<%= govuk_summary_list do |summary_list| %>
<% @organisation.display_attributes.each do |attr| %>
diff --git a/config/routes.rb b/config/routes.rb
index f8269ed12..33c9f0a9a 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -67,6 +67,7 @@ Rails.application.routes.draw do
get "details", to: "organisations#details"
get "users", to: "organisations#users"
get "users/invite", to: "users/account#new"
+ get "logs", to: "organisations#logs"
end
end
diff --git a/spec/components/primary_navigation_component_spec.rb b/spec/components/primary_navigation_component_spec.rb
index 46f45166d..e37f8320b 100644
--- a/spec/components/primary_navigation_component_spec.rb
+++ b/spec/components/primary_navigation_component_spec.rb
@@ -1,6 +1,6 @@
require "rails_helper"
-RSpec.describe PrimaryNavigationComponent, type: :component do
+RSpec.describe NavigationComponent, type: :component do
let(:items) do
[
NavigationItemsHelper::NavigationItem.new("Organisations", "/organisations", true),
diff --git a/spec/features/organisation_spec.rb b/spec/features/organisation_spec.rb
index ef54ff2a2..75277a28a 100644
--- a/spec/features/organisation_spec.rb
+++ b/spec/features/organisation_spec.rb
@@ -80,4 +80,35 @@ RSpec.describe "User Features" do
end
end
end
+
+ context "when user is support user" do
+ context "when viewing logs for specific organisation" do
+ let(:user) { FactoryBot.create(:user, :support) }
+ let(:number_of_case_logs) { 4 }
+ let(:first_log) { organisation.case_logs.first }
+ let(:otp) { "999111" }
+
+ before do
+ FactoryBot.create_list(:case_log, number_of_case_logs, owning_organisation_id: organisation.id, managing_organisation_id: organisation.id)
+ first_log.update!(startdate: Time.utc(2022, 6, 2, 10, 36, 49))
+ allow(SecureRandom).to receive(:random_number).and_return(otp)
+ click_link("Sign out")
+ sign_in user
+ fill_in("code", with: otp)
+ click_button("Submit")
+ visit("/organisations/#{org_id}/logs")
+ end
+
+ it "can filter case logs" do
+ expect(page).to have_content("#{number_of_case_logs} total logs")
+ organisation.case_logs.map(&:id).each do |case_log_id|
+ expect(page).to have_link case_log_id.to_s, href: "/logs/#{case_log_id}"
+ end
+ check("years-2021-field")
+ click_button("Apply filters")
+ expect(page).to have_current_path("/organisations/#{org_id}/logs?years[]=&years[]=2021&status[]=&user=all")
+ expect(page).not_to have_link first_log.id.to_s, href: "/logs/#{first_log.id}"
+ end
+ end
+ end
end
diff --git a/spec/requests/organisations_controller_spec.rb b/spec/requests/organisations_controller_spec.rb
index f9e164b38..342c6f36c 100644
--- a/spec/requests/organisations_controller_spec.rb
+++ b/spec/requests/organisations_controller_spec.rb
@@ -2,7 +2,7 @@ require "rails_helper"
RSpec.describe OrganisationsController, type: :request do
let(:organisation) { user.organisation }
- let(:unauthorised_organisation) { FactoryBot.create(:organisation) }
+ let!(:unauthorised_organisation) { FactoryBot.create(:organisation) }
let(:headers) { { "Accept" => "text/html" } }
let(:page) { Capybara::Node::Simple.new(response.body) }
let(:user) { FactoryBot.create(:user, :data_coordinator) }
@@ -58,10 +58,13 @@ RSpec.describe OrganisationsController, type: :request do
end
context "with a data coordinator user" do
+ before do
+ sign_in user
+ end
+
context "when we access the details tab" do
context "with an organisation that the user belongs to" do
before do
- sign_in user
get "/organisations/#{organisation.id}/details", headers:, params: {}
end
@@ -89,7 +92,6 @@ RSpec.describe OrganisationsController, type: :request do
context "with organisation that are not in scope for the user, i.e. that they do not belong to" do
before do
- sign_in user
get "/organisations/#{unauthorised_organisation.id}/details", headers:, params: {}
end
@@ -106,7 +108,6 @@ RSpec.describe OrganisationsController, type: :request do
let!(:other_org_user) { FactoryBot.create(:user, name: "User 4") }
before do
- sign_in user
get "/organisations/#{organisation.id}/users", headers:, params: {}
end
