Fix download mailer tests

3 years ago · 9d4c641eff
5 changed files with 35 additions and 27 deletions
--- a/app/controllers/organisations_controller.rb
+++ b/app/controllers/organisations_controller.rb
@ -127,7 +127,7 @@ private
  end

  def authenticate_scope!
-    if %w[create new logs download_csv].include? action_name
+    if %w[create new logs download_csv email_csv].include? action_name
      head :unauthorized and return unless current_user.support?
    elsif current_user.organisation != @organisation && !current_user.support?
      render_not_found
--- a/app/jobs/email_csv_job.rb
+++ b/app/jobs/email_csv_job.rb
@ -16,6 +16,6 @@ class EmailCsvJob < ApplicationJob

    url = storage_service.get_presigned_url(filename, EXPIRATION_TIME)

-    CsvDownloadMailer.new.send_email(user, url, duration)
+    CsvDownloadMailer.new.send_email(user, url, EXPIRATION_TIME)
  end
 end
--- a/app/mailers/csv_download_mailer.rb
+++ b/app/mailers/csv_download_mailer.rb
@ -3,9 +3,9 @@ class CsvDownloadMailer < NotifyMailer

  def send_csv_download_mail(user, link, duration)
    send_email(
-      email_address: user.email,
-      template_id: CSV_DOWNLOAD_TEMPLATE_ID,
-      personalisation: { name: user.name, link:, duration: ActiveSupport::Duration.build(duration).inspect },
+      user.email,
+      CSV_DOWNLOAD_TEMPLATE_ID,
+      { name: user.name, link:, duration: ActiveSupport::Duration.build(duration).inspect },
    )
  end
 end
--- a/spec/mailers/csv_download_mailer_spec.rb
+++ b/spec/mailers/csv_download_mailer_spec.rb
@ -24,7 +24,7 @@ RSpec.describe CsvDownloadMailer do
        },
      )

-      described_class.new.send_email(user, link, duration)
+      described_class.new.send_csv_download_mail(user, link, duration)
    end
  end
 end
--- a/spec/requests/organisations_controller_spec.rb
+++ b/spec/requests/organisations_controller_spec.rb
@ -352,26 +352,30 @@ RSpec.describe OrganisationsController, type: :request do
      end

      context "when viewing logs for other organisation" do
-        before do
+        it "does not display the logs" do
          get "/organisations/#{unauthorised_organisation.id}/logs", headers:, params: {}
+          expect(response).to have_http_status(:unauthorized)
        end

-        it "returns not found 404 from org details route" do
-          expect(response).to have_http_status(:not_found)
-        end
-
-        it "shows the 404 view" do
-          expect(page).to have_content("Page not found")
+        it "prevents CSV download" do
+          expect {
+            post "/organisations/#{unauthorised_organisation.id}/logs/email-csv", headers:, params: {}
+          }.not_to enqueue_job(EmailCsvJob)
+          expect(response).to have_http_status(:unauthorized)
        end
      end

      context "when viewing logs for your organisation" do
-        before do
+        it "does not display the logs" do
          get "/organisations/#{organisation.id}/logs", headers:, params: {}
+          expect(response).to have_http_status(:unauthorized)
        end

-        it "redirects to /logs page" do
-          expect(response).to redirect_to("/logs")
+        it "prevents CSV download" do
+          expect {
+            post "/organisations/#{organisation.id}/logs/email-csv", headers:, params: {}
+          }.not_to enqueue_job(EmailCsvJob)
+          expect(response).to have_http_status(:unauthorized)
        end
      end

@ -495,26 +499,30 @@ RSpec.describe OrganisationsController, type: :request do
      end

      context "when viewing logs for other organisation" do
-        before do
+        it "does not display the logs" do
          get "/organisations/#{unauthorised_organisation.id}/logs", headers:, params: {}
+          expect(response).to have_http_status(:unauthorized)
        end

-        it "returns not found 404 from org details route" do
-          expect(response).to have_http_status(:not_found)
-        end
-
-        it "shows the 404 view" do
-          expect(page).to have_content("Page not found")
+        it "prevents CSV download" do
+          expect {
+            post "/organisations/#{unauthorised_organisation.id}/logs/email-csv", headers:, params: {}
+          }.not_to enqueue_job(EmailCsvJob)
+          expect(response).to have_http_status(:unauthorized)
        end
      end

      context "when viewing logs for your organisation" do
-        before do
+        it "does not display the logs" do
          get "/organisations/#{organisation.id}/logs", headers:, params: {}
+          expect(response).to have_http_status(:unauthorized)
        end

-        it "redirects to /logs page" do
-          expect(response).to redirect_to("/logs")
+        it "prevents CSV download" do
+          expect {
+            post "/organisations/#{organisation.id}/logs/email-csv", headers:, params: {}
+          }.not_to enqueue_job(EmailCsvJob)
+          expect(response).to have_http_status(:unauthorized)
        end
      end
    end
@ -1035,7 +1043,7 @@ RSpec.describe OrganisationsController, type: :request do
      end

      it "has a CSV download button with the correct path" do
-        expect(page).to have_link("Download (CSV)", href: "/organisations/#{organisation.id}/logs/csv-download?search=")
+        expect(page).to have_link("Download (CSV)", href: "/organisations/#{organisation.id}/logs/csv-download")
      end

      context "when you download the CSV" do