require " rails_helper "
RSpec . describe OrganisationsController , type : :request do
let ( :organisation ) { user . organisation }
let! ( :unauthorised_organisation ) { create ( :organisation ) }
let ( :headers ) { { " Accept " = > " text/html " } }
let ( :page ) { Capybara :: Node :: Simple . new ( response . body ) }
let ( :user ) { create ( :user , :data_coordinator ) }
let ( :new_value ) { " Test Name 35 " }
let ( :params ) { { id : organisation . id , organisation : { name : new_value } } }
context " when user is not signed in " do
describe " # show " do
it " does not let you see organisation details from org route " do
get " /organisations/ #{ organisation . id } " , headers : headers , params : { }
expect ( response ) . to redirect_to ( " /account/sign-in " )
end
it " does not let you see organisation details from details route " do
get " /organisations/ #{ organisation . id } /details " , headers : headers , params : { }
expect ( response ) . to redirect_to ( " /account/sign-in " )
end
it " does not let you see organisation users " do
get " /organisations/ #{ organisation . id } /users " , headers : headers , params : { }
expect ( response ) . to redirect_to ( " /account/sign-in " )
end
it " does not let you see organisations list " do
get " /organisations " , headers : headers , params : { }
expect ( response ) . to redirect_to ( " /account/sign-in " )
end
it " does not let you see schemes list " do
get " /organisations/ #{ organisation . id } /schemes " , headers : headers , params : { }
expect ( response ) . to redirect_to ( " /account/sign-in " )
end
end
end
context " when user is signed in " do
describe " # schemes " do
context " when support user " do
let ( :user ) { create ( :user , :support ) }
let! ( :schemes ) { create_list ( :scheme , 5 ) }
let! ( :same_org_scheme ) { create ( :scheme , owning_organisation : user . organisation ) }
before do
allow ( user ) . to receive ( :need_two_factor_authentication? ) . and_return ( false )
sign_in user
get " /organisations/ #{ organisation . id } /schemes " , headers : , params : { }
end
it " has page heading " do
expect ( page ) . to have_content ( " Schemes " )
end
it " shows a search bar " do
expect ( page ) . to have_field ( " search " , type : " search " )
end
it " has hidden accessibility field with description " do
expected_field = " <h2 class= \" govuk-visually-hidden \" >Supported housing schemes</h2> "
expect ( CGI . unescape_html ( response . body ) ) . to include ( expected_field )
end
it " shows only schemes belonging to the same organisation " do
expect ( page ) . to have_content ( same_org_scheme . id_to_display )
schemes . each do | scheme |
expect ( page ) . not_to have_content ( scheme . id_to_display )
end
end
context " when searching " do
let! ( :searched_scheme ) { create ( :scheme , owning_organisation : user . organisation ) }
let ( :search_param ) { searched_scheme . id }
before do
create ( :location , scheme : searched_scheme )
allow ( user ) . to receive ( :need_two_factor_authentication? ) . and_return ( false )
get " /organisations/ #{ organisation . id } /schemes?search= #{ search_param } "
end
it " returns matching results " do
expect ( page ) . to have_content ( searched_scheme . id_to_display )
schemes . each do | scheme |
expect ( page ) . not_to have_content ( scheme . id_to_display )
end
end
it " updates the table caption " do
expect ( page ) . to have_content ( " 1 scheme found matching ‘ #{ search_param } ’ " )
end
it " has search in the title " do
expect ( page ) . to have_title ( " #{ user . organisation . name } (1 scheme matching ‘ #{ search_param } ’) - Submit social housing lettings and sales data (CORE) - GOV.UK " )
end
end
end
context " when data coordinator user " do
let ( :user ) { create ( :user , :data_coordinator ) }
let! ( :schemes ) { create_list ( :scheme , 5 ) }
let! ( :same_org_scheme ) { create ( :scheme , owning_organisation : user . organisation ) }
before do
sign_in user
get " /organisations/ #{ organisation . id } /schemes " , headers : , params : { }
end
it " has page heading " do
expect ( page ) . to have_content ( " Schemes " )
end
it " shows a search bar " do
expect ( page ) . to have_field ( " search " , type : " search " )
end
it " shows only schemes belonging to the same organisation " do
expect ( page ) . to have_content ( same_org_scheme . id_to_display )
schemes . each do | scheme |
expect ( page ) . not_to have_content ( scheme . id_to_display )
end
end
it " shows incomplete schemes at the top " do
schemes [ 0 ] . update! ( confirmed : nil , owning_organisation : user . organisation )
schemes [ 2 ] . update! ( confirmed : false , owning_organisation : user . organisation )
schemes [ 4 ] . update! ( confirmed : false , owning_organisation : user . organisation )
get " /organisations/ #{ organisation . id } /schemes " , headers : , params : { }
expect ( page . all ( " .govuk-tag " ) [ 1 ] . text ) . to eq ( " Incomplete " )
expect ( page . all ( " .govuk-tag " ) [ 2 ] . text ) . to eq ( " Incomplete " )
expect ( page . all ( " .govuk-tag " ) [ 3 ] . text ) . to eq ( " Incomplete " )
end
context " with schemes that are not in scope for the user, i.e. that they do not belong to " do
let! ( :unauthorised_organisation ) { create ( :organisation ) }
before do
get " /organisations/ #{ unauthorised_organisation . id } /schemes " , headers : , params : { }
end
it " returns not found 404 from org details route " do
expect ( response ) . to have_http_status ( :not_found )
end
end
context " when searching " do
let! ( :searched_scheme ) { create ( :scheme , owning_organisation : user . organisation ) }
let ( :search_param ) { searched_scheme . id_to_display }
before do
create ( :location , scheme : searched_scheme )
get " /organisations/ #{ organisation . id } /schemes?search= #{ search_param } "
end
it " returns matching results " do
expect ( page ) . to have_content ( searched_scheme . id_to_display )
schemes . each do | scheme |
expect ( page ) . not_to have_content ( scheme . id_to_display )
end
end
it " updates the table caption " do
expect ( page ) . to have_content ( " 1 scheme found matching ‘ #{ search_param } ’ " )
end
it " has search in the title " do
expect ( page ) . to have_title ( " Supported housing schemes (1 scheme matching ‘ #{ search_param } ’) - Submit social housing lettings and sales data (CORE) - GOV.UK " )
end
end
end
end
describe " # show " do
context " with an organisation that the user belongs to " do
let ( :set_time ) { }
before do
set_time
sign_in user
get " /organisations/ #{ organisation . id } " , headers : , params : { }
end
it " redirects to details " do
expect ( response ) . to have_http_status ( :redirect )
end
context " and 2022 collection window is open " do
let ( :set_time ) { allow ( Time ) . to receive ( :now ) . and_return ( Time . zone . local ( 2023 , 1 , 1 ) ) }
it " displays correct resources for 2022/23 and 2023/24 collection years " do
follow_redirect!
expect ( page ) . to have_content ( " Lettings 2023/24 " )
expect ( page ) . to have_content ( " Sales 2023/24 " )
expect ( page ) . to have_content ( " Lettings 2022/23 " )
expect ( page ) . to have_content ( " Sales 2022/23 " )
end
end
context " and 2022 collection window is closed for editing " do
let ( :set_time ) { allow ( Time ) . to receive ( :now ) . and_return ( Time . zone . local ( 2024 , 1 , 1 ) ) }
it " displays correct resources for 2022/23 and 2023/24 collection years " do
follow_redirect!
expect ( page ) . to have_content ( " Lettings 2023/24 " )
expect ( page ) . to have_content ( " Sales 2023/24 " )
expect ( page ) . not_to have_content ( " Lettings 2022/23 " )
expect ( page ) . not_to have_content ( " Sales 2022/23 " )
end
end
context " and 2023 collection window is closed for editing " do
let ( :set_time ) { allow ( Time ) . to receive ( :now ) . and_return ( Time . zone . local ( 2025 , 1 , 1 ) ) }
it " displays correct resources for 2022/23 and 2023/24 collection years " do
follow_redirect!
