baarkerlounger
/
submit-social-housing-lettings-and-sales-data
mirror of https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update existing tests and authenticate the scope

CLDC-2055-which-organisations-are-merging
Kat 2 years ago
parent
616528cd15
commit
ca50704975
2 changed files with 17 additions and 10 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 17
      app/controllers/merge_controller.rb
  2. 10
      spec/requests/organisations_controller_spec.rb

17
app/controllers/merge_controller.rb
Unescape View File

@ -1,5 +1,6 @@
class MergeController < ApplicationController class MergeController < ApplicationController
before_action :authenticate_user! before_action :authenticate_user!
before_action :authenticate_scope!
def show def show
render form.view_path render form.view_path
@ -32,11 +33,17 @@ private
def form_params def form_params
merge_params = params.fetch(:merge, {}).permit(:merging_organisations) merge_params = params.fetch(:merge, {}).permit(:merging_organisations)
if merge_params[:merging_organisations].blank? merge_params[:merging_organisations] = if merge_params[:merging_organisations].blank?
merge_params[:merging_organisations] = [params[:id]] [params[:id]]
else else
merge_params[:merging_organisations] = merge_params[:merging_organisations].split(" ") << params[:merge][:merging_organisation] merge_params[:merging_organisations].split(" ") << params[:merge][:merging_organisation]
end end
merge_params merge_params
end end
def authenticate_scope!
if current_user.organisation != Organisation.find(params[:id]) && !current_user.support?
render_not_found
end
end
end end

10
spec/requests/organisations_controller_spec.rb
Unescape View File

@ -230,7 +230,7 @@ RSpec.describe OrganisationsController, type: :request do
it "displays a link to merge organisations" do it "displays a link to merge organisations" do
expect(page).to have_content("Is your organisation merging with another?") expect(page).to have_content("Is your organisation merging with another?")
expect(page).to have_link("Let us know using this form", href: "/organisations/#{organisation.id}/merge") expect(page).to have_link("Let us know using this form", href: "/organisations/#{organisation.id}/merge/start")
end end
end end
@ -444,7 +444,7 @@ RSpec.describe OrganisationsController, type: :request do
describe "#merge" do describe "#merge" do
context "with an organisation that the user belongs to" do context "with an organisation that the user belongs to" do
before do before do
get "/organisations/#{organisation.id}/merge", headers:, params: {} get "/organisations/#{organisation.id}/merge/start", headers:, params: {}
end end
it "shows the correct content" do it "shows the correct content" do
@ -455,14 +455,14 @@ RSpec.describe OrganisationsController, type: :request do
expect(page).to have_link("Back", href: "/organisations/#{organisation.id}") expect(page).to have_link("Back", href: "/organisations/#{organisation.id}")
end end
it "has a correct start no button" do it "has a correct start now button" do
expect(page).to have_link("Start now", href: "#") expect(page).to have_link("Start now", href: "/organisations/#{organisation.id}/merge/organisations")
end end
end end
context "with organisation that are not in scope for the user, i.e. that they do not belong to" do context "with organisation that are not in scope for the user, i.e. that they do not belong to" do
before do before do
get "/organisations/#{unauthorised_organisation.id}/merge", headers:, params: {} get "/organisations/#{unauthorised_organisation.id}/merge/start", headers:, params: {}
end end
it "returns not found 404 from org details route" do it "returns not found 404 from org details route" do

Write Preview
Loading…
Cancel
Save