From 5382e6d3898669003fa9b6f733a3294ddc1ead05 Mon Sep 17 00:00:00 2001
From: Kat <katrina@kosiak.co.uk>
Date: Tue, 11 Jun 2024 09:09:29 +0100
Subject: [PATCH] Update policy

---
 app/policies/organisation_policy.rb       |  15 ++-
 spec/policies/organisation_policy_spec.rb | 108 ++++++++++++++++++++++
 2 files changed, 122 insertions(+), 1 deletion(-)

diff --git a/app/policies/organisation_policy.rb b/app/policies/organisation_policy.rb
index c17d69785..9c27d6e91 100644
--- a/app/policies/organisation_policy.rb
+++ b/app/policies/organisation_policy.rb
@@ -19,6 +19,19 @@ class OrganisationPolicy
   end
 
   def delete?
-    user.support? && (organisation.status == :deactivated || organisation.status == :merged)
+    return false unless user.support?
+    return false unless organisation.status == :deactivated || organisation.status == :merged
+
+    !has_any_logs_in_editable_collection_period
+  end
+
+  def has_any_logs_in_editable_collection_period
+    editable_from_date = FormHandler.instance.earliest_open_for_editing_collection_start_date
+    editable_lettings_logs = organisation.lettings_logs.visible.after_date(editable_from_date)
+
+    return true if organisation.lettings_logs.visible.where(startdate: nil).any? || editable_lettings_logs.any?
+
+    editable_sales_logs = organisation.sales_logs.visible.after_date(editable_from_date)
+    organisation.sales_logs.visible.where(saledate: nil).any? || editable_sales_logs.any?
   end
 end
diff --git a/spec/policies/organisation_policy_spec.rb b/spec/policies/organisation_policy_spec.rb
index 4fb4c6761..89cb62198 100644
--- a/spec/policies/organisation_policy_spec.rb
+++ b/spec/policies/organisation_policy_spec.rb
@@ -63,4 +63,112 @@ RSpec.describe OrganisationPolicy do
       expect(policy).not_to permit(support, organisation)
     end
   end
+
+  permissions :delete? do
+    let(:organisation) { FactoryBot.create(:organisation) }
+
+    context "with active organisation" do
+      it "does not allow deleting a organisation as a provider" do
+        expect(policy).not_to permit(data_provider, organisation)
+      end
+
+      it "does not allow allows deleting a organisation as a coordinator" do
+        expect(policy).not_to permit(data_coordinator, organisation)
+      end
+
+      it "does not allow deleting a organisation as a support user" do
+        expect(policy).not_to permit(support, organisation)
+      end
+    end
+
+    context "with deactivated organisation" do
+      before do
+        organisation.update!(active: false)
+      end
+
+      it "does not allow deleting a organisation as a provider" do
+        expect(policy).not_to permit(data_provider, organisation)
+      end
+
+      it "does not allow allows deleting a organisation as a coordinator" do
+        expect(policy).not_to permit(data_coordinator, organisation)
+      end
+
+      it "allows deleting a organisation as a support user" do
+        expect(policy).to permit(support, organisation)
+      end
+
+      context "and associated lettings logs in editable collection period" do
+        before do
+          create(:lettings_log, owning_organisation: organisation)
+        end
+
+        it "does not allow deleting a organisation as a provider" do
+          expect(policy).not_to permit(data_provider, organisation)
+        end
+
+        it "does not allow allows deleting a organisation as a coordinator" do
+          expect(policy).not_to permit(data_coordinator, organisation)
+        end
+
+        it "does not allow deleting a organisation as a support user" do
+          expect(policy).not_to permit(support, organisation)
+        end
+      end
+
+      context "and deleted associated lettings logs in editable collection period" do
+        before do
+          create(:lettings_log, owning_organisation: organisation, discarded_at: Time.zone.yesterday)
+        end
+
+        it "does not allow deleting a organisation as a provider" do
+          expect(policy).not_to permit(data_provider, organisation)
+        end
+
+        it "does not allow allows deleting a organisation as a coordinator" do
+          expect(policy).not_to permit(data_coordinator, organisation)
+        end
+
+        it "allows deleting a organisation as a support user" do
+          expect(policy).to permit(support, organisation)
+        end
+      end
+
+      context "and associated sales logs in editable collection period" do
+        before do
+          create(:sales_log, owning_organisation: organisation)
+        end
+
+        it "does not allow deleting a organisation as a provider" do
+          expect(policy).not_to permit(data_provider, organisation)
+        end
+
+        it "does not allow allows deleting a organisation as a coordinator" do
+          expect(policy).not_to permit(data_coordinator, organisation)
+        end
+
+        it "does not allow deleting a organisation as a support user" do
+          expect(policy).not_to permit(support, organisation)
+        end
+      end
+
+      context "and deleted associated sales logs in editable collection period" do
+        before do
+          create(:sales_log, owning_organisation: organisation, discarded_at: Time.zone.yesterday)
+        end
+
+        it "does not allow deleting a organisation as a provider" do
+          expect(policy).not_to permit(data_provider, organisation)
+        end
+
+        it "does not allow allows deleting a organisation as a coordinator" do
+          expect(policy).not_to permit(data_coordinator, organisation)
+        end
+
+        it "allows deleting a organisation as a support user" do
+          expect(policy).to permit(support, organisation)
+        end
+      end
+    end
+  end
 end