expect ( page ) . not_to have_content ( " Lettings 2023/24 " )
expect ( page ) . not_to have_content ( " Sales 2023/24 " )
expect ( page ) . not_to have_content ( " Lettings 2022/23 " )
expect ( page ) . not_to have_content ( " Sales 2022/23 " )
end
end
end
context " with an organisation that are not in scope for the user, i.e. that they do not belong to " do
before do
sign_in user
get " /organisations/ #{ unauthorised_organisation . id } " , headers : , params : { }
end
it " returns not found 404 from org route " do
expect ( response ) . to have_http_status ( :not_found )
end
it " shows the 404 view " do
expect ( page ) . to have_content ( " Page not found " )
end
end
end
context " with a data coordinator user " do
before do
sign_in user
end
context " when we access the details tab " do
context " with an organisation that the user belongs to " do
before do
get " /organisations/ #{ organisation . id } /details " , headers : , params : { }
end
it " shows the tab navigation " do
expected_html = " <nav class= \" app-primary-navigation \" "
expect ( response . body ) . to include ( expected_html )
end
it " shows a summary list of org details " do
expected_html = " <dl class= \" govuk-summary-list \" "
expect ( response . body ) . to include ( expected_html )
expect ( response . body ) . to include ( organisation . name )
end
it " has a change details link " do
expected_html = " data-qa= \" change-name \" href= \" /organisations/ #{ organisation . id } /edit \" "
expect ( response . body ) . to include ( expected_html )
end
it " displays a link to merge organisations " do
expect ( page ) . to have_content ( " Is your organisation merging with another? " )
expect ( page ) . to have_link ( " Let us know using this form " , href : " /organisations/ #{ organisation . id } /merge-request " )
end
end
context " with organisation that are not in scope for the user, i.e. that they do not belong to " do
before do
get " /organisations/ #{ unauthorised_organisation . id } /details " , headers : , params : { }
end
it " returns not found 404 from org details route " do
expect ( response ) . to have_http_status ( :not_found )
end
end
end
context " when accessing the users tab " do
context " with an organisation that the user belongs to " do
let! ( :other_user ) { create ( :user , organisation : user . organisation , name : " User 2 " ) }
let! ( :inactive_user ) { create ( :user , organisation : user . organisation , active : false , name : " User 3 " ) }
let! ( :other_org_user ) { create ( :user , name : " User 4 " ) }
before do
get " /organisations/ #{ organisation . id } /users " , headers : , params : { }
end
it " shows the tab navigation " do
expected_html = " <nav class= \" app-primary-navigation \" "
expect ( response . body ) . to include ( expected_html )
end
it " shows a new user button " do
expect ( page ) . to have_link ( " Invite user " )
end
it " shows a table of users " do
expected_html = " <table class= \" govuk-table \" "
expect ( response . body ) . to include ( expected_html )
expect ( response . body ) . to include ( user . email )
end
it " shows hidden accessibility fields only for active users in the current user's organisation " do
expected_case_row_log = " <span class= \" govuk-visually-hidden \" >User </span><span class= \" govuk-!-font-weight-regular app-!-colour-muted \" > #{ user . email } </span> "
unauthorized_case_row_log = " <span class= \" govuk-visually-hidden \" >User </span><span class= \" govuk-!-font-weight-regular app-!-colour-muted \" > #{ other_org_user . email } </span> "
expect ( CGI . unescape_html ( response . body ) ) . to include ( expected_case_row_log )
expect ( CGI . unescape_html ( response . body ) ) . not_to include ( unauthorized_case_row_log )
end
it " shows only active users in the current user's organisation " do
expect ( page ) . to have_content ( user . name )
expect ( page ) . to have_content ( other_user . name )
Cldc 1226 deactivate users (#624)
* CLDC-1195: remove access keys
* 🤏 content fixes (#539)
* Remove ??
* Set hhmemb to totadult and tchild sum if hhmemb is not given (#540)
* Set hhmemb to totadult and tchild sum if hhmemb is not given
Co-authored-by: Ted <tedbooton@gmail.com>
Co-authored-by: Dushan <dushan@madetech.com>
* lint
* update method
* calculate hhmemb from details provided
Co-authored-by: Ted <tedbooton@gmail.com>
Co-authored-by: Dushan <dushan@madetech.com>
* Fix condition affects question (illness type)
* map tshortfall value (#543)
* Make case log status rely on subsection status so they can't get out of sync
* Fix complete case log fixture
* Fix Reason preference reason and lettings allocation answer option import
* don't route to hbrentshortfall if hb is 7 (#544)
* Age known believe import fixes (#545)
* amend fixture to make test fail
* fix failing test
* lint fixes
* Enable dynamically dependent answer options
* Refactor ecstat age check
* Dry depends on evaluation
* Derive major repairs for import
* Add white other
* Set major repair date
* Majorrepairs will never match
* Rubocop
* Cldc 1149 radio buttons filter (#548)
* radio button
* radio button again
* rubocop versioning issue fixed
* linux and darwin
* Fix Gemfile
* rubocop
* erb lint
Co-authored-by: baarkerlounger <db@slothlife.xyz>
* Set tshortfall to 0 if it should exists but is not provided (#550)
* Set tshortfall to 0 if it should exists but is not provided
* check if tshortfall is overridden
* Save correct la if postcode is invalid (#551)
* Allow illness type to be refused (#553)
* Radio button on log filter is now preset to "All" (#552)
* Radio button on log filter is now preset to "All"
* lint fixes
* removed instance @ variable
* CLDC-744-joint-tenancy-validation (#549)
* add joint tenancy validation
* fix validation and spec
* improvements
* updates
* lint fixes
* fix typo
* change message displayed on hhmemb page
* Add docs dir to dockerignore and cfignore (#555)
* Add files via upload (#554)
Adding Delta Discovery file
* Improve DB seeding (#556)
* Improve DB seeding
* Don't seed LA Rent Ranges in test
* Add navigation items helper
* Fix specs and linters
* Works but helper is hard to test
* add check to prevent error on hhmemb if joint is nil (#560)
* add failing spec
* add check to prevent error on hhmemb if joint is nil
* Refactor for testability
* Spec nav bar highlighting from user perspective
* CLDC-1218: Fix hbrentshortfall import (#558)
* Infer hbrentshortfall not known if tshortfall not provided and overridden
* Reorder import
* Referral can be internal for homeless (#561)
* Set case log ID offset at export (#562)
* Make tshortfall optional based on hidden tshortfall_known question (#563)
* Make tshortfall optional based on hidden tshortfall_known question
* Add test for optional
* Add test for JSON derived and dependent on false options
* Test routing
* Fix optionality
* Inactive users (#564)
* Allow users to be marked as inactive
* Import inactive users
* add missing field to seeded user for dev env
* Map joint tenancy field (#565)
* Use rake task to send onboarding emails (#566)
* Use rake task to send onboarding emails
* Wrap host lookup so it's easily stubbable
* Rake task can be called outside the rails environment so need to pass host in
* Not part of the usual app flow so contain to rake task
* Including routes helper in a rake task is a rabbit hole
* Use ENV var rather than param for host
* Sort case log index table by most recent by default (#567)
* Add sheltered accom field (#568)
* Remove needs type question until we support supported housing logs (#569)
* Fix routing for tshortfall (#571)
* Fix routing for tshortfall
* HB 7 and 8 don't exist in 22/23 anymore
* Add visiblly hidden change link text for details known questions
* Fix repeated use of Password in error summary (and use smart quotes)
* Make logs link less ambiguous
* Cldc 1217 retirement soft validation (#570)
* Interruption screen refactor
* Add test for retirement_age_for_person
Co-authored-by: Stéphane Meny <smeny@users.noreply.github.com>
* Rubocop
* update 22-23 form
* fix failures
* lint fixes
* remove whitespace
* remove commented code
* make spec file use translations instead of content
* update content
* lint fixes
* fix typo
* fix question wording
* fix failing spec
* add full stop
Co-authored-by: Stéphane Meny <smeny@users.noreply.github.com>
Co-authored-by: Dushan Despotovic <dushan@madetech.com>
* Hide inactive users and allow support users to view all users (#576)
* Hide inactive users and allow support users to view all users
* Enable support users to invite users to any organisation
* Add pagination to user views
* Update config/locales/devise.en.yml
Co-authored-by: Paul Robert Lloyd <paulrobertlloyd@users.noreply.github.com>
* remove letting_in_sheltered_accomodation field (#577)
* remove letting_in_sheltered_accomodation field
This field is now duplicated by the shelteredaccom field
* lint fixes
* fix all failing specs
* Generisize pagination links
* CLDC-1101: Case log filter by organisation (#522)
* Rename org filter
* Ensure filters work when ID is passed
* UI init
* Lint
* Fix filter nesting
* Reduce width
* Set checked status of filters correctly
* Test filter presence
* Add filter test
* Rubocop
* Tweak styles for autocomplete within filter
Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
* CLDC-1224: Tenancy type and tenancy length (#578)
* Fix value mapping for tenancy type 22/23
* Update secure helper
* Null safe
* Spec update
* Update mandatory
* Use helper
* Remove joint tenancy hitn text and add don't know option (#579)
* Export improvements (#581)
* improved export - set start point for reference
* remove completed status from exports
* Added exception handling to export
* Improved tests, replaced rescue block with Sentry
Co-authored-by: Kat <katrina@madetech.com>
* Update logs table column heading to say ‘Status’, not ‘Completed’
* Show ‘Data protection officer’ and/or ‘Key contact’ tags in users table
* Update heading, label and hint text for user details
* Fix organisation filter (#582)
* Filter values correctly
* Remove filter value if hidden
* Return empty string rather than nil for accessible autocomplete
* Additional test for accessible automcomplete defaulting
* Add status tag helper
* Add missing ‘or’ divider on joint tenancy question
* Use dash not hyphen in answer options
* CLDC-1118: Implement data export structure (CDS) (#587)
Co-authored-by: Dushan Despotovic <dushan@madetech.com>
* CLDC-1217: Retirement soft validation (#586)
* Don't trigger soft validation if tenant prefers not to say
* Update gender content
* Fix spec description
* Enable support users to download user details (#589)
* Enable support users to download user details
* Download all users
* Rubocop
* Preload organisations to remove n+1 queries
* Confirmable (#580)
* Confirmable
* Remove obsolete rake task
* Skip confirmation for inactive users