@@ -144,7 +145,6 @@ RSpec.describe OrganisationsController, type: :request do
context "with an organisation that are not in scope for the user, i.e. that they do not belong to" do
before do
- sign_in user
get "/organisations/#{unauthorised_organisation.id}/users", headers:, params: {}
end
@@ -157,7 +157,6 @@ RSpec.describe OrganisationsController, type: :request do
describe "#edit" do
context "with an organisation that the user belongs to" do
before do
- sign_in user
get "/organisations/#{organisation.id}/edit", headers:, params: {}
end
@@ -170,20 +169,22 @@ RSpec.describe OrganisationsController, type: :request do
context "with an organisation that the user does not belong to" do
before do
- sign_in user
get "/organisations/#{unauthorised_organisation.id}/edit", headers:, params: {}
end
it "returns a 404 not found" do
expect(response).to have_http_status(:not_found)
end
+
+ it "shows the 404 view" do
+ expect(page).to have_content("Page not found")
+ end
end
end
describe "#update" do
context "with an organisation that the user belongs to" do
before do
- sign_in user
patch "/organisations/#{organisation.id}", headers:, params:
end
@@ -211,7 +212,6 @@ RSpec.describe OrganisationsController, type: :request do
context "with an organisation that the user does not belong to" do
before do
- sign_in user
patch "/organisations/#{unauthorised_organisation.id}", headers:, params: {}
end
@@ -220,15 +220,42 @@ RSpec.describe OrganisationsController, type: :request do
end
end
end
+
+ context "when viewing logs for other organisation" do
+ before do
+ get "/organisations/#{unauthorised_organisation.id}/logs", headers:, params: {}
+ end
+
+ it "returns not found 404 from org details route" do
+ expect(response).to have_http_status(:not_found)
+ end
+
+ it "shows the 404 view" do
+ expect(page).to have_content("Page not found")
+ end
+ end
+
+ context "when viewing logs for your organisation" do
+ before do
+ get "/organisations/#{organisation.id}/logs", headers:, params: {}
+ end
+
+ it "redirects to /logs page" do
+ expect(response).to redirect_to("/logs")
+ end
+ end
end
context "with a data provider user" do
let(:user) { FactoryBot.create(:user) }
+ before do
+ sign_in user
+ end
+
context "when accessing the details tab" do
context "with an organisation that the user belongs to" do
before do
- sign_in user
get "/organisations/#{organisation.id}/details", headers:, params: {}
end
@@ -268,7 +295,6 @@ RSpec.describe OrganisationsController, type: :request do
context "when accessing the users tab" do
before do
- sign_in user
get "/organisations/#{organisation.id}/users", headers:, params: {}
end
@@ -279,7 +305,6 @@ RSpec.describe OrganisationsController, type: :request do
describe "#edit" do
before do
- sign_in user
get "/organisations/#{organisation.id}/edit", headers:, params: {}
end
@@ -290,7 +315,6 @@ RSpec.describe OrganisationsController, type: :request do
describe "#update" do
before do
- sign_in user
patch "/organisations/#{organisation.id}", headers:, params:
end
@@ -298,6 +322,162 @@ RSpec.describe OrganisationsController, type: :request do
expect(response).to have_http_status(:unauthorized)
end
end
+
+ context "when viewing logs for other organisation" do
+ before do
+ get "/organisations/#{unauthorised_organisation.id}/logs", headers:, params: {}
+ end
+
+ it "returns not found 404 from org details route" do
+ expect(response).to have_http_status(:not_found)
+ end
+
+ it "shows the 404 view" do
+ expect(page).to have_content("Page not found")
+ end
+ end
+
+ context "when viewing logs for your organisation" do
+ before do
+ get "/organisations/#{organisation.id}/logs", headers:, params: {}
+ end
+
+ it "redirects to /logs page" do
+ expect(response).to redirect_to("/logs")
+ end
+ end
+ end
+
+ context "with a support user" do
+ let(:user) { FactoryBot.create(:user, :support) }
+
+ before do
+ allow(user).to receive(:need_two_factor_authentication?).and_return(false)
+ sign_in user
+ get "/organisations"
+ end
+
+ it "shows all organisations" do
+ total_number_of_orgs = Organisation.all.count
