require "rails_helper" RSpec.describe LettingsLogsController, type: :request do let(:user) { FactoryBot.create(:user) } let(:owning_organisation) { user.organisation } let(:managing_organisation) { owning_organisation } let(:api_username) { "test_user" } let(:api_password) { "test_password" } let(:basic_credentials) do ActionController::HttpAuthentication::Basic .encode_credentials(api_username, api_password) end let(:headers) do { "Content-Type" => "application/json", "Accept" => "application/json", "Authorization" => basic_credentials, } end let(:fake_2021_2022_form) { Form.new("spec/fixtures/forms/2021_2022.json") } before do allow(ENV).to receive(:[]) allow(ENV).to receive(:[]).with("API_USER").and_return(api_username) allow(ENV).to receive(:[]).with("API_KEY").and_return(api_password) allow(FormHandler.instance).to receive(:current_lettings_form).and_return(fake_2021_2022_form) end describe "POST #create" do let(:tenant_code) { "T365" } let(:age1) { 35 } let(:offered) { 12 } let(:period) { 2 } let(:postcode_full) { "SE11 6TY" } let(:in_progress) { "in_progress" } let(:completed) { "completed" } context "when API" do let(:params) do { "owning_organisation_id": owning_organisation.id, "managing_organisation_id": managing_organisation.id, "created_by_id": user.id, "tenancycode": tenant_code, "age1": age1, "postcode_full": postcode_full, "offered": offered, "period": period, } end before do Timecop.freeze(Time.utc(2022, 2, 8)) post "/lettings-logs", headers:, params: params.to_json end after do Timecop.unfreeze end it "returns http success" do expect(response).to have_http_status(:success) end it "returns a serialized lettings log" do json_response = JSON.parse(response.body) expect(json_response.keys).to match_array(LettingsLog.new.attributes.keys) end it "creates a lettings log with the values passed" do json_response = JSON.parse(response.body) expect(json_response["tenancycode"]).to eq(tenant_code) expect(json_response["age1"]).to eq(age1) expect(json_response["postcode_full"]).to eq(postcode_full) end context "with invalid json parameters" do let(:age1) { 2000 } let(:offered) { 21 } it "validates lettings log parameters" do json_response = JSON.parse(response.body) expect(response).to have_http_status(:unprocessable_entity) expect(json_response["errors"]).to match_array([["offered", [I18n.t("validations.numeric.within_range", field: "Times previously offered since becoming available", min: 0, max: 20)]], ["age1", [I18n.t("validations.numeric.within_range", field: "Lead tenant’s age", min: 16, max: 120)]]]) end end context "with a partial lettings log submission" do it "marks the record as in_progress" do json_response = JSON.parse(response.body) expect(json_response["status"]).to eq(in_progress) end end context "with a complete lettings log submission" do let(:org_params) do { "lettings_log" => { "owning_organisation_id" => owning_organisation.id, "managing_organisation_id" => managing_organisation.id, "created_by_id" => user.id, }, } end let(:lettings_log_params) { JSON.parse(File.open("spec/fixtures/complete_lettings_log.json").read) } let(:params) do lettings_log_params.merge(org_params) { |_k, a_val, b_val| a_val.merge(b_val) } end xit "marks the record as completed" do json_response = JSON.parse(response.body) expect(json_response).not_to have_key("errors") expect(json_response["status"]).to eq(completed) end end context "with a request containing invalid credentials" do let(:basic_credentials) do ActionController::HttpAuthentication::Basic.encode_credentials(api_username, "Oops") end it "returns 401" do expect(response).to have_http_status(:unauthorized) end end end context "when UI" do let(:user) { FactoryBot.create(:user) } let(:headers) { { "Accept" => "text/html" } } before do RequestHelper.stub_http_requests sign_in user post "/lettings-logs", headers: end it "tracks who created the record" do created_id = response.location.match(/[0-9]+/)[0] whodunnit_actor = LettingsLog.find_by(id: created_id).versions.last.actor expect(whodunnit_actor).to be_a(User) expect(whodunnit_actor.id).to eq(user.id) end context "when creating a new log" do context "when the user is support" do let(:organisation) { FactoryBot.create(:organisation) } let(:support_user) { FactoryBot.create(:user, :support, organisation:) } before do allow(support_user).to receive(:need_two_factor_authentication?).and_return(false) sign_in support_user post "/lettings-logs", headers: end it "sets the managing org and stock-owning org as nil" do created_id = response.location.match(/[0-9]+/)[0] lettings_log = LettingsLog.find_by(id: created_id) expect(lettings_log.owning_organisation).to eq(nil) expect(lettings_log.managing_organisation).to eq(nil) end end context "when the user is not support" do context "when the user's org holds stock" do let(:organisation) { FactoryBot.create(:organisation, name: "User org", holds_own_stock: true) } let(:user) { FactoryBot.create(:user, :data_coordinator, organisation:) } before do RequestHelper.stub_http_requests sign_in user post "/lettings-logs", headers: end it "sets the managing org and stock-owning org as the user's org" do created_id = response.location.match(/[0-9]+/)[0] lettings_log = LettingsLog.find_by(id: created_id) expect(lettings_log.owning_organisation.name).to eq("User org") expect(lettings_log.managing_organisation.name).to eq("User org") end end context "when the user's org doesn't hold stock" do let(:organisation) { FactoryBot.create(:organisation, name: "User org", holds_own_stock: false) } let(:user) { FactoryBot.create(:user, :data_coordinator, organisation:) } before do RequestHelper.stub_http_requests sign_in user post "/lettings-logs", headers: end it "sets the managing org as the user's org but the stock-owning org as nil" do created_id = response.location.match(/[0-9]+/)[0] lettings_log = LettingsLog.find_by(id: created_id) expect(lettings_log.owning_organisation).to eq(nil) expect(lettings_log.managing_organisation.name).to eq("User org") end end end end end end describe "GET" do let(:page) { Capybara::Node::Simple.new(response.body) } let(:user) { FactoryBot.create(:user) } let(:organisation) { user.organisation } let(:other_user) { FactoryBot.create(:user) } let(:other_organisation) { other_user.organisation } let!(:lettings_log) do FactoryBot.create( :lettings_log, created_by: user, tenancycode: "LC783", ) end let!