You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
875 lines
32 KiB
875 lines
32 KiB
require "rails_helper" |
|
|
|
RSpec.describe SalesLogsController, type: :request do |
|
let(:user) { FactoryBot.create(:user) } |
|
let(:owning_organisation) { user.organisation } |
|
let(:api_username) { "test_user" } |
|
let(:api_password) { "test_password" } |
|
let(:basic_credentials) do |
|
ActionController::HttpAuthentication::Basic |
|
.encode_credentials(api_username, api_password) |
|
end |
|
|
|
let(:params) do |
|
{ |
|
"owning_organisation_id": owning_organisation.id, |
|
"created_by_id": user.id, |
|
} |
|
end |
|
|
|
let(:headers) do |
|
{ |
|
"Content-Type" => "application/json", |
|
"Accept" => "application/json", |
|
"Authorization" => basic_credentials, |
|
} |
|
end |
|
|
|
before do |
|
allow(ENV).to receive(:[]) |
|
allow(ENV).to receive(:[]).with("API_USER").and_return(api_username) |
|
allow(ENV).to receive(:[]).with("API_KEY").and_return(api_password) |
|
end |
|
|
|
describe "POST #create" do |
|
context "when API" do |
|
before do |
|
post "/sales-logs", headers:, params: params.to_json |
|
end |
|
|
|
it "returns http success" do |
|
expect(response).to have_http_status(:success) |
|
end |
|
|
|
it "returns a serialized sales log" do |
|
json_response = JSON.parse(response.body) |
|
expect(json_response.keys).to match_array(SalesLog.new.attributes.keys) |
|
end |
|
|
|
it "creates a sales log with the values passed" do |
|
json_response = JSON.parse(response.body) |
|
expect(json_response["owning_organisation_id"]).to eq(owning_organisation.id) |
|
expect(json_response["created_by_id"]).to eq(user.id) |
|
end |
|
|
|
context "with a request containing invalid credentials" do |
|
let(:basic_credentials) do |
|
ActionController::HttpAuthentication::Basic.encode_credentials(api_username, "Oops") |
|
end |
|
|
|
it "returns 401" do |
|
expect(response).to have_http_status(:unauthorized) |
|
end |
|
end |
|
|
|
context "with a request containing invalid json parameters" do |
|
let(:params) do |
|
{ |
|
"saledate": Time.zone.today, |
|
"purchid": "1", |
|
"ownershipsch": 1, |
|
"type": 2, |
|
"jointpur": 1, |
|
"jointmore": 1, |
|
"beds": 2, |
|
"proptype": 2, |
|
} |
|
end |
|
|
|
before do |
|
post "/sales-logs", headers:, params: params.to_json |
|
end |
|
|
|
it "validates sales log parameters" do |
|
json_response = JSON.parse(response.body) |
|
expect(response).to have_http_status(:unprocessable_entity) |
|
expect(json_response["errors"]).to match_array([["beds", ["Number of bedrooms must be 1 if the property is a bedsit"]], ["proptype", ["Answer cannot be 'Bedsit' if the property has 2 or more bedrooms"]]]) |
|
end |
|
end |
|
end |
|
|
|
context "when UI" do |
|
let(:user) { FactoryBot.create(:user) } |
|
let(:headers) { { "Accept" => "text/html" } } |
|
|
|
before do |
|
RequestHelper.stub_http_requests |
|
sign_in user |
|
post "/sales-logs", headers: |
|
end |
|
|
|
it "tracks who created the record" do |
|
created_id = response.location.match(/[0-9]+/)[0] |
|
whodunnit_actor = SalesLog.find_by(id: created_id).versions.last.actor |
|
expect(whodunnit_actor).to be_a(User) |
|
expect(whodunnit_actor.id).to eq(user.id) |
|
end |
|
end |
|
end |
|
|
|
describe "GET" do |
|
let(:page) { Capybara::Node::Simple.new(response.body) } |
|
let(:user) { FactoryBot.create(:user) } |
|
let(:organisation) { user.organisation } |
|
let(:other_organisation) { FactoryBot.create(:organisation) } |
|
let(:purchaser_code) { "coop123" } |
|
let!(:sales_log) do |
|
FactoryBot.create( |
|
:sales_log, |
|
purchid: purchaser_code, |
|
owning_organisation: organisation, |
|
) |
|
end |
|
