baarkerlounger
/
submit-social-housing-lettings-and-sales-data
mirror of https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Submit social housing lettings and sales data (CORE)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
945 Commits
233 Branches
250 Tags
74 MiB
Tree: 0142d476ca
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0142d476ca'
${ noResults }
submit-social-housing-letti.../spec/requests/users_controller_spec.rb

308 lines
9.0 KiB
Raw Normal View History Unescape

Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
require "rails_helper"
Use Notify rather than Gmail for devise emails (#241) * Use Notify rather than Gmail for devise emails * Remove Devise mailer views * Use real account template IDs
3 years ago
RSpec.describe UsersController, type: :request do
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
let(:user) { FactoryBot.create(:user) }
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
let(:unauthorised_user) { FactoryBot.create(:user) }
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
let(:headers) { { "Accept" => "text/html" } }
let(:page) { Capybara::Node::Simple.new(response.body) }
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
let(:new_value) { "new test name" }
let(:params) { { id: user.id, user: { name: new_value } } }
Rubocop rspec fixes (#264)
3 years ago
let(:notify_client) { instance_double(Notifications::Client) }
Rspec rubocop cleanup (#266) * Devise token stubs * Case logs controller stubs * More devise token stubs * And another one bites the dust * 2 left * All cops pass
3 years ago
let(:devise_notify_mailer) { DeviseNotifyMailer.new }
Use Notify rather than Gmail for devise emails (#241) * Use Notify rather than Gmail for devise emails * Remove Devise mailer views * Use real account template IDs
3 years ago
before do
Rspec rubocop cleanup (#266) * Devise token stubs * Case logs controller stubs * More devise token stubs * And another one bites the dust * 2 left * All cops pass
3 years ago
allow(DeviseNotifyMailer).to receive(:new).and_return(devise_notify_mailer)
allow(devise_notify_mailer).to receive(:notify_client).and_return(notify_client)
Use Notify rather than Gmail for devise emails (#241) * Use Notify rather than Gmail for devise emails * Remove Devise mailer views * Use real account template IDs
3 years ago
allow(notify_client).to receive(:send_email).and_return(true)
end
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
Rubocop rspec fixes (#264)
3 years ago
context "when user is not signed in" do
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
describe "#show" do
it "does not let you see user details" do
get "/users/#{user.id}", headers: headers, params: {}
Update tests for user account routes
3 years ago
expect(response).to redirect_to("/account/sign-in")
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
end
end
describe "#edit" do
it "does not let you edit user details" do
get "/users/#{user.id}/edit", headers: headers, params: {}
Update tests for user account routes
3 years ago
expect(response).to redirect_to("/account/sign-in")
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
end
end
describe "#password" do
it "does not let you edit user passwords" do
get "/users/#{user.id}/password/edit", headers: headers, params: {}
Update tests for user account routes
3 years ago
expect(response).to redirect_to("/account/sign-in")
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
end
end
describe "#patch" do
it "does not let you update user details" do
Use ‘logs’ in URL slug
3 years ago
patch "/logs/#{user.id}", params: {}
Update tests for user account routes
3 years ago
expect(response).to redirect_to("/account/sign-in")
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
end
end
Fix password reset flow (#157) * Render gov uk reset view * Pass password reset token * Test password update and sign in * The cop is working
3 years ago
describe "reset password" do
it "renders the user edit password view" do
_raw, enc = Devise.token_generator.generate(User, :reset_password_token)
Update tests for user account routes
3 years ago
get "/account/password/edit?reset_password_token=#{enc}"
Fix password reset flow (#157) * Render gov uk reset view * Pass password reset token * Test password update and sign in * The cop is working
3 years ago
expect(page).to have_css("h1", class: "govuk-heading-l", text: "Reset your password")
end
Validate that password match when updating and show errors if they don't (#158) * Validate that password match and show error if not * User spec * Test user update failure * Format error messages for Form builder gem * Test error message
3 years ago
Rubocop rspec fixes (#264)
3 years ago
context "when updating a user password" do
context "when the reset token is valid" do
Expired password reset token flow (#233) * Update devise to return a 422 on token error * Update view to display formatted error * Add unit test
3 years ago
let(:params) do
{
id: user.id, user: { password: new_value, password_confirmation: "something_else" }
}
end
before do
sign_in user
put "/users/#{user.id}", headers: headers, params: params
end
Validate that password match when updating and show errors if they don't (#158) * Validate that password match and show error if not * User spec * Test user update failure * Format error messages for Form builder gem * Test error message
3 years ago
Expired password reset token flow (#233) * Update devise to return a 422 on token error * Update view to display formatted error * Add unit test
3 years ago
it "shows an error if passwords don't match" do
expect(response).to have_http_status(:unprocessable_entity)
