add comment

Gemfile

@@ -4,7 +4,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 ruby "2.6.3"
 
 # Bundle edge Rails instead: gem "rails", github: "rails/rails"
-gem "rails", "~> 6.0.0"
+gem "rails", "~> 6.0.3.1"
 # Use postgresql as the database for Active Record
 gem "pg", "~> 0.18"
 # Use Puma as the app server

Gemfile.lock

@@ -44,71 +44,71 @@ GEM
   remote: https://rubygems.org/
   specs:
     Ascii85 (1.0.3)
-    actioncable (6.0.0)
+    actioncable (6.0.3.2)
-      actionpack (= 6.0.0)
+      actionpack (= 6.0.3.2)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.0.0)
+    actionmailbox (6.0.3.2)
-      actionpack (= 6.0.0)
+      actionpack (= 6.0.3.2)
-      activejob (= 6.0.0)
+      activejob (= 6.0.3.2)
-      activerecord (= 6.0.0)
+      activerecord (= 6.0.3.2)
-      activestorage (= 6.0.0)
+      activestorage (= 6.0.3.2)
-      activesupport (= 6.0.0)
+      activesupport (= 6.0.3.2)
       mail (>= 2.7.1)
-    actionmailer (6.0.0)
+    actionmailer (6.0.3.2)
-      actionpack (= 6.0.0)
+      actionpack (= 6.0.3.2)
-      actionview (= 6.0.0)
+      actionview (= 6.0.3.2)
-      activejob (= 6.0.0)
+      activejob (= 6.0.3.2)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (6.0.0)
+    actionpack (6.0.3.2)
-      actionview (= 6.0.0)
+      actionview (= 6.0.3.2)
-      activesupport (= 6.0.0)
+      activesupport (= 6.0.3.2)
-      rack (~> 2.0)
+      rack (~> 2.0, >= 2.0.8)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.0.0)
+    actiontext (6.0.3.2)
-      actionpack (= 6.0.0)
+      actionpack (= 6.0.3.2)
-      activerecord (= 6.0.0)
+      activerecord (= 6.0.3.2)
-      activestorage (= 6.0.0)
+      activestorage (= 6.0.3.2)
-      activesupport (= 6.0.0)
+      activesupport (= 6.0.3.2)
       nokogiri (>= 1.8.5)
-    actionview (6.0.0)
+    actionview (6.0.3.2)
-      activesupport (= 6.0.0)
+      activesupport (= 6.0.3.2)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
     active_storage_base64 (1.0.0)
       rails (~> 6.0)
-    activejob (6.0.0)
+    activejob (6.0.3.2)
-      activesupport (= 6.0.0)
+      activesupport (= 6.0.3.2)
       globalid (>= 0.3.6)
-    activemodel (6.0.0)
+    activemodel (6.0.3.2)
-      activesupport (= 6.0.0)
+      activesupport (= 6.0.3.2)
     activemodel-serializers-xml (1.0.2)
       activemodel (> 5.x)
       activesupport (> 5.x)
       builder (~> 3.1)
-    activerecord (6.0.0)
+    activerecord (6.0.3.2)
-      activemodel (= 6.0.0)
+      activemodel (= 6.0.3.2)
-      activesupport (= 6.0.0)
+      activesupport (= 6.0.3.2)
     activeresource (5.1.0)
       activemodel (>= 5.0, < 7)
       activemodel-serializers-xml (~> 1.0)
       activesupport (>= 5.0, < 7)
-    activestorage (6.0.0)
+    activestorage (6.0.3.2)
-      actionpack (= 6.0.0)
+      actionpack (= 6.0.3.2)
-      activejob (= 6.0.0)
+      activejob (= 6.0.3.2)
-      activerecord (= 6.0.0)
+      activerecord (= 6.0.3.2)
       marcel (~> 0.3.1)
-    activesupport (6.0.0)
+    activesupport (6.0.3.2)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-      zeitwerk (~> 2.1, >= 2.1.8)
+      zeitwerk (~> 2.2, >= 2.2.2)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
     afm (0.2.2)
@@ -181,7 +181,7 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.12.2)