(:unauthorized_lettings_log) do FactoryBot.create( :lettings_log, created_by: other_user, tenancycode: "UA984", ) end let!(:pending_lettings_log) do FactoryBot.create( :lettings_log, created_by: user, tenancycode: "LC999", status: "pending", skip_update_status: true, ) end context "when displaying a collection of logs" do let(:headers) { { "Accept" => "text/html" } } context "when you visit the index page" do let(:user) { FactoryBot.create(:user, :support) } before do allow(user).to receive(:need_two_factor_authentication?).and_return(false) sign_in user end it "does not have a button for creating sales logs" do get "/lettings-logs", headers:, params: {} page.assert_selector(".govuk-button", text: "Create a new sales log", count: 0) page.assert_selector(".govuk-button", text: "Create a new lettings log", count: 1) end end context "when the user is a customer support user" do let(:user) { FactoryBot.create(:user, :support) } before do allow(user).to receive(:need_two_factor_authentication?).and_return(false) sign_in user end it "does have organisation values" do get "/lettings-logs", headers:, params: {} expect(page).to have_content("Owned by") expect(page).to have_content("Managed by") end it "shows lettings logs for all organisations" do get "/lettings-logs", headers:, params: {} expect(page).to have_content("LC783") expect(page).to have_content("UA984") expect(page).not_to have_content(pending_lettings_log.tenancycode) end it "displays CSV download links with the correct paths" do get "/lettings-logs", headers:, params: {} expect(page).to have_link("Download (CSV)", href: "/lettings-logs/csv-download?codes_only=false") expect(page).to have_link("Download (CSV, codes only)", href: "/lettings-logs/csv-download?codes_only=true") end context "when there are no logs in the database" do before do LettingsLog.destroy_all end it "does not display CSV download links" do get "/lettings-logs", headers:, params: {} expect(page).not_to have_link("Download (CSV)") expect(page).not_to have_link("Download (CSV, codes only)") end it "page has correct title" do get "/lettings-logs", headers:, params: {} expect(page).to have_title("Logs - Submit social housing lettings and sales data (CORE) - GOV.UK") end end context "when filtering" do context "with status filter" do let(:organisation_2) { FactoryBot.create(:organisation) } let(:user_2) { FactoryBot.create(:user, organisation: organisation_2) } let!(:in_progress_lettings_log) do FactoryBot.create(:lettings_log, :in_progress, owning_organisation: organisation, managing_organisation: organisation, created_by: user) end let!(:completed_lettings_log) do FactoryBot.create(:lettings_log, :completed, owning_organisation: organisation_2, managing_organisation: organisation, created_by: user_2) end it "shows lettings logs for multiple selected statuses" do get "/lettings-logs?status[]=in_progress&status[]=completed", headers:, params: {} expect(page).to have_link(in_progress_lettings_log.id.to_s) expect(page).to have_link(completed_lettings_log.id.to_s) end it "shows lettings logs for one selected status" do get "/lettings-logs?status[]=in_progress", headers:, params: {} expect(page).to have_link(in_progress_lettings_log.id.to_s) expect(page).not_to have_link(completed_lettings_log.id.to_s) end it "filters on organisation" do get "/lettings-logs?organisation[]=#{organisation_2.id}", headers:, params: {} expect(page).to have_link(completed_lettings_log.id.to_s) expect(page).not_to have_link(in_progress_lettings_log.id.to_s) end it "does not reset the filters" do get "/lettings-logs?status[]=in_progress", headers:, params: {} expect(page).to have_link(in_progress_lettings_log.id.to_s) expect(page).not_to have_link(completed_lettings_log.id.to_s) get "/lettings-logs", headers:, params: {} expect(page).to have_link(in_progress_lettings_log.id.to_s) expect(page).not_to have_link(completed_lettings_log.id.to_s) end end context "with year filter" do around do |example| Timecop.freeze(2022, 3, 1) do example.run end Timecop.return end let!(:lettings_log_2021) do FactoryBot.create(:lettings_log, :in_progress, created_by: user, startdate: Time.zone.local(2022, 3, 1)) end let!(:lettings_log_2022) do lettings_log = FactoryBot.build(:lettings_log, :completed, owning_organisation: organisation, mrcdate: Time.zone.local(2022, 2, 1), startdate: Time.zone.local(2022, 12, 1), tenancy: 6, managing_organisation: organisation) lettings_log.save!(validate: false) lettings_log end it "shows lettings logs for multiple selected years" do get "/lettings-logs?years[]=2021&years[]=2022", headers:, params: {} expect(page).to have_link(lettings_log_2021.id.to_s) expect(page).to have_link(lettings_log_2022.id.to_s) end it "shows lettings logs for one selected year" do get "/lettings-logs?years[]=2021", headers:, params: {} expect(page).to have_link(lettings_log_2021.id.to_s) expect(page).not_to have_link(lettings_log_2022.id.to_s) end end context "with year and status filter" do before do Timecop.freeze(Time.zone.local(2022, 3, 1)) Singleton.__init__(FormHandler) lettings_log_2021.update!(startdate: Time.zone.local(2022, 3, 1)) Timecop.freeze(Time.zone.local(2022, 12, 1)) end after do Timecop.unfreeze end let!(:lettings_log_2021) do FactoryBot.create(:lettings_log, :in_progress, owning_organisation: organisation, managing_organisation: organisation, created_by: user) end let!(:lettings_log_2022) do FactoryBot.create(:lettings_log, :completed, owning_organisation: organisation, mrcdate: Time.zone.local(2022, 2, 1), startdate: Time.zone.local(2022, 12, 1), voiddate: Time.zone.local(2022, 2, 1), tenancy: 6, managing_organisation: organisation, created_by: user) end let!(:lettings_log_2022_in_progress) do FactoryBot.build(:lettings_log, :in_progress, owning_organisation: organisation, mrcdate: Time.zone.local(2022, 2, 1), startdate: Time.zone.local(2022, 12, 1), tenancy: 6, managing_organisation: organisation, tenancycode: nil, created_by: user) end it "shows lettings logs for multiple selected statuses and years" do get "/lettings-logs?years[]=2021&years[]=2022&status[]=in_progress&status[]=completed", headers:, params: {} expect(page).to have_link(lettings_log_2021.id.to_s) expect(page).to have_link(lettings_log_2022.id.to_s) expect(page).to have_link(lettings_log_2022_in_progress.id.to_s) end it "shows lettings logs for one selected status" do get "/lettings-logs?years[]=2022&status[]=in_progress", headers:, params: {} expect(page).to have_link(lettings_log_2022_in_progress.id.to_s) expect(page).not_to have_link(lettings_log_2021.id.to_s) expect(page).not_to have_link(lettings_log_2022.id.to_s) end end context "with bulk_upload_id filter" do context "with bulk upload that belongs to current user" do let(:organisation) { create(:organisation) } let(:user) { create(:user, organisation:) } let(:bulk_upload) { create(:bulk_upload, :lettings, user:) } let!