* Send beta onboarding template if migrated from Softwire
* Default controller
* Use correct link
* Redirect confirmation to set password
* Confirm account within 3 days
* Only redirect to set password if not previously set
* Rubocop
* Confirm factory bot users
* Set password condition
* Changing email requires reconfirming
* No need to explicitly trigger email, devise does that for us now
* Remove flash banner
* Mock notify
* Mock in the right spec
* Test redirect and text
* User is confirmable
* Rubocop
* Redirect to url so we don't bypass authenticity token
* Update content
* Add test for resend invite flow
* Update link to resend confirmation email
* Rename password reset resend confirmation partial
* Expired link error page
* Remove resend confirmation link
* Update seed
* Expory contact
* Time zone
Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
* Attempt at fixing S3 error when saving Zip file (#590)
* Enable better other field validation labels
* Removing gaps caused by empty exports (#591)
* Add Sentry instrumentation (#593)
* Avoid NoMethodError when Sentry is not initialised
* Instrument collection_start_year
* Removes Sentry custom instrumentation
* test for user being in dev env not being asked for 2fa
* code for user being in dev env not being asked for 2fa
* pulled out of support person context, this should work for any user in dev env
* rubocop
* matching wording
* only support user atm need 2fa, so making this explicit
* Perf (#592)
* Memoize start year
* Reset
* Recalculate rather than reset
* Fix heisenspec (order independent array comparison) (#596)
* Redirect confirmed users to sign in
* Add support for CSV export (#598)
* Cldc 1102 admin organisations page (#557)
* Get all organisations in controller
* Display organisations data in the table
* Route to logs for specific organisation
* add tests
* update spec
* lint fixes
* set up failing test for organisation logs page
* fix failing test
* write test for organisations support user page
* Update a organisation page test and lint
* added pagination test with next and previous links and total count for support user
* test for pagination in organisations title
* Added "Organisations" to to organisations page title
* add pagination test for organisations page 2, remove second before block
* Add the remaining pagination tests
* Redirect when accessing organisation logs by non support user
* Test for displaying logs for specific organisation
* Add test for org name
* Add a failing log filter test for specific org
* Extract filter methods into a helper
* Allow logs filtering for specific org
* Fix test, support user was creating an extra org, remove orgs filter for specific org
* Remove redundant test, lint
* Reuse primary navigation component and add sub navigation for support users
* allow support users edit or and add sub navigation to about this org
* allow support users to access the edit org page
* only allow to edit existing editable fields
* display correct values in the organisations table
* allow support user to update org
* user table component for organisations table
* use guard clause for organisation logs page
* remove create a new lettings log from organisation logs
* Move case logs filter from helpers to modules
* lint erb
* yarn lint
* bring back if statement in logs controller
* update modules import
* let!
* test for links first in the org cotroller spec
* interpolate number of orgs
* conditionally render sub navigation
Co-authored-by: Kat <katrina@madetech.com>
Co-authored-by: Dushan Despotovic <dushan@madetech.com>
Co-authored-by: JG <moarpheus@gmail.com>
* Bump nokogiri from 1.13.5 to 1.13.6 (#601)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.5 to 1.13.6.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.5...v1.13.6)
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* CLDC-1124: User search (#600)
* Add search by name for users
Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com>
* Search is now non case sensitive
* Made search work for data co-ordinators
Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com>
* Refactored to scope
* Added search by email
Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com>
* WIP Commit - added test for if search term matches a name and an email address simultaneously. Also changed search result caption for organisations to display "Matches X of Y users"
* Rubocop
* Preload org
* Linting
* Refactor filtered_users into module
* Only adjust query param if searched
* Add data coordinator tests
* Add table caption spec
* Dupe attribute
* Refactor into Search ViewComponent
* Rubocop
* Unit test user scopes
Co-authored-by: Ted <ted.booton@madetech.com>
Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com>
* Use dedicated styles for each navigation component
* Use dedicated styles for each navigation component
* Use simpler markup for table captions
* Use table component for logs list
* Correct markup for user and organisation tables
* Email allowlist (#603)
* Email allowlist
* Set rails master key in deploy pipelines
* CLDC-1258: Handle invalid void date during import (#604)
* Now we raise an exception if a non-existing organisation is referenced by a case log
* The void date is not imported if it is after the tenancy start date
* make organisations list page default view for support user login (#605)
* Use seperate components for primary and sub navigation
* Add LA org mapping
* Rubocop
* User search fixes (#607)
* Update query message
* Add clear search link
* Set input value
* Use gem component
* Move to list partial pattern
* Partial path
* Update spec
* Rubocop
* Unit test filter module
* Rubocop
* Add search result to page title if searched
* Add missing horizontal rule
* Use form_group attributes for search input
Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
* CLDC-1225: At import updates relationship to child when a person is under 16 (#609)
* Organisation search (#610)
* Add search to organisations
* Fix title
* Spec page title
* Don't seed org in test
* Handles unicode characters in postcode (#612)
* CSV download only includes users in search result
* Updates exported fields based on May 25th feedback (#613)
* Cldc 1223 pregnancy soft validations (#602)
* update hard validation limits for pregnancy age, remove hard validation if there are no females at all
* Add soft validations for pregnancy
* make the error message consistent
* Only check the values for the members with details known in the household
* Show interruption screen when resident details are updated
* Route back to check answers after an interruption screen and back to previous page if no is selected on the interruption screen
Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com>
* update validation messages
* fix a test
* fix a typo
Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com>
* Avoid variable number of columns during CSV export (#614)
* CLDC-1277: no route matches bug (#615)
* don't display the save and go to the next incomplete section button if it errors 🤷♀️
* use 2022/23c fixture for in the test
* Allow support users and data coordinators to toggle active users
* Add a link to deactivate page
* add deactivate page
* Show if user is deactivated and fix form
* Show deactivated user in the user list
* Show reactivate user link for deactivated users
* add reactivate user page
* Refactor
* remove unused method, route and lint
* fix routes
* Only allow active users to log in
* Add flash banner for successful toggle, fix styles
* FIx more styling
* prevent editing deactivated user
* lint
* reset confirmed_at, password and sign in count when deactivated. Send reactivation email if user has previously logged in
* Use dash not hyphen in confirmation page button and links
* Content: Deactivate/reactivate account, not the user
* Send confirmation email to both, old and new email addresses
* Add possessive gem for names formatting
* Use hidden input field for active value
* lint
* Only send beta onboarding emails if the user hasn't previously logged in
* Don't clear the password for deactivated user
* refactor sending confirmation emails
Co-authored-by: kiddhustle <kiddhustle@wiardweb.com>
Co-authored-by: Paul Robert Lloyd <paulrobertlloyd@users.noreply.github.com>
Co-authored-by: baarkerlounger <db@slothlife.xyz>
Co-authored-by: baarkerlounger <5101747+baarkerlounger@users.noreply.github.com>
Co-authored-by: Ted <tedbooton@gmail.com>
Co-authored-by: Dushan <dushan@madetech.com>
Co-authored-by: Dushan <47317567+dushan-madetech@users.noreply.github.com>
Co-authored-by: Ted-U <92022120+Ted-U@users.noreply.github.com>
Co-authored-by: sona-mhclg <77793209+sona-mhclg@users.noreply.github.com>
Co-authored-by: Paul Robert Lloyd <me+git@paulrobertlloyd.com>
Co-authored-by: Stéphane Meny <smeny@users.noreply.github.com>
Co-authored-by: JG <moarpheus@gmail.com>
Co-authored-by: J G <7750475+moarpheus@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ted <ted.booton@madetech.com>
Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com>
2 years ago
expect ( page ) . to have_content ( inactive_user . name )
expect ( page ) . not_to have_content ( other_org_user . name )
end
it " shows the pagination count " do
expect ( page ) . to have_content ( " #{ user . organisation . users . count } total users " )
end
end
context " with an organisation that are not in scope for the user, i.e. that they do not belong to " do
before do
get " /organisations/ #{ unauthorised_organisation . id } /users " , headers : , params : { }
end
it " returns not found 404 from users page " do
expect ( response ) . to have_http_status ( :not_found )
end
end
end
describe " # edit " do
context " with an organisation that the user belongs to " do
before do
get " /organisations/ #{ organisation . id } /edit " , headers : , params : { }
end
it " shows an edit form " do
expect ( response . body ) . to include ( " Change #{ organisation . name } ’s details " )
expect ( page ) . to have_field ( " organisation-name-field " )
expect ( page ) . to have_field ( " organisation-phone-field " )
end
end
context " with an organisation that the user does not belong to " do
before do
get " /organisations/ #{ unauthorised_organisation . id } /edit " , headers : , params : { }
end
it " returns a 404 not found " do
expect ( response ) . to have_http_status ( :not_found )
end
it " shows the 404 view " do
expect ( page ) . to have_content ( " Page not found " )
end
end
end
describe " # update " do
context " with an organisation that the user belongs to " do
before do
patch " /organisations/ #{ organisation . id } " , headers : , params :
end
it " updates the org " do
organisation . reload
expect ( organisation . name ) . to eq ( new_value )
end
it " redirects to the organisation details page " do
expect ( response ) . to redirect_to ( " /organisations/ #{ organisation . id } /details " )
end
it " shows a success banner " do
follow_redirect!