-    concurrent-ruby (1.1.5)
+    concurrent-ruby (1.1.6)
     connection_pool (2.2.2)
     countries (2.1.4)
       i18n_data (~> 0.8.0)
@@ -230,7 +230,7 @@ GEM
     hubspot-ruby (0.9.0)
       activesupport (>= 3.0.0)
       httparty (>= 0.10.0)
-    i18n (1.8.2)
+    i18n (1.8.3)
       concurrent-ruby (~> 1.0)
     i18n_data (0.8.0)
     i18n_yaml_sorter (0.2.0)
@@ -270,22 +270,22 @@ GEM
       ruby_dep (~> 1.2)
     loaf (0.8.1)
       rails (>= 3.2)
-    loofah (2.4.0)
+    loofah (2.6.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
       mini_mime (>= 0.1.1)
     marcel (0.3.3)
       mimemagic (~> 0.3.2)
-    method_source (0.9.2)
+    method_source (1.0.0)
     mime-types (3.3)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2019.0904)
-    mimemagic (0.3.3)
+    mimemagic (0.3.5)
     mini_magick (4.9.5)
     mini_mime (1.0.2)
     mini_portile2 (2.4.0)
-    minitest (5.14.0)
+    minitest (5.14.1)
     monetize (1.9.2)
       money (~> 6.12)
     money (6.13.4)
@@ -298,8 +298,8 @@ GEM
     msgpack (1.3.1)
     multi_xml (0.6.0)
     multipart-post (2.1.1)
-    nio4r (2.5.1)
+    nio4r (2.5.2)
-    nokogiri (1.10.7)
+    nokogiri (1.10.9)
       mini_portile2 (~> 2.4.0)
     oath (1.1.0)
       bcrypt
@@ -337,20 +337,20 @@ GEM
       rack
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (6.0.0)
+    rails (6.0.3.2)
-      actioncable (= 6.0.0)
+      actioncable (= 6.0.3.2)
-      actionmailbox (= 6.0.0)
+      actionmailbox (= 6.0.3.2)
-      actionmailer (= 6.0.0)
+      actionmailer (= 6.0.3.2)
-      actionpack (= 6.0.0)
+      actionpack (= 6.0.3.2)
-      actiontext (= 6.0.0)
+      actiontext (= 6.0.3.2)
-      actionview (= 6.0.0)
+      actionview (= 6.0.3.2)
-      activejob (= 6.0.0)
+      activejob (= 6.0.3.2)
-      activemodel (= 6.0.0)
+      activemodel (= 6.0.3.2)
-      activerecord (= 6.0.0)
+      activerecord (= 6.0.3.2)
-      activestorage (= 6.0.0)
+      activestorage (= 6.0.3.2)
-      activesupport (= 6.0.0)
+      activesupport (= 6.0.3.2)
       bundler (>= 1.3.0)
-      railties (= 6.0.0)
+      railties (= 6.0.3.2)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.4)
       actionpack (>= 5.0.1.x)
@@ -363,9 +363,9 @@ GEM
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.3.0)
       loofah (~> 2.3)
-    railties (6.0.0)
+    railties (6.0.3.2)
-      actionpack (= 6.0.0)
+      actionpack (= 6.0.3.2)
-      activesupport (= 6.0.0)
+      activesupport (= 6.0.3.2)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.20.3, < 2.0)
@@ -469,7 +469,7 @@ GEM
     turbolinks-source (5.2.0)
     typhoeus (1.3.1)
       ethon (>= 0.9.0)
-    tzinfo (1.2.6)
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
     uglifier (4.1.20)
       execjs (>= 0.3.0, < 3)
@@ -494,9 +494,9 @@ GEM
       activesupport (>= 4.2)
       rack-proxy (>= 0.6.1)
       railties (>= 4.2)
-    websocket-driver (0.7.1)
+    websocket-driver (0.7.2)
       websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.4)
+    websocket-extensions (0.1.5)
     will_paginate (3.2.1)
     will_paginate-bootstrap4 (0.2.2)
       will_paginate (~> 3.0, >= 3.0.0)
@@ -504,7 +504,7 @@ GEM
     wkhtmltopdf-heroku (2.12.5.0)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.2.2)
+    zeitwerk (2.3.1)
 