(:included_log) { create(:lettings_log, :in_progress, bulk_upload:, owning_organisation: organisation) } let!(:excluded_log) { create(:lettings_log, :in_progress, owning_organisation: organisation) } it "returns logs only associated with the bulk upload" do get "/lettings-logs?bulk_upload_id[]=#{bulk_upload.id}" expect(page).to have_content(included_log.id) expect(page).not_to have_content(excluded_log.id) end it "dislays how many logs remaining to fix" do get "/lettings-logs?bulk_upload_id[]=#{bulk_upload.id}" expect(page).to have_content("You need to fix 1 log") end it "displays filter" do get "/lettings-logs?bulk_upload_id[]=#{bulk_upload.id}" expect(page).to have_content("With logs from bulk upload") end it "hides collection year filter" do get "/lettings-logs?bulk_upload_id[]=#{bulk_upload.id}" expect(page).not_to have_content("Collection year") end it "hides status filter" do get "/lettings-logs?bulk_upload_id[]=#{bulk_upload.id}" expect(page).not_to have_content("Status") end it "hides button to create a new log" do get "/lettings-logs?bulk_upload_id[]=#{bulk_upload.id}" expect(page).not_to have_content("Create a new lettings log") end it "displays card with help info" do get "/lettings-logs?bulk_upload_id[]=#{bulk_upload.id}" expect(page).to have_content("The following logs are from your recent bulk upload") end it "displays meta info about the bulk upload" do get "/lettings-logs?bulk_upload_id[]=#{bulk_upload.id}" expect(page).to have_content(bulk_upload.filename) expect(page).to have_content(bulk_upload.created_at.to_fs(:govuk_date_and_time)) end end context "with bulk upload that belongs to another user" do let(:organisation) { create(:organisation) } let(:user) { create(:user, organisation:) } let(:other_user) { create(:user, organisation:) } let(:bulk_upload) { create(:bulk_upload, :lettings, user: other_user) } let!(:excluded_log) { create(:lettings_log, bulk_upload:, owning_organisation: organisation) } let!(:also_excluded_log) { create(:lettings_log, owning_organisation: organisation) } it "does not return any logs" do get "/lettings-logs?bulk_upload_id[]=#{bulk_upload.id}" expect(page).not_to have_content(excluded_log.id) expect(page).not_to have_content(also_excluded_log.id) end end context "when bulk upload has been resolved" do let(:organisation) { create(:organisation) } let(:user) { create(:user, organisation:) } let(:bulk_upload) { create(:bulk_upload, :lettings, user:) } it "redirects to resume the bulk upload" do get "/lettings-logs?bulk_upload_id[]=#{bulk_upload.id}" expect(response).to redirect_to(resume_bulk_upload_lettings_result_path(bulk_upload)) end end end context "without bulk_upload_id" do it "does not display filter" do get "/lettings-logs" expect(page).not_to have_content("With logs from bulk upload") end it "displays button to create a new log" do get "/lettings-logs" expect(page).to have_content("Create a new lettings log") end it "does not display card with help info" do get "/lettings-logs" expect(page).not_to have_content("The following logs are from your recent bulk upload") end end end end context "when the user is not a customer support user" do before do sign_in user end it "does not have organisation columns" do get "/lettings-logs", headers:, params: {} expect(page).not_to have_content("Owning organisation") expect(page).not_to have_content("Managing organisation") end it "displays standard CSV download link only, with the correct path" do get "/lettings-logs", headers:, params: {} expect(page).to have_link("Download (CSV)", href: "/lettings-logs/csv-download?codes_only=false") expect(page).not_to have_link("Download (CSV, codes only)") end it "does not display CSV download links if there are no logs" do LettingsLog.destroy_all get "/lettings-logs", headers:, params: {} expect(page).not_to have_link("Download (CSV)") expect(page).not_to have_link("Download (CSV, codes only)") end context "when using a search query" do let(:logs) { FactoryBot.create_list(:lettings_log, 3, :completed, owning_organisation: user.organisation, created_by: user) } let(:log_to_search) { FactoryBot.create(:lettings_log, :completed, owning_organisation: user.organisation, created_by: user) } let(:log_total_count) { LettingsLog.where(owning_organisation: user.organisation).count } it "has search results in the title" do get "/lettings-logs?search=#{log_to_search.id}", headers:, params: {} expect(page).to have_title("Logs (1 logs matching ‘#{log_to_search.id}’) - Submit social housing lettings and sales data (CORE) - GOV.UK") end it "shows lettings logs matching the id" do get "/lettings-logs?search=#{log_to_search.id}", headers:, params: {} expect(page).to have_link(log_to_search.id.to_s) logs.each do |log| expect(page).not_to have_link(log.id.to_s) end end it "shows lettings logs matching the tenant code" do get "/lettings-logs?search=#{log_to_search.tenancycode}", headers:, params: {} expect(page).to have_link(log_to_search.id.to_s) logs.each do |log| expect(page).not_to have_link(log.id.to_s) end end it "shows lettings logs matching the property reference" do get "/lettings-logs?search=#{log_to_search.propcode}", headers:, params: {} expect(page).to have_link(log_to_search.id.to_s) logs.each do |log| expect(page).not_to have_link(log.id.to_s) end end it "shows lettings logs matching the property postcode" do get "/lettings-logs?search=#{log_to_search.postcode_full}", headers:, params: {} expect(page).to have_link(log_to_search.id.to_s) logs.each do |log| expect(page).not_to have_link(log.id.to_s) end end it "includes the search on the CSV links" do search_term = "foo" FactoryBot.create(:lettings_log, created_by: user, owning_organisation: user.organisation, tenancycode: "foo") get "/lettings-logs?search=#{search_term}", headers:, params: {} download_link = page.find_link("Download (CSV)") download_link_params = CGI.parse(URI.parse(download_link[:href]).query) expect(download_link_params).to include("search" => [search_term]) end context "when more than one results with matching postcode" do let!