baarkerlounger
/
submit-social-housing-lettings-and-sales-data
mirror of https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Submit social housing lettings and sales data (CORE)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1313 Commits
233 Branches
250 Tags
74 MiB
Tree: 04760076a5
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '04760076a5'
${ noResults }
submit-social-housing-letti.../app/models/user.rb

140 lines
3.5 KiB
Raw Normal View History Unescape

Add devise gem and a first test for user login Devise is a commonly used gem for user authentication and management. Using rails generators and Devise allows us to get a lot of boilerplate code for user authentication and management and means we don't have to revinvent the wheel. Styling will need to be done for the necessary pages and there are likely to be bits of generated code that can be deleted. This will act as a starting point to be built up from using TDD.
3 years ago
class User < ApplicationRecord
# Include default devise modules. Others available are:
Confirmable (#580) * Confirmable * Remove obsolete rake task * Skip confirmation for inactive users * Send beta onboarding template if migrated from Softwire * Default controller * Use correct link * Redirect confirmation to set password * Confirm account within 3 days * Only redirect to set password if not previously set * Rubocop * Confirm factory bot users * Set password condition * Changing email requires reconfirming * No need to explicitly trigger email, devise does that for us now * Remove flash banner * Mock notify * Mock in the right spec * Test redirect and text * User is confirmable * Rubocop * Redirect to url so we don't bypass authenticity token * Update content * Add test for resend invite flow * Update link to resend confirmation email * Rename password reset resend confirmation partial * Expired link error page * Remove resend confirmation link * Update seed * Expory contact * Time zone Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
2 years ago
# :omniauthable
CLDC-673: Organisation Page frontend (#122) * Add basic info read page * Header * Better org seed * Use gem component * Tabs * Users * Users is a table rather than a summary list * Table rows * User is trackable * Date format * View component init * Add pages and routes to render * Partials * Match the prototype design * Nested layout is nicer * Except of course they're not the same width * Add button with wrong link * Add user routes * Don't move account route for now * Add component test * Rubocop * Request spec * Test views * Add a feature spec for tab switching * Move styling methods into helper * PR suggestions * PR comments
3 years ago
devise :database_authenticatable, :recoverable, :rememberable, :validatable,
Confirmable (#580) * Confirmable * Remove obsolete rake task * Skip confirmation for inactive users * Send beta onboarding template if migrated from Softwire * Default controller * Use correct link * Redirect confirmation to set password * Confirm account within 3 days * Only redirect to set password if not previously set * Rubocop * Confirm factory bot users * Set password condition * Changing email requires reconfirming * No need to explicitly trigger email, devise does that for us now * Remove flash banner * Mock notify * Mock in the right spec * Test redirect and text * User is confirmable * Rubocop * Redirect to url so we don't bypass authenticity token * Update content * Add test for resend invite flow * Update link to resend confirmation email * Rename password reset resend confirmation partial * Expired link error page * Remove resend confirmation link * Update seed * Expory contact * Time zone Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
2 years ago
:trackable, :lockable, :two_factor_authenticatable, :confirmable, :timeoutable
CLDC-673: Organisation page (#114) * Add organisation model and user association * Add user admin panel * email * Update seeds * Update spec * Case logs belong to organisations * Org case log association * Add user case log association * User case log helper methods * Org case log relation helpers * Case log index page only shows your organisations case logs * No access to tasklist page for logs that aren't associated with your org * No access to form pages for case logs that aren't owned or managed by your org * Check answers access * Submit form access * Refactor out not found methods * Allow user admin update without password * Update feature specs * Rubocop * Update case log specs * Test admin user update without password * Spec grammar
3 years ago
belongs_to :organisation
has_many :owned_case_logs, through: :organisation
has_many :managed_case_logs, through: :organisation
Devise fields don't need versioning (#455)
3 years ago
has_paper_trail ignore: %w[last_sign_in_at
current_sign_in_at
current_sign_in_ip
last_sign_in_ip
failed_attempts
unlock_token
locked_at
reset_password_token
reset_password_sent_at
remember_created_at
sign_in_count
updated_at]
CLDC-961: Model data versioning (#277) * Replace Discard with Paper Trail * Track who created or changed records via UI * Track model updates by AdminUsers
3 years ago
CLDC-1100: Add a Customer Support user role (#454) * A support role exists that can see all case logs * Support role requires 2FA * Support user sees 2FA code screen on login * Use email for OTP code * Ensure resend paths work * Support user can see additional organisation columns on logs page * Simpler test * Remove spec description spaces
3 years ago
has_one_time_password(encrypted: true)