 PLATFORMS
   ruby
@@ -561,7 +561,7 @@ DEPENDENCIES
   rack!
   rack-contrib (~> 2.0.1)
   rack-cors
-  rails (~> 6.0.0)
+  rails (~> 6.0.3.1)
   rails-controller-testing (~> 1.0.4)
   rails-data-migrations (~> 1.2.0)
   redcarpet (~> 3.4.0)

app/controllers/appearance_releases_controller.rb

@@ -77,9 +77,43 @@ class AppearanceReleasesController < ApplicationController
     results
   end
 
+  def person_params
+    %i[
+      person_first_name
+      person_last_name
+      person_phone
+      person_email
+      person_photo
+      person_address_street1
+    ]
+  end
+
+  def guardian_params
+    %i[
+      guardian_first_name
+      guardian_last_name
+      guardian_phone
+      guardian_email
+      guardian_photo
+      guardian_address_street1
+    ]
+  end
+
+  def second_guardian_params
+    %i[
+      guardian_2_first_name
+      guardian_2_last_name
+      guardian_2_phone
+      guardian_2_email
+      guardian_2_photo
+      guardian_2_address_street1
+    ]
+  end
+
   def appearance_release_params
-    params.require(:appearance_release).permit(:contract, :guardian_address_street1, :guardian_first_name, :guardian_last_name, :guardian_phone, :guardian_photo, :guardian_email, :minor,
+    params.require(:appearance_release).permit(person_params,
-                                               :person_address_street1, :person_first_name, :person_last_name, :person_phone, :person_email, :person_photo,
+                                               guardian_params, second_guardian_params,
+                                               :contract, :minor,
                                                :applicable_medium_id, :applicable_medium_text,
                                                :territory_id, :territory_text,
                                                :term_id, :term_text, :person_date_of_birth,

app/policies/acquired_media_release_policy.rb

@@ -12,7 +12,7 @@ class AcquiredMediaReleasePolicy < ApplicationPolicy
   end
 
   def destroy?
-    true
+    user.manager? || user.account_manager?
   end
 
   def tag_multiple?

app/policies/appearance_release_policy.rb

@@ -16,7 +16,7 @@ class AppearanceReleasePolicy < ReleasePolicy
   end
 
   def destroy?
-    true
+    user.manager? || user.account_manager?
   end
 
   def tag_multiple?

app/policies/location_release_policy.rb

@@ -16,7 +16,7 @@ class LocationReleasePolicy < ReleasePolicy
   end
 
   def destroy?
-    true
+    user.manager? || user.account_manager?
   end
 
   def edit_photos?

app/policies/material_release_policy.rb

@@ -16,7 +16,7 @@ class MaterialReleasePolicy < ReleasePolicy
   end
 
   def destroy?
-    true
+    user.manager? || user.account_manager?
   end
 
   def edit_photos?

app/policies/medical_release_policy.rb

@@ -12,7 +12,7 @@ class MedicalReleasePolicy < ReleasePolicy
   end
 
   def destroy?
-    true
+    user.manager? || user.account_manager?
   end
 
   def edit_photos?

app/policies/misc_release_policy.rb

@@ -12,7 +12,7 @@ class MiscReleasePolicy < ReleasePolicy
   end
 
   def destroy?
-    true
+    user.manager? || user.account_manager?
   end
 
   def edit_photos?