(:matching_postcode_log) { FactoryBot.create(:lettings_log, :completed, owning_organisation: user.organisation, postcode_full: log_to_search.postcode_full) } it "displays all matching logs" do get "/lettings-logs?search=#{log_to_search.postcode_full}", headers:, params: {} expect(page).to have_link(log_to_search.id.to_s) expect(page).to have_link(matching_postcode_log.id.to_s) logs.each do |log| expect(page).not_to have_link(log.id.to_s) end end end context "when there are more than 1 page of search results" do let(:postcode) { "XX11YY" } let(:logs) { FactoryBot.create_list(:lettings_log, 30, :completed, owning_organisation: user.organisation, postcode_full: postcode, created_by: user) } let(:log_total_count) { LettingsLog.where(owning_organisation: user.organisation).count } it "has title with pagination details for page 1" do get "/lettings-logs?search=#{logs[0].postcode_full}", headers:, params: {} expect(page).to have_title("Logs (#{logs.count} logs matching ‘#{postcode}’) (page 1 of 2) - Submit social housing lettings and sales data (CORE) - GOV.UK") end it "has title with pagination details for page 2" do get "/lettings-logs?search=#{logs[0].postcode_full}&page=2", headers:, params: {} expect(page).to have_title("Logs (#{logs.count} logs matching ‘#{postcode}’) (page 2 of 2) - Submit social housing lettings and sales data (CORE) - GOV.UK") end end context "when search query doesn't match any logs" do it "doesn't display any logs" do get "/lettings-logs?search=foobar", headers:, params: {} logs.each do |log| expect(page).not_to have_link(log.id.to_s) end expect(page).not_to have_link(log_to_search.id.to_s) end end context "when search query is empty" do it "doesn't display any logs" do get "/lettings-logs?search=", headers:, params: {} logs.each do |log| expect(page).not_to have_link(log.id.to_s) end expect(page).not_to have_link(log_to_search.id.to_s) end end context "when search and filter is present" do let(:matching_postcode) { log_to_search.postcode_full } let(:matching_status) { "in_progress" } let!(:log_matching_filter_and_search) { FactoryBot.create(:lettings_log, :in_progress, owning_organisation: user.organisation, postcode_full: matching_postcode, created_by: user) } it "shows only logs matching both search and filters" do get "/lettings-logs?search=#{matching_postcode}&status[]=#{matching_status}", headers:, params: {} expect(page).to have_link(log_matching_filter_and_search.id.to_s) expect(page).not_to have_link(log_to_search.id.to_s) logs.each do |log| expect(page).not_to have_link(log.id.to_s) end end end end context "when there are fewer than 20 logs" do before do get "/lettings-logs", headers:, params: {} end it "shows a table of logs" do expect(CGI.unescape_html(response.body)).to match(/
/) expect(CGI.unescape_html(response.body)).to match(/lettings-logs/) end it "only shows lettings logs for your organisation" do expected_case_row_log = "Log #{lettings_log.id}" unauthorized_case_row_log = "Log #{unauthorized_lettings_log.id}" expect(CGI.unescape_html(response.body)).to include(expected_case_row_log) expect(CGI.unescape_html(response.body)).not_to include(unauthorized_case_row_log) end it "shows the formatted created at date for each log" do formatted_date = lettings_log.created_at.to_formatted_s(:govuk_date) expect(CGI.unescape_html(response.body)).to include(formatted_date) end it "shows the log's status" do expect(CGI.unescape_html(response.body)).to include(lettings_log.status.humanize) end it "shows the total log count" do expect(CGI.unescape_html(response.body)).to match("1 total logs") end it "does not show the pagination links" do expect(page).not_to have_link("Previous") expect(page).not_to have_link("Next") end it "does not show the pagination result line" do expect(CGI.unescape_html(response.body)).not_to match("Showing 1 to 20 of 26 logs") end it "does not have pagination in the title" do expect(page).to have_title("Logs - Submit social housing lettings and sales data (CORE) - GOV.UK") end it "shows the CSV download link" do expect(page).to have_link("Download (CSV)", href: "/lettings-logs/csv-download?codes_only=false") end it "does not show the organisation filter" do expect(page).not_to have_field("organisation-field") end end context "when the user is a customer support user" do let(:user) { FactoryBot.create(:user, :support) } let(:org_1) { FactoryBot.create(:organisation) } let(:org_2) { FactoryBot.create(:organisation) } let(:tenant_code_1) { "TC5638" } let(:tenant_code_2) { "TC8745" } before do FactoryBot.create(:lettings_log, :in_progress, owning_organisation: org_1, tenancycode: tenant_code_1) FactoryBot.create(:lettings_log, :in_progress, owning_organisation: org_2, tenancycode: tenant_code_2) allow(user).to receive(:need_two_factor_authentication?).and_return(false) sign_in user end it "does show the organisation filter" do get "/lettings-logs", headers:, params: {} expect(page).to have_field("organisation-field") end it "shows all logs by default" do get "/lettings-logs", headers:, params: {} expect(page).to have_content(tenant_code_1) expect(page).to have_content(tenant_code_2) end context "when filtering by organisation" do it "only show the selected organisations logs" do get "/lettings-logs?organisation_select=specific_org&organisation=#{org_1.id}", headers:, params: {} expect(page).to have_content(tenant_code_1) expect(page).not_to have_content(tenant_code_2) end end context "when the support user has filtered by organisation, then switches back to all organisations" do it "shows all organisations" do get "http://localhost:3000/lettings-logs?