let!(:unauthorized_sales_log) do |
|
FactoryBot.create( |
|
:sales_log, |
|
owning_organisation: other_organisation, |
|
) |
|
end |
|
|
|
context "when displaying a collection of logs" do |
|
let(:headers) { { "Accept" => "text/html" } } |
|
|
|
context "when the user is a customer support user" do |
|
let(:user) { FactoryBot.create(:user, :support) } |
|
|
|
before do |
|
allow(user).to receive(:need_two_factor_authentication?).and_return(false) |
|
sign_in user |
|
end |
|
|
|
it "does have organisation values" do |
|
get "/sales-logs", headers: headers, params: {} |
|
expect(page).to have_content("Owned by") |
|
expect(page).not_to have_content("Managed by") |
|
end |
|
|
|
it "shows sales logs for all organisations" do |
|
get "/sales-logs", headers: headers, params: {} |
|
expect(page).to have_content(organisation.name) |
|
expect(page).to have_content(other_organisation.name) |
|
end |
|
|
|
it "shows a link for labelled CSV download of logs" do |
|
get "/sales-logs", headers: headers, params: {} |
|
expect(page).to have_link("Download (CSV)", href: "/sales-logs/csv-download?codes_only=false") |
|
end |
|
|
|
it "shows a link for codes only CSV download of logs" do |
|
get "/sales-logs", headers: headers, params: {} |
|
expect(page).to have_link("Download (CSV, codes only)", href: "/sales-logs/csv-download?codes_only=true") |
|
end |
|
|
|
context "when there are no logs in the database" do |
|
before do |
|
SalesLog.destroy_all |
|
end |
|
|
|
it "page has correct title" do |
|
get "/sales-logs", headers: headers, params: {} |
|
expect(page).to have_title("Logs - Submit social housing lettings and sales data (CORE) - GOV.UK") |
|
end |
|
|
|
it "does not show CSV download links" do |
|
get "/sales-logs", headers: headers, params: {} |
|
expect(page).not_to have_link("Download (CSV)") |
|
expect(page).not_to have_link("Download (CSV, codes only)") |
|
end |
|
end |
|
|
|
context "and the state of filters and search is such that display_delete_logs returns true" do |
|
before do |
|
allow_any_instance_of(LogListHelper).to receive(:display_delete_logs?).and_return(true) # rubocop:disable RSpec/AnyInstance |
|
end |
|
|
|
it "displays the delete logs button with the correct path if there are logs visibile" do |
|
get sales_logs_path(search: purchaser_code) |
|
expect(page).to have_link "Delete logs", href: delete_logs_sales_logs_path(search: purchaser_code) |
|
end |
|
|
|
it "does not display the delete logs button if there are no logs displayed" do |
|
SalesLog.destroy_all |
|
get sales_logs_path(search: "gibberish_e9o87tvbyc4875g") |
|
expect(page).not_to have_selector "article.app-log-summary" |
|
expect(page).not_to have_link "Delete logs" |
|
end |
|
end |
|
|
|
context "and the state of filters and search is such that display_delete_logs returns false" do |
|
before do |
|
allow_any_instance_of(LogListHelper).to receive(:display_delete_logs?).and_return(false) # rubocop:disable RSpec/AnyInstance |
|
end |
|
|
|
it "does not display the delete logs button even if there are logs displayed" do |
|
get sales_logs_path |
|
expect(page).to have_selector "article.app-log-summary" |
|
expect(page).not_to have_link "Delete logs" |
|
end |
|
end |
|
|
|
context "when there is a pending log" do |
|
let!(:invisible_log) do |
|
FactoryBot.create( |
|
:sales_log, |
|
owning_organisation: organisation, |
|
status: "pending", |
|
skip_update_status: true, |
|
) |
|
end |
|
|
|
it "does not render pending logs" do |
|
get "/sales-logs", headers: headers, params: {} |
|
expect(page).not_to have_link(invisible_log.id, href: "sales-logs/#{invisible_log.id}") |
|
end |
|
end |
|
|
|
context "when filtering" do |
|
context "with status filter" do |
|
let(:organisation_2) { FactoryBot.create(:organisation) } |
|
let(:user_2) { FactoryBot.create(:user, organisation: organisation_2) } |
|
let!(:not_started_sales_log) do |
|
FactoryBot.create(:sales_log, |
|
owning_organisation: organisation, |
|
created_by: user) |
|
end |
|
let!(:completed_sales_log) do |
|
FactoryBot.create(:sales_log, :completed, |
|
owning_organisation: organisation_2, |
|
created_by: user_2) |
|
end |
|
|
|
it "shows sales logs for multiple selected statuses" do |
|
get "/sales-logs?status[]=not_started&status[]=completed", headers: headers, params: {} |
|
expect(page).to have_link(not_started_sales_log.id.to_s) |
|
expect(page).to have_link(completed_sales_log.id.to_s) |
|
end |
|
|
|
it "shows sales logs for one selected status" do |
|
get "/sales-logs?status[]=not_started", headers: headers, params: {} |
|
expect(page).to have_link(not_started_sales_log.id.to_s) |
|
expect(page).not_to have_link(completed_sales_log.id.to_s) |
|
end |
|
|
|
it "filters on organisation" do |
|
get "/sales-logs?organisation[]=#{organisation_2.id}", headers: headers, params: {} |
|
expect(page).to have_link(completed_sales_log.id.to_s) |
|
expect(page).not_to have_link(not_started_sales_log.id.to_s) |
|
end |
|
|
|
it "does not reset the filters" do |
|
get "/sales-logs?status[]=not_started", headers: headers, params: {} |
|
expect(page).to have_link(not_started_sales_log.id.to_s) |
|
expect(page).not_to have_link(completed_sales_log.id.to_s) |
|
|
|
get "/sales-logs", headers: headers, params: {} |
|
expect(page).to have_link(not_started_sales_log.id.to_s) |
|
expect(page).not_to have_link(completed_sales_log.id.to_s) |
|
end |
|
end |
|
|
|
context "with year filter" do |
|
around do |example| |
|
Timecop.freeze(2022, 12, 1) do |
|
example.run |
|
end |
|
Timecop.return |
|
end |
|
|
|
before do |
|
Timecop.freeze(2022, 4, 1) |
|
sales_log_2022.update!(saledate: Time.zone.local(2022, 4, 1)) |
|
Timecop.freeze(2023, 1, 1) |
|
sales_log_2022.update!(saledate: Time.zone.local(2023, 1, 1)) |
|
end |
|
|
|
after do |
|
Timecop.unfreeze |
|
end |
|
|
|
let!(:sales_log_2022) do |
|
FactoryBot.create(:sales_log, :completed, |
|
owning_organisation: organisation, |
|
created_by: user, |
|
saledate: Time.zone.today) |
|
end |
|
let!(:sales_log_2023) do |
|
FactoryBot.create(:sales_log, |
|
owning_organisation: organisation, |
|
created_by: user, |
|
saledate: Time.zone.today) |
|
end |
|
|
|
it "shows sales logs for multiple selected years" do |
|
get "/sales-logs?years[]=2021&years[]=2022", headers: headers, params: {} |
|
expect(page).to have_link(sales_log_2022.id.to_s) |
|
expect(page).to have_link(sales_log_2023.id.to_s) |
|
end |
|
|
|
it "shows sales logs for one selected year" do |
|
get "/sales-logs?years[]=2022", headers: headers, params: {} |
|
expect(page).to have_link(sales_log_2022.id.to_s) |
|
expect(page).to have_link(sales_log_2023.id.to_s) |
|
end |
|
end |
|
|
|
context "with year and status filter" do |
|
around do |example| |
|
Timecop.freeze(2022, 12, 1) do |
|
example.run |
|
end |
|
Timecop.return |
|
end |
|
|
|
before do |
|
Timecop.freeze(2022, 4, 1) |
|
sales_log_2022.update!(saledate: Time.zone.local(2022, 4, 1)) |
|
Timecop.freeze(2023, 1, 1) |
|
sales_log_2022.update!(saledate: Time.zone.local(2023, 1, 1)) |
|
end |
|
|
|
after do |
|
Timecop.unfreeze |
|
end |
|
|
|
let!(:sales_log_2022) do |
|
FactoryBot.create(:sales_log, :completed, |
|
owning_organisation: organisation, |
|
created_by: user, |
|
saledate: Time.zone.today) |
|
end |
|
let!(:sales_log_2023) do |
|
FactoryBot.create(:sales_log, |
|
