baarkerlounger
/
submit-social-housing-lettings-and-sales-data
mirror of https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Validate that the user belongs to either the managing or owning organisation

pull/1055/head
Kat 4 years ago
parent
e16051f1aa
commit
0ae80bcf84
5 changed files with 96 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      app/controllers/form_controller.rb
  2. 10
      app/models/log.rb
  3. 6
      config/locales/en.yml
  4. 47
      spec/models/lettings_log_spec.rb
  5. 32
      spec/requests/form_controller_spec.rb

2
app/controllers/form_controller.rb
Unescape View File

@ -10,7 +10,7 @@ class FormController < ApplicationController
responses_for_page = responses_for_page(@page) responses_for_page = responses_for_page(@page)
mandatory_questions_with_no_response = mandatory_questions_with_no_response(responses_for_page) mandatory_questions_with_no_response = mandatory_questions_with_no_response(responses_for_page)
if mandatory_questions_with_no_response.empty? && @log.update(responses_for_page) if mandatory_questions_with_no_response.empty? && (@log.user_organisation_chosen?(current_user) || current_user.support?) && @log.update(responses_for_page)
session[:errors] = session[:fields] = nil session[:errors] = session[:fields] = nil
redirect_to(successful_redirect_path) redirect_to(successful_redirect_path)
else else

10
app/models/log.rb
Unescape View File

@ -48,6 +48,16 @@ class Log < ApplicationRecord
def collection_period_open? def collection_period_open?
form.end_date > Time.zone.today form.end_date > Time.zone.today
end end
def user_organisation_chosen?(user)
unless [user, managing_organisation, owning_organisation].any?(&:blank?) || user.organisation == managing_organisation || user.organisation == owning_organisation
errors.add :created_by, I18n.t("validations.setup.created_by.invalid")
errors.add :owning_organisation_id, I18n.t("validations.setup.owning_organisation.invalid")
errors.add :managing_organisation_id, I18n.t("validations.setup.managing_organisation.invalid")
return false
end
true
end
private private

6
config/locales/en.yml
Unescape View File

@ -157,6 +157,12 @@ en:
deactivated: "%{name} was deactivated on %{date} and was not available on the day you entered" deactivated: "%{name} was deactivated on %{date} and was not available on the day you entered"
reactivating_soon: "The scheme %{name} is not available until %{date}. Select another scheme or edit the tenancy start date" reactivating_soon: "The scheme %{name} is not available until %{date}. Select another scheme or edit the tenancy start date"
activating_soon: "%{name} is not available until %{date}. Enter a tenancy start date after %{date}" activating_soon: "%{name} is not available until %{date}. Enter a tenancy start date after %{date}"
owning_organisation:
invalid: "Please select owning organisation or managing organisation that you belong to"
managing_organisation:
invalid: "Please select owning organisation or managing organisation that you belong to"
created_by:
invalid: "Please select owning organisation or managing organisation that you belong to"
property: property:
mrcdate: mrcdate:

47
spec/models/lettings_log_spec.rb
Unescape View File

@ -2527,4 +2527,51 @@ RSpec.describe LettingsLog do
end end
end end
end end
describe "non support validation" do
it "validates if neither managing nor owning organisation is the same as current user organisation" do
lettings_log = FactoryBot.build(:lettings_log, owning_organisation:, managing_organisation: owning_organisation)
lettings_log.user_organisation_chosen?(created_by_user)
expect(lettings_log.errors[:created_by]).to include(I18n.t("validations.setup.created_by.invalid"))
expect(lettings_log.errors[:owning_organisation_id]).to include(I18n.t("validations.setup.owning_organisation.invalid"))
expect(lettings_log.errors[:managing_organisation_id]).to include(I18n.t("validations.setup.managing_organisation.invalid"))
end
it "doesn not validate if either managing or owning organisation is the same as current user organisation" do
lettings_log = FactoryBot.build(:lettings_log, owning_organisation: created_by_user.organisation, managing_organisation: owning_organisation)
lettings_log.user_organisation_chosen?(created_by_user)
expect(lettings_log.errors[:created_by]).to be_empty
expect(lettings_log.errors[:owning_organisation_id]).to be_empty
expect(lettings_log.errors[:managing_organisation_id]).to be_empty
end
it "does not validate if current user is missing" do
lettings_log = FactoryBot.build(:lettings_log, created_by: nil, owning_organisation:, managing_organisation: owning_organisation)
lettings_log.user_organisation_chosen?(nil)
expect(lettings_log.errors[:created_by]).to be_empty
expect(lettings_log.errors[:owning_organisation_id]).to be_empty
expect(lettings_log.errors[:managing_organisation_id]).to be_empty
end
it "does not validate if managing organisation is missing" do
lettings_log = FactoryBot.build(:lettings_log, owning_organisation:, managing_organisation: nil)
lettings_log.user_organisation_chosen?(created_by_user)
expect(lettings_log.errors[:created_by]).to be_empty
expect(lettings_log.errors[:owning_organisation_id]).to be_empty
expect(lettings_log.errors[:managing_organisation_id]).to be_empty
end
it "does not validate if owning organisation is missing" do
lettings_log = FactoryBot.build(:lettings_log, owning_organisation: nil, managing_organisation: owning_organisation)
lettings_log.user_organisation_chosen?(created_by_user)
expect(lettings_log.errors[:created_by]).to be_empty
expect(lettings_log.errors[:owning_organisation_id]).to be_empty
expect(lettings_log.errors[:managing_organisation_id]).to be_empty
end
end
end end

32
spec/requests/form_controller_spec.rb
Unescape View File

@ -298,6 +298,38 @@ RSpec.describe FormController, type: :request do
end end
end end
context "with invalid organisation answers" do
let(:page) { Capybara::Node::Simple.new(response.body) }
let(:managing_organisation) { create(:organisation) }
let(:managing_organisation_too) { create(:organisation) }
let(:housing_provider) { create(:organisation) }
let(:params) do
{
id: lettings_log.id,
lettings_log: {
page: "managing_organisation",
managing_organisation_id: other_organisation.id,
},
}
end
before do
organisation.housing_providers << housing_provider
organisation.managing_agents << managing_organisation
organisation.managing_agents << managing_organisation_too
organisation.reload
lettings_log.update!(owning_organisation: housing_provider, created_by: user, managing_organisation: organisation)
lettings_log.reload
end
it "re-renders the same page with errors if validation fails" do
post "/lettings-logs/#{lettings_log.id}/form", params: params
expect(response).to redirect_to("/lettings-logs/#{lettings_log.id}/managing-organisation")
follow_redirect!
expect(page).to have_content("There is a problem")
end
end
context "with valid answers" do context "with valid answers" do
let(:answer) { 20 } let(:answer) { 20 }
let(:params) do let(:params) do

Write Preview
Loading…
Cancel
Save