expect ( page ) . to have_css ( " .govuk-notification-banner.govuk-notification-banner--success " )
end
it " tracks who updated the record " do
organisation . reload
whodunnit_actor = organisation . versions . last . actor
expect ( whodunnit_actor ) . to be_a ( User )
expect ( whodunnit_actor . id ) . to eq ( user . id )
end
end
context " with an organisation that the user does not belong to " do
before do
patch " /organisations/ #{ unauthorised_organisation . id } " , headers : , params : { }
end
it " returns a 404 not found " do
expect ( response ) . to have_http_status ( :not_found )
end
end
end
context " when viewing lettings logs for other organisation " do
it " does not display the lettings logs " do
get " /organisations/ #{ unauthorised_organisation . id } /lettings-logs " , headers : , params : { }
expect ( response ) . to have_http_status ( :unauthorized )
end
it " prevents CSV download " do
expect {
post " /organisations/ #{ unauthorised_organisation . id } /lettings-logs/email-csv " , headers : , params : { }
} . not_to enqueue_job ( EmailCsvJob )
expect ( response ) . to have_http_status ( :unauthorized )
end
end
context " when viewing lettings logs for your organisation " do
it " does not display the logs " do
get " /organisations/ #{ organisation . id } /lettings-logs " , headers : , params : { }
expect ( response ) . to have_http_status ( :unauthorized )
end
it " prevents CSV download " do
expect {
post " /organisations/ #{ organisation . id } /lettings-logs/email-csv " , headers : , params : { }
} . not_to enqueue_job ( EmailCsvJob )
expect ( response ) . to have_http_status ( :unauthorized )
end
end
context " when viewing sales logs for other organisation " do
it " does not display the sales logs " do
get " /organisations/ #{ unauthorised_organisation . id } /sales-logs " , headers : , params : { }
expect ( response ) . to have_http_status ( :unauthorized )
end
it " prevents CSV download " do
expect {
post " /organisations/ #{ unauthorised_organisation . id } /sales-logs/email-csv " , headers : , params : { }
} . not_to enqueue_job ( EmailCsvJob )
expect ( response ) . to have_http_status ( :unauthorized )
end
end
context " when viewing sales logs for your organisation " do
it " does not display the logs " do
get " /organisations/ #{ organisation . id } /sales-logs " , headers : , params : { }
expect ( response ) . to have_http_status ( :unauthorized )
end
it " prevents CSV download " do
expect {
post " /organisations/ #{ organisation . id } /sales-logs/email-csv " , headers : , params : { }
} . not_to enqueue_job ( EmailCsvJob )
expect ( response ) . to have_http_status ( :unauthorized )
end
end
describe " # index " do
before do
get " /organisations " , headers : , params :
end
it " redirects to the user's organisation " do
expect ( response ) . to redirect_to ( " /organisations/ #{ user . organisation . id } " )
end
end
describe " # new " do
let ( :request ) { get " /organisations/new " , headers : , params : }
it " returns 401 unauthorized " do
request
expect ( response ) . to have_http_status ( :unauthorized )
end
end
describe " # create " do
let ( :params ) do
{
" organisation " : {
name : " new organisation " ,
address_line1 : " 12 Random Street " ,
address_line2 : " Manchester " ,
postcode : " MD1 5TR " ,
phone : " 011101101 " ,
provider_type : " LA " ,
holds_own_stock : " true " ,
housing_registration_no : " 7917937 " ,
} ,
}
end
let ( :request ) { post " /organisations " , headers : , params : }
it " returns 401 unauthorized " do
request
expect ( response ) . to have_http_status ( :unauthorized )
end
it " does not create an organisation " do
expect { request } . not_to change ( Organisation , :count )
end
end
describe " # merge " do
context " with an organisation that the user belongs to " do
before do
get " /organisations/ #{ organisation . id } /merge-request " , headers : , params : { }
end
it " shows the correct content " do
expect ( page ) . to have_content ( " Tell us if your organisation is merging " )
end
it " has a correct back link " do
expect ( page ) . to have_link ( " Back " , href : " /organisations/ #{ organisation . id } " )
end
it " has a correct start now button " do
expect ( page ) . to have_button ( " Start now " )
end
end
context " with organisation that are not in scope for the user, i.e. that they do not belong to " do
before do
get " /organisations/ #{ unauthorised_organisation . id } /merge-request " , headers : , params : { }
end
it " returns not found 404 from org details route " do
expect ( response ) . to have_http_status ( :not_found )
end
end
end
end
context " with a data provider user " do
let ( :user ) { create ( :user ) }
before do
sign_in user
end
context " when accessing the details tab " do
context " with an organisation that the user belongs to " do
before do
get " /organisations/ #{ organisation . id } /details " , headers : , params : { }
end
it " shows the tab navigation " do
expected_html = " <nav class= \" app-primary-navigation \" "
expect ( response . body ) . to include ( expected_html )
end
it " shows a summary list of org details " do
expected_html = " <dl class= \" govuk-summary-list \" "
expect ( response . body ) . to include ( expected_html )
expect ( response . body ) . to include ( organisation . name )
end
it " does not have a change details link " do
expected_html = " data-qa= \" change-name \" href= \" /organisations/ #{ organisation . id } /edit \" "
expect ( response . body ) . not_to include ( expected_html )
end
end
context " with an organisation that is not in scope for the user, i.e. that they do not belong to " do
before do
sign_in user
get " /organisations/ #{ unauthorised_organisation . id } /details " , headers : , params : { }
end
it " returns not found 404 " do
expect ( response ) . to have_http_status ( :not_found )
end
end
end
context " when accessing the users tab " do
before do
get " /organisations/ #{ organisation . id } /users " , headers : , params : { }
end
it " returns 200 " do
expect ( response ) . to have_http_status ( :ok )
end
end
describe " # edit " do
before do
get " /organisations/ #{ organisation . id } /edit " , headers : , params : { }
end
it " redirects to home " do
expect ( response ) . to have_http_status ( :unauthorized )
end
end
describe " # update " do
before do
patch " /organisations/ #{ organisation . id } " , headers : , params :
end
it " redirects to home " do
expect ( response ) . to have_http_status ( :unauthorized )
end
end
context " when viewing lettings logs for other organisation " do
it " does not display the logs " do
get " /organisations/ #{ unauthorised_organisation . id } /lettings-logs " , headers : , params : { }
expect ( response ) . to have_http_status ( :unauthorized )
end
it " prevents CSV download " do
expect {
post " /organisations/ #{ unauthorised_organisation . id } /lettings-logs/email-csv " , headers : , params : { }
} . not_to enqueue_job ( EmailCsvJob )
expect ( response ) . to have_http_status ( :unauthorized )
end
end
context " when viewing lettings logs for your organisation " do
it " does not display the logs " do
get " /organisations/ #{ organisation . id } /lettings-logs " , headers : , params : { }
expect ( response ) . to have_http_status ( :unauthorized )
end
it " prevents CSV download " do
expect {
post " /organisations/ #{ organisation . id } /lettings-logs/email-csv " , headers : , params : { }
} . not_to enqueue_job ( EmailCsvJob )
expect ( response ) . to have_http_status ( :unauthorized )
end
end
context " when viewing sales logs for other organisation " do
it " does not display the logs " do
get " /organisations/ #{ unauthorised_organisation . id } /sales-logs " , headers : , params : { }
expect ( response ) . to have_http_status ( :unauthorized )
end
it " prevents CSV download " do
expect {
post " /organisations/ #{ unauthorised_organisation . id } /sales-logs/email-csv " , headers : , params : { }
} . not_to enqueue_job ( EmailCsvJob )
expect ( response ) . to have_http_status ( :unauthorized )
end
end
context " when viewing sales logs for your organisation " do
it " does not display the logs " do
get " /organisations/ #{ organisation . id } /sales-logs " , headers : , params : { }
expect ( response ) . to have_http_status ( :unauthorized )
end
it " prevents CSV download " do
expect {
post " /organisations/ #{ organisation . id } /sales-logs/email-csv " , headers : , params : { }
} . not_to enqueue_job ( EmailCsvJob )
expect ( response ) . to have_http_status ( :unauthorized )
end
end
end
context " with a support user " do
let ( :user ) { create ( :user , :support ) }
before do
allow ( user ) . to receive ( :need_two_factor_authentication? ) . and_return ( false )
sign_in user
end
describe " # new " do
let ( :request ) { get " /organisations/new " , headers : , params : }
it " shows the create organisation form " do
request
expect ( page ) . to have_field ( " organisation[name] " )
expect ( page ) . to have_field ( " organisation[phone] " )
expect ( page ) . to have_field ( " organisation[provider_type] " )
expect ( page ) . to have_field ( " organisation[address_line1] " )
expect ( page ) . to have_field ( " organisation[address_line2] " )
expect ( page ) . to have_field ( " organisation[postcode] " )
expect ( page ) . to have_field ( " organisation[holds_own_stock] " )
end
end
describe " # index " do
before do
get " /organisations " , headers : , params : { }
end
it " shows the organisation list " do
expect ( page ) . to have_content ( " Organisations " )
end
it " has a create new organisation button " do
expect ( page ) . to have_link ( " Create a new organisation " , href : " /organisations/new " )
end
it " shows all organisations " do
total_number_of_orgs = Organisation . all . count
expect ( page ) . to have_link organisation . name , href : " organisations/ #{ organisation . id } /lettings-logs "
expect ( page ) . to have_link unauthorised_organisation . name , href : " organisations/ #{ unauthorised_organisation . id } /lettings-logs "
expect ( page ) . to have_content ( " #{ total_number_of_orgs } total organisations " )
end
it " shows a search bar " do
expect ( page ) . to have_field ( " search " , type : " search " )
end
context " when viewing a specific organisation's lettings logs " do
let ( :number_of_org1_lettings_logs ) { 2 }
let ( :number_of_org2_lettings_logs ) { 4 }
before do
create_list ( :lettings_log , number_of_org1_lettings_logs , created_by : user )
create ( :lettings_log , created_by : user , status : " pending " , skip_update_status : true )
create_list ( :lettings_log , number_of_org2_lettings_logs , created_by : nil , owning_organisation_id : unauthorised_organisation . id , managing_organisation_id : unauthorised_organisation . id )
get " /organisations/ #{ organisation . id } /lettings-logs " , headers : , params : { }
end
it " only shows logs for that organisation " do
expect ( page ) . to have_content ( " #{ number_of_org1_lettings_logs } total logs " )
organisation . lettings_logs . visible . map ( & :id ) . each do | lettings_log_id |
expect ( page ) . to have_link lettings_log_id . to_s , href : " /lettings-logs/ #{ lettings_log_id } "
end
unauthorised_organisation . lettings_logs . map ( & :id ) . each do | lettings_log_id |
expect ( page ) . not_to have_link lettings_log_id . to_s , href : " /lettings-logs/ #{ lettings_log_id } "
end
end
it " has filters " do
expect ( page ) . to have_content ( " Filters " )
expect ( page ) . to have_content ( " Collection year " )
end
it " does not have specific organisation filter " do
expect ( page ) . not_to have_content ( " Specific organisation " )
end
it " has a sub-navigation with correct tabs " do
expect ( page ) . to have_css ( " .app-sub-navigation " )
expect ( page ) . to have_content ( " About this organisation " )
end
context " when using a search query " do
let ( :logs ) { create_list ( :lettings_log , 3 , :completed , owning_organisation : user . organisation , created_by : user ) }
let ( :log_to_search ) { create ( :lettings_log , :completed , owning_organisation : user . organisation , created_by : user ) }
let ( :log_total_count ) { LettingsLog . where ( owning_organisation : user . organisation ) . count }
it " has search results in the title " do
get " /organisations/ #{ organisation . id } /lettings-logs?search= #{ log_to_search . id } " , headers : headers , params : { }
expect ( page ) . to have_title ( " #{ organisation . name } (1 logs matching ‘ #{ log_to_search . id } ’) - Submit social housing lettings and sales data (CORE) - GOV.UK " )
end
it " shows lettings logs matching the id " do
get " /organisations/ #{ organisation . id } /lettings-logs?search= #{ log_to_search . id } " , headers : headers , params : { }
expect ( page ) . to have_link ( log_to_search . id . to_s )
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
end
it " shows lettings logs matching the tenant code " do
get " /organisations/ #{ organisation . id } /lettings-logs?search= #{ log_to_search . tenancycode } " , headers : headers , params : { }
expect ( page ) . to have_link ( log_to_search . id . to_s )
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
end
it " shows lettings logs matching the property reference " do
get " /organisations/ #{ organisation . id } /lettings-logs?search= #{ log_to_search . propcode } " , headers : headers , params : { }
expect ( page ) . to have_link ( log_to_search . id . to_s )
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
end
it " shows lettings logs matching the property postcode " do
get " /organisations/ #{ organisation . id } /lettings-logs?search= #{ log_to_search . postcode_full } " , headers : headers , params : { }
expect ( page ) . to have_link ( log_to_search . id . to_s )
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
end
context " when more than one results with matching postcode " do
let! ( :matching_postcode_log ) { create ( :lettings_log , :completed , owning_organisation : user . organisation , postcode_full : log_to_search . postcode_full ) }
it " displays all matching logs " do
get " /organisations/ #{ organisation . id } /lettings-logs?search= #{ log_to_search . postcode_full } " , headers : headers , params : { }
expect ( page ) . to have_link ( log_to_search . id . to_s )
expect ( page ) . to have_link ( matching_postcode_log . id . to_s )
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
end
end
context " when there are more than 1 page of search results " do
let ( :postcode ) { " XX11YY " }
let ( :logs ) { create_list ( :lettings_log , 30 , :completed , owning_organisation : user . organisation , postcode_full : postcode ) }
let ( :log_total_count ) { LettingsLog . where ( owning_organisation : user . organisation ) . count }
it " has title with pagination details for page 1 " do
get " /organisations/ #{ organisation . id } /lettings-logs?search= #{ logs [ 0 ] . postcode_full } " , headers : headers , params : { }
expect ( page ) . to have_title ( " #{ organisation . name } ( #{ logs . count } logs matching ‘ #{ postcode } ’) (page 1 of 2) - Submit social housing lettings and sales data (CORE) - GOV.UK " )
end
it " has title with pagination details for page 2 " do
get " /organisations/ #{ organisation . id } /lettings-logs?search= #{ logs [ 0 ] . postcode_full } &page=2 " , headers : headers , params : { }
expect ( page ) . to have_title ( " #{ organisation . name } ( #{ logs . count } logs matching ‘ #{ postcode } ’) (page 2 of 2) - Submit social housing lettings and sales data (CORE) - GOV.UK " )
end
end
context " when search query doesn't match any logs " do
it " doesn't display any logs " do
get " /organisations/ #{ organisation . id } /lettings-logs?search=foobar " , headers : , params : { }
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
expect ( page ) . not_to have_link ( log_to_search . id . to_s )
end
end
context " when search query is empty " do
it " doesn't display any logs " do
get " /organisations/ #{ organisation . id } /lettings-logs?search= " , headers : , params : { }
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
expect ( page ) . not_to have_link ( log_to_search . id . to_s )
end
end
context " when search and filter is present " do
let ( :matching_postcode ) { log_to_search . postcode_full }
let ( :matching_status ) { " in_progress " }
let! ( :log_matching_filter_and_search ) { create ( :lettings_log , :in_progress , owning_organisation : user . organisation , postcode_full : matching_postcode , created_by : user ) }
it " shows only logs matching both search and filters " do
get " /organisations/ #{ organisation . id } /lettings-logs?search= #{ matching_postcode } &status[]= #{ matching_status } " , headers : headers , params : { }
expect ( page ) . to have_link ( log_matching_filter_and_search . id . to_s )
expect ( page ) . not_to have_link ( log_to_search . id . to_s )
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
end
end
end
end
context " when viewing a specific organisation's sales logs " do
let ( :number_of_org1_sales_logs ) { 2 }
let ( :number_of_org2_sales_logs ) { 4 }
before do
create_list ( :sales_log , number_of_org1_sales_logs , owning_organisation_id : organisation . id )
create_list ( :sales_log , number_of_org2_sales_logs , owning_organisation_id : unauthorised_organisation . id )
get " /organisations/ #{ organisation . id } /sales-logs " , headers : , params : { }
end
it " only shows logs for that organisation " do
expect ( page ) . to have_content ( " #{ number_of_org1_sales_logs } total logs " )
organisation . sales_logs . map ( & :id ) . each do | sales_log_id |
expect ( page ) . to have_link sales_log_id . to_s , href : " /sales-logs/ #{ sales_log_id } "
end
unauthorised_organisation . sales_logs . map ( & :id ) . each do | sales_log_id |
expect ( page ) . not_to have_link sales_log_id . to_s , href : " /sales-logs/ #{ sales_log_id } "
end
end
it " has filters " do
expect ( page ) . to have_content ( " Filters " )
expect ( page ) . to have_content ( " Collection year " )
end
it " does not have specific organisation filter " do
expect ( page ) . not_to have_content ( " Specific organisation " )