owning_organisation: organisation, |
|
created_by: user, |
|
saledate: Time.zone.today) |
|
end |
|
|
|
it "shows sales logs for multiple selected statuses and years" do |
|
get "/sales-logs?years[]=2021&years[]=2022&status[]=in_progress&status[]=completed", headers: headers, params: {} |
|
expect(page).to have_link(sales_log_2022.id.to_s) |
|
expect(page).to have_link(sales_log_2023.id.to_s) |
|
end |
|
end |
|
end |
|
end |
|
|
|
context "when the user is not a customer support user" do |
|
before do |
|
sign_in user |
|
end |
|
|
|
it "does not have organisation columns" do |
|
get "/sales-logs", headers: headers, params: {} |
|
expect(page).not_to have_content("Owning organisation") |
|
expect(page).not_to have_content("Managing organisation") |
|
end |
|
|
|
it "displays standard CSV download link only, with the correct path" do |
|
get "/sales-logs", headers:, params: {} |
|
expect(page).to have_link("Download (CSV)", href: "/sales-logs/csv-download?codes_only=false") |
|
expect(page).not_to have_link("Download (CSV, codes only)") |
|
end |
|
|
|
it "does not display CSV download links if there are no logs" do |
|
SalesLog.destroy_all |
|
get "/sales-logs", headers:, params: {} |
|
expect(page).not_to have_link("Download (CSV)") |
|
expect(page).not_to have_link("Download (CSV, codes only)") |
|
end |
|
|
|
context "when using a search query" do |
|
let(:logs) { FactoryBot.create_list(:sales_log, 3, :completed, owning_organisation: user.organisation, created_by: user) } |
|
let(:log_to_search) { FactoryBot.create(:sales_log, :completed, owning_organisation: user.organisation, created_by: user) } |
|
let(:log_total_count) { SalesLog.where(owning_organisation: user.organisation).count } |
|
|
|
it "has search results in the title" do |
|
get "/sales-logs?search=#{log_to_search.id}", headers: headers, params: {} |
|
expect(page).to have_title("Logs (1 logs matching ‘#{log_to_search.id}’) - Submit social housing lettings and sales data (CORE) - GOV.UK") |
|
end |
|
|
|
it "shows sales logs matching the id" do |
|
get "/sales-logs?search=#{log_to_search.id}", headers: headers, params: {} |
|
expect(page).to have_link(log_to_search.id.to_s) |
|
logs.each do |log| |
|
expect(page).not_to have_link(log.id.to_s) |
|
end |
|
end |
|
|
|
it "displays the labelled CSV download link, with the search included in the query params" do |
|
get "/sales-logs?search=#{log_to_search.id}", headers:, params: {} |
|
download_link = page.find_link("Download (CSV)") |
|
download_link_params = CGI.parse(URI.parse(download_link[:href]).query) |
|
expect(download_link_params).to include("search" => [log_to_search.id.to_s]) |
|
end |
|
|
|
context "when search query doesn't match any logs" do |
|
it "doesn't display any logs" do |
|
get "/sales-logs?search=foobar", headers:, params: {} |
|
logs.each do |log| |
|
expect(page).not_to have_link(log.id.to_s) |
|
end |
|
expect(page).not_to have_link(log_to_search.id.to_s) |
|
end |
|
end |
|
|
|
context "when search query is empty" do |
|
it "doesn't display any logs" do |
|
get "/sales-logs?search=", headers:, params: {} |
|
logs.each do |log| |
|
expect(page).not_to have_link(log.id.to_s) |
|
end |
|
expect(page).not_to have_link(log_to_search.id.to_s) |
|
end |
|
end |
|
|
|
context "when search and filter is present" do |
|
let(:matching_status) { "completed" } |
|
let!(:log_matching_filter_and_search) { FactoryBot.create(:sales_log, :completed, owning_organisation: user.organisation, created_by: user) } |
|
let(:matching_id) { log_matching_filter_and_search.id } |
|
|
|
it "shows only logs matching both search and filters" do |
|
get "/sales-logs?search=#{matching_id}&status[]=#{matching_status}", headers: headers, params: {} |