+ expect(page).to have_link organisation.name, href: "organisations/#{organisation.id}/logs"
+ expect(page).to have_link unauthorised_organisation.name, href: "organisations/#{unauthorised_organisation.id}/logs"
+ expect(page).to have_content("#{total_number_of_orgs} total organisations")
+ end
+
+ context "when viewing a specific organisation" do
+ let(:number_of_org1_case_logs) { 2 }
+ let(:number_of_org2_case_logs) { 4 }
+
+ before do
+ FactoryBot.create_list(:case_log, number_of_org1_case_logs, owning_organisation_id: organisation.id, managing_organisation_id: organisation.id)
+ FactoryBot.create_list(:case_log, number_of_org2_case_logs, owning_organisation_id: unauthorised_organisation.id, managing_organisation_id: unauthorised_organisation.id)
+
+ get "/organisations/#{organisation.id}/logs", headers:, params: {}
+ end
+
+ it "displays the name of the organisation in the header" do
+ expect(CGI.unescape_html(response.body)).to match("#{organisation.name}")
+ end
+
+ it "only shows logs for that organisation" do
+ expect(page).to have_content("#{number_of_org1_case_logs} total logs")
+ organisation.case_logs.map(&:id).each do |case_log_id|
+ expect(page).to have_link case_log_id.to_s, href: "/logs/#{case_log_id}"
+ end
+
+ unauthorised_organisation.case_logs.map(&:id).each do |case_log_id|
+ expect(page).not_to have_link case_log_id.to_s, href: "/logs/#{case_log_id}"
+ end
+ end
+
+ it "has filters" do
+ expect(page).to have_content("Filters")
+ expect(page).to have_content("Collection year")
+ end
+
+ it "does not have specific organisation filter" do
+ expect(page).not_to have_content("Specific organisation")
+ end
+
+ it "has a sub-navigation with correct tabs" do
+ expect(page).to have_css(".app-sub-navigation")
+ expect(page).to have_content("About this organisation")
+ end
+ end
+
+ context "when viewing a specific organisation details" do
+ before do
+ get "/organisations/#{organisation.id}/details", headers:, params: {}
+ end
+
+ it "displays the name of the organisation" do
+ expect(page).to have_content(organisation.name)
+ end
+
+ it "has a sub-navigation with correct tabs" do
+ expect(page).to have_css(".app-sub-navigation")
+ expect(page).to have_content("About this organisation")
+ end
+
+ it "allows to edit the organisation details" do
+ expect(page).to have_link("Change", count: 3)
+ end
+ end
+ end
+
+ context "when there are more than 20 organisations" do
+ let(:support_user) { FactoryBot.create(:user, :support) }
+
+ let(:total_organisations_count) { Organisation.all.count }
+
+ before do
+ FactoryBot.create_list(:organisation, 25)
+ allow(support_user).to receive(:need_two_factor_authentication?).and_return(false)
+ sign_in support_user
+ get "/organisations"
+ end
+
+ context "when on the first page" do
+ it "has pagination links" do
+ expect(page).to have_content("Previous")
+ expect(page).not_to have_link("Previous")
+ expect(page).to have_content("Next")
+ expect(page).to have_link("Next")
+ end
+
+ it "shows which organisations are being shown on the current page" do
+ expect(CGI.unescape_html(response.body)).to match("Showing 1 to 20 of #{total_organisations_count} organisations")
+ end
+
+ it "has pagination in the title" do
+ expect(page).to have_title("Organisations (page 1 of 2)")
+ end
+ end
+
+ context "when on the second page" do
+ before do
+ get "/organisations?page=2", headers:, params: {}
+ end
+
+ it "shows the total organisations count" do
+ expect(CGI.unescape_html(response.body)).to match("#{total_organisations_count} total organisations")
+ end
+
+ it "has pagination links" do
+ expect(page).to have_content("Previous")
+ expect(page).to have_link("Previous")
+ expect(page).to have_content("Next")
+ expect(page).not_to have_link("Next")
+ end
+
+ it "shows which logs are being shown on the current page" do
+ expect(CGI.unescape_html(response.body)).to match("Showing 21 to #{total_organisations_count} of #{total_organisations_count} organisations")
+ end
+
+ it "has pagination in the title" do
+ expect(page).to have_title("Organisations (page 2 of 2)")
+ end
+ end
end
end
end