diff --git a/app/controllers/sales_logs_controller.rb b/app/controllers/sales_logs_controller.rb index 7c5083265..ce9f74745 100644 --- a/app/controllers/sales_logs_controller.rb +++ b/app/controllers/sales_logs_controller.rb @@ -62,6 +62,14 @@ class SalesLogsController < LogsController render "logs/delete_confirmation" end + def delete_duplicates + @log = SalesLog.visible.find(params[:sales_log_id]) + authorize @log + + @duplicate_logs = SalesLog.duplicate_logs_for_organisation(current_user.organisation, @log) + render "logs/delete_duplicates" + end + def download_csv unpaginated_filtered_logs = filter_manager.filtered_logs(current_user.sales_logs, search_term, session_filters) diff --git a/app/policies/sales_log_policy.rb b/app/policies/sales_log_policy.rb index de34527ff..86069a818 100644 --- a/app/policies/sales_log_policy.rb +++ b/app/policies/sales_log_policy.rb @@ -21,4 +21,8 @@ class SalesLogPolicy # Data providers can only delete the log if it is assigned to them log.created_by == user end + + def delete_duplicates? + user.support? || log.owning_organisation == user.organisation + end end diff --git a/app/views/logs/delete_duplicates.html.erb b/app/views/logs/delete_duplicates.html.erb index 23104e7b8..71e638c12 100644 --- a/app/views/logs/delete_duplicates.html.erb +++ b/app/views/logs/delete_duplicates.html.erb @@ -16,7 +16,7 @@

<% @duplicate_logs.each do |duplicate_log| %> - <%= govuk_link_to "Log #{duplicate_log.id}", lettings_log_path(duplicate_log) %> + <%= govuk_link_to "Log #{duplicate_log.id}", duplicate_log.lettings? ? lettings_log_path(duplicate_log) : sales_log_path(duplicate_log) %> <% end %>
diff --git a/config/routes.rb b/config/routes.rb index e8faaea4c..b6f1cf67e 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -238,6 +238,7 @@ Rails.application.routes.draw do resources :sales_logs, path: "/sales-logs" do get "delete-confirmation", to: "sales_logs#delete_confirmation" get "duplicate-logs", to: "duplicate_logs#show" + get "delete-duplicates", to: "duplicate_logs#delete_duplicates" collection do get "csv-download", to: "sales_logs#download_csv" diff --git a/spec/requests/sales_logs_controller_spec.rb b/spec/requests/sales_logs_controller_spec.rb index 5d24e6b01..c7edb108d 100644 --- a/spec/requests/sales_logs_controller_spec.rb +++ b/spec/requests/sales_logs_controller_spec.rb @@ -872,4 +872,83 @@ RSpec.describe SalesLogsController, type: :request do end end end + + describe "GET delete-duplicates" do + let(:headers) { { "Accept" => "text/html" } } + let(:page) { Capybara::Node::Simple.new(response.body) } + let(:user) { create(:user, :data_coordinator) } + let!(:sales_log) do + create(:sales_log, :completed, owning_organisation: user.organisation) + end + let(:id) { sales_log.id } + let!(:duplicate_log) do + duplicate = sales_log.dup + duplicate.id = nil + duplicate.save! + duplicate + end + let(:request) { get "/sales-logs/#{id}/delete-duplicates", headers: } + + before do + allow(user).to receive(:need_two_factor_authentication?).and_return(false) + sign_in user + