Browse Source

Return not found for schemes when... not found

pull/804/head
baarkerlounger 3 years ago
parent
commit
ba82dcea23
  1. 9
      app/controllers/schemes_controller.rb
  2. 7
      spec/requests/schemes_controller_spec.rb

9
app/controllers/schemes_controller.rb

@ -18,6 +18,7 @@ class SchemesController < ApplicationController
def show def show
@scheme = Scheme.find_by(id: params[:id]) @scheme = Scheme.find_by(id: params[:id])
render_not_found_json("Scheme", params[:id]) unless @scheme
end end
def new def new
@ -193,11 +194,15 @@ private
end end
def arrangement_type_set_to_same_org?(required_params) def arrangement_type_set_to_same_org?(required_params)
return unless @scheme
arrangement_type_value(required_params[:arrangement_type]) == "D" || (required_params[:arrangement_type].blank? && @scheme.present? && @scheme.arrangement_type_same?) arrangement_type_value(required_params[:arrangement_type]) == "D" || (required_params[:arrangement_type].blank? && @scheme.present? && @scheme.arrangement_type_same?)
end end
def arrangement_type_changed_to_different_org?(required_params) def arrangement_type_changed_to_different_org?(required_params)
@scheme.present? && @scheme.arrangement_type_same? && arrangement_type_value(required_params[:arrangement_type]) != "D" && required_params[:managing_organisation_id].blank? return unless @scheme
@scheme.arrangement_type_same? && arrangement_type_value(required_params[:arrangement_type]) != "D" && required_params[:managing_organisation_id].blank?
end end
def arrangement_type_value(key) def arrangement_type_value(key)
@ -215,7 +220,7 @@ private
def authenticate_scope! def authenticate_scope!
head :unauthorized and return unless current_user.data_coordinator? || current_user.support? head :unauthorized and return unless current_user.data_coordinator? || current_user.support?
if %w[show locations primary_client_group confirm_secondary_client_group secondary_client_group support details check_answers edit_name].include?(action_name) && !((current_user.organisation == @scheme.owning_organisation) || current_user.support?) if %w[show locations primary_client_group confirm_secondary_client_group secondary_client_group support details check_answers edit_name].include?(action_name) && !((current_user.organisation == @scheme&.owning_organisation) || current_user.support?)
render_not_found and return render_not_found and return
end end
end end

7
spec/requests/schemes_controller_spec.rb

@ -250,6 +250,13 @@ RSpec.describe SchemesController, type: :request do
expect(response).to have_http_status(:not_found) expect(response).to have_http_status(:not_found)
end end
end end
context "when the requested scheme does not exist" do
it "returns not found" do
get "/schemes/#{Scheme.maximum(:id) + 1}"
expect(response).to have_http_status(:not_found)
end
end
end end
context "when signed in as a support user" do context "when signed in as a support user" do

Loading…
Cancel
Save