app/policies/music_release_policy.rb

@@ -12,7 +12,7 @@ class MusicReleasePolicy < ReleasePolicy
   end
 
   def destroy?
-    true
+    user.manager? || user.account_manager?
   end
 
   def tag_multiple?

app/policies/talent_release_policy.rb

@@ -12,7 +12,7 @@ class TalentReleasePolicy < ReleasePolicy
   end
 
   def destroy?
-    true
+    user.manager? || user.account_manager?
   end
 
   def edit_photos?

app/views/appearance_releases/_form.html.erb

@@ -17,17 +17,25 @@
     </div>
 
     <div class="<%= class_string("collapse" => !appearance_release.minor?) %>" data-ujs-target="guardian-fields">
-      <div class="form-row">
+      <%= card_field_set_tag t(".guardian_info.heading") do %>
-        <%= form.text_field :guardian_first_name, required: appearance_release.minor?, wrapper_class: "col-sm-3" %>
+        <div class="form-row">
-        <%= form.text_field :guardian_last_name, required: appearance_release.minor?, wrapper_class: "col-sm-3" %>
+          <%= form.text_field :guardian_first_name, required: appearance_release.minor?, wrapper_class: "col-sm-3" %>
-        <%= form.phone_field :guardian_phone, wrapper_class: "col-sm-6" %>
+          <%= form.text_field :guardian_last_name, required: appearance_release.minor?, wrapper_class: "col-sm-3" %>
-      </div>
+          <%= form.phone_field :guardian_phone, wrapper_class: "col-sm-6" %>
-      <div class="form-row">
+          <%= form.text_field :guardian_email, wrapper_class: "col-sm-6" %>
-        <%= form.text_field :guardian_email, wrapper_class: "col-sm-6" %>
+          <%= form.text_field :guardian_address_street1, wrapper_class: "col-sm-6" %>
-      </div>
+        </div>
-      <div class="form-row">
+      <% end %>
-        <%= form.text_field :guardian_address_street1, wrapper_class: "col-sm-6" %>
+
-      </div>
+      <%= card_field_set_tag t(".guardian_2_info.heading") do %>
+        <div class="form-row">
+          <%= form.text_field :guardian_2_first_name, wrapper_class: "col-sm-3" %>
+          <%= form.text_field :guardian_2_last_name, wrapper_class: "col-sm-3" %>
+          <%= form.phone_field :guardian_2_phone, wrapper_class: "col-sm-6" %>
+          <%= form.text_field :guardian_2_email, wrapper_class: "col-sm-6" %>
+          <%= form.text_field :guardian_2_address_street1, wrapper_class: "col-sm-6" %>
+        </div>
+      <% end %>
     </div>
   <% end %>
 
