small>
diff --git a/spec/requests/staff/people/account_connection_links/show_spec.rb b/spec/requests/staff/people/account_connection_links/show_spec.rb
index 4c7c826..2c6d947 100644
--- a/spec/requests/staff/people/account_connection_links/show_spec.rb
+++ b/spec/requests/staff/people/account_connection_links/show_spec.rb
@@ -29,7 +29,7 @@ RSpec.describe 'GET /staff/people/:person_id/account_connection_link' do
     let(:person) { create(:personal_account).person }
 
     specify do
-      expect(response).to have_http_status :ok
+      expect(response).to have_http_status :forbidden
     end
   end
 end