%5Byears%5D%5B%5D=&%5Bstatus%5D%5B%5D=&user=all&organisation_select=all&organisation=#{org_1.id}", headers:, params: {} expect(page).to have_content(tenant_code_1) expect(page).to have_content(tenant_code_2) end end end context "when there are more than 20 logs" do before do FactoryBot.create_list(:lettings_log, 25, created_by: user) end context "when on the first page" do before do get "/lettings-logs", headers:, params: {} end it "has pagination links" do expect(page).not_to have_content("Previous") expect(page).not_to have_link("Previous") expect(page).to have_content("Next") expect(page).to have_link("Next") end it "shows which logs are being shown on the current page" do expect(CGI.unescape_html(response.body)).to match("Showing 1 to 20 of 26 logs") end it "has pagination in the title" do expect(page).to have_title("Logs (page 1 of 2) - Submit social housing lettings and sales data (CORE) - GOV.UK") end end context "when on the second page" do before do get "/lettings-logs?page=2", headers:, params: {} end it "shows the total log count" do expect(CGI.unescape_html(response.body)).to match("26 total logs") end it "has pagination links" do expect(page).to have_content("Previous") expect(page).to have_link("Previous") expect(page).not_to have_content("Next") expect(page).not_to have_link("Next") end it "shows which logs are being shown on the current page" do expect(CGI.unescape_html(response.body)).to match("Showing 21 to 26 of 26 logs") end it "has pagination in the title" do expect(page).to have_title("Logs (page 2 of 2) - Submit social housing lettings and sales data (CORE) - GOV.UK") end end end end end context "when requesting a specific lettings log" do let!(:completed_lettings_log) { FactoryBot.create(:lettings_log, :completed, owning_organisation: user.organisation, managing_organisation: user.organisation, created_by: user) } let(:id) { completed_lettings_log.id } before do get "/lettings-logs/#{id}", headers: end it "returns http success" do expect(response).to have_http_status(:success) end it "returns a serialized lettings log" do json_response = JSON.parse(response.body) expect(json_response["status"]).to eq(completed_lettings_log.status) end context "when requesting an invalid lettings log id" do let(:id) { (LettingsLog.order(:id).last&.id || 0) + 1 } it "returns 404" do expect(response).to have_http_status(:not_found) end end context "when viewing a pending log" do let(:completed_lettings_log) do FactoryBot.create( :lettings_log, :completed, owning_organisation: user.organisation, managing_organisation: user.organisation, created_by: user, status: "pending", skip_update_status: true, ) end it "returns 404" do expect(response).to have_http_status(:not_found) end end context "when editing a lettings log" do let(:headers) { { "Accept" => "text/html" } } context "with a user that is not signed in" do it "does not let the user get lettings log tasklist pages they don't have access to" do get "/lettings-logs/#{lettings_log.id}", headers:, params: {} expect(response).to redirect_to("/account/sign-in") end end context "with a signed in user" do context "with lettings logs that are owned or managed by your organisation" do before do sign_in user get "/lettings-logs/#{lettings_log.id}", headers:, params: {} Timecop.freeze(2021, 4, 1) Singleton.__init__(FormHandler) completed_lettings_log.update!(startdate: Time.zone.local(2021, 4, 1), voiddate: Time.zone.local(2021, 4, 1), mrcdate: Time.zone.local(2021, 4, 1)) completed_lettings_log.reload Timecop.unfreeze Singleton.__init__(FormHandler) end it "shows the tasklist for lettings logs you have access to" do expect(response.body).to match("Log") expect(response.body).to match(lettings_log.id.to_s) end it "displays a section status for a lettings log" do assert_select ".govuk-tag", text: /Not started/, count: 6 assert_select ".govuk-tag", text: /In progress/, count: 2 assert_select ".govuk-tag", text: /Completed/, count: 0 assert_select ".govuk-tag", text: /Cannot start yet/, count: 1 end it "displays a link to update the log for currently editable logs" do completed_lettings_log.update!(startdate: Time.zone.local(2022, 4, 1), tenancylength: nil) completed_lettings_log.reload get "/lettings-logs/#{completed_lettings_log.id}", headers:, params: {} expect(completed_lettings_log.form.end_date).to eq(Time.zone.local(2023, 7, 1)) expect(completed_lettings_log.status).to eq("completed") expect(page).to have_link("review and make changes to this log", href: "/lettings-logs/#{completed_lettings_log.id}/review") end xit "displays a closed collection window message for previous collection year logs" do get "/lettings-logs/#{completed_lettings_log.id}", headers:, params: {} expect(completed_lettings_log.form.end_date).to eq(Time.zone.local(2022, 7, 1)) expect(completed_lettings_log.status).to eq("completed") expect(page).to have_content("This log is from the 2021/2022 collection window, which is now closed.") end end context "when a lettings log is for a renewal of supported housing, property information does not need to show" do let(:lettings_log) do FactoryBot.create( :lettings_log, owning_organisation: user.organisation, managing_organisation: user.organisation, created_by: user, startdate: Time.zone.now, renewal: 1, needstype: 2, rent_type: 3, postcode_known: 0, ) end before do sign_in user end around do |example| FormHandler.instance.use_real_forms! example.run FormHandler.instance.use_fake_forms! end it "does not crash the app if postcode_known is not nil" do expect { get "/lettings-logs/#{lettings_log.id}", headers:, params: {} }.not_to raise_error(ActionView::Template::Error) end end context "with a lettings log with a single section complete" do let(:section_completed_lettings_log) do FactoryBot.create( :lettings_log, :conditional_section_complete, created_by: user, ) end before do sign_in user get "/lettings-logs/#{section_completed_lettings_log.id}", headers:, params: {} end it "displays a section status for a lettings log" do assert_select ".govuk-tag", text: /Not started/, count: 6 assert_select ".govuk-tag", text: /Completed/, count: 1 assert_select ".govuk-tag", text: /Cannot start yet/, count: 1 end end context "with lettings logs that are not owned or managed by your organisation" do before do sign_in user get "/lettings-logs/#{unauthorized_lettings_log.id}", headers:, params: {} end it "does not show the tasklist for lettings logs you don't have access to" do expect(response).to have_http_status(:not_found) end end context "when the log is unresolved" do let!(:scheme) { FactoryBot.create(:scheme, owning_organisation: user.organisation) } let!(:location) { FactoryBot.create(:location, scheme:) } before do FactoryBot.create_list(:lettings_log, 3, unresolved: true, created_by: user) lettings_log.update!