@@ -62,20 +70,36 @@
     <div class="<%= class_string("collapse" => !appearance_release.minor?) %>" data-ujs-target="guardian-fields">
       <div class="text-left">
         <p><%= t(".photos.guardian_photo.heading") %></p>
-        <div class="d-inline-block mb-2" data-behavior="guardian-photo-preview" data-file-input="[data-ujs-target=guardian-photo-input]">
+        <div id='guardian-photo-preview' class="d-inline-block mb-2" data-behavior="guardian-photo-preview" data-file-input="[data-ujs-target=guardian-photo-input]">
           <div class="align-items-center d-flex photo-preview img-thumbnail justify-content-center">
             <span>No photo yet</span>
           </div>
         </div>
         <% if appearance_release.guardian_photo.attached? %>
           <%= javascript_tag nonce: true do %>
-            App.PhotoPreview.set("[data-behavior=guardian-photo-preview]", "<%= url_for(appearance_release.guardian_photo.variant(auto_orient: true, resize: '200x200')) %>");
+            App.PhotoPreview.set("#guardian-photo-preview", "<%= url_for(appearance_release.guardian_photo.variant(auto_orient: true, resize: '200x200')) %>");
           <% end %>
         <% end %>
         <div class="d-inline-block">
           <%= form.hidden_field :guardian_photo, value: form.object.guardian_photo.signed_id if appearance_release.guardian_photo.attached?%>
           <%= form.file_field :guardian_photo, hide_label: true, data: { ujs_target: "guardian-photo-input" }, help: "PNG or JPG only", accept: appearance_release.class.face_photo_acceptable_content_types.join(",") %>
         </div>
+
+        <p><%= t(".photos.guardian_2_photo.heading") %></p>
+        <div id='guardian-2-photo-preview' class="d-inline-block mb-2" data-behavior="guardian-photo-preview" data-file-input="[data-ujs-target=guardian-2-photo-input]">
+          <div class="align-items-center d-flex photo-preview img-thumbnail justify-content-center">
+            <span>No photo yet</span>
+          </div>
+        </div>
+        <% if appearance_release.guardian_2_photo.attached? %>
+          <%= javascript_tag nonce: true do %>
+            App.PhotoPreview.set("#guardian-2-photo-preview", "<%= url_for(appearance_release.guardian_2_photo.variant(auto_orient: true, resize: '200x200')) %>");
+          <% end %>
+        <% end %>
+        <div class="d-inline-block">
+          <%= form.hidden_field :guardian_2_photo, value: form.object.guardian_2_photo.signed_id if appearance_release.guardian_2_photo.attached?%>
+          <%= form.file_field :guardian_2_photo, hide_label: true, data: { ujs_target: "guardian-2-photo-input" }, help: "PNG or JPG only", accept: appearance_release.class.face_photo_acceptable_content_types.join(",") %>
+        </div>
       </div>
     </div>
   <% end %>

app/views/contracts/_medical_questionnaire.html.erb

@@ -0,0 +1,8 @@
+<p class="heading"><strong><u><%= t ".heading" %></u></strong></p>
+  
+<% (1..MedicalRelease::NUMBER_OF_CUSTOM_FIELDS).each do |n| %>
+  <% if contract_template.public_send("question_#{n}_text").present? %>
+    <p><strong><%= contract_template.public_send("question_#{n}_text") %></strong></p>
+    <p><%= releasable.public_send("question_#{n}_answer") %></p>
+  <% end %>
+<% end %>

app/views/contracts/_signature_page.html.erb

@@ -39,15 +39,6 @@
   <% end %>
 </dl>
 
-<% if releasable.model_name == "MedicalRelease" %>
-  <% (1..MedicalRelease::NUMBER_OF_CUSTOM_FIELDS).each do |n| %>
-    <% if contract_template.public_send("question_#{n}_text").present? %>
-      <p><strong><%= contract_template.public_send("question_#{n}_text") %></strong></p>
-      <p><%= releasable.public_send("question_#{n}_answer") %></p>
-    <% end %>
-  <% end %>
-<% end %>
-
 <% if releasable.minor? %>
   <br/>
   <p class="text-left"><strong>Guardian Information</strong></p>

app/views/contracts/pdf.html.erb

@@ -15,6 +15,13 @@
   <p class="text-left"><strong>Guardian Clause</strong></p>
   <%= contract_template.guardian_clause %>
 <% end %>
+
+<% if releasable.model_name == "MedicalRelease" %>
+  <div class="page">
+    <%= render "contracts/medical_questionnaire", releasable: releasable, contract_template: contract_template, preview: preview %>
+  </div>  
+<% end %>
+
 <div class="page">
   <%= render "contracts/signature_page", releasable: releasable, contract_template: contract_template, preview: preview %>
 </div>