|
expect(page).to have_link(log_matching_filter_and_search.id.to_s) |
|
expect(page).not_to have_link(log_to_search.id.to_s) |
|
logs.each do |log| |
|
expect(page).not_to have_link(log.id.to_s) |
|
end |
|
end |
|
end |
|
end |
|
|
|
context "when there are fewer than 20 logs" do |
|
before do |
|
get "/sales-logs", headers:, params: {} |
|
end |
|
|
|
it "shows a table of logs" do |
|
expect(CGI.unescape_html(response.body)).to match(/<article class="app-log-summary">/) |
|
expect(CGI.unescape_html(response.body)).to match(/logs/) |
|
end |
|
|
|
it "only shows sales logs for your organisation" do |
|
expected_case_row_log = "<span class=\"govuk-visually-hidden\">Log </span>#{sales_log.id}" |
|
unauthorized_case_row_log = "<span class=\"govuk-visually-hidden\">Log </span>#{unauthorized_sales_log.id}" |
|
expect(CGI.unescape_html(response.body)).to include(expected_case_row_log) |
|
expect(CGI.unescape_html(response.body)).not_to include(unauthorized_case_row_log) |
|
end |
|
|
|
it "shows the formatted created at date for each log" do |
|
formatted_date = sales_log.created_at.to_formatted_s(:govuk_date) |
|
expect(CGI.unescape_html(response.body)).to include(formatted_date) |
|
end |
|
|
|
it "shows the log's status" do |
|
expect(CGI.unescape_html(response.body)).to include(sales_log.status.humanize) |
|
end |
|
|
|
it "shows the total log count" do |
|
expect(CGI.unescape_html(response.body)).to match("<strong>1</strong> total logs") |
|
end |
|
|
|
it "does not show the pagination links" do |
|
expect(page).not_to have_link("Previous") |
|
expect(page).not_to have_link("Next") |
|
end |
|
|
|
it "does not show the pagination result line" do |
|
expect(CGI.unescape_html(response.body)).not_to match("Showing <b>1</b> to <b>20</b> of <b>26</b> logs") |
|
end |
|
|
|
it "does not have pagination in the title" do |
|
expect(page).to have_title("Logs - Submit social housing lettings and sales data (CORE) - GOV.UK") |
|
end |
|
|
|
it "does not show the organisation filter" do |
|
expect(page).not_to have_field("organisation-field") |
|
end |
|
end |
|
|
|
context "when there are more than 20 logs" do |
|
before do |
|
FactoryBot.create_list(:sales_log, 25, owning_organisation: organisation) |
|
end |
|
|
|
context "when on the first page" do |
|
before do |
|
get "/sales-logs", headers:, params: {} |
|
end |
|
|
|
it "has pagination links" do |
|
expect(page).not_to have_content("Previous") |
|
expect(page).not_to have_link("Previous") |
|
expect(page).to have_content("Next") |
|
expect(page).to have_link("Next") |
|
end |
|
|
|
it "shows which logs are being shown on the current page" do |
|
expect(CGI.unescape_html(response.body)).to match("Showing <b>1</b> to <b>20</b> of <b>26</b> logs") |
|
end |
|
|
|
it "has pagination in the title" do |
|
expect(page).to have_title("Logs (page 1 of 2) - Submit social housing lettings and sales data (CORE) - GOV.UK") |
|
end |
|
end |
|
|
|
context "when on the second page" do |
|
before do |
|
get "/sales-logs?page=2", headers:, params: {} |
|
end |
|
|
|
it "shows the total log count" do |
|
expect(CGI.unescape_html(response.body)).to match("<strong>26</strong> total logs") |
|
end |
|
|
|
it "has pagination links" do |
|
expect(page).to have_content("Previous") |
|
expect(page).to have_link("Previous") |
|
expect(page).not_to have_content("Next") |
|
expect(page).not_to have_link("Next") |
|
end |
|
|
|
it "shows which logs are being shown on the current page" do |
|
expect(CGI.unescape_html(response.body)).to match("Showing <b>21</b> to <b>26</b> of <b>26</b> logs") |
|
end |
|
|
|
