baarkerlounger
/
submit-social-housing-lettings-and-sales-data
mirror of https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

start adapting to data protection confirmation

pull/1684/head
Jack S 3 years ago
parent
c023a9f0bb
commit
491495384a
17 changed files with 136 additions and 149 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 34
      app/controllers/organisations_controller.rb
  2. 10
      app/helpers/data_sharing_agreement_helper.rb
  3. 4
      app/models/data_sharing_agreement.rb
  4. 3
      app/models/organisation.rb
  5. 2
      app/views/logs/_create_for_org_actions.html.erb
  6. 18
      app/views/organisations/data_sharing_agreement.html.erb
  7. 2
      app/views/organisations/show.html.erb
  8. 29
      db/seeds.rb
  9. 8
      spec/components/create_log_actions_component_spec.rb
  10. 20
      spec/components/data_sharing_agreement_banner_component_spec.rb
  11. 2
      spec/factories/data_protection_confirmation.rb
  12. 6
      spec/factories/organisation.rb
  13. 71
      spec/requests/organisations_controller_spec.rb
  14. 8
      spec/shared/shared_log_examples.rb
  15. 6
      spec/views/logs/_create_for_org_actions.html.erb_spec.rb
  16. 42
      spec/views/organisations/data_sharing_agreement.html.erb_spec.rb
  17. 20
      spec/views/organisations/show.html.erb_spec.rb

34
app/controllers/organisations_controller.rb
Unescape View File

@ -165,35 +165,27 @@ class OrganisationsController < ApplicationController
def confirm_data_sharing_agreement def confirm_data_sharing_agreement
return render_not_found unless FeatureToggle.new_data_protection_confirmation? return render_not_found unless FeatureToggle.new_data_protection_confirmation?
return render_not_found unless current_user.is_dpo? return render_not_found unless current_user.is_dpo?
return render_not_found if @organisation.latest_data_protection_confirmation&.confirmed? return render_not_found if @organisation.data_protection_confirmation&.confirmed?
if @organisation.data_protection_confirmation
if @organisation.latest_data_protection_confirmation @organisation.data_protection_confirmation.update!(
@organisation.latest_data_protection_confirmation.update!(
confirmed: true, confirmed: true,
data_protection_officer: current_user, data_protection_officer: current_user,
# When it was signed # When it was signed
created_at: Time.zone.now, created_at: Time.zone.now,
) )
dpo.confirmed = true
dpo.data_protection_officer = current_user
dpo.save!
data_protection_confirmation = DataProtectionConfirmation.new(
organisation: current_user.organisation,
confirmed: true,
data_protection_officer: current_user,
)
if data_protection_confirmation.save
flash[:notice] = "You have accepted the Data Sharing Agreement"
flash[:notification_banner_body] = "Your organisation can now submit logs."
redirect_to details_organisation_path(@organisation)
else else
render :data_sharing_agreement DataProtectionConfirmation.create!(
organisation: current_user.organisation,
confirmed: true,
data_protection_officer: current_user,
)
end end
flash[:notice] = "You have accepted the Data Sharing Agreement"
flash[:notification_banner_body] = "Your organisation can now submit logs."
redirect_to details_organisation_path(@organisation)
end end
private private

10
app/helpers/data_sharing_agreement_helper.rb
Unescape View File

@ -21,9 +21,9 @@ module DataSharingAgreementHelper
end end
end end
def name_for_data_sharing_agreement(data_sharing_agreement, user) def name_for_data_sharing_agreement(data_protection_confirmation, user)
if data_sharing_agreement.present? if data_protection_confirmation&.confirmed?
data_sharing_agreement.dpo_name data_protection_confirmation.data_protection_officer.name
elsif user.is_dpo? elsif user.is_dpo?
user.name user.name
else else
@ -68,7 +68,7 @@ module DataSharingAgreementHelper
private private
def data_sharing_agreement_first_line(organisation:, user:) def data_sharing_agreement_first_line(organisation:, user:)
return "Not accepted" if organisation.data_protection_confirmation&.confirmed? return "Not accepted" unless organisation.data_protection_confirmation&.confirmed?
if user.support? if user.support?
"Accepted #{organisation.data_protection_confirmation.created_at.strftime('%d/%m/%Y')}" "Accepted #{organisation.data_protection_confirmation.created_at.strftime('%d/%m/%Y')}"
@ -79,7 +79,7 @@ private
def data_sharing_agreement_second_line(organisation:, user:) def data_sharing_agreement_second_line(organisation:, user:)
if organisation.data_protection_confirmation&.confirmed? if organisation.data_protection_confirmation&.confirmed?
organisation.data_sharing_agreement.data_protection_officer.name if user.support? organisation.data_protection_confirmation.data_protection_officer.name if user.support?
else else
"Data protection officer must sign" unless user.is_dpo? "Data protection officer must sign" unless user.is_dpo?
end end

4
app/models/data_sharing_agreement.rb
Unescape View File

@ -1,4 +0,0 @@
class DataSharingAgreement < ApplicationRecord
belongs_to :organisation
belongs_to :data_protection_officer, class_name: "User", optional: true
end