config/locales/en.yml

@@ -123,9 +123,15 @@ en:
     form:
       contract_and_rights:
         heading: 2 of 3 Contract & Exploitable Rights
+      guardian_2_info:
+        heading: Second Guardian Information (if company requires)
+      guardian_info:
+        heading: Guardian Information
       person_details:
         heading: 1 of 3 Person Details
       photos:
+        guardian_2_photo:
+          heading: Second Guardian Photo
         guardian_photo:
           heading: Guardian Photo
         heading: 3 of 3 Photo
@@ -240,6 +246,8 @@ en:
     new:
       heading: New Release Template
   contracts:
+    medical_questionnaire:
+      heading: Medical Questionnaire
     photos:
       guardian_2_photo_heading: Second guardian photo
       guardian_photo_heading: Guardian photo

config/locales/es.yml

@@ -28,7 +28,13 @@ es:
       matching_started: Matching started (ES)
       no_attachments: Failed to import - no attachments (ES)
     form:
+      guardian_2_info:
+        heading: Second Guardian Information (if company requires) (ES)
+      guardian_info:
+        heading: Guardian Information (ES)
       photos:
+        guardian_2_photo:
+          heading: Second Guardian Photo (ES)
         guardian_photo:
           heading: Guardian Photo (ES)
         person_photo:

spec/features/user_managing_appearance_releases_spec.rb

@@ -194,6 +194,28 @@ feature 'User managing appearance releases' do
       expect(page).to have_content 'New Jane'
     end
 
+    scenario 'user can enter information for second guardian when editing non native release for minor', js: true do
+      appearance_release = create(:appearance_release, :non_native, :minor, project: project)
+
+      visit edit_appearance_release_path(appearance_release)
+
+      expect(page).to have_content guardian_2_first_name_field.titleize
+      expect(page).to have_content guardian_2_photo_heading
+
+      fill_in guardian_first_name_field, with: 'Guardian'
+      fill_in guardian_last_name_field, with: 'Name'
+      attach_file guardian_photo_field, file_fixture('hemsworth.jpeg'), visible: :all
+
+      fill_in guardian_2_first_name_field, with: 'Second'
+      fill_in guardian_2_last_name_field, with: 'guardian'
+      attach_file guardian_2_photo_field, file_fixture('person_photo.png'), visible: :all
+
+      click_button submit_update_button
+
+      expect(page).to have_content successful_update_message
+      expect(AppearanceRelease.last.guardian_2_photo.attached?).to eq true
+    end
+
     scenario 'progress bar shows when user imports a release', js: true do
       visit project_appearance_releases_path(project)
 
@@ -557,6 +579,10 @@ feature 'User managing appearance releases' do
     'appearance_release[guardian_photo]'
   end
 
+  def guardian_2_photo_field
+    'appearance_release[guardian_2_photo]'
+  end
+
   def person_name_field
     t('helpers.label.appearance_release.person_name')
   end
@@ -662,4 +688,12 @@ feature 'User managing appearance releases' do
   def successful_destroy_message
     'The release has been deleted'
   end
+
+  def guardian_photo_heading
+    t 'appearance_releases.form.photos.guardian_photo.heading'
+  end
+
+  def guardian_2_photo_heading
+    t 'appearance_releases.form.photos.guardian_2_photo.heading'
+  end
 end

spec/models/account_spec.rb

@@ -133,7 +133,8 @@ RSpec.describe Account do
         ZoomMeeting,
         MedicalRelease,
         MiscRelease,
-        MatchingRequest
+        MatchingRequest,
+        ActionMailbox::InboundEmail # This is Rails model, we are not using it and it is NOT added to the Account#storage_total calculation
       ]
       Rails.application.eager_load!
       ActiveRecord::Base.descendants.each do |model|

spec/policies/acquired_media_release_policy_spec.rb

@@ -1,7 +1,8 @@
 require "rails_helper"
 
 describe AcquiredMediaReleasePolicy do
-  let(:user_context) { build(:user_context) }
+  let(:user) { create(:user, :manager) }
+  let(:user_context) { build(:user_context, user: user, account: user.primary_account) }
 