it "has pagination in the title" do |
|
expect(page).to have_title("Logs (page 2 of 2) - Submit social housing lettings and sales data (CORE) - GOV.UK") |
|
end |
|
end |
|
end |
|
end |
|
end |
|
|
|
context "when you visit the index page" do |
|
let(:headers) { { "Accept" => "text/html" } } |
|
let(:user) { FactoryBot.create(:user, :support) } |
|
|
|
before do |
|
allow(user).to receive(:need_two_factor_authentication?).and_return(false) |
|
sign_in user |
|
end |
|
|
|
it "does not have a button for creating lettings logs" do |
|
get "/sales-logs", headers:, params: {} |
|
page.assert_selector(".govuk-button", text: "Create a new sales log", count: 1) |
|
page.assert_selector(".govuk-button", text: "Create a new lettings log", count: 0) |
|
end |
|
end |
|
|
|
context "when viewing a sales log" do |
|
let(:headers) { { "Accept" => "text/html" } } |
|
let(:completed_sales_log) { FactoryBot.create(:sales_log, :completed, owning_organisation: user.organisation, created_by: user) } |
|
|
|
before do |
|
sign_in user |
|
Timecop.freeze(2021, 4, 1) |
|
Singleton.__init__(FormHandler) |
|
completed_sales_log.update!(saledate: Time.zone.local(2021, 4, 1)) |
|
completed_sales_log.reload |
|
end |
|
|
|
context "with sales logs that are owned by your organisation" do |
|
before do |
|
get "/sales-logs/#{completed_sales_log.id}", headers:, params: {} |
|
end |
|
|
|
after do |
|
Timecop.return |
|
Singleton.__init__(FormHandler) |
|
end |
|
|
|
it "shows the tasklist for sales logs you have access to" do |
|
expect(response.body).to match("Log") |
|
expect(response.body).to match(completed_sales_log.id.to_s) |
|
end |
|
|
|
it "displays a link to update the log for currently editable logs" do |
|
completed_sales_log.update!(saledate: Time.zone.local(2021, 4, 1)) |
|
completed_sales_log.reload |
|
|
|
get "/sales-logs/#{completed_sales_log.id}", headers:, params: {} |
|
expect(completed_sales_log.form.new_logs_end_date).to eq(Time.zone.local(2022, 12, 31)) |
|
expect(completed_sales_log.status).to eq("completed") |
|
expect(page).to have_link("review and make changes to this log", href: "/sales-logs/#{completed_sales_log.id}/review?sales_log=true") |
|
end |
|
end |
|
|
|
context "with sales logs from a closed collection period before the previous collection" do |
|
before do |
|
sign_in user |
|
Timecop.return |
|
Singleton.__init__(FormHandler) |
|
get "/sales-logs/#{completed_sales_log.id}", headers:, params: {} |
|
end |
|
|
|
it "redirects to review page" do |
|
expect(response).to redirect_to("/sales-logs/#{completed_sales_log.id}/review?sales_log=true") |
|
end |
|
end |
|
|
|
context "with sales logs from a closed previous collection period" do |
|
before do |
|
sign_in user |
|
Timecop.freeze(2023, 2, 1) |
|
Singleton.__init__(FormHandler) |
|
get "/sales-logs/#{completed_sales_log.id}", headers:, params: {} |
|
end |
|
|
|
after do |
|
Timecop.return |
|
Singleton.__init__(FormHandler) |
|
end |
|
|
|
it "redirects to review page" do |
|
expect(response).to redirect_to("/sales-logs/#{completed_sales_log.id}/review?sales_log=true") |
|
end |
|
|
|
it "displays a closed collection window message for previous collection year logs" do |
|
get "/sales-logs/#{completed_sales_log.id}", headers:, params: {} |
|
expect(completed_sales_log.form.new_logs_end_date).to eq(Time.zone.local(2022, 12, 31)) |
|
expect(completed_sales_log.status).to eq("completed") |
|
follow_redirect! |
|
expect(page).to have_content("This log is from the 2021/2022 collection window, which is now closed.") |
|
end |
|
end |
|
end |
|
|
|
context "when requesting CSV download" do |
|
let(:headers) { { "Accept" => "text/html" } } |
|
let(:search_term) { "foot" } |
|
let(:codes_only) { false } |
|
|
|
before do |
|
allow(user).to receive(:need_two_factor_authentication?).and_return(false) |
|
sign_in user |
|
get "/sales-logs/csv-download?search=#{search_term}&codes_only=#{codes_only}", headers: |
|
end |
|
|
|
it "returns http success" do |
|
expect(response).to have_http_status(:success) |
|
end |
|
|
|
it "shows a confirmation button" do |
|
expect(page).to have_button("Send email") |
|
end |
|
|
|
it "has a hidden field with the search term" do |
|
expect(page).to have_field("search", type: "hidden", with: search_term) |
|
end |
|
|
|
context "when user is not support" do |
|
context "and export type is not codes only" do |
|
it "has a hidden field with the export type" do |
|
expect(page).to have_field("codes_only", type: "hidden", with: codes_only) |
|
end |
|
end |
|
|
|
context "and export type is codes only" do |
|
let(:codes_only) { true } |
|
|
|
it "the user is not authorised" do |
|
expect(response).to have_http_status(:unauthorized) |
|
end |
|
end |
|
end |
|
|
|
context "when user is support" do |
|
let(:user) { FactoryBot.create(:user, :support) } |
|
|
|
context "and export type is not codes only" do |
|
it "has a hidden field with the export type" do |
|
expect(page).to have_field("codes_only", type: "hidden", with: codes_only) |
|
end |
|
end |
|
|
|
context "and export type is codes only" do |
|
let(:codes_only) { true } |
|
|
|
it "has a hidden field with the export type" do |
|
expect(page).to have_field("codes_only", type: "hidden", with: codes_only) |
|
end |
|
end |
|
end |
|
end |
|
|
|
context "when confirming the CSV email" do |
|
let(:headers) { { "Accept" => "text/html" } } |
|
|
|
it "confirms that the user will receive an email with the requested CSV" do |
|
sign_in user |
|
get "/sales-logs/csv-confirmation" |
|
expect(CGI.unescape_html(response.body)).to include("We’re sending you an email") |
|
end |
|
end |
|
end |
|
|
|
describe "POST #email-csv" do |
|
let(:other_organisation) { FactoryBot.create(:organisation) } |
|
let(:user) { FactoryBot.create(:user, :support) } |
|
let!(:sales_log) do |
|
FactoryBot.create( |
|
:sales_log, |
|
created_by: user, |
|
) |
|
end |
|
|
|
before do |
|
allow(user).to receive(:need_two_factor_authentication?).and_return(false) |
|
sign_in user |
|
FactoryBot.create(:sales_log) |
|
FactoryBot.create(:sales_log, |
|
:completed, |
|
owning_organisation:, |
|
created_by: user) |
|
end |
|
|
|
it "creates an E-mail job with the correct log type" do |
|
expect { |
|
post "/sales-logs/email-csv?codes_only=true", headers:, params: {} |
|
}.to enqueue_job(EmailCsvJob).with(user, nil, {}, false, nil, true, "sales") |
|
end |
|
|
|
it "redirects to the confirmation page" do |
|
post "/sales-logs/email-csv?codes_only=true", headers:, params: {} |
|
expect(response).to redirect_to(csv_confirmation_sales_logs_path) |
|
end |
|
|
|
it "passes the search term" do |
|
expect { |
|
post "/sales-logs/email-csv?search=#{sales_log.id}&codes_only=false", headers:, params: {} |
|
}.to enqueue_job(EmailCsvJob).with(user, sales_log.id.to_s, {}, false, nil, false, "sales") |
|
end |
|
|
|
it "passes filter parameters" do |
|
expect { |
|
post "/sales-logs/email-csv?status[]=completed&codes_only=true", headers:, params: {} |
|
}.to enqueue_job(EmailCsvJob).with(user, nil, { "status" => %w[completed] }, false, nil, true, "sales") |
|
end |
|
|
|
it "passes export type flag" do |
|
expect { |
|
post "/sales-logs/email-csv?codes_only=true", headers:, params: {} |
|
}.to enqueue_job(EmailCsvJob).with(user, nil, {}, false, nil, true, "sales") |
|
expect { |
|