end
it " has a sub-navigation with correct tabs " do
expect ( page ) . to have_css ( " .app-sub-navigation " )
expect ( page ) . to have_content ( " About this organisation " )
end
context " when using a search query " do
let ( :logs ) { create_list ( :sales_log , 3 , :completed , owning_organisation : user . organisation , created_by : user ) }
let ( :log_to_search ) { create ( :sales_log , :completed , owning_organisation : user . organisation , created_by : user ) }
let ( :log_total_count ) { LettingsLog . where ( owning_organisation : user . organisation ) . count }
it " has search results in the title " do
get " /organisations/ #{ organisation . id } /sales-logs?search= #{ log_to_search . id } " , headers : headers , params : { }
expect ( page ) . to have_title ( " #{ organisation . name } (1 logs matching ‘ #{ log_to_search . id } ’) - Submit social housing lettings and sales data (CORE) - GOV.UK " )
end
it " shows sales logs matching the id " do
get " /organisations/ #{ organisation . id } /sales-logs?search= #{ log_to_search . id } " , headers : headers , params : { }
expect ( page ) . to have_link ( log_to_search . id . to_s )
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
end
context " when search query doesn't match any logs " do
it " doesn't display any logs " do
get " /organisations/ #{ organisation . id } /sales-logs?search=foobar " , headers : , params : { }
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
expect ( page ) . not_to have_link ( log_to_search . id . to_s )
end
end
context " when search query is empty " do
it " doesn't display any logs " do
get " /organisations/ #{ organisation . id } /sales-logs?search= " , headers : , params : { }
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
expect ( page ) . not_to have_link ( log_to_search . id . to_s )
end
end
context " when search and filter is present " do
let ( :matching_status ) { " completed " }
let! ( :log_matching_filter_and_search ) { create ( :sales_log , :completed , owning_organisation : user . organisation , created_by : user ) }
let ( :matching_id ) { log_matching_filter_and_search . id }
it " shows only logs matching both search and filters " do
get " /organisations/ #{ organisation . id } /sales-logs?search= #{ matching_id } &status[]= #{ matching_status } " , headers : headers , params : { }
expect ( page ) . to have_link ( log_matching_filter_and_search . id . to_s )
expect ( page ) . not_to have_link ( log_to_search . id . to_s )
logs . each do | log |
expect ( page ) . not_to have_link ( log . id . to_s )
end
end
end
end
end
context " when viewing a specific organisation's users " do
let! ( :users ) { create_list ( :user , 5 , organisation : ) }
let! ( :different_org_users ) { create_list ( :user , 5 ) }
before do
get " /organisations/ #{ organisation . id } /users " , headers : , params : { }
end
it " displays the name of the organisation " do
expect ( page ) . to have_content ( organisation . name )
end
it " has a sub-navigation with correct tabs " do
expect ( page ) . to have_css ( " .app-sub-navigation " )
expect ( page ) . to have_content ( " Users " )
end
it " displays users for this organisation " do
expect ( page ) . to have_content ( user . email )
users . each do | user |
expect ( page ) . to have_content ( user . email )
end
end
it " doesn't display users for other organisations " do
different_org_users . each do | different_org_user |
expect ( page ) . not_to have_content ( different_org_user . email )
end
end
context " when a search parameter is passed " do
let! ( :matching_user ) { create ( :user , organisation : , name : " joe " , email : " matching@example.com " ) }
let ( :org_user_count ) { User . where ( organisation : ) . count }
before do
get " /organisations/ #{ user . organisation . id } /users?search= #{ search_param } "
end
context " when our search string matches case " do
let ( :search_param ) { " joe " }
it " returns only matching results " do
expect ( page ) . to have_content ( matching_user . name )
expect ( page ) . not_to have_link ( user . name )
different_org_users . each do | different_org_user |
expect ( page ) . not_to have_content ( different_org_user . email )
end
users . each do | org_user |
expect ( page ) . not_to have_content ( org_user . email )
end
end
it " updates the table caption " do
expect ( page ) . to have_content ( " 1 user found matching ‘ #{ search_param } ’ of #{ org_user_count } total users. " )
end
context " when we need case insensitive search " do
let ( :search_param ) { " Joe " }
it " returns only matching results " do
expect ( page ) . to have_content ( matching_user . name )
expect ( page ) . not_to have_link ( user . name )
different_org_users . each do | different_org_user |
expect ( page ) . not_to have_content ( different_org_user . email )
end
users . each do | org_user |
expect ( page ) . not_to have_content ( org_user . email )
end
end
it " updates the table caption " do
expect ( page ) . to have_content ( " 1 user found matching ‘ #{ search_param } ’ of #{ org_user_count } total users. " )
end
end
end
context " when our search term matches an email " do
let ( :search_param ) { " matching@example.com " }
it " returns only matching results " do
expect ( page ) . to have_content ( matching_user . name )
expect ( page ) . not_to have_link ( user . name )
different_org_users . each do | different_org_user |
expect ( page ) . not_to have_content ( different_org_user . email )
end
users . each do | org_user |
expect ( page ) . not_to have_content ( org_user . email )
end
end
it " updates the table caption " do
expect ( page ) . to have_content ( " 1 user found matching ‘ #{ search_param } ’ of #{ org_user_count } total users. " )
end
context " when our search term matches an email and a name " do
let! ( :matching_user ) { create ( :user , organisation : , name : " Foobar " , email : " some@example.com " ) }
let! ( :another_matching_user ) { create ( :user , organisation : , name : " Joe " , email : " foobar@example.com " ) }
let! ( :org_user_count ) { User . where ( organisation : ) . count }
let ( :search_param ) { " Foobar " }
before do
get " /organisations/ #{ user . organisation . id } /users?search= #{ search_param } "
end
it " returns only matching results " do
expect ( page ) . to have_link ( matching_user . name )
expect ( page ) . to have_link ( another_matching_user . name )
expect ( page ) . not_to have_link ( user . name )
different_org_users . each do | different_org_user |
expect ( page ) . not_to have_content ( different_org_user . email )
end
users . each do | org_user |
expect ( page ) . not_to have_content ( org_user . email )
end
end
it " updates the table caption " do
expect ( page ) . to have_content ( " 2 users found matching ‘ #{ search_param } ’ of #{ org_user_count } total users. " )
end
end
end
end
end
context " when viewing a specific organisation's details " do
before do
get " /organisations/ #{ organisation . id } /details " , headers : , params : { }
end
it " displays the name of the organisation " do
expect ( page ) . to have_content ( organisation . name )
end
it " has a sub-navigation with correct tabs " do
expect ( page ) . to have_css ( " .app-sub-navigation " )
expect ( page ) . to have_content ( " About this organisation " )
end
it " allows to edit the organisation details " do
expect ( page ) . to have_link ( " Change " , count : 3 )
end
end
context " when there are more than 20 organisations " do
let ( :total_organisations_count ) { Organisation . all . count }
before do
create_list ( :organisation , 25 )
get " /organisations "
end
context " when on the first page " do
it " has pagination links " do
expect ( page ) . not_to have_content ( " Previous " )
expect ( page ) . not_to have_link ( " Previous " )
expect ( page ) . to have_content ( " Next " )
expect ( page ) . to have_link ( " Next " )
end
it " shows which organisations are being shown on the current page " do
expect ( CGI . unescape_html ( response . body ) ) . to match ( " Showing <b>1</b> to <b>20</b> of <b> #{ total_organisations_count } </b> organisations " )
end
it " has pagination in the title " do
expect ( page ) . to have_title ( " Organisations (page 1 of 2) " )
end
end
context " when on the second page " do
before do
get " /organisations?page=2 " , headers : , params : { }
end
it " shows the total organisations count " do
expect ( CGI . unescape_html ( response . body ) ) . to match ( " <strong> #{ total_organisations_count } </strong> total organisations " )
end
it " has pagination links " do
expect ( page ) . to have_content ( " Previous " )
expect ( page ) . to have_link ( " Previous " )
expect ( page ) . not_to have_content ( " Next " )
expect ( page ) . not_to have_link ( " Next " )
end
it " shows which logs are being shown on the current page " do
expect ( CGI . unescape_html ( response . body ) ) . to match ( " Showing <b>21</b> to <b> #{ total_organisations_count } </b> of <b> #{ total_organisations_count } </b> organisations " )
end
it " has pagination in the title " do
expect ( page ) . to have_title ( " Organisations (page 2 of 2) " )
end
end
context " when searching " do
let! ( :searched_organisation ) { create ( :organisation , name : " Unusual name " ) }
let! ( :other_organisation ) { create ( :organisation , name : " Some other name " ) }
let ( :search_param ) { " Unusual " }
before do
get " /organisations?search= #{ search_param } "
end
it " returns matching results " do
expect ( page ) . to have_content ( searched_organisation . name )
expect ( page ) . not_to have_content ( other_organisation . name )
end
it " updates the table caption " do
expect ( page ) . to have_content ( " 1 organisations found matching ‘ #{ search_param } ’ " )
end
it " has search in the title " do
expect ( page ) . to have_title ( " Organisations (1 organisations matching ‘ #{ search_param } ’) - Submit social housing lettings and sales data (CORE) - GOV.UK " )
end
context " when the search term matches more than 1 result " do
let ( :search_param ) { " name " }
it " returns matching results " do
expect ( page ) . to have_content ( searched_organisation . name )
expect ( page ) . to have_content ( other_organisation . name )
end
it " updates the table caption " do
expect ( page ) . to have_content ( " 2 organisations found matching ‘ #{ search_param } ’ " )
end
it " has search in the title " do
expect ( page ) . to have_title ( " Organisations (2 organisations matching ‘ #{ search_param } ’) - Submit social housing lettings and sales data (CORE) - GOV.UK " )
end
end
context " when search results require pagination " do
let ( :search_param ) { " DLUHC " }
it " has search and pagination in the title " do
expect ( page ) . to have_title ( " Organisations (27 organisations matching ‘ #{ search_param } ’) (page 1 of 2) - Submit social housing lettings and sales data (CORE) - GOV.UK " )
end
end
end
end
end
describe " # create " do
let ( :name ) { " Unique new org name " }
let ( :address_line1 ) { " 12 Random Street " }
let ( :address_line2 ) { " Manchester " }
let ( :postcode ) { " MD1 5TR " }
let ( :phone ) { " 011101101 " }
let ( :provider_type ) { " LA " }
let ( :holds_own_stock ) { " true " }
let ( :housing_registration_no ) { " 7917937 " }
let ( :params ) do
{
" organisation " : {
name : ,
address_line1 : ,
address_line2 : ,
postcode : ,
phone : ,
provider_type : ,
holds_own_stock : ,
housing_registration_no : ,
} ,
}
end
let ( :request ) { post " /organisations " , headers : , params : }
it " creates a new organisation " do
expect { request } . to change ( Organisation , :count ) . by ( 1 )
end
it " sets the organisation attributes correctly " do
request
organisation = Organisation . find_by ( housing_registration_no : )
expect ( organisation . name ) . to eq ( " Unique new org name " )
expect ( organisation . address_line1 ) . to eq ( address_line1 )
expect ( organisation . address_line2 ) . to eq ( address_line2 )
expect ( organisation . postcode ) . to eq ( postcode )
expect ( organisation . phone ) . to eq ( phone )
expect ( organisation . holds_own_stock ) . to be true
end
it " redirects to the organisation list " do
request
expect ( response ) . to redirect_to ( " /organisations " )
end
context " when required params are missing " do
let ( :name ) { " " }
let ( :provider_type ) { " " }
it " displays the form with an error message " do
request
expect ( response ) . to have_http_status ( :unprocessable_entity )
expect ( page ) . to have_content ( I18n . t ( " validations.organisation.name_missing " ) )
expect ( page ) . to have_content ( I18n . t ( " validations.organisation.provider_type_missing " ) )
end
end
end
context " when they view the lettings logs tab " do
let ( :tenancycode ) { " 42 " }
before do
create ( :lettings_log , owning_organisation : organisation , tenancycode : )
end
context " when there is at least one log visible " do
before do
get lettings_logs_organisation_path ( organisation , search : tenancycode )
end
it " shows the delete logs button with the correct path " do
expect ( page ) . to have_link " Delete logs " , href : delete_lettings_logs_organisation_path ( search : tenancycode )
end
it " has CSV download buttons with the correct paths " do
expect ( page ) . to have_link " Download (CSV) " , href : lettings_logs_csv_download_organisation_path ( organisation , codes_only : false , search : tenancycode )
expect ( page ) . to have_link " Download (CSV, codes only) " , href : lettings_logs_csv_download_organisation_path ( organisation , codes_only : true , search : tenancycode )
end
end
context " when there are no visible logs " do
before do
LettingsLog . destroy_all
get lettings_logs_organisation_path ( organisation )
end
it " does not show the delete logs button " do
expect ( page ) . not_to have_link " Delete logs "
end
it " does not show the csv download buttons " do
expect ( page ) . not_to have_link " Download (CSV) "
expect ( page ) . not_to have_link " Download (CSV, codes only) "
end
end
context " when you download the CSV " do
let ( :other_organisation ) { create ( :organisation ) }
before do
create_list ( :lettings_log , 2 , owning_organisation : organisation )
create ( :lettings_log , owning_organisation : organisation , status : " pending " , skip_update_status : true )
create_list ( :lettings_log , 2 , owning_organisation : other_organisation )
end
it " only includes logs from that organisation " do
get " /organisations/ #{ organisation . id } /lettings-logs/csv-download?codes_only=false "
expect ( page ) . to have_text ( " You've selected 3 logs. " )
end
it " provides the organisation to the mail job " do
expect {
post " /organisations/ #{ organisation . id } /lettings-logs/email-csv?status[]=completed&codes_only=false " , headers : , params : { }
} . to enqueue_job ( EmailCsvJob ) . with ( user , nil , { " status " = > %w[ completed ] } , false , organisation , false )
end
it " provides the export type to the mail job " do
codes_only_export_type = false
expect {
post " /organisations/ #{ organisation . id } /lettings-logs/email-csv?codes_only= #{ codes_only_export_type } " , headers : , params : { }
} . to enqueue_job ( EmailCsvJob ) . with ( user , nil , { } , false , organisation , codes_only_export_type )
codes_only_export_type = true
expect {
post " /organisations/ #{ organisation . id } /lettings-logs/email-csv?codes_only= #{ codes_only_export_type } " , headers : , params : { }
} . to enqueue_job ( EmailCsvJob ) . with ( user , nil , { } , false , organisation , codes_only_export_type )
end
end
end
context " when they view the sales logs tab " do
before do
create ( :sales_log , owning_organisation : organisation )
end
it " has CSV download buttons with the correct paths if at least 1 log exists " do
get " /organisations/ #{ organisation . id } /sales-logs "
expect ( page ) . to have_link ( " Download (CSV) " , href : " /organisations/ #{ organisation . id } /sales-logs/csv-download?codes_only=false " )
expect ( page ) . to have_link ( " Download (CSV, codes only) " , href : " /organisations/ #{ organisation . id } /sales-logs/csv-download?codes_only=true " )
end
context " when you download the CSV " do
let ( :other_organisation ) { create ( :organisation ) }
before do
create_list ( :sales_log , 2 , owning_organisation : organisation )
create ( :sales_log , owning_organisation : organisation , status : " pending " , skip_update_status : true )
create_list ( :sales_log , 2 , owning_organisation : other_organisation )
end
it " only includes logs from that organisation " do
get " /organisations/ #{ organisation . id } /sales-logs/csv-download?codes_only=false "
expect ( page ) . to have_text ( " You've selected 3 logs. " )
end
it " provides the organisation to the mail job " do
expect {
post " /organisations/ #{ organisation . id } /sales-logs/email-csv?status[]=completed&codes_only=false " , headers : , params : { }
} . to enqueue_job ( EmailCsvJob ) . with ( user , nil , { " status " = > %w[ completed ] } , false , organisation , false , " sales " )
end
it " provides the log type to the mail job " do
log_type = " sales "
expect {
post " /organisations/ #{ organisation . id } /sales-logs/email-csv?status[]=completed&codes_only=false " , headers : , params : { }
} . to enqueue_job ( EmailCsvJob ) . with ( user , nil , { " status " = > %w[ completed ] } , false , organisation , false , log_type )
end
it " provides the export type to the mail job " do
codes_only_export_type = false
expect {
post " /organisations/ #{ organisation . id } /sales-logs/email-csv?codes_only= #{ codes_only_export_type } " , headers : , params : { }
} . to enqueue_job ( EmailCsvJob ) . with ( user , nil , { } , false , organisation , codes_only_export_type , " sales " )
codes_only_export_type = true
expect {
post " /organisations/ #{ organisation . id } /sales-logs/email-csv?codes_only= #{ codes_only_export_type } " , headers : , params : { }
} . to enqueue_job ( EmailCsvJob ) . with ( user , nil , { } , false , organisation , codes_only_export_type , " sales " )
end
end
end
describe " GET # download_lettings_csv " do
it " renders a page with the correct header " do