3
app/models/organisation.rb
Unescape View File

@ -88,7 +88,7 @@ class Organisation < ApplicationRecord
end end
def data_protection_confirmed? def data_protection_confirmed?
!!data_protection_confirmations.order(created_at: :desc).first&.confirmed !!data_protection_confirmation&.confirmed?
end end
def data_protection_agreement_string def data_protection_agreement_string
@ -112,6 +112,7 @@ class Organisation < ApplicationRecord
{ name: "Owns housing stock", value: holds_own_stock ? "Yes" : "No", editable: false }, { name: "Owns housing stock", value: holds_own_stock ? "Yes" : "No", editable: false },
].compact ].compact
# TODO: test
unless FeatureToggle.new_data_protection_confirmation? unless FeatureToggle.new_data_protection_confirmation?
attrs << { name: "Data protection agreement", value: data_protection_agreement_string, editable: false } attrs << { name: "Data protection agreement", value: data_protection_agreement_string, editable: false }
end end

2
app/views/logs/_create_for_org_actions.html.erb
Unescape View File

@ -1,5 +1,5 @@
<div class="govuk-button-group app-filter-toggle"> <div class="govuk-button-group app-filter-toggle">
<% if !FeatureToggle.new_data_protection_confirmation? || @organisation.data_protection_confirmation.&confirmed? %> <% if !FeatureToggle.new_data_protection_confirmation? || @organisation.data_protection_confirmation&.confirmed? %>
<% if current_page?(controller: 'organisations', action: 'lettings_logs') %> <% if current_page?(controller: 'organisations', action: 'lettings_logs') %>
<%= govuk_button_to "Create a new lettings log for this organisation", lettings_logs_path(lettings_log: { owning_organisation_id: @organisation.id }, method: :post) %> <%= govuk_button_to "Create a new lettings log for this organisation", lettings_logs_path(lettings_log: { owning_organisation_id: @organisation.id }, method: :post) %>
<% end %> <% end %>

18
app/views/organisations/data_sharing_agreement.html.erb
Unescape View File

@ -3,11 +3,11 @@
<div class="govuk-grid-row"> <div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds-from-desktop"> <div class="govuk-grid-column-two-thirds-from-desktop">
<h2 id="data-provider-organisation-and-department-for-levelling-up-housing-and-communities" class="govuk-heading-l"> <h2 id="data-provider-organisation-and-department-for-levelling-up-housing-and-communities" class="govuk-heading-l">
<%= org_name_for_data_sharing_agreement(@data_sharing_agreement, current_user) %> and Department for Levelling Up, Housing and Communities <%= org_name_for_data_sharing_agreement(@data_protection_confirmation, current_user) %> and Department for Levelling Up, Housing and Communities
</h2> </h2>
<p class="govuk-body-m"> <p class="govuk-body-m">
<% if @data_sharing_agreement&.confirmed? %> <% if @data_protection_confirmation&.confirmed? %>
This agreement is made the <%= @data_sharing_agreement.created_at.day.ordinalize %> day of <%= @data_sharing_agreement.created_at.strftime("%B") %> <%= @data_sharing_agreement.created_at.year %> This agreement is made the <%= @data_protection_confirmation.created_at.day.ordinalize %> day of <%= @data_protection_confirmation.created_at.strftime("%B") %> <%= @data_protection_confirmation.created_at.year %>
<% elsif current_user.is_dpo? %> <% elsif current_user.is_dpo? %>
This agreement is made the <%= Time.zone.now.day.ordinalize %> day of <%= Time.zone.now.strftime("%B") %> <%= Time.zone.now.year %> This agreement is made the <%= Time.zone.now.day.ordinalize %> day of <%= Time.zone.now.strftime("%B") %> <%= Time.zone.now.year %>
<% else %> <% else %>
@ -15,8 +15,8 @@
<% end %> <% end %>
</p> </p>
<p class="govuk-body-m"><strong>between</strong></p> <p class="govuk-body-m"><strong>between</strong></p>
<% if @data_sharing_agreement %> <% if @data_protection_confirmation&.confirmed? %>
<p class="govuk-body-m">1) <%= @data_sharing_agreement.organisation_name %> of <%= @data_sharing_agreement.organisation_address %> (“CORE Data Provider”)</p> <p class="govuk-body-m">1) <%= @data_protection_confirmation.organisation.name %> of <%= @data_protection_confirmation.organisation.address_row %> (“CORE Data Provider”)</p>
<% else %> <% else %>
<p class="govuk-body-m">1) <%= @organisation.name %> of <%= @organisation.address_row %> (“CORE Data Provider”)</p> <p class="govuk-body-m">1) <%= @organisation.name %> of <%= @organisation.address_row %> (“CORE Data Provider”)</p>
<% end %> <% end %>
@ -106,7 +106,7 @@
<h3 id="12-authorised-representatives" class="govuk-heading-m">12. Authorised representatives</h3> <h3 id="12-authorised-representatives" class="govuk-heading-m">12. Authorised representatives</h3>
<p class="govuk-body-m">12.1. CORE data providers and DLUHC will each appoint an Authorised Representative to be the primary point of contact in all day-to-day matters relating to this Agreement:</p> <p class="govuk-body-m">12.1. CORE data providers and DLUHC will each appoint an Authorised Representative to be the primary point of contact in all day-to-day matters relating to this Agreement:</p>
<p class="govuk-body-m"> <p class="govuk-body-m">
<%= section_12_2(data_sharing_agreement: @data_sharing_agreement, user: current_user, organisation: @organisation) %> <%= section_12_2(data_protection_confirmation: @data_protection_confirmation, user: current_user, organisation: @organisation) %>
</p> </p>
<p class="govuk-body-m">12.3. For DLUHC: Name: Rachel Worledge, <p class="govuk-body-m">12.3. For DLUHC: Name: Rachel Worledge,
Postal Address: South-west section, 4th Floor, Fry Building, 2 Marsham Street, London, SW1P 4DF, Postal Address: South-west section, 4th Floor, Fry Building, 2 Marsham Street, London, SW1P 4DF,
@ -123,9 +123,9 @@
<h3 id="16-statutory-compliance" class="govuk-heading-m">16. Statutory compliance</h3> <h3 id="16-statutory-compliance" class="govuk-heading-m">16. Statutory compliance</h3>
<p class="govuk-body-m">16.1. The Parties shall comply with all relevant legislation, regulations, orders, statutory instruments and any amendments or re-enactments thereof from the commencement of this agreement.</p> <p class="govuk-body-m">16.1. The Parties shall comply with all relevant legislation, regulations, orders, statutory instruments and any amendments or re-enactments thereof from the commencement of this agreement.</p>
<p class="govuk-body-m">As witness of which the parties have set their hands on the day and year first above written <p class="govuk-body-m">As witness of which the parties have set their hands on the day and year first above written
signed for and on behalf of the Data Protection Officer for <%= org_name_for_data_sharing_agreement(@data_sharing_agreement, current_user) %>, by:</p> signed for and on behalf of the Data Protection Officer for <%= org_name_for_data_sharing_agreement(@data_protection_confirmation, current_user) %>, by:</p>
<ul class="govuk-list govuk-list--bullet"> <ul class="govuk-list govuk-list--bullet">
<li>Name: <%= name_for_data_sharing_agreement(@data_sharing_agreement, current_user) %></li> <li>Name: <%= name_for_data_sharing_agreement(@data_protection_confirmation, current_user) %></li>
<li>Title: Data Protection Officer</li> <li>Title: Data Protection Officer</li>
</ul> </ul>
<p class="govuk-body-m">SIGNED for and on behalf of the deputy director of the data, analytics &amp; statistics in the Department for Levelling Up, Housing and Communities, by:</p> <p class="govuk-body-m">SIGNED for and on behalf of the deputy director of the data, analytics &amp; statistics in the Department for Levelling Up, Housing and Communities, by:</p>
@ -134,7 +134,7 @@
<li>Title: Deputy Director</li> <li>Title: Deputy Director</li>
</ul> </ul>
<% if current_user.is_dpo? && !(@organisation.data_sharing_agreement&.confirmed?) %> <% if current_user.is_dpo? && !(@organisation.data_protection_confirmation&.confirmed?) %>
<div class="govuk-button-group govuk-!-margin-top-9"> <div class="govuk-button-group govuk-!-margin-top-9">
<%= govuk_button_to("Accept this agreement", data_sharing_agreement_organisation_path(@organisation), method: :post) %> <%= govuk_button_to("Accept this agreement", data_sharing_agreement_organisation_path(@organisation), method: :post) %>
<%= govuk_button_link_to("Cancel", details_organisation_path(@organisation), secondary: true) %> <%= govuk_button_link_to("Cancel", details_organisation_path(@organisation), secondary: true) %>