post "/sales-logs/email-csv?codes_only=false", headers:, params: {} |
|
}.to enqueue_job(EmailCsvJob).with(user, nil, {}, false, nil, false, "sales") |
|
end |
|
|
|
it "passes a combination of search term, export type and filter parameters" do |
|
postcode = "XX1 1TG" |
|
|
|
expect { |
|
post "/sales-logs/email-csv?status[]=completed&search=#{postcode}&codes_only=false", headers:, params: {} |
|
}.to enqueue_job(EmailCsvJob).with(user, postcode, { "status" => %w[completed] }, false, nil, false, "sales") |
|
end |
|
|
|
context "when the user is not a support user" do |
|
let(:user) { FactoryBot.create(:user, :data_coordinator) } |
|
|
|
it "has permission to download human readable csv" do |
|
codes_only_export = false |
|
expect { |
|
post "/sales-logs/email-csv?codes_only=#{codes_only_export}", headers:, params: {} |
|
}.to enqueue_job(EmailCsvJob).with(user, nil, {}, false, nil, false, "sales") |
|
end |
|
|
|
it "is not authorized to download codes only csv" do |
|
codes_only_export = true |
|
post "/sales-logs/email-csv?codes_only=#{codes_only_export}", headers:, params: {} |
|
expect(response).to have_http_status(:unauthorized) |
|
end |
|
end |
|
end |
|
|
|
describe "DELETE" do |
|
let(:headers) { { "Accept" => "text/html" } } |
|
let(:page) { Capybara::Node::Simple.new(response.body) } |
|
let(:user) { create(:user, :support) } |
|
let!(:sales_log) do |
|
create(:sales_log, :completed) |
|
end |
|
let(:id) { sales_log.id } |
|
let(:delete_request) { delete "/sales-logs/#{id}", headers: } |
|
|
|
before do |
|
allow(user).to receive(:need_two_factor_authentication?).and_return(false) |
|
sign_in user |
|
end |
|
|
|
context "when delete permitted" do |
|
it "redirects to sales logs and shows message" do |
|
delete_request |
|
expect(response).to redirect_to(sales_logs_path) |
|
follow_redirect! |
|
expect(page).to have_content("Log #{id} has been deleted") |
|
end |
|
|
|
it "marks the log as deleted" do |
|
expect { delete_request }.to change { sales_log.reload.status }.from("completed").to("deleted") |
|
end |
|
end |
|
|
|
context "when log does not exist" do |
|
let(:id) { -1 } |
|
|
|
it "returns 404" do |
|
delete_request |
|
expect(response).to have_http_status(:not_found) |
|
end |
|
end |
|
|
|
context "when user not authorised" do |
|
let(:user) { create(:user) } |
|
|
|
it "returns 404" do |
|
delete_request |
|
expect(response).to have_http_status(:unauthorized) |
|
end |
|
end |
|
end |
|
|
|
describe "GET delete-confirmation" do |
|
let(:headers) { { "Accept" => "text/html" } } |
|
let(:page) { Capybara::Node::Simple.new(response.body) } |
|
let(:user) { create(:user, :support) } |
|
let!(:sales_log) do |
|
create(:sales_log, :completed) |
|
end |
|
let(:id) { sales_log.id } |
|
let(:request) { get "/sales-logs/#{id}/delete-confirmation", headers: } |
|
|
|
before do |
|
allow(user).to receive(:need_two_factor_authentication?).and_return(false) |
|
sign_in user |
|
end |
|
|
|
context "when delete permitted" do |
|
it "renders page" do |
|
request |
|
expect(response).to have_http_status(:ok) |
|
|
|
expect(page).to have_content("Are you sure you want to delete this log?") |
|
expect(page).to have_button(text: "Delete this log") |
|
expect(page).to have_link(text: "Cancel", href: sales_log_path(id)) |
|
end |
|
end |
|
|
|
context "when log does not exist" do |
|
let(:id) { -1 } |
|
|
|
it "returns 404" do |
|
request |
|
expect(response).to have_http_status(:not_found) |
|
end |
|
end |
|
|
|
context "when user not authorised" do |
|
let(:user) { create(:user) } |
|
|
|
it "returns 404" do |
|
request |
|
expect(response).to have_http_status(:unauthorized) |
|
end |
|
end |
|
end |
|
end
|
|
|