diff --git a/app/models/data_protection_confirmation.rb b/app/models/data_protection_confirmation.rb new file mode 100644 index 000000000..b73004766 --- /dev/null +++ b/app/models/data_protection_confirmation.rb @@ -0,0 +1,4 @@ +class DataProtectionConfirmation < ApplicationRecord + belongs_to :organisation + belongs_to :data_protection_officer, class_name: "User" +end diff --git a/app/models/organisation.rb b/app/models/organisation.rb index b13a9d075..dd14006ef 100644 --- a/app/models/organisation.rb +++ b/app/models/organisation.rb @@ -2,6 +2,7 @@ class Organisation < ApplicationRecord has_many :users has_many :owned_case_logs, class_name: "CaseLog", foreign_key: "owning_organisation_id" has_many :managed_case_logs, class_name: "CaseLog", foreign_key: "managing_organisation_id" + has_many :data_protection_confirmations has_paper_trail diff --git a/app/models/user.rb b/app/models/user.rb index 7a74f1121..a0f5d7872 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -14,6 +14,7 @@ class User < ApplicationRecord data_accessor: 0, data_provider: 1, data_coordinator: 2, + data_protection_officer: 3, }.freeze enum role: ROLES diff --git a/app/services/imports/data_protection_confirmation_import_service.rb b/app/services/imports/data_protection_confirmation_import_service.rb new file mode 100644 index 000000000..142fe039d --- /dev/null +++ b/app/services/imports/data_protection_confirmation_import_service.rb @@ -0,0 +1,45 @@ +module Imports + class DataProtectionConfirmationImportService < ImportService + def create_data_protection_confirmations(folder) + import_from(folder, :create_data_protection_confirmation) + end + + private + + def create_data_protection_confirmation(xml_document) + org = Organisation.find_by(old_org_id: record_field_value(xml_document, "institution")) + dp_officer = User.find_by( + name: record_field_value(xml_document, "dp-user"), + organisation: org, + role: "data_protection_officer", + ) + + if dp_officer.blank? + dp_officer = User.new( + name: record_field_value(xml_document, "dp-user"), + organisation: org, + role: "data_protection_officer", + encrypted_password: SecureRandom.hex(10), + ) + dp_officer.save!(validate: false) + end + + DataProtectionConfirmation.create!( + organisation: org, + confirmed: record_field_value(xml_document, "data-protection").casecmp("true").zero?, + data_protection_officer: dp_officer, + old_id: record_field_value(xml_document, "id"), + old_org_id: record_field_value(xml_document, "institution"), + created_at: record_field_value(xml_document, "change-date").to_time(:utc), + ) + rescue ActiveRecord::RecordNotUnique + id = record_field_value(xml_document, "id") + dp_officer_name = record_field_value(xml_document, "dp-user") + @logger.warn("Data protection confirmation #{id} created by #{dp_officer_name} for #{org.name} is already present, skipping.") + end + + def record_field_value(xml_document, field) + field_value(xml_document, "dataprotect", field) + end + end +end diff --git a/db/migrate/20220323094418_create_data_protection_confirmation.rb b/db/migrate/20220323094418_create_data_protection_confirmation.rb new file mode 100644 index 000000000..4223022c2 --- /dev/null +++ b/db/migrate/20220323094418_create_data_protection_confirmation.rb @@ -0,0 +1,18 @@ +class CreateDataProtectionConfirmation < ActiveRecord::Migration[7.0] + def change + create_table :data_protection_confirmations do |t| + t.belongs_to :organisation + t.belongs_to :data_protection_officer, class_name: "User", index: { name: :dpo_user_id } + t.column :confirmed, :boolean + t.column :old_id, :string + t.column :old_org_id, :string + + t.timestamps + end + + add_index :data_protection_confirmations, + %i[organisation_id data_protection_officer_id confirmed], + unique: true, + name: "data_protection_confirmations_unique" + end +end diff --git a/db/schema.rb b/db/schema.rb index a4488ce6e..11d585b51 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -235,6 +235,19 @@ ActiveRecord::Schema[7.0].define(version: 202202071123100) do t.index ["owning_organisation_id"], name: "index_case_logs_on_owning_organisation_id" end + create_table "data_protection_confirmations", force: :cascade do |t| + t.bigint "organisation_id" + t.bigint "data_protection_officer_id" + t.boolean "confirmed" + t.string "old_id" + t.string "old_org_id" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false + t.index ["data_protection_officer_id"], name: "dpo_user_id" + t.index ["organisation_id", "data_protection_officer_id", "confirmed"], name: "data_protection_confirmations_unique", unique: true + t.index ["organisation_id"], name: "index_data_protection_confirmations_on_organisation_id" + end + create_table "la_rent_ranges", force: :cascade do |t| t.integer "ranges_rent_id" t.integer "lettype" diff --git a/spec/factories/data_protection_confirmation.rb b/spec/factories/data_protection_confirmation.rb new file mode 100644 index 000000000..a6f42d350 --- /dev/null +++ b/spec/factories/data_protection_confirmation.rb @@ -0,0 +1,12 @@ +FactoryBot.define do + factory :data_protection_confirmation do + organisation + data_protection_officer { FactoryBot.create(:user, :data_protection_officer) } + confirmed { true } + old_org_id { "7c5bd5fb549c09a2c55d7cb90d7ba84927e64618" } + old_id { "7c5bd5fb549c09a2c55d7cb90d7ba84927e64618" } + + created_at { Time.zone.now } + updated_at { Time.zone.now } + end +end diff --git a/spec/factories/user.rb b/spec/factories/user.rb index aa08b1d99..b3dc82583 100644 --- a/spec/factories/user.rb +++ b/spec/factories/user.rb @@ -8,6 +8,9 @@ FactoryBot.define do trait :data_coordinator do role { "data_coordinator" } end + trait :data_protection_officer do + role { "data_protection_officer" } + end created_at { Time.zone.now } updated_at { Time.zone.now } end diff --git a/spec/fixtures/softwire_imports/data_protection_confirmations/7c5bd5fb549c09a2c55d7cb90d7ba84927e64618.xml b/spec/fixtures/softwire_imports/data_protection_confirmations/7c5bd5fb549c09a2c55d7cb90d7ba84927e64618.xml new file mode 100644 index 000000000..730d93b97 --- /dev/null +++ b/spec/fixtures/softwire_imports/data_protection_confirmations/7c5bd5fb549c09a2c55d7cb90d7ba84927e64618.xml @@ -0,0 +1,7 @@ + + 7c5bd5fb549c09a2c55d7cb90d7ba84927e64618 + 7c5bd5fb549c09a2c55d7cb90d7ba84927e64618 + true + John Doe + 05/06/2018 10:36:49:34 + diff --git a/spec/services/imports/data_protection_confirmation_import_service_spec.rb b/spec/services/imports/data_protection_confirmation_import_service_spec.rb new file mode 100644 index 000000000..fd513138c --- /dev/null +++ b/spec/services/imports/data_protection_confirmation_import_service_spec.rb @@ -0,0 +1,83 @@ +require "rails_helper" + +RSpec.describe Imports::DataProtectionConfirmationImportService do + let(:fixture_directory) { "spec/fixtures/softwire_imports/data_protection_confirmations" } + let(:old_org_id) { "7c5bd5fb549c09a2c55d7cb90d7ba84927e64618" } + let(:old_id) { old_org_id } + let(:import_file) { File.open("#{fixture_directory}/#{old_id}.xml") } + let(:storage_service) { instance_double(StorageService) } + + context "when importing data protection confirmations" do + subject(:import_service) { described_class.new(storage_service) } + + before do + allow(storage_service) + .to receive(:list_files) + .and_return(["data_protection_directory/#{old_id}.xml"]) + allow(storage_service) + .to receive(:get_file_io) + .with("data_protection_directory/#{old_id}.xml") + .and_return(import_file) + end + + context "when the organisation in the import file doesn't exist in the system" do + it "does not create a data protection confirmation" do + expect { import_service.create_data_protection_confirmations("data_protection_directory") } + .to raise_error(ActiveRecord::RecordInvalid, /Organisation must exist/) + end + end + + context "when the organisation does exist" do + let!(:organisation) { FactoryBot.create(:organisation, old_org_id:) } + + context "when a data protection officer with matching name does not exists for the organisation" do + it "creates a data protection officer without sign in credentials" do + expect { import_service.create_data_protection_confirmations("data_protection_directory") } + .to change(User, :count).by(1) + data_protection_officer = User.find_by(organisation:, role: "data_protection_officer") + expect(data_protection_officer.email).to eq("") + end + + it "successfully create a data protection confirmation record with the expected data" do + import_service.create_data_protection_confirmations("data_protection_directory") + confirmation = Organisation.find_by(old_org_id:).data_protection_confirmations.last + expect(confirmation.data_protection_officer.name).to eq("John Doe") + expect(confirmation.confirmed).to be_truthy + expect(Time.zone.local_to_utc(confirmation.created_at)).to eq(Time.utc(2018, 0o6, 0o5, 10, 36, 49)) + end + end + + context "when a data protection officer with matching name already exists for the organisation" do + let!(:data_protection_officer) do + FactoryBot.create(:user, :data_protection_officer, name: "John Doe", organisation:) + end + + it "successfully creates a data protection confirmation record with the expected data" do + import_service.create_data_protection_confirmations("data_protection_directory") + + confirmation = Organisation.find_by(old_org_id:).data_protection_confirmations.last + expect(confirmation.data_protection_officer.id).to eq(data_protection_officer.id) + expect(confirmation.confirmed).to be_truthy + expect(Time.zone.local_to_utc(confirmation.created_at)).to eq(Time.utc(2018, 0o6, 0o5, 10, 36, 49)) + end + + context "when the data protection record has already been imported previously" do + before do + FactoryBot.create( + :data_protection_confirmation, + organisation:, + data_protection_officer:, + old_org_id:, + old_id:, + ) + end + + it "logs that the record already exists" do + expect(Rails.logger).to receive(:warn) + import_service.create_data_protection_confirmations("data_protection_directory") + end + end + end + end + end +end