2
app/views/organisations/show.html.erb
Unescape View File

@ -33,7 +33,7 @@
<% end %> <% end %>
<% end %> <% end %>
<% end %> <% end %>
<% if FeatureToggle.new_data_sharing_agreement? %> <% if FeatureToggle.new_data_protection_confirmation? %>
<%= data_sharing_agreement_row(organisation: @organisation, user: current_user, summary_list:) %> <%= data_sharing_agreement_row(organisation: @organisation, user: current_user, summary_list:) %>
<% end %> <% end %>
<% end %> <% end %>

29
db/seeds.rb
Unescape View File

@ -7,25 +7,11 @@
# Character.create(name: 'Luke', movie: movies.first) # Character.create(name: 'Luke', movie: movies.first)
# rubocop:disable Rails/Output # rubocop:disable Rails/Output
def create_dsa(user)
def create_dpo(org)
User.find_or_create_by!(
name: "#{org.name} User",
email: "#{org.name}@example.com",
organisation: standalone_owns_stock,
role: "data_provider",
is_dpo: true,
) do |user|
user.password = "password"
user.confirmed_at = Time.zone.now
end
end
def create_dsa(org)
DataProtectionConfirmation.find_or_create_by!( DataProtectionConfirmation.find_or_create_by!(
organisation: org, organisation: user.organisation,
confirmed: true, confirmed: true,
data_protection_officer: create_dpo(org), data_protection_officer: user,
) )
end end
@ -40,7 +26,6 @@ unless Rails.env.test?
managing_agents_label: "None", managing_agents_label: "None",
provider_type: "LA", provider_type: "LA",
) )
create_dsa(stock_owner1)
stock_owner2 = Organisation.find_or_create_by!( stock_owner2 = Organisation.find_or_create_by!(
name: "Stock Owner 2", name: "Stock Owner 2",
address_line1: "2 Marsham Street", address_line1: "2 Marsham Street",
@ -51,7 +36,6 @@ unless Rails.env.test?
managing_agents_label: "None", managing_agents_label: "None",
provider_type: "LA", provider_type: "LA",
) )
create_dsa(stock_owner2)
managing_agent1 = Organisation.find_or_create_by!( managing_agent1 = Organisation.find_or_create_by!(
name: "Managing Agent 1", name: "Managing Agent 1",
address_line1: "2 Marsham Street", address_line1: "2 Marsham Street",
@ -62,7 +46,6 @@ unless Rails.env.test?
managing_agents_label: "None", managing_agents_label: "None",
provider_type: "LA", provider_type: "LA",
) )
create_dsa(managing_agent1)
managing_agent2 = Organisation.find_or_create_by!( managing_agent2 = Organisation.find_or_create_by!(
name: "Managing Agent 2", name: "Managing Agent 2",
address_line1: "2 Marsham Street", address_line1: "2 Marsham Street",
@ -73,7 +56,6 @@ unless Rails.env.test?
managing_agents_label: "None", managing_agents_label: "None",
provider_type: "LA", provider_type: "LA",
) )
create_dsa(managing_agent2)
org = Organisation.find_or_create_by!( org = Organisation.find_or_create_by!(
name: "DLUHC", name: "DLUHC",
@ -92,7 +74,6 @@ unless Rails.env.test?
Rails.logger.info info Rails.logger.info info
end end
end end
create_dsa(org)
standalone_owns_stock = Organisation.find_or_create_by!( standalone_owns_stock = Organisation.find_or_create_by!(
name: "Standalone Owns Stock 1 Ltd", name: "Standalone Owns Stock 1 Ltd",
@ -113,6 +94,7 @@ unless Rails.env.test?
) do |user| ) do |user|
user.password = "password" user.password = "password"
user.confirmed_at = Time.zone.now user.confirmed_at = Time.zone.now
create_dsa(user)
end end
User.find_or_create_by!( User.find_or_create_by!(
@ -123,6 +105,7 @@ unless Rails.env.test?
) do |user| ) do |user|
user.password = "password" user.password = "password"
user.confirmed_at = Time.zone.now user.confirmed_at = Time.zone.now
create_dsa(user)
end end
standalone_no_stock = Organisation.find_or_create_by!( standalone_no_stock = Organisation.find_or_create_by!(
@ -204,6 +187,8 @@ unless Rails.env.test?
user.confirmed_at = Time.zone.now user.confirmed_at = Time.zone.now
end end
create_dsa(support_user)
pp "Seeded 3 dummy users" pp "Seeded 3 dummy users"
end end

8
spec/components/create_log_actions_component_spec.rb
Unescape View File

@ -22,7 +22,7 @@ RSpec.describe CreateLogActionsComponent, type: :component do
context "when flag disabled" do context "when flag disabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(false) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(false)
end end
it "renders actions" do it "renders actions" do
@ -67,7 +67,7 @@ RSpec.describe CreateLogActionsComponent, type: :component do
context "when flag enabled" do context "when flag enabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(true) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(true)
end end
context "when support user" do context "when support user" do
