diff --git a/app/controllers/schemes_controller.rb b/app/controllers/schemes_controller.rb index 3f588b8e3..1ef3ae211 100644 --- a/app/controllers/schemes_controller.rb +++ b/app/controllers/schemes_controller.rb @@ -56,7 +56,7 @@ class SchemesController < ApplicationController when "support" scheme_check_answers_path(@scheme) when "details" - scheme_primary_client_group_path(@scheme) + scheme_primary_client_group_path(@scheme) end redirect_to schemes_path @@ -95,8 +95,11 @@ class SchemesController < ApplicationController private def scheme_params - required_params = params.require(:scheme).permit(:service_name, :sensitive, :organisation_id, :scheme_type, :registered_under_care_act, :total_units, :id, :confirmed, :has_other_client_group, :primary_client_group, :secondary_client_group, :support_type, :intended_stay) + required_params = params.require(:scheme).permit(:service_name, :sensitive, :organisation_id, :scheme_type, :registered_under_care_act, :total_units, :id, :has_other_client_group, :primary_client_group, :secondary_client_group, :support_type, :intended_stay) required_params[:sensitive] = required_params[:sensitive].to_i if required_params[:sensitive] + if current_user.data_coordinator? + required_params[:organisation_id] = current_user.organisation_id + end required_params end diff --git a/spec/features/schemes_spec.rb b/spec/features/schemes_spec.rb index 3d43f7c48..68672490b 100644 --- a/spec/features/schemes_spec.rb +++ b/spec/features/schemes_spec.rb @@ -281,7 +281,8 @@ RSpec.describe "Schemes scheme Features" do context "when we amend scheme details" do it "returns to the primary client group question" do click_button "Save and continue" - expect(page).to have_current_path("/schemes/#{scheme.id}/primary-client-group") end + expect(page).to have_current_path("/schemes/#{scheme.id}/primary-client-group") + end end end @@ -308,7 +309,8 @@ RSpec.describe "Schemes scheme Features" do context "when we amend primary client group" do it "returns to the confirm secondary client group question" do click_button "Save and continue" - expect(page).to have_current_path("/schemes/#{scheme.id}/confirm-secondary-client-group") end + expect(page).to have_current_path("/schemes/#{scheme.id}/confirm-secondary-client-group") + end end end @@ -335,7 +337,8 @@ RSpec.describe "Schemes scheme Features" do context "when we amend confirm secondary client" do it "returns to the secondary client group question" do click_button "Save and continue" - expect(page).to have_current_path("/schemes/#{scheme.id}/secondary-client-group") end + expect(page).to have_current_path("/schemes/#{scheme.id}/secondary-client-group") + end end end @@ -362,7 +365,8 @@ RSpec.describe "Schemes scheme Features" do context "when we amend secondary client" do it "returns to the support question" do click_button "Save and continue" - expect(page).to have_current_path("/schemes/#{scheme.id}/support") end + expect(page).to have_current_path("/schemes/#{scheme.id}/support") + end end end diff --git a/spec/requests/schemes_controller_spec.rb b/spec/requests/schemes_controller_spec.rb index 7abdfe93e..00cdf9e32 100644 --- a/spec/requests/schemes_controller_spec.rb +++ b/spec/requests/schemes_controller_spec.rb @@ -452,7 +452,7 @@ RSpec.describe SchemesController, type: :request do describe "#new" do context "when not signed in" do it "redirects to the sign in page" do - patch "/schemes/1" + get "/schemes/new" expect(response).to redirect_to("/account/sign-in") end end @@ -500,4 +500,74 @@ RSpec.describe SchemesController, type: :request do end end end + + describe "#create" do + context "when not signed in" do + it "redirects to the sign in page" do + post "/schemes" + expect(response).to redirect_to("/account/sign-in") + end + end + + context "when signed in as a data provider" do + let(:user) { FactoryBot.create(:user) } + + before do + sign_in user + post "/schemes" + end + + it "returns 401 unauthorized" do + request + expect(response).to have_http_status(:unauthorized) + end + end + + context "when signed in as a data coordinator" do + let(:user) { FactoryBot.create(:user, :data_coordinator) } + let(:params) { { scheme: { service_name: "testy", sensitive: "1", scheme_type: "Foyer", registered_under_care_act: "No", total_units: "1" } } } + + before do + sign_in user + end + + it "creates a new scheme for user organisation with valid params" do + expect { post "/schemes", params: }.to change(Scheme, :count).by(1) + expect(response).to have_http_status(:ok) + expect(page).to have_content("What client group is this scheme intended for?") + end + + it "creates a new scheme for user organisation with valid params" do + post "/schemes", params: params + + expect(Scheme.last.organisation_id).to eq(user.organisation_id) + expect(Scheme.last.service_name).to eq("testy") + expect(Scheme.last.scheme_type).to eq("Foyer") + expect(Scheme.last.sensitive).to eq("Yes") + expect(Scheme.last.registered_under_care_act).to eq("No") + expect(Scheme.last.id).not_to eq(nil) + expect(Scheme.last.has_other_client_group).to eq(nil) + expect(Scheme.last.primary_client_group).to eq(nil) + expect(Scheme.last.secondary_client_group).to eq(nil) + expect(Scheme.last.support_type).to eq(nil) + expect(Scheme.last.intended_stay).to eq(nil) + expect(Scheme.last.code).to match(/S*/) + end + end + + context "when signed in as a support user" do + let(:user) { FactoryBot.create(:user, :support) } + + before do + allow(user).to receive(:need_two_factor_authentication?).and_return(false) + sign_in user + get "/schemes/new" + end + + it "returns a template for a new scheme" do + expect(response).to have_http_status(:ok) + expect(page).to have_content("Create a new supported housing scheme") + end + end + end end