   subject { described_class }
 
@@ -24,6 +25,14 @@ describe AcquiredMediaReleasePolicy do
   end
 
   permissions :destroy? do
-    it { is_expected.to permit(:destroy) }
+    it { is_expected.to permit(user_context, :destroy) }
+  end
+
+  context "for an associate" do
+    let(:user) { create(:user, :associate) }
+
+    permissions :destroy? do
+      it { is_expected.not_to permit(user_context, :destroy) }
+    end
   end
 end

spec/policies/appearance_release_policy_spec.rb

@@ -1,7 +1,8 @@
 require "rails_helper"
 
 describe AppearanceReleasePolicy do
-  let(:user_context) { build(:user_context) }
+  let(:user) { create(:user, :manager) }
+  let(:user_context) { build(:user_context, user: user, account: user.primary_account) }
 
   subject { described_class }
 
@@ -24,6 +25,14 @@ describe AppearanceReleasePolicy do
   end
 
   permissions :destroy? do
-    it { is_expected.to permit(:destroy) }
+    it { is_expected.to permit(user_context, :destroy) }
+  end
+
+  context "for an associate" do
+    let(:user) { create(:user, :associate) }
+
+    permissions :destroy? do
+      it { is_expected.not_to permit(user_context, :destroy) }
+    end
   end
 end

spec/policies/location_release_policy_spec.rb

@@ -1,7 +1,8 @@
 require "rails_helper"
 
 describe LocationReleasePolicy do
-  let(:user_context) { build(:user_context) }
+  let(:user) { create(:user, :manager) }
+  let(:user_context) { build(:user_context, user: user, account: user.primary_account) }
 
   subject { described_class }
 
@@ -23,10 +24,6 @@ describe LocationReleasePolicy do
     end
   end
 
-  permissions :destroy? do
-    it { is_expected.to permit(:destroy) }
-  end
-
   permissions :edit_photos? do
     it { is_expected.to permit(:edit_photos) }
   end
@@ -34,4 +31,16 @@ describe LocationReleasePolicy do
   permissions :update_photos? do
     it { is_expected.to permit(:update_photos) }
   end
+
+  permissions :destroy? do
+    it { is_expected.to permit(user_context, :destroy) }
+  end
+
+  context "for an associate" do
+    let(:user) { create(:user, :associate) }
+
+    permissions :destroy? do
+      it { is_expected.not_to permit(user_context, :destroy) }
+    end
+  end
 end

spec/policies/material_release_policy_spec.rb

@@ -1,7 +1,8 @@
 require "rails_helper"
 
 describe MaterialReleasePolicy do
-  let(:user_context) { build(:user_context) }
+  let(:user) { create(:user, :manager) }
+  let(:user_context) { build(:user_context, user: user, account: user.primary_account) }
 
   subject { described_class }
 
@@ -23,10 +24,6 @@ describe MaterialReleasePolicy do
     end
   end
 
-  permissions :destroy? do
-    it { is_expected.to permit(:destroy) }
-  end
-
   permissions :edit_photos? do
     it { is_expected.to permit(:edit_photos) }
   end
@@ -34,4 +31,16 @@ describe MaterialReleasePolicy do
   permissions :update_photos? do
     it { is_expected.to permit(:update_photos) }
   end
+
+  permissions :destroy? do
+    it { is_expected.to permit(user_context, :destroy) }
+  end
+
+  context "for an associate" do
+    let(:user) { create(:user, :associate) }
+
+    permissions :destroy? do
+      it { is_expected.not_to permit(user_context, :destroy) }
+    end
+  end
 end

spec/policies/medical_release_policy_spec.rb

@@ -1,7 +1,8 @@
 require "rails_helper"
 
 describe MedicalReleasePolicy do
-  let(:user_context) { build(:user_context) }
+  let(:user) { create(:user, :manager) }
+  let(:user_context) { build(:user_context, user: user, account: user.primary_account) }
 