(needstype: 2, scheme:, location:, unresolved: true) sign_in user get "/lettings-logs/#{lettings_log.id}", headers:, params: {} end it "marks it as resolved when both scheme and location exist" do lettings_log.reload expect(lettings_log.unresolved).to eq(false) end it "displays a success banner" do expect(page).to have_css(".govuk-notification-banner.govuk-notification-banner--success") expect(page).to have_content("You’ve updated all the fields affected by the scheme change") expect(page).to have_link("Update 3 more logs", href: "/lettings-logs/update-logs") end end end end end context "when accessing the check answers page" do before do Timecop.freeze(2021, 4, 1) Singleton.__init__(FormHandler) completed_lettings_log.update!(startdate: Time.zone.local(2021, 4, 1), voiddate: Time.zone.local(2021, 4, 1), mrcdate: Time.zone.local(2021, 4, 1)) Timecop.unfreeze stub_request(:get, /api.postcodes.io/) .to_return(status: 200, body: "{\"status\":200,\"result\":{\"admin_district\":\"Manchester\", \"codes\":{\"admin_district\": \"E08000003\"}}}", headers: {}) sign_in user end let(:postcode_lettings_log) do FactoryBot.create(:lettings_log, created_by: user, postcode_known: "No") end let(:id) { postcode_lettings_log.id } let(:completed_lettings_log) { FactoryBot.create(:lettings_log, :completed, owning_organisation: user.organisation, managing_organisation: user.organisation, created_by: user) } it "shows the inferred la" do lettings_log = FactoryBot.create(:lettings_log, created_by: user, postcode_known: 1, postcode_full: "PO5 3TE") id = lettings_log.id get "/lettings-logs/#{id}/property-information/check-answers" expected_inferred_answer = "Manchester" expect(CGI.unescape_html(response.body)).to include(expected_inferred_answer) end it "does not show do you know the property postcode question" do get "/lettings-logs/#{id}/property-information/check-answers" expect(CGI.unescape_html(response.body)).not_to include("Do you know the property postcode?") end it "shows if the postcode is not known" do get "/lettings-logs/#{id}/property-information/check-answers" expect(CGI.unescape_html(response.body)).to include("Not known") end it "shows `you haven't answered this question` if the question wasn't answered" do get "/lettings-logs/#{id}/income-and-benefits/check-answers" expect(CGI.unescape_html(response.body)).to include("You didn’t answer this question") end it "does not allow you to change the answers for previous collection year logs" do get "/lettings-logs/#{completed_lettings_log.id}/setup/check-answers", headers: { "Accept" => "text/html" }, params: {} expect(page).not_to have_link("Change") expect(page).not_to have_link("Answer") get "/lettings-logs/#{completed_lettings_log.id}/income-and-benefits/check-answers", headers: { "Accept" => "text/html" }, params: {} expect(page).not_to have_link("Change") expect(page).not_to have_link("Answer") end it "does not let the user navigate to questions for previous collection year logs" do get "/lettings-logs/#{completed_lettings_log.id}/needs-type", headers: { "Accept" => "text/html" }, params: {} expect(response).to redirect_to("/lettings-logs/#{completed_lettings_log.id}") end end context "when requesting CSV download" do let(:headers) { { "Accept" => "text/html" } } let(:search_term) { "foo" } before do sign_in user get "/lettings-logs/csv-download?search=#{search_term}&codes_only=false", headers: end it "returns http success" do expect(response).to have_http_status(:success) end it "shows a confirmation button" do expect(page).to have_button("Send email") end it "includes the search term" do expect(page).to have_field("search", type: "hidden", with: search_term) end end context "when confirming the CSV email" do let(:headers) { { "Accept" => "text/html" } } context "when a log exists" do before do sign_in user end it "confirms that the user will receive an email with the requested CSV" do get "/lettings-logs/csv-confirmation" expect(CGI.unescape_html(response.body)).to include("We’re sending you an email") end end end context "when viewing a collection of logs affected by deactivated location" do let!(:affected_lettings_logs) { FactoryBot.create_list(:lettings_log, 3, unresolved: true, created_by: user) } let!(:other_user_affected_lettings_log) { FactoryBot.create(:lettings_log, unresolved: true) } let!(:non_affected_lettings_logs) { FactoryBot.create_list(:lettings_log, 4, created_by: user) } let(:other_user) { FactoryBot.create(:user, organisation: user.organisation) } let(:headers) { { "Accept" => "text/html" } } before do allow(user).to receive(:need_two_factor_authentication?).and_return(false) sign_in user end it "displays logs in a table" do get "/lettings-logs/update-logs", headers:, params: {} expect(page).to have_content("Log ID") expect(page).to have_content("Tenancy code") expect(page).to have_content("Property reference") expect(page).to have_content("Status") expect(page).to have_content(affected_lettings_logs.first.id) expect(page).to have_content(affected_lettings_logs.first.tenancycode) expect(page).to have_content(affected_lettings_logs.first.propcode) expect(page).to have_link("Update now", href: "/lettings-logs/#{affected_lettings_logs.first.id}/tenancy-start-date") end it "only displays affected logs" do get "/lettings-logs/update-logs", headers:, params: {} expect(page).to have_content("You need to update 3 logs") expect(page).to have_link("Update now", href: "/lettings-logs/#{affected_lettings_logs.first.id}/tenancy-start-date") expect(page).not_to have_link("Update now", href: "/lettings-logs/#{non_affected_lettings_logs.first.id}/tenancy-start-date") end it "only displays the logs created by the user" do get "/lettings-logs/update-logs", headers:, params: {} expect(page).to have_link("Update now", href: "/lettings-logs/#{affected_lettings_logs.second.id}/tenancy-start-date") expect(page).not_to have_link("Update now", href: "/lettings-logs/#{other_user_affected_lettings_log.id}/tenancy-start-date") expect(page).to have_content("You need to update 3 logs") end it "displays correct content when there are no unresolved logs" do LettingsLog.where(unresolved: true).update!