@ -115,10 +115,10 @@ RSpec.describe CreateLogActionsComponent, type: :component do
context "when not support user" do context "when not support user" do
context "without data sharing agreement" do context "without data sharing agreement" do
let(:user) { create(:user, organisation: create(:organisation, :without_dsa)) } let(:user) { create(:user, organisation: create(:organisation, :without_dpc)) }
it "does not render actions" do it "does not render actions" do
expect(component.display_actions?).to eq(false) expect(component).not_to be_display_actions
end end
end end

20
spec/components/data_sharing_agreement_banner_component_spec.rb
Unescape View File

@ -8,7 +8,7 @@ RSpec.describe DataSharingAgreementBannerComponent, type: :component do
context "when flag disabled" do context "when flag disabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(false) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(false)
end end
it "does not display banner" do it "does not display banner" do
@ -18,7 +18,7 @@ RSpec.describe DataSharingAgreementBannerComponent, type: :component do
context "when flag enabled" do context "when flag enabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(true) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(true)
end end
context "when user is dpo" do context "when user is dpo" do
@ -36,7 +36,7 @@ RSpec.describe DataSharingAgreementBannerComponent, type: :component do
let(:organisation) { nil } let(:organisation) { nil }
before do before do
allow(DataSharingAgreement).to receive(:exists?).and_call_original allow(DataProtectionConfirmation).to receive(:exists?).and_call_original
end end
context "when data sharing agreement present" do context "when data sharing agreement present" do
@ -46,12 +46,12 @@ RSpec.describe DataSharingAgreementBannerComponent, type: :component do
it "verifies DSA exists for organisation" do it "verifies DSA exists for organisation" do
render render
expect(DataSharingAgreement).to have_received(:exists?).with(organisation: user.organisation) expect(DataProtectionConfirmation).to have_received(:exists?).with(organisation: user.organisation, confirmed: true)
end end
end end
context "when data sharing agreement not present" do context "when data sharing agreement not present" do
let(:user) { create(:user, organisation: create(:organisation, :without_dsa)) } let(:user) { create(:user, organisation: create(:organisation, :without_dpc)) }
it "displays the banner" do it "displays the banner" do
expect(component.display_banner?).to eq(true) expect(component.display_banner?).to eq(true)
@ -64,7 +64,7 @@ RSpec.describe DataSharingAgreementBannerComponent, type: :component do
it "verifies DSA exists for organisation" do it "verifies DSA exists for organisation" do
render render
expect(DataSharingAgreement).to have_received(:exists?).with(organisation: user.organisation) expect(DataProtectionConfirmation).to have_received(:exists?).with(organisation: user.organisation, confirmed: true)
end end
end end
end end
@ -83,7 +83,7 @@ RSpec.describe DataSharingAgreementBannerComponent, type: :component do
context "when org present" do context "when org present" do
before do before do
allow(DataSharingAgreement).to receive(:exists?).and_call_original allow(DataProtectionConfirmation).to receive(:exists?).and_call_original
end end
context "when data sharing agreement present" do context "when data sharing agreement present" do
@ -93,12 +93,12 @@ RSpec.describe DataSharingAgreementBannerComponent, type: :component do
it "verifies DSA exists for organisation" do it "verifies DSA exists for organisation" do
render render
expect(DataSharingAgreement).to have_received(:exists?).with(organisation:) expect(DataProtectionConfirmation).to have_received(:exists?).with(organisation:, confirmed: true)
end end
end end
context "when data sharing agreement not present" do context "when data sharing agreement not present" do
let(:organisation) { create(:organisation, :without_dsa) } let(:organisation) { create(:organisation, :without_dpc) }
it "displays the banner" do it "displays the banner" do
expect(component.display_banner?).to eq(true) expect(component.display_banner?).to eq(true)
@ -111,7 +111,7 @@ RSpec.describe DataSharingAgreementBannerComponent, type: :component do
it "verifies DSA exists for organisation" do it "verifies DSA exists for organisation" do
render render
expect(DataSharingAgreement).to have_received(:exists?).with(organisation:) expect(DataProtectionConfirmation).to have_received(:exists?).with(organisation:, confirmed: true)
end end
end end
end end