expect(page).to have_selector("#error-summary-title")
expect(page).to have_content("Password confirmation doesn't match Password")
end
Validate that password match when updating and show errors if they don't (#158) * Validate that password match and show error if not * User spec * Test user update failure * Format error messages for Form builder gem * Test error message
3 years ago
end
Rubocop rspec fixes (#264)
3 years ago
context "when a reset token is more than 3 hours old" do
Expired password reset token flow (#233) * Update devise to return a 422 on token error * Update view to display formatted error * Add unit test
3 years ago
let(:raw) { user.send_reset_password_instructions }
let(:params) do
{
id: user.id,
user: {
password: new_value,
password_confirmation: new_value,
reset_password_token: raw,
},
}
end
before do
Rspec rubocop cleanup (#266) * Devise token stubs * Case logs controller stubs * More devise token stubs * And another one bites the dust * 2 left * All cops pass
3 years ago
allow(User).to receive(:find_or_initialize_with_error_by).and_return(user)
allow(user).to receive(:reset_password_sent_at).and_return(4.hours.ago)
Update tests for user account routes
3 years ago
put "/account/password", headers: headers, params: params
Expired password reset token flow (#233) * Update devise to return a 422 on token error * Update view to display formatted error * Add unit test
3 years ago
end
it "shows an error" do
expect(response).to have_http_status(:unprocessable_entity)
expect(page).to have_selector("#error-summary-title")
expect(page).to have_content("Reset password token has expired, please request a new one")
end
Validate that password match when updating and show errors if they don't (#158) * Validate that password match and show error if not * User spec * Test user update failure * Format error messages for Form builder gem * Test error message
3 years ago
end
end
Fix password reset flow (#157) * Render gov uk reset view * Pass password reset token * Test password update and sign in * The cop is working
3 years ago
end
Change title link (#236) * Change title link * Add tests
3 years ago
describe "title link" do
it "routes user to the /logs page" do
Ruby 3.1 syntax rubocop
3 years ago
get "/", headers:, params: {}
Change title link (#236) * Change title link * Add tests
3 years ago
expected_link = "href=\"/\">#{I18n.t('service_name')}</a>"
expect(CGI.unescape_html(response.body)).to include(expected_link)
end
end
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
end
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
describe "#show" do
Rubocop rspec fixes (#264)
3 years ago
context "when the current user matches the user ID" do
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
before do
sign_in user
get "/users/#{user.id}", headers: headers, params: {}
end
it "show the user details" do
expect(page).to have_content("Your account")
end
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
end
Rubocop rspec fixes (#264)
3 years ago
context "when the current user does not matches the user ID" do
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
before do
sign_in user
get "/users/#{unauthorised_user.id}", headers: headers, params: {}
end
it "returns not found 404" do
expect(response).to have_http_status(:not_found)
end
Check template is shown (#191)
3 years ago
it "shows the 404 view" do
expect(page).to have_content("Page not found")
end
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
end
end
describe "#edit" do
Rubocop rspec fixes (#264)
3 years ago
context "when the current user matches the user ID" do
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
before do
sign_in user
get "/users/#{user.id}/edit", headers: headers, params: {}
end
it "show the edit personal details page" do
expect(page).to have_content("Change your personal details")
end
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
end
Rubocop rspec fixes (#264)
3 years ago
context "when the current user does not matches the user ID" do
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
before do
sign_in user
get "/users/#{unauthorised_user.id}/edit", headers: headers, params: {}
end
it "returns not found 404" do
expect(response).to have_http_status(:not_found)
end
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
end
end
describe "#edit_password" do
Rubocop rspec fixes (#264)
3 years ago
context "when the current user matches the user ID" do
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
before do
sign_in user
get "/users/#{user.id}/password/edit", headers: headers, params: {}
end
Set minimum password length (#309)
3 years ago
it "shows the edit password page" do
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
expect(page).to have_content("Change your password")
end
Set minimum password length (#309)
3 years ago
it "shows the password requirements hint" do
expect(page).to have_css("#user-password-hint")
end
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
end
Rubocop rspec fixes (#264)
3 years ago
context "when the current user does not matches the user ID" do
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
before do
sign_in user
get "/users/#{unauthorised_user.id}/edit", headers: headers, params: {}
end
it "returns not found 404" do
expect(response).to have_http_status(:not_found)
end
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
end
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
end
describe "#update" do
Rubocop rspec fixes (#264)
3 years ago
context "when the current user matches the user ID" do
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
before do
sign_in user