(unresolved: false) get "/lettings-logs/update-logs", headers:, params: {} expect(page).to have_content("There are no more logs that need updating") expect(page).to have_content("You’ve completed all the logs that were affected by scheme changes.") page.assert_selector(".govuk-button", text: "Back to all logs") end it "displays a banner on the lettings log page" do get "/lettings-logs", headers:, params: {} expect(page).to have_css(".govuk-notification-banner") expect(page).to have_content("A scheme has changed and it has affected 3 logs") expect(page).to have_link("Update logs", href: "/lettings-logs/update-logs") end end context "when viewing a specific log affected by deactivated location" do let!(:affected_lettings_log) { FactoryBot.create(:lettings_log, unresolved: true, created_by: user, needstype: 2) } let(:headers) { { "Accept" => "text/html" } } before do allow(affected_lettings_log.form).to receive(:end_date).and_return(Time.zone.today + 1.day) allow(user).to receive(:need_two_factor_authentication?).and_return(false) sign_in user end it "routes to the tenancy date question" do get "/lettings-logs/#{affected_lettings_log.id}", headers:, params: {} expect(response).to redirect_to("/lettings-logs/#{affected_lettings_log.id}/tenancy-start-date") follow_redirect! expect(page).to have_content("What is the tenancy start date?") end it "tenancy start date page links to the scheme page" do get "/lettings-logs/#{affected_lettings_log.id}/tenancy-start-date", headers:, params: {} expect(page).to have_link("Skip for now", href: "/lettings-logs/#{affected_lettings_log.id}/scheme") end it "scheme page links to the locations page" do get "/lettings-logs/#{affected_lettings_log.id}/scheme", headers:, params: {} expect(page).to have_link("Skip for now", href: "/lettings-logs/#{affected_lettings_log.id}/location") end it "displays inset hint text on the tenancy start date question" do get "/lettings-logs/#{affected_lettings_log.id}/tenancy-start-date", headers:, params: {} expect(page).to have_content("Some scheme details have changed, and now this log needs updating. Check that the tenancy start date is correct.") end end end describe "PATCH" do let(:lettings_log) do FactoryBot.create(:lettings_log, :in_progress, tenancycode: "Old Value", postcode_full: "M1 1AE") end let(:params) do { tenancycode: "New Value" } end let(:id) { lettings_log.id } before do patch "/lettings-logs/#{id}", headers:, params: params.to_json end it "returns http success" do expect(response).to have_http_status(:success) end it "updates the lettings log with the given fields and keeps original values where none are passed" do lettings_log.reload expect(lettings_log.tenancycode).to eq("New Value") expect(lettings_log.postcode_full).to eq("M1 1AE") end context "with an invalid lettings log id" do let(:id) { (LettingsLog.order(:id).last&.id || 0) + 1 } it "returns 404" do expect(response).to have_http_status(:not_found) end end context "with an invalid lettings log params" do around do |example| Timecop.freeze(Time.zone.local(2022, 1, 1)) do Singleton.__init__(FormHandler) example.run end Timecop.return Singleton.__init__(FormHandler) end let(:params) { { age1: 200 } } it "returns 422" do expect(response).to have_http_status(:unprocessable_entity) end it "returns an error message" do json_response = JSON.parse(response.body) expect(json_response["errors"]).to eq({ "age1" => ["Lead tenant’s age must be between 16 and 120"] }) end end context "with a request containing invalid credentials" do let(:basic_credentials) do ActionController::HttpAuthentication::Basic.encode_credentials(api_username, "Oops") end it "returns 401" do expect(response).to have_http_status(:unauthorized) end end end # We don't really have any meaningful distinction between PUT and PATCH here since you can update some or all # fields in both cases, and both route to #Update. Rails generally recommends PATCH as it more closely matches # what actually happens to an ActiveRecord object and what we're doing here, but either is allowed. describe "PUT" do let(:lettings_log) do FactoryBot.create(:lettings_log, :in_progress, tenancycode: "Old Value", postcode_full: "SW1A 2AA") end let(:params) do { tenancycode: "New Value" } end let(:id) { lettings_log.id } before do put "/lettings-logs/#{id}", headers:, params: params.to_json end it "returns http success" do expect(response).to have_http_status(:success) end it "updates the lettings log with the given fields and keeps original values where none are passed" do lettings_log.reload expect(lettings_log.tenancycode).to eq("New Value") expect(lettings_log.postcode_full).to eq("SW1A 2AA") end context "with an invalid lettings log id" do let(:id) { (LettingsLog.order(:id).last&.id || 0) + 1 } it "returns 404" do expect(response).to have_http_status(:not_found) end end context "with a request containing invalid credentials" do let(:basic_credentials) do ActionController::HttpAuthentication::Basic.encode_credentials(api_username, "Oops") end it "returns 401" do expect(response).to have_http_status(:unauthorized) end end end describe "DELETE" do let(:headers) { { "Accept" => "text/html" } } let(:page) { Capybara::Node::Simple.new(response.body) } let(:user) { create(:user, :support) } let!(:lettings_log) do create(:lettings_log, :completed) end let(:id) { lettings_log.id } let(:delete_request) { delete "/lettings-logs/#{id}", headers: } before do allow(user).to receive(:need_two_factor_authentication?).and_return(false) sign_in user end context "when delete permitted" do it "redirects to lettings logs and shows message" do delete_request expect(response).to redirect_to(lettings_logs_path) follow_redirect! expect(page).to have_content("Log #{id} has been deleted") end it "marks the log as deleted" do expect { delete_request }.to change { lettings_log.reload.status }.from("completed").to("deleted") end end context "when log does not exist" do let(:id) { -1 } it "returns 404" do delete_request expect(response).to have_http_status(:not_found) end end context "when user not authorised" do let(:user) { create(:user) } it "returns 404" do delete_request expect(response).to have_http_status(:unauthorized) end end end describe "GET delete-confirmation" do let(:headers) { { "Accept" => "text/html" } } let(:page) { Capybara::Node::Simple.new(response.body) } let(:user) { create(:user, :support) } let!