2
spec/factories/data_protection_confirmation.rb
Unescape View File

@ -1,6 +1,6 @@
FactoryBot.define do FactoryBot.define do
factory :data_protection_confirmation do factory :data_protection_confirmation do
organisation { association :organisation, data_sharing_agreement: instance } organisation { association :organisation, data_protection_confirmation: instance }
data_protection_officer { association :user, :data_protection_officer, organisation: (instance.organisation || organisation) } data_protection_officer { association :user, :data_protection_officer, organisation: (instance.organisation || organisation) }
confirmed { true } confirmed { true }

6
spec/factories/organisation.rb
Unescape View File

@ -17,7 +17,7 @@ FactoryBot.define do
after(:create) do |org, evaluator| after(:create) do |org, evaluator|
if evaluator.with_dsa if evaluator.with_dsa
create( create(
:data_sharing_agreement, :data_protection_confirmation,
organisation: org, organisation: org,
data_protection_officer: org.users.any? ? org.users.first : create(:user, :data_protection_officer, organisation: org), data_protection_officer: org.users.any? ? org.users.first : create(:user, :data_protection_officer, organisation: org),
) )
@ -36,12 +36,12 @@ FactoryBot.define do
holds_own_stock { false } holds_own_stock { false }
end end
trait :without_dsa do trait :without_dpc do
transient do transient do
with_dsa { false } with_dsa { false }
end end
data_sharing_agreement { nil } data_protection_confirmation { nil }
end end
end end

71
spec/requests/organisations_controller_spec.rb
Unescape View File

@ -285,7 +285,7 @@ RSpec.describe OrganisationsController, type: :request do
end end
it "shows the pagination count" do it "shows the pagination count" do
expect(page).to have_content("3 total users") expect(page).to have_content("#{user.organisation.users.count} total users")
end end
end end
@ -1424,7 +1424,7 @@ RSpec.describe OrganisationsController, type: :request do
it "only includes users from that organisation" do it "only includes users from that organisation" do
get "/organisations/#{other_organisation.id}/users", headers:, params: {} get "/organisations/#{other_organisation.id}/users", headers:, params: {}
csv = CSV.parse(response.body) csv = CSV.parse(response.body)
expect(csv.count).to eq(3) expect(csv.count).to eq(other_organisation.users.count + 1)
end end
end end
end end
@ -1446,7 +1446,7 @@ RSpec.describe OrganisationsController, type: :request do
context "when flag not enabled" do context "when flag not enabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(false) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(false)
end end
it "returns not found" do it "returns not found" do
@ -1457,7 +1457,7 @@ RSpec.describe OrganisationsController, type: :request do
context "when flag enabled" do context "when flag enabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(true) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(true)
end end
it "returns ok" do it "returns ok" do
@ -1469,7 +1469,7 @@ RSpec.describe OrganisationsController, type: :request do
end end
describe "POST #data_sharing_agreement" do describe "POST #data_sharing_agreement" do
let(:organisation) { create(:organisation, :without_dsa) } let(:organisation) { create(:organisation, :without_dpc) }
context "when not signed in" do context "when not signed in" do
it "redirects to sign in" do it "redirects to sign in" do
@ -1486,7 +1486,7 @@ RSpec.describe OrganisationsController, type: :request do
context "when flag not enabled" do context "when flag not enabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(false) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(false)
end end
it "returns not found" do it "returns not found" do
@ -1497,7 +1497,7 @@ RSpec.describe OrganisationsController, type: :request do
context "when flag enabled" do context "when flag enabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(true) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(true)
end end
context "when user not dpo" do context "when user not dpo" do
@ -1510,39 +1510,48 @@ RSpec.describe OrganisationsController, type: :request do
end end
context "when user is dpo" do context "when user is dpo" do
let(:user) { create(:user, is_dpo: true, organisation:) } context "when the organisation has a non-confirmed confirmation" do
let(:user) { create(:user, is_dpo: false) }
it "returns redirects to details page" do it "returns not found" do
post "/organisations/#{organisation.id}/data-sharing-agreement", headers: headers post "/organisations/#{organisation.id}/data-sharing-agreement", headers: headers
expect(response).to have_http_status(:not_found)
expect(response).to redirect_to("/organisations/#{organisation.id}/details") end
expect(flash[:notice]).to eq("You have accepted the Data Sharing Agreement")
expect(flash[:notification_banner_body]).to eq("Your organisation can now submit logs.")
end end
it "creates a data sharing agreement" do context "when the organisation does not have a confirmation" do
expect(organisation.reload.data_sharing_agreement).to be_nil let(:user) { create(:user, is_dpo: true, organisation:) }
post("/organisations/#{organisation.id}/data-sharing-agreement", headers:) it "returns redirects to details page" do
post "/organisations/#{organisation.id}/data-sharing-agreement", headers: headers
data_sharing_agreement = organisation.reload.data_sharing_agreement expect(response).to redirect_to("/organisations/#{organisation.id}/details")
expect(flash[:notice]).to eq("You have accepted the Data Sharing Agreement")
expect(flash[:notification_banner_body]).to eq("Your organisation can now submit logs.")
end
expect(data_sharing_agreement.organisation_address).to eq(organisation.address_row) it "creates a data sharing agreement" do
expect(data_sharing_agreement.organisation_name).to eq(organisation.name) expect(organisation.reload.data_protection_confirmation).to be_nil
expect(data_sharing_agreement.organisation_phone_number).to eq(organisation.phone)
expect(data_sharing_agreement.data_protection_officer).to eq(user)
expect(data_sharing_agreement.dpo_name).to eq(user.name)
expect(data_sharing_agreement.dpo_email).to eq(user.email)
end
context "when the user has already accepted the agreement" do post("/organisations/#{organisation.id}/data-sharing-agreement", headers:)
before do
create(:data_sharing_agreement, data_protection_officer: user, organisation: user.organisation) data_protection_confirmation = organisation.reload.data_protection_confirmation
expect(data_protection_confirmation.organisation.address_row).to eq(organisation.address_row)
expect(data_protection_confirmation.organisation.name).to eq(organisation.name)
expect(data_protection_confirmation.organisation.phone).to eq(organisation.phone)
expect(data_protection_confirmation.data_protection_officer).to eq(user)
end end
it "returns not found" do context "when the user has already accepted the agreement" do
post "/organisations/#{organisation.id}/data-sharing-agreement", headers: headers before do
expect(response).to have_http_status(:not_found) create(:data_protection_confirmation, data_protection_officer: user, organisation: user.organisation)
end
it "returns not found" do
post "/organisations/#{organisation.id}/data-sharing-agreement", headers: headers
expect(response).to have_http_status(:not_found)
end
end end
end end
end end

