baarkerlounger
/
submit-social-housing-lettings-and-sales-data
mirror of https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update existing tests and authenticate the scope

CLDC-2055-which-organisations-are-merging
Kat 2 years ago
parent
616528cd15
commit
ca50704975
2 changed files with 17 additions and 10 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 17
      app/controllers/merge_controller.rb
  2. 10
      spec/requests/organisations_controller_spec.rb

17
app/controllers/merge_controller.rb
Unescape View File

@ -1,5 +1,6 @@
class MergeController < ApplicationController
before_action :authenticate_user!
before_action :authenticate_scope!
def show
render form.view_path
@ -32,11 +33,17 @@ private
def form_params
merge_params = params.fetch(:merge, {}).permit(:merging_organisations)
if merge_params[:merging_organisations].blank?
merge_params[:merging_organisations] = [params[:id]]
else
merge_params[:merging_organisations] = merge_params[:merging_organisations].split(" ") << params[:merge][:merging_organisation]
end
merge_params[:merging_organisations] = if merge_params[:merging_organisations].blank?
[params[:id]]
else
merge_params[:merging_organisations].split(" ") << params[:merge][:merging_organisation]
end
merge_params
end
def authenticate_scope!
if current_user.organisation != Organisation.find(params[:id]) && !current_user.support?
render_not_found
end
end
end

10
spec/requests/organisations_controller_spec.rb
Unescape View File

@ -230,7 +230,7 @@ RSpec.describe OrganisationsController, type: :request do
it "displays a link to merge organisations" do
expect(page).to have_content("Is your organisation merging with another?")
expect(page).to have_link("Let us know using this form", href: "/organisations/#{organisation.id}/merge")
expect(page).to have_link("Let us know using this form", href: "/organisations/#{organisation.id}/merge/start")
end
end
@ -444,7 +444,7 @@ RSpec.describe OrganisationsController, type: :request do
describe "#merge" do
context "with an organisation that the user belongs to" do
before do
get "/organisations/#{organisation.id}/merge", headers:, params: {}
get "/organisations/#{organisation.id}/merge/start", headers:, params: {}
end
it "shows the correct content" do
@ -455,14 +455,14 @@ RSpec.describe OrganisationsController, type: :request do
expect(page).to have_link("Back", href: "/organisations/#{organisation.id}")
end
it "has a correct start no button" do
expect(page).to have_link("Start now", href: "#")
it "has a correct start now button" do
expect(page).to have_link("Start now", href: "/organisations/#{organisation.id}/merge/organisations")
end
end
context "with organisation that are not in scope for the user, i.e. that they do not belong to" do
before do
get "/organisations/#{unauthorised_organisation.id}/merge", headers:, params: {}
get "/organisations/#{unauthorised_organisation.id}/merge/start", headers:, params: {}
end
it "returns not found 404 from org details route" do

Write Preview
Loading…
Cancel
Save