   subject { described_class }
 
@@ -23,10 +24,6 @@ describe MedicalReleasePolicy do
     end
   end
 
-  permissions :destroy? do
-    it { is_expected.to permit(:destroy) }
-  end
-
   permissions :edit_photos? do
     it { is_expected.to permit(:edit_photos) }
   end
@@ -34,4 +31,16 @@ describe MedicalReleasePolicy do
   permissions :update_photos? do
     it { is_expected.to permit(:update_photos) }
   end
+
+  permissions :destroy? do
+    it { is_expected.to permit(user_context, :destroy) }
+  end
+
+  context "for an associate" do
+    let(:user) { create(:user, :associate) }
+
+    permissions :destroy? do
+      it { is_expected.not_to permit(user_context, :destroy) }
+    end
+  end
 end

spec/policies/misc_release_policy_spec.rb

@@ -1,7 +1,8 @@
 require "rails_helper"
 
 describe MiscReleasePolicy do
-  let(:user_context) { build(:user_context) }
+  let(:user) { create(:user, :manager) }
+  let(:user_context) { build(:user_context, user: user, account: user.primary_account) }
 
   subject { described_class }
 
@@ -19,10 +20,6 @@ describe MiscReleasePolicy do
     end
   end
 
-  permissions :destroy? do
-    it { is_expected.to permit(:destroy) }
-  end
-
   permissions :edit_photos? do
     it { is_expected.to permit(:edit_photos) }
   end
@@ -30,4 +27,16 @@ describe MiscReleasePolicy do
   permissions :update_photos? do
     it { is_expected.to permit(:update_photos) }
   end
+
+  permissions :destroy? do
+    it { is_expected.to permit(user_context, :destroy) }
+  end
+
+  context "for an associate" do
+    let(:user) { create(:user, :associate) }
+
+    permissions :destroy? do
+      it { is_expected.not_to permit(user_context, :destroy) }
+    end
+  end
 end

spec/policies/music_release_policy_spec.rb

@@ -1,7 +1,8 @@
 require "rails_helper"
 
 RSpec.describe MusicReleasePolicy do
-  let(:user_context) { build(:user_context) }
+  let(:user) { create(:user, :manager) }
+  let(:user_context) { build(:user_context, user: user, account: user.primary_account) }
 
   subject { described_class }
 
@@ -18,6 +19,14 @@ RSpec.describe MusicReleasePolicy do
   end
 
   permissions :destroy? do
-    it { is_expected.to permit(:destroy) }
+    it { is_expected.to permit(user_context, :destroy) }
+  end
+
+  context "for an associate" do
+    let(:user) { create(:user, :associate) }
+
+    permissions :destroy? do
+      it { is_expected.not_to permit(user_context, :destroy) }
+    end
   end
 end

spec/policies/talent_release_policy_spec.rb

@@ -1,7 +1,8 @@
 require "rails_helper"
 
 describe TalentReleasePolicy do
-  let(:user_context) { build(:user_context) }
+  let(:user) { create(:user, :manager) }
+  let(:user_context) { build(:user_context, user: user, account: user.primary_account) }
 
   subject { described_class }
 
@@ -23,10 +24,6 @@ describe TalentReleasePolicy do
     end
   end
 
-  permissions :destroy? do
-    it { is_expected.to permit(:destroy) }
-  end
-
   permissions :edit_photos? do
     it { is_expected.to permit(:edit_photos) }
   end
@@ -34,4 +31,16 @@ describe TalentReleasePolicy do
   permissions :update_photos? do
     it { is_expected.to permit(:update_photos) }
   end
+
+  permissions :destroy? do
+    it { is_expected.to permit(user_context, :destroy) }
+  end
+
+  context "for an associate" do
+    let(:user) { create(:user, :associate) }
+
+    permissions :destroy? do
+      it { is_expected.not_to permit(user_context, :destroy) }
+    end
+  end
 end