8
spec/shared/shared_log_examples.rb
Unescape View File

@ -107,7 +107,7 @@ RSpec.shared_examples "shared log examples" do |log_type|
describe "#verify_dsa_signed" do describe "#verify_dsa_signed" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(false) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(false)
end end
it "is valid if the DSA is signed" do it "is valid if the DSA is signed" do
@ -123,7 +123,7 @@ RSpec.shared_examples "shared log examples" do |log_type|
end end
it "is not valid if the DSA is not signed" do it "is not valid if the DSA is not signed" do
log = build(log_type, owning_organisation: create(:organisation, :without_dsa)) log = build(log_type, owning_organisation: create(:organisation, :without_dpc))
expect(log).to be_valid expect(log).to be_valid
end end
@ -131,7 +131,7 @@ RSpec.shared_examples "shared log examples" do |log_type|
context "when flag enabled" do context "when flag enabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(true) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(true)
end end
it "is valid if the DSA is signed" do it "is valid if the DSA is signed" do
@ -147,7 +147,7 @@ RSpec.shared_examples "shared log examples" do |log_type|
end end
it "is not valid if the DSA is not signed" do it "is not valid if the DSA is not signed" do
log = build(log_type, owning_organisation: create(:organisation, :without_dsa)) log = build(log_type, owning_organisation: create(:organisation, :without_dpc))
expect(log).not_to be_valid expect(log).not_to be_valid
expect(log.errors[:owning_organisation]).to eq(["Your organisation must accept the Data Sharing Agreement before you can create any logs."]) expect(log.errors[:owning_organisation]).to eq(["Your organisation must accept the Data Sharing Agreement before you can create any logs."])

6
spec/views/logs/_create_for_org_actions.html.erb_spec.rb
Unescape View File

@ -13,7 +13,7 @@ RSpec.describe "logs/_create_for_org_actions.html.erb" do
context "when flag disabled" do context "when flag disabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(false) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(false)
end end
it "shows create buttons" do it "shows create buttons" do
@ -26,7 +26,7 @@ RSpec.describe "logs/_create_for_org_actions.html.erb" do
context "when flag enabled" do context "when flag enabled" do
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(true) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(true)
end end
context "with data sharing agreement" do context "with data sharing agreement" do
@ -38,7 +38,7 @@ RSpec.describe "logs/_create_for_org_actions.html.erb" do
end end
context "without data sharing agreement" do context "without data sharing agreement" do
let(:user) { create(:user, organisation: create(:organisation, :without_dsa)) } let(:user) { create(:user, organisation: create(:organisation, :without_dpc)) }
it "does not include create log buttons" do it "does not include create log buttons" do
render render

42
spec/views/organisations/data_sharing_agreement.html.erb_spec.rb
Unescape View File