(:lettings_log) do create(:lettings_log, :completed) end let(:id) { lettings_log.id } let(:request) { get "/lettings-logs/#{id}/delete-confirmation", headers: } before do allow(user).to receive(:need_two_factor_authentication?).and_return(false) sign_in user end context "when delete permitted" do it "renders page" do request expect(response).to have_http_status(:ok) expect(page).to have_content("Are you sure you want to delete this log?") expect(page).to have_button(text: "Delete this log") expect(page).to have_link(text: "Cancel", href: lettings_log_path(id)) end end context "when log does not exist" do let(:id) { -1 } it "returns 404" do request expect(response).to have_http_status(:not_found) end end context "when user not authorised" do let(:user) { create(:user) } it "returns 404" do request expect(response).to have_http_status(:unauthorized) end end end describe "GET #csv-download" do let(:page) { Capybara::Node::Simple.new(response.body) } let(:user) { FactoryBot.create(:user) } let(:headers) { { "Accept" => "text/html" } } before do allow(user).to receive(:need_two_factor_authentication?).and_return(false) sign_in user end it "renders a page with the correct header" do get "/lettings-logs/csv-download?codes_only=false", headers:, params: {} header = page.find_css("h1") expect(header.text).to include("Download CSV") end it "renders a form with the correct target containing a button with the correct text" do get "/lettings-logs/csv-download?codes_only=false", headers:, params: {} form = page.find("form.button_to") expect(form[:method]).to eq("post") expect(form[:action]).to eq("/lettings-logs/email-csv") expect(form).to have_button("Send email") end it "when query string contains search parameter, form contains hidden field with correct value" do search_term = "blam" get "/lettings-logs/csv-download?codes_only=false&search=#{search_term}", headers:, params: {} hidden_field = page.find("form.button_to").find_field("search", type: "hidden") expect(hidden_field.value).to eq(search_term) end context "when the user is a data coordinator" do let(:user) { FactoryBot.create(:user, :data_coordinator) } it "when codes_only query parameter is false, form contains hidden field with correct value" do codes_only = false get "/lettings-logs/csv-download?codes_only=#{codes_only}", headers:, params: {} hidden_field = page.find("form.button_to").find_field("codes_only", type: "hidden") expect(hidden_field.value).to eq(codes_only.to_s) end it "when codes_only query parameter is true, user is not authorized" do codes_only = true get "/lettings-logs/csv-download?codes_only=#{codes_only}", headers:, params: {} expect(response).to have_http_status(:unauthorized) end end context "when the user is a data provider" do it "when codes_only query parameter is false, form contains hidden field with correct value" do codes_only = false get "/lettings-logs/csv-download?codes_only=#{codes_only}", headers:, params: {} hidden_field = page.find("form.button_to").find_field("codes_only", type: "hidden") expect(hidden_field.value).to eq(codes_only.to_s) end it "when codes_only query parameter is true, user is not authorized" do codes_only = true get "/lettings-logs/csv-download?codes_only=#{codes_only}", headers:, params: {} expect(response).to have_http_status(:unauthorized) end end context "when the user is a support user" do let(:user) { FactoryBot.create(:user, :support) } it "when codes_only query parameter is false, form contains hidden field with correct value" do codes_only = false get "/lettings-logs/csv-download?codes_only=#{codes_only}", headers:, params: {} hidden_field = page.find("form.button_to").find_field("codes_only", type: "hidden") expect(hidden_field.value).to eq(codes_only.to_s) end it "when codes_only query parameter is true, form contains hidden field with correct value" do codes_only = true get "/lettings-logs/csv-download?codes_only=#{codes_only}", headers:, params: {} hidden_field = page.find("form.button_to").find_field("codes_only", type: "hidden") expect(hidden_field.value).to eq(codes_only.to_s) end end end describe "POST #email-csv" do let(:other_organisation) { FactoryBot.create(:organisation) } let(:user) { FactoryBot.create(:user, :support) } context "when a log exists" do let!(:lettings_log) do FactoryBot.create( :lettings_log, created_by: user, ecstat1: 1, ) end before do allow(user).to receive(:need_two_factor_authentication?).and_return(false) sign_in user FactoryBot.create(:lettings_log) FactoryBot.create(:lettings_log, :completed, owning_organisation:, managing_organisation: owning_organisation, created_by: user) end it "creates an E-mail job" do expect { post "/lettings-logs/email-csv?codes_only=true", headers:, params: {} }.to enqueue_job(EmailCsvJob).with(user, nil, {}, false, nil, true) end it "redirects to the confirmation page" do post "/lettings-logs/email-csv?codes_only=true", headers:, params: {} expect(response).to redirect_to(csv_confirmation_lettings_logs_path) end it "passes the search term" do expect { post "/lettings-logs/email-csv?search=#{lettings_log.id}&codes_only=false", headers:, params: {} }.to enqueue_job(EmailCsvJob).with(user, lettings_log.id.to_s, {}, false, nil, false) end it "passes filter parameters" do expect { post "/lettings-logs/email-csv?status[]=completed&codes_only=true", headers:, params: {} }.to enqueue_job(EmailCsvJob).with(user, nil, { "status" => %w[completed] }, false, nil, true) end it "passes export type flag" do expect { post "/lettings-logs/email-csv?codes_only=true", headers:, params: {} }.to enqueue_job(EmailCsvJob).with(user, nil, {}, false, nil, true) expect { post "/lettings-logs/email-csv?codes_only=false", headers:, params: {} }.to enqueue_job(EmailCsvJob).with(user, nil, {}, false, nil, false) end it "passes a combination of search term, export type and filter parameters" do postcode = "XX1 1TG" expect { post "/lettings-logs/email-csv?status[]=completed&search=#{postcode}&codes_only=false", headers:, params: {} }.to enqueue_job(EmailCsvJob).with(user, postcode, { "status" => %w[completed] }, false, nil, false) end context "when the user is not a support user" do let(:user) { FactoryBot.create(:user, :data_coordinator) } it "has permission to download human readable csv" do codes_only_export = false expect { post "/lettings-logs/email-csv?codes_only=#{codes_only_export}", headers:, params: {} }.to enqueue_job(EmailCsvJob).with(user, nil, {}, false, nil, false) end it "is not authorized to download codes only csv" do codes_only_export = true post "/lettings-logs/email-csv?codes_only=#{codes_only_export}", headers:, params: {} expect(response).to have_http_status(:unauthorized) end end end end end