Refactor enums (#321) * Remove enums * Add some convenience methods to make validations more readable * Gender chars instead of ints * Remove incorrect API doc info for now * More convenience methods * Rename label from value method * Wrapper hbrentshortfall * Please the cop
3 years ago
ROLES = {
data_accessor: 0,
data_provider: 1,
data_coordinator: 2,
CLDC-1100: Add a Customer Support user role (#454) * A support role exists that can see all case logs * Support role requires 2FA * Support user sees 2FA code screen on login * Use email for OTP code * Ensure resend paths work * Support user can see additional organisation columns on logs page * Simpler test * Remove spec description spaces
3 years ago
support: 99,
Refactor enums (#321) * Remove enums * Add some convenience methods to make validations more readable * Gender chars instead of ints * Remove incorrect API doc info for now * More convenience methods * Rename label from value method * Wrapper hbrentshortfall * Please the cop
3 years ago
}.freeze
User roles (#138) * Users have roles * Add role to active admin * Add role to users table * Redirect organisation show to details * Remove users tab for data providers
3 years ago
enum role: ROLES
CLDC-1124: User search (#600) * Add search by name for users Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com> * Search is now non case sensitive * Made search work for data co-ordinators Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com> * Refactored to scope * Added search by email Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com> * WIP Commit - added test for if search term matches a name and an email address simultaneously. Also changed search result caption for organisations to display "Matches X of Y users" * Rubocop * Preload org * Linting * Refactor filtered_users into module * Only adjust query param if searched * Add data coordinator tests * Add table caption spec * Dupe attribute * Refactor into Search ViewComponent * Rubocop * Unit test user scopes Co-authored-by: Ted <ted.booton@madetech.com> Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com>
2 years ago
scope :search_by_name, ->(name) { where("name ILIKE ?", "%#{name}%") }
scope :search_by_email, ->(email) { where("email ILIKE ?", "%#{email}%") }
scope :filter_by_active, -> { where(active: true) }
scope :search_by, ->(param) { search_by_name(param).or(search_by_email(param)) }
CLDC-673: Organisation page (#114) * Add organisation model and user association * Add user admin panel * email * Update seeds * Update spec * Case logs belong to organisations * Org case log association * Add user case log association * User case log helper methods * Org case log relation helpers * Case log index page only shows your organisations case logs * No access to tasklist page for logs that aren't associated with your org * No access to form pages for case logs that aren't owned or managed by your org * Check answers access * Submit form access * Refactor out not found methods * Allow user admin update without password * Update feature specs * Rubocop * Update case log specs * Test admin user update without password * Spec grammar
3 years ago
def case_logs
CLDC-1100: Add a Customer Support user role (#454) * A support role exists that can see all case logs * Support role requires 2FA * Support user sees 2FA code screen on login * Use email for OTP code * Ensure resend paths work * Support user can see additional organisation columns on logs page * Simpler test * Remove spec description spaces
3 years ago
if support?
CaseLog.all
else
CLDC-1101: Case log filter by organisation (#522) * Rename org filter * Ensure filters work when ID is passed * UI init * Lint * Fix filter nesting * Reduce width * Set checked status of filters correctly * Test filter presence * Add filter test * Rubocop * Tweak styles for autocomplete within filter Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
3 years ago
CaseLog.filter_by_organisation(organisation)
CLDC-1100: Add a Customer Support user role (#454) * A support role exists that can see all case logs * Support role requires 2FA * Support user sees 2FA code screen on login * Use email for OTP code * Ensure resend paths work * Support user can see additional organisation columns on logs page * Simpler test * Remove spec description spaces
3 years ago
end
CLDC-673: Organisation page (#114) * Add organisation model and user association * Add user admin panel * email * Update seeds * Update spec * Case logs belong to organisations * Org case log association * Add user case log association * User case log helper methods * Org case log relation helpers * Case log index page only shows your organisations case logs * No access to tasklist page for logs that aren't associated with your org * No access to form pages for case logs that aren't owned or managed by your org * Check answers access * Submit form access * Refactor out not found methods * Allow user admin update without password * Update feature specs * Rubocop * Update case log specs * Test admin user update without password * Spec grammar
3 years ago
end
def completed_case_logs
case_logs.completed
end
def not_completed_case_logs
case_logs.not_completed
end
Fix sending reset email for admins (#313) * Fix sending reset email for admins * Reset does not let you bypass 2FA * Trigger SMS on admin password reset * Update flash message for 2FA * Update Admin Login header * Rubocop * 422 * Revert unused view
3 years ago
CLDC-1063: Key Contacts (#435) * Add data field * Add field to views * Only data coordinators can change role, dpo, keycontact * Import key contact field * Rubocop * Import data accessors * Handle non-unqiue email imports
3 years ago
def is_key_contact?