@ -5,7 +5,7 @@ RSpec.describe "organisations/data_sharing_agreement.html.erb", :aggregate_failu
Timecop.freeze(Time.zone.local(2023, 1, 10)) Timecop.freeze(Time.zone.local(2023, 1, 10))
allow(view).to receive(:current_user).and_return(user) allow(view).to receive(:current_user).and_return(user)
assign(:organisation, organisation) assign(:organisation, organisation)
assign(:data_sharing_agreement, data_sharing_agreement) assign(:data_protection_confirmation, data_protection_confirmation)
end end
after do after do
@ -14,10 +14,10 @@ RSpec.describe "organisations/data_sharing_agreement.html.erb", :aggregate_failu
let(:fragment) { Capybara::Node::Simple.new(rendered) } let(:fragment) { Capybara::Node::Simple.new(rendered) }
let(:organisation) { user.organisation } let(:organisation) { user.organisation }
let(:data_sharing_agreement) { nil } let(:data_protection_confirmation) { nil }
context "when dpo" do context "when dpo" do
let(:user) { create(:user, is_dpo: true, organisation: create(:organisation, :without_dsa)) } let(:user) { create(:user, is_dpo: true, organisation: create(:organisation, :without_dpc)) }
it "renders dynamic content" do it "renders dynamic content" do
render render
@ -36,32 +36,34 @@ RSpec.describe "organisations/data_sharing_agreement.html.erb", :aggregate_failu
expect(fragment).to have_content("12.2. For #{organisation.name}: Name: #{user.name}, Postal Address: #{organisation.address_row}, E-mail address: #{user.email}, Telephone number: #{organisation.phone}") expect(fragment).to have_content("12.2. For #{organisation.name}: Name: #{user.name}, Postal Address: #{organisation.address_row}, E-mail address: #{user.email}, Telephone number: #{organisation.phone}")
end end
context "when accepted" do context "when confirmed" do
let(:data_sharing_agreement) do let(:data_protection_confirmation) do
create( create(
:data_sharing_agreement, :data_protection_confirmation,
organisation:, organisation:,
signed_at: Time.zone.now - 1.day, created_at: Time.zone.now - 1.day,
) )
end end
let(:dpo) { data_protection_confirmation.data_protection_officer }
it "renders dynamic content" do it "renders dynamic content" do
render render
# dpo name # dpo name
expect(fragment).to have_content("Name: #{data_sharing_agreement.dpo_name}") expect(fragment).to have_content("Name: #{dpo.name}")
# org details # org details
expect(fragment).to have_content("#{data_sharing_agreement.organisation_name} of #{data_sharing_agreement.organisation_address} (“CORE Data Provider”)") expect(fragment).to have_content("#{organisation.name} of #{organisation.address_row} (“CORE Data Provider”)")
# header # header
expect(fragment).to have_css("h2", text: "#{data_sharing_agreement.organisation_name} and Department for Levelling Up, Housing and Communities") expect(fragment).to have_css("h2", text: "#{organisation.name} and Department for Levelling Up, Housing and Communities")
# does not show action buttons # does not show action buttons
expect(fragment).not_to have_button(text: "Accept this agreement") expect(fragment).not_to have_button(text: "Accept this agreement")
expect(fragment).not_to have_link(text: "Cancel", href: "/organisations/#{organisation.id}/details") expect(fragment).not_to have_link(text: "Cancel", href: "/organisations/#{organisation.id}/details")
# sees signed_at date # sees signed_at date
expect(fragment).to have_content("9th day of January 2023") expect(fragment).to have_content("9th day of January 2023")
# Shows DPO and org details in 12.2 # Shows DPO and org details in 12.2
expect(fragment).to have_content("12.2. For #{data_sharing_agreement.organisation_name}: Name: #{data_sharing_agreement.dpo_name}, Postal Address: #{data_sharing_agreement.organisation_address}, E-mail address: #{data_sharing_agreement.dpo_email}, Telephone number: #{data_sharing_agreement.organisation_phone_number}") expect(fragment).to have_content("12.2. For #{organisation.name}: Name: #{dpo.name}, Postal Address: #{organisation.address_row}, E-mail address: #{dpo.email}, Telephone number: #{organisation.phone}")
end end
end end
end end
@ -86,30 +88,32 @@ RSpec.describe "organisations/data_sharing_agreement.html.erb", :aggregate_failu
expect(fragment).to have_content("12.2. For #{organisation.name}: Name: [DPO name], Postal Address: #{organisation.address_row}, E-mail address: [DPO email], Telephone number: #{organisation.phone}") expect(fragment).to have_content("12.2. For #{organisation.name}: Name: [DPO name], Postal Address: #{organisation.address_row}, E-mail address: [DPO email], Telephone number: #{organisation.phone}")
end end
context "when accepted" do context "when confirmed" do
let(:data_sharing_agreement) do let(:data_protection_confirmation) do
create( create(
:data_sharing_agreement, :data_protection_confirmation,
organisation:, organisation:,
signed_at: Time.zone.now - 1.day, created_at: Time.zone.now - 1.day,
) )
end end
let(:dpo) { data_protection_confirmation.data_protection_officer }
it "renders dynamic content" do it "renders dynamic content" do
render render
# sees signed_at date # sees signed_at date
expect(fragment).to have_content("9th day of January 2023") expect(fragment).to have_content("9th day of January 2023")
# dpo name placedholder # dpo name placedholder
expect(fragment).to have_content("Name: #{data_sharing_agreement.dpo_name}") expect(fragment).to have_content("Name: #{dpo.name}")
# org details # org details
expect(fragment).to have_content("#{data_sharing_agreement.organisation_name} of #{data_sharing_agreement.organisation_address} (“CORE Data Provider”)") expect(fragment).to have_content("#{organisation.name} of #{organisation.address_row} (“CORE Data Provider”)")
# header # header
expect(fragment).to have_css("h2", text: "#{data_sharing_agreement.organisation_name} and Department for Levelling Up, Housing and Communities") expect(fragment).to have_css("h2", text: "#{organisation.name} and Department for Levelling Up, Housing and Communities")
# does not show action buttons # does not show action buttons
expect(fragment).not_to have_button(text: "Accept this agreement") expect(fragment).not_to have_button(text: "Accept this agreement")
expect(fragment).not_to have_link(text: "Cancel", href: "/organisations/#{organisation.id}/details") expect(fragment).not_to have_link(text: "Cancel", href: "/organisations/#{organisation.id}/details")
# Shows filled in details in 12.2 # Shows filled in details in 12.2
expect(fragment).to have_content("12.2. For #{data_sharing_agreement.organisation_name}: Name: #{data_sharing_agreement.dpo_name}, Postal Address: #{data_sharing_agreement.organisation_address}, E-mail address: #{data_sharing_agreement.dpo_email}, Telephone number: #{data_sharing_agreement.organisation_phone_number}") expect(fragment).to have_content("12.2. For #{organisation.name}: Name: #{dpo.name}, Postal Address: #{organisation.address_row}, E-mail address: #{dpo.email}, Telephone number: #{organisation.phone}")
end end
end end
end end

