Add feature flag for named access limiting

Author: GDSNewt

app/models/edition.rb

@@ -444,6 +444,8 @@ def error_labels
   end
 
   def access_limited_named_users=(users)
+    return unless Flipflop.enabled?(:access_limited_named_users)
+
     user_emails = users.split(",").map(&:strip).reject(&:empty?)
 
     user_emails.each do |email|

app/views/admin/editions/_access_limiting_fields.html.erb

@@ -16,23 +16,27 @@
           bold: true,
           checked: edition.organisations?,
         },
-        {
-          value: :named_users,
-          text: "Limit access to named publishers",
-          bold: true,
-          checked: edition.named_users?,
-          conditional: (render "govuk_publishing_components/components/textarea", {
-            label: {
-              text: "Add publishers who will have access",
-              bold: true,
-            },
-            name: "edition[access_limited_named_users]",
-            textarea_id: "edition_access_limited_named_users",
-            error_message: nil,
-            value: nil,
-            hint: "Add the emails of the publishers who will have access to this document before publishing. After publishing the document will be available to all publishers in the organisation associated with this document"
-          }),
-        },
-      ],
+        (
+          Flipflop.enabled?(:access_limited_named_users) ?
+          {
+            value: :named_users,
+            text: "Limit access to named publishers",
+            bold: true,
+            checked: edition.named_users?,
+            conditional: render("govuk_publishing_components/components/textarea", {
+              label: {
+                text: "Add publishers who will have access",
+                bold: true,
+              },
+              name: "edition[access_limited_named_users]",
+              textarea_id: "edition_access_limited_named_users",
+              error_message: nil,
+              value: nil,
+              hint: "Add the emails of the publishers who will have access to this document before publishing. After publishing the document will be available to all publishers in the organisation associated with this document",
+            })
+          }
+          : nil
+        ),
+      ].compact,
     } %>
 </div>

config/features.rb

@@ -33,4 +33,7 @@
   feature :configurable_document_types,
           description: "Enable 'in development' config-driven document types (alongside the 'live' ones)",
           default: Rails.env.development?
+  feature :access_limited_named_users,
+          description: "Allow documents to be access-limited to specific named editors by email",
+          default: false
 end

test/unit/app/models/edition_test.rb

@@ -1007,6 +1007,26 @@ class EditionTest < ActiveSupport::TestCase
     assert_not edition.valid?
   end
 
+  test "access_limited_named_users= creates EditionUserAccess records when feature is enabled" do
+    edition = create(:edition)
+    Flipflop.stubs(:enabled?).with(:access_limited_named_users).returns(true)
+
+    edition.access_limited_named_users = "user1@example.com, user2@example.com"
+
+    assert_equal 2, edition.edition_user_accesses.count
+    assert_equal ["user1@example.com", "user2@example.com"],
+                 edition.edition_user_accesses.pluck(:email).sort
+  end
+
+  test "access_limited_named_users= does nothing when feature is disabled" do
+    edition = create(:edition)
+    Flipflop.stubs(:enabled?).with(:access_limited_named_users).returns(false)
+
+    edition.access_limited_named_users = "user1@example.com, user2@example.com"
+
+    assert_equal 0, edition.edition_user_accesses.count
+  end
+
   def decoded_token_payload(token)
     payload, _header = JWT.decode(
       token,