patch "/users/#{user.id}", headers: headers, params: params
end
it "updates the user" do
user.reload
expect(user.name).to eq(new_value)
end
CLDC-961: Model data versioning (#277) * Replace Discard with Paper Trail * Track who created or changed records via UI * Track model updates by AdminUsers
3 years ago
it "tracks who updated the record" do
user.reload
whodunnit_actor = user.versions.last.actor
expect(whodunnit_actor).to be_a(User)
expect(whodunnit_actor.id).to eq(user.id)
end
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
end
Rubocop rspec fixes (#264)
3 years ago
context "when the update fails to persist" do
Validate that password match when updating and show errors if they don't (#158) * Validate that password match and show error if not * User spec * Test user update failure * Format error messages for Form builder gem * Test error message
3 years ago
before do
sign_in user
Rspec rubocop cleanup (#266) * Devise token stubs * Case logs controller stubs * More devise token stubs * And another one bites the dust * 2 left * All cops pass
3 years ago
allow(User).to receive(:find_by).and_return(user)
allow(user).to receive(:update).and_return(false)
Validate that password match when updating and show errors if they don't (#158) * Validate that password match and show error if not * User spec * Test user update failure * Format error messages for Form builder gem * Test error message
3 years ago
patch "/users/#{user.id}", headers: headers, params: params
end
it "show an error" do
expect(response).to have_http_status(:unprocessable_entity)
end
end
Rubocop rspec fixes (#264)
3 years ago
context "when the current user does not matches the user ID" do
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
let(:params) { { id: unauthorised_user.id, user: { name: new_value } } }
before do
sign_in user
patch "/users/#{unauthorised_user.id}", headers: headers, params: params
end
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
CLDC-769: Scope authentication to the correct resources (#143) * Scope auth for org pages * Scope user methods * Refactor form UI controller * More tests for access * Consistently return not found for scoped auth * Add ADR * Authenticate bulk uploads * Authenticate soft validations controller * Scope bulk upload to user's org for now * Pass through current user * Update docs/adr/adr-012-controller-http-return-statuses.md Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> * Update spec/requests/case_log_controller_spec.rb Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com> Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
3 years ago
it "returns not found 404" do
expect(response).to have_http_status(:not_found)
end
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
end
Validate that password match when updating and show errors if they don't (#158) * Validate that password match and show error if not * User spec * Test user update failure * Format error messages for Form builder gem * Test error message
3 years ago
Rubocop rspec fixes (#264)
3 years ago
context "when we update the user password" do
Validate that password match when updating and show errors if they don't (#158) * Validate that password match and show error if not * User spec * Test user update failure * Format error messages for Form builder gem * Test error message
3 years ago
let(:params) do
{
id: user.id, user: { password: new_value, password_confirmation: "something_else" }
}
end
before do
sign_in user
patch "/users/#{user.id}", headers: headers, params: params
end
it "shows an error if passwords don't match" do
expect(response).to have_http_status(:unprocessable_entity)
expect(page).to have_selector("#error-summary-title")
end
end
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
end
Change title link (#236) * Change title link * Add tests
3 years ago
Sentry fixes (#373) * Show validation error if user email already exists instead of crashing * Use translation strings * When answer option is mapped just display directly * Validate provider type presence
3 years ago
describe "#create" do
let(:params) do
{
"user": {
name: "new user",
email: "new_user@example.com",
role: "data_coordinator",
},
}
end
let(:request) { post "/users/", headers: headers, params: params }
before do
sign_in user
end
it "invites a new user" do
expect { request }.to change(User, :count).by(1)
end
it "redirects back to organisation users page" do
request
expect(response).to redirect_to("/organisations/#{user.organisation.id}/users")
end
context "when the email is already taken" do
before do
FactoryBot.create(:user, email: "new_user@example.com")
end
it "shows an error" do
request
expect(response).to have_http_status(:unprocessable_entity)
expect(page).to have_content(I18n.t("validations.email.taken"))
end
end
end
Change title link (#236) * Change title link * Add tests
3 years ago
describe "title link" do
before do
sign_in user
end
it "routes user to the /logs page" do
Ruby 3.1 syntax rubocop
3 years ago
get "/", headers:, params: {}
Change title link (#236) * Change title link * Add tests
3 years ago
expected_link = "href=\"/logs\">#{I18n.t('service_name')}</a>"
Redirect logged in users to /logs from the index page (#243) * redirect logged in users to /logs from the index page * Fix tests Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com> Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com>
3 years ago
follow_redirect!
Change title link (#236) * Change title link * Add tests
3 years ago
expect(CGI.unescape_html(response.body)).to include(expected_link)
end
end
Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation
3 years ago
end