diff --git a/app/models/user.rb b/app/models/user.rb index a0f5d7872..2fd63c71d 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -14,7 +14,6 @@ class User < ApplicationRecord data_accessor: 0, data_provider: 1, data_coordinator: 2, - data_protection_officer: 3, }.freeze enum role: ROLES @@ -37,4 +36,12 @@ class User < ApplicationRecord def reset_password_notify_template last_sign_in_at ? RESET_PASSWORD_TEMPLATE_ID : SET_PASSWORD_TEMPLATE_ID end + + def is_data_protection_officer? + is_dpo + end + + def is_data_protection_officer! + update!(is_dpo: true) + end end diff --git a/app/services/imports/data_protection_confirmation_import_service.rb b/app/services/imports/data_protection_confirmation_import_service.rb index 142fe039d..30d28b647 100644 --- a/app/services/imports/data_protection_confirmation_import_service.rb +++ b/app/services/imports/data_protection_confirmation_import_service.rb @@ -11,14 +11,14 @@ module Imports dp_officer = User.find_by( name: record_field_value(xml_document, "dp-user"), organisation: org, - role: "data_protection_officer", + is_dpo: true, ) if dp_officer.blank? dp_officer = User.new( name: record_field_value(xml_document, "dp-user"), organisation: org, - role: "data_protection_officer", + is_dpo: true, encrypted_password: SecureRandom.hex(10), ) dp_officer.save!(validate: false) diff --git a/db/migrate/20220328105332_change_dpo_to_attribute.rb b/db/migrate/20220328105332_change_dpo_to_attribute.rb new file mode 100644 index 000000000..6461fd87c --- /dev/null +++ b/db/migrate/20220328105332_change_dpo_to_attribute.rb @@ -0,0 +1,7 @@ +class ChangeDpoToAttribute < ActiveRecord::Migration[7.0] + def change + change_table :users, bulk: true do |t| + t.column :is_dpo, :boolean, default: false + end + end +end diff --git a/db/schema.rb b/db/schema.rb index 11d585b51..566019efb 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -315,6 +315,7 @@ ActiveRecord::Schema[7.0].define(version: 202202071123100) do t.integer "failed_attempts", default: 0 t.string "unlock_token" t.datetime "locked_at", precision: nil + t.boolean "is_dpo", default: false t.string "phone" t.index ["email"], name: "index_users_on_email", unique: true t.index ["organisation_id"], name: "index_users_on_organisation_id" diff --git a/spec/factories/user.rb b/spec/factories/user.rb index b3dc82583..0de22af97 100644 --- a/spec/factories/user.rb +++ b/spec/factories/user.rb @@ -9,7 +9,7 @@ FactoryBot.define do role { "data_coordinator" } end trait :data_protection_officer do - role { "data_protection_officer" } + is_dpo { true } end created_at { Time.zone.now } updated_at { Time.zone.now } diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 934ab57a1..a59cd8fdd 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -46,6 +46,15 @@ RSpec.describe User, type: :model do expect(user.data_provider?).to be true expect(user.data_coordinator?).to be false end + + it "is not a data protection officer by default" do + expect(user.is_data_protection_officer?).to be false + end + + it "can be set to data protection officer" do + expect { user.is_data_protection_officer! } + .to change { user.reload.is_data_protection_officer? }.from(false).to(true) + end end describe "paper trail" do diff --git a/spec/services/imports/data_protection_confirmation_import_service_spec.rb b/spec/services/imports/data_protection_confirmation_import_service_spec.rb index fd513138c..eddfca6a2 100644 --- a/spec/services/imports/data_protection_confirmation_import_service_spec.rb +++ b/spec/services/imports/data_protection_confirmation_import_service_spec.rb @@ -34,7 +34,7 @@ RSpec.describe Imports::DataProtectionConfirmationImportService do it "creates a data protection officer without sign in credentials" do expect { import_service.create_data_protection_confirmations("data_protection_directory") } .to change(User, :count).by(1) - data_protection_officer = User.find_by(organisation:, role: "data_protection_officer") + data_protection_officer = User.find_by(organisation:, is_dpo: true) expect(data_protection_officer.email).to eq("") end