is_key_contact
end
def is_key_contact!
update(is_key_contact: true)
end
CLDC-771: Allow Data Coordinator to change details for users in their organisation (#428) * Update controller auth * Change data protection officer from role to attribute * Allow changing DPO * Update wording * Use radio buttons rather than check box * Add some integration tests * Make hidden text dynamic
3 years ago
def is_data_protection_officer?
is_dpo
end
def is_data_protection_officer!
update!(is_dpo: true)
end
CLDC-1100: Add a Customer Support user role (#454) * A support role exists that can see all case logs * Support role requires 2FA * Support user sees 2FA code screen on login * Use email for OTP code * Ensure resend paths work * Support user can see additional organisation columns on logs page * Simpler test * Remove spec description spaces
3 years ago
MFA_TEMPLATE_ID = "6bdf5ee1-8e01-4be1-b1f9-747061d8a24c".freeze
RESET_PASSWORD_TEMPLATE_ID = "2c410c19-80a7-481c-a531-2bcb3264f8e6".freeze
Confirmable (#580) * Confirmable * Remove obsolete rake task * Skip confirmation for inactive users * Send beta onboarding template if migrated from Softwire * Default controller * Use correct link * Redirect confirmation to set password * Confirm account within 3 days * Only redirect to set password if not previously set * Rubocop * Confirm factory bot users * Set password condition * Changing email requires reconfirming * No need to explicitly trigger email, devise does that for us now * Remove flash banner * Mock notify * Mock in the right spec * Test redirect and text * User is confirmable * Rubocop * Redirect to url so we don't bypass authenticity token * Update content * Add test for resend invite flow * Update link to resend confirmation email * Rename password reset resend confirmation partial * Expired link error page * Remove resend confirmation link * Update seed * Expory contact * Time zone Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
2 years ago
CONFIRMABLE_TEMPLATE_ID = "257460a6-6616-4640-a3f9-17c3d73d9e91".freeze
BETA_ONBOARDING_TEMPLATE_ID = "b48bc2cd-5887-4611-8296-d0ab3ed0e7fd".freeze
CLDC-1100: Add a Customer Support user role (#454) * A support role exists that can see all case logs * Support role requires 2FA * Support user sees 2FA code screen on login * Use email for OTP code * Ensure resend paths work * Support user can see additional organisation columns on logs page * Simpler test * Remove spec description spaces
3 years ago
def reset_password_notify_template
Confirmable (#580) * Confirmable * Remove obsolete rake task * Skip confirmation for inactive users * Send beta onboarding template if migrated from Softwire * Default controller * Use correct link * Redirect confirmation to set password * Confirm account within 3 days * Only redirect to set password if not previously set * Rubocop * Confirm factory bot users * Set password condition * Changing email requires reconfirming * No need to explicitly trigger email, devise does that for us now * Remove flash banner * Mock notify * Mock in the right spec * Test redirect and text * User is confirmable * Rubocop * Redirect to url so we don't bypass authenticity token * Update content * Add test for resend invite flow * Update link to resend confirmation email * Rename password reset resend confirmation partial * Expired link error page * Remove resend confirmation link * Update seed * Expory contact * Time zone Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
2 years ago
RESET_PASSWORD_TEMPLATE_ID
end
def confirmable_template
if was_migrated_from_softwire?
BETA_ONBOARDING_TEMPLATE_ID
else
CONFIRMABLE_TEMPLATE_ID
end
end
def was_migrated_from_softwire?
old_user_id.present?
end
def skip_confirmation!
!active?
CLDC-1100: Add a Customer Support user role (#454) * A support role exists that can see all case logs * Support role requires 2FA * Support user sees 2FA code screen on login * Use email for OTP code * Ensure resend paths work * Support user can see additional organisation columns on logs page * Simpler test * Remove spec description spaces
3 years ago
end
def need_two_factor_authentication?(_request)
code for user being in dev env not being asked for 2fa
2 years ago
return false if Rails.env.development?
rubocop
2 years ago
CLDC-1100: Add a Customer Support user role (#454) * A support role exists that can see all case logs * Support role requires 2FA * Support user sees 2FA code screen on login * Use email for OTP code * Ensure resend paths work * Support user can see additional organisation columns on logs page * Simpler test * Remove spec description spaces
3 years ago
support?
end
def send_two_factor_authentication_code(code)
template_id = MFA_TEMPLATE_ID
personalisation = { otp: code }
DeviseNotifyMailer.new.send_email(email, template_id, personalisation)
end
Don't allow data coordinators to assign support role
3 years ago
def assignable_roles
return {} unless data_coordinator? || support?
return ROLES if support?
ROLES.except(:support)
end
CLDC-1101: Case log filter by organisation (#522) * Rename org filter * Ensure filters work when ID is passed * UI init * Lint * Fix filter nesting * Reduce width * Set checked status of filters correctly * Test filter presence * Add filter test * Rubocop * Tweak styles for autocomplete within filter Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
3 years ago
Cldc 1102 admin organisations page (#557) * Get all organisations in controller * Display organisations data in the table * Route to logs for specific organisation * add tests * update spec * lint fixes * set up failing test for organisation logs page * fix failing test * write test for organisations support user page * Update a organisation page test and lint * added pagination test with next and previous links and total count for support user * test for pagination in organisations title * Added "Organisations" to to organisations page title * add pagination test for organisations page 2, remove second before block * Add the remaining pagination tests * Redirect when accessing organisation logs by non support user * Test for displaying logs for specific organisation * Add test for org name * Add a failing log filter test for specific org * Extract filter methods into a helper * Allow logs filtering for specific org * Fix test, support user was creating an extra org, remove orgs filter for specific org * Remove redundant test, lint * Reuse primary navigation component and add sub navigation for support users * allow support users edit or and add sub navigation to about this org * allow support users to access the edit org page * only allow to edit existing editable fields * display correct values in the organisations table * allow support user to update org * user table component for organisations table * use guard clause for organisation logs page * remove create a new lettings log from organisation logs * Move case logs filter from helpers to modules * lint erb * yarn lint * bring back if statement in logs controller * update modules import * let! * test for links first in the org cotroller spec * interpolate number of orgs * conditionally render sub navigation Co-authored-by: Kat <katrina@madetech.com> Co-authored-by: Dushan Despotovic <dushan@madetech.com> Co-authored-by: JG <moarpheus@gmail.com>
2 years ago
def case_logs_filters(specific_org: false)
if support? && !specific_org
Fix organisation filter (#582) * Filter values correctly * Remove filter value if hidden * Return empty string rather than nil for accessible autocomplete * Additional test for accessible automcomplete defaulting
2 years ago
%w[status years user organisation]
CLDC-1101: Case log filter by organisation (#522) * Rename org filter * Ensure filters work when ID is passed * UI init * Lint * Fix filter nesting * Reduce width * Set checked status of filters correctly * Test filter presence * Add filter test * Rubocop * Tweak styles for autocomplete within filter Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
3 years ago
else
Fix organisation filter (#582) * Filter values correctly * Remove filter value if hidden * Return empty string rather than nil for accessible autocomplete * Additional test for accessible automcomplete defaulting
2 years ago
%w[status years user]
CLDC-1101: Case log filter by organisation (#522) * Rename org filter * Ensure filters work when ID is passed * UI init * Lint * Fix filter nesting * Reduce width * Set checked status of filters correctly * Test filter presence * Add filter test * Rubocop * Tweak styles for autocomplete within filter Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
3 years ago
end
end
Enable support users to download user details (#589) * Enable support users to download user details * Download all users * Rubocop
2 years ago
delegate :name, to: :organisation, prefix: true
def self.download_attributes
%w[id email name organisation_name role old_user_id is_dpo is_key_contact active sign_in_count last_sign_in_at]
end
def self.to_csv
CSV.generate(headers: true) do |csv|
csv << download_attributes
all.find_each do |record|
csv << download_attributes.map { |attr| record.public_send(attr) }
end
end
end
Add devise gem and a first test for user login Devise is a commonly used gem for user authentication and management. Using rails generators and Devise allows us to get a lot of boilerplate code for user authentication and management and means we don't have to revinvent the wheel. Styling will need to be done for the necessary pages and there are likely to be bits of generated code that can be deleted. This will act as a starting point to be built up from using TDD.
3 years ago
end