get " /organisations/ #{ organisation . id } /lettings-logs/csv-download?codes_only=false " , headers : , params : { }
header = page . find_css ( " h1 " )
expect ( header . text ) . to include ( " Download CSV " )
end
it " renders a form with the correct target containing a button with the correct text " do
get " /organisations/ #{ organisation . id } /lettings-logs/csv-download?codes_only=false " , headers : , params : { }
form = page . find ( " form.button_to " )
expect ( form [ :method ] ) . to eq ( " post " )
expect ( form [ :action ] ) . to eq ( " /organisations/ #{ organisation . id } /lettings-logs/email-csv " )
expect ( form ) . to have_button ( " Send email " )
end
it " when codes_only query parameter is false, form contains hidden field with correct value " do
codes_only = false
get " /organisations/ #{ organisation . id } /lettings-logs/csv-download?codes_only= #{ codes_only } " , headers : , params : { }
hidden_field = page . find ( " form.button_to " ) . find_field ( " codes_only " , type : " hidden " )
expect ( hidden_field . value ) . to eq ( codes_only . to_s )
end
it " when codes_only query parameter is true, form contains hidden field with correct value " do
codes_only = true
get " /organisations/ #{ organisation . id } /lettings-logs/csv-download?codes_only= #{ codes_only } " , headers : , params : { }
hidden_field = page . find ( " form.button_to " ) . find_field ( " codes_only " , type : " hidden " )
expect ( hidden_field . value ) . to eq ( codes_only . to_s )
end
it " when query string contains search parameter, form contains hidden field with correct value " do
search_term = " blam "
get " /organisations/ #{ organisation . id } /lettings-logs/csv-download?codes_only=true&search= #{ search_term } " , headers : , params : { }
hidden_field = page . find ( " form.button_to " ) . find_field ( " search " , type : " hidden " )
expect ( hidden_field . value ) . to eq ( search_term )
end
end
describe " GET # download_sales_csv " do
it " renders a page with the correct header " do
get " /organisations/ #{ organisation . id } /sales-logs/csv-download?codes_only=false " , headers : , params : { }
header = page . find_css ( " h1 " )
expect ( header . text ) . to include ( " Download CSV " )
end
it " renders a form with the correct target containing a button with the correct text " do
get " /organisations/ #{ organisation . id } /sales-logs/csv-download?codes_only=false " , headers : , params : { }
form = page . find ( " form.button_to " )
expect ( form [ :method ] ) . to eq ( " post " )
expect ( form [ :action ] ) . to eq ( " /organisations/ #{ organisation . id } /sales-logs/email-csv " )
expect ( form ) . to have_button ( " Send email " )
end
it " when codes_only query parameter is false, form contains hidden field with correct value " do
codes_only = false
get " /organisations/ #{ organisation . id } /sales-logs/csv-download?codes_only= #{ codes_only } " , headers : , params : { }
hidden_field = page . find ( " form.button_to " ) . find_field ( " codes_only " , type : " hidden " )
expect ( hidden_field . value ) . to eq ( codes_only . to_s )
end
it " when codes_only query parameter is true, form contains hidden field with correct value " do
codes_only = true
get " /organisations/ #{ organisation . id } /sales-logs/csv-download?codes_only= #{ codes_only } " , headers : , params : { }
hidden_field = page . find ( " form.button_to " ) . find_field ( " codes_only " , type : " hidden " )
expect ( hidden_field . value ) . to eq ( codes_only . to_s )
end
it " when query string contains search parameter, form contains hidden field with correct value " do
search_term = " blam "
get " /organisations/ #{ organisation . id } /sales-logs/csv-download?codes_only=true&search= #{ search_term } " , headers : , params : { }
hidden_field = page . find ( " form.button_to " ) . find_field ( " search " , type : " hidden " )
expect ( hidden_field . value ) . to eq ( search_term )
end
end
context " when they view the users tab " do
before do
get " /organisations/ #{ organisation . id } /users "
end
it " has a CSV download button with the correct path " do
expect ( page ) . to have_link ( " Download (CSV) " , href : " /organisations/ #{ organisation . id } /users.csv " )
end
context " when you download the CSV " do
let ( :headers ) { { " Accept " = > " text/csv " } }
let ( :other_organisation ) { create ( :organisation ) }
before do
create_list ( :user , 3 , organisation : )
create_list ( :user , 2 , organisation : other_organisation )
end
it " only includes users from that organisation " do
get " /organisations/ #{ other_organisation . id } /users " , headers : , params : { }
csv = CSV . parse ( response . body )
expect ( csv . count ) . to eq ( other_organisation . users . count + 1 )
end
end
end
end
end
describe " GET # data_sharing_agreement " do
context " when not signed in " do
it " redirects to sign in " do
get " /organisations/ #{ organisation . id } /data-sharing-agreement " , headers : headers
expect ( response ) . to redirect_to ( " /account/sign-in " )
end
end
context " when signed in " do
before do
allow ( user ) . to receive ( :need_two_factor_authentication? ) . and_return ( false )
sign_in user
end
context " when flag not enabled " do
before do
allow ( FeatureToggle ) . to receive ( :new_data_protection_confirmation? ) . and_return ( false )
end
it " returns not found " do
get " /organisations/ #{ organisation . id } /data-sharing-agreement " , headers : headers
expect ( response ) . to have_http_status ( :not_found )
end
end
context " when flag enabled " do
before do
allow ( FeatureToggle ) . to receive ( :new_data_protection_confirmation? ) . and_return ( true )
end
it " returns ok " do
get " /organisations/ #{ organisation . id } /data-sharing-agreement " , headers : headers
expect ( response ) . to have_http_status ( :ok )
end
end
end
end
describe " POST # data_sharing_agreement " do
let ( :organisation ) { create ( :organisation , :without_dpc ) }
context " when not signed in " do
it " redirects to sign in " do
post " /organisations/ #{ organisation . id } /data-sharing-agreement " , headers : headers
expect ( response ) . to redirect_to ( " /account/sign-in " )
end
end
context " when signed in " do
before do
allow ( user ) . to receive ( :need_two_factor_authentication? ) . and_return ( false )
sign_in user
end
context " when flag not enabled " do
before do
allow ( FeatureToggle ) . to receive ( :new_data_protection_confirmation? ) . and_return ( false )
end
it " returns not found " do
post " /organisations/ #{ organisation . id } /data-sharing-agreement " , headers : headers
expect ( response ) . to have_http_status ( :not_found )
end
end
context " when flag enabled " do
before do
allow ( FeatureToggle ) . to receive ( :new_data_protection_confirmation? ) . and_return ( true )
end
context " when user not dpo " do
let ( :user ) { create ( :user , is_dpo : false ) }
it " returns not found " do
post " /organisations/ #{ organisation . id } /data-sharing-agreement " , headers : headers
expect ( response ) . to have_http_status ( :not_found )
end
end
context " when user is dpo " do
context " when the organisation has a non-confirmed confirmation " do
let ( :user ) { create ( :user , is_dpo : false ) }
it " returns not found " do
post " /organisations/ #{ organisation . id } /data-sharing-agreement " , headers : headers
expect ( response ) . to have_http_status ( :not_found )
end
end
context " when the organisation does not have a confirmation " do
let ( :user ) { create ( :user , is_dpo : true , organisation : ) }
it " returns redirects to details page " do
post " /organisations/ #{ organisation . id } /data-sharing-agreement " , headers : headers
expect ( response ) . to redirect_to ( " /organisations/ #{ organisation . id } /details " )
expect ( flash [ :notice ] ) . to eq ( " You have accepted the Data Sharing Agreement " )
expect ( flash [ :notification_banner_body ] ) . to eq ( " Your organisation can now submit logs. " )
end
it " creates a data sharing agreement " do
expect ( organisation . reload . data_protection_confirmation ) . to be_nil
post ( " /organisations/ #{ organisation . id } /data-sharing-agreement " , headers : )
data_protection_confirmation = organisation . reload . data_protection_confirmation
expect ( data_protection_confirmation . organisation . address_row ) . to eq ( organisation . address_row )
expect ( data_protection_confirmation . organisation . name ) . to eq ( organisation . name )
expect ( data_protection_confirmation . organisation . phone ) . to eq ( organisation . phone )
expect ( data_protection_confirmation . data_protection_officer ) . to eq ( user )
end
context " when the user has already accepted the agreement " do
before do
create ( :data_protection_confirmation , data_protection_officer : user , organisation : user . organisation )
end
it " returns not found " do
post " /organisations/ #{ organisation . id } /data-sharing-agreement " , headers : headers
expect ( response ) . to have_http_status ( :not_found )
end
end
end
end
end
end
end
end