20
spec/views/organisations/show.html.erb_spec.rb
Unescape View File

@ -12,14 +12,14 @@ RSpec.describe "organisations/show.html.erb" do
end end
let(:fragment) { Capybara::Node::Simple.new(rendered) } let(:fragment) { Capybara::Node::Simple.new(rendered) }
let(:organisation_without_dsa) { create(:organisation, :without_dsa) } let(:organisation_without_dpc) { create(:organisation, :without_dpc) }
let(:organisation_with_dsa) { create(:organisation) } let(:organisation_with_dsa) { create(:organisation) }
context "when flag disabled" do context "when flag disabled" do
let(:user) { create(:user, organisation: organisation_without_dsa) } let(:user) { create(:user, organisation: organisation_without_dpc) }
before do before do
allow(FeatureToggle).to receive(:new_data_sharing_agreement?).and_return(false) allow(FeatureToggle).to receive(:new_data_protection_confirmation?).and_return(false)
end end
it "does not include data sharing agreement row" do it "does not include data sharing agreement row" do
@ -30,7 +30,7 @@ RSpec.describe "organisations/show.html.erb" do
end end
context "when dpo" do context "when dpo" do
let(:user) { create(:user, is_dpo: true, organisation: organisation_without_dsa) } let(:user) { create(:user, is_dpo: true, organisation: organisation_without_dpc) }
it "includes data sharing agreement row" do it "includes data sharing agreement row" do
render render
@ -47,7 +47,7 @@ RSpec.describe "organisations/show.html.erb" do
it "shows link to view data sharing agreement" do it "shows link to view data sharing agreement" do
render render
expect(fragment).to have_link(text: "View agreement", href: "/organisations/#{organisation_without_dsa.id}/data-sharing-agreement") expect(fragment).to have_link(text: "View agreement", href: "/organisations/#{organisation_without_dpc.id}/data-sharing-agreement")
end end
context "when accepted" do context "when accepted" do
@ -74,7 +74,7 @@ RSpec.describe "organisations/show.html.erb" do
end end
context "when support user" do context "when support user" do
let(:user) { create(:user, :support, organisation: organisation_without_dsa) } let(:user) { create(:user, :support, organisation: organisation_without_dpc) }
it "includes data sharing agreement row" do it "includes data sharing agreement row" do
render render
@ -97,7 +97,7 @@ RSpec.describe "organisations/show.html.erb" do
it "shows link to view data sharing agreement" do it "shows link to view data sharing agreement" do
render render
expect(fragment).to have_link(text: "View agreement", href: "/organisations/#{organisation_without_dsa.id}/data-sharing-agreement") expect(fragment).to have_link(text: "View agreement", href: "/organisations/#{organisation_without_dpc.id}/data-sharing-agreement")
end end
context "when accepted" do context "when accepted" do
@ -118,7 +118,7 @@ RSpec.describe "organisations/show.html.erb" do
it "shows show name of who signed the agreement" do it "shows show name of who signed the agreement" do
render render
expect(fragment).to have_content(user.organisation.data_sharing_agreement.dpo_name) expect(fragment).to have_content(user.organisation.data_protection_confirmation.data_protection_officer.name)
end end
it "shows link to view data sharing agreement" do it "shows link to view data sharing agreement" do
@ -130,7 +130,7 @@ RSpec.describe "organisations/show.html.erb" do
end end
context "when not dpo" do context "when not dpo" do
let(:user) { create(:user, organisation: organisation_without_dsa) } let(:user) { create(:user, organisation: organisation_without_dpc) }
it "includes data sharing agreement row" do it "includes data sharing agreement row" do
render render
@ -150,7 +150,7 @@ RSpec.describe "organisations/show.html.erb" do
it "shows link to view data sharing agreement" do it "shows link to view data sharing agreement" do
render render
expect(fragment).to have_link(text: "View agreement", href: "/organisations/#{organisation_without_dsa.id}/data-sharing-agreement") expect(fragment).to have_link(text: "View agreement", href: "/organisations/#{organisation_without_dpc.id}/data-sharing-agreement")
end end
context "when accepted" do context "when accepted" do

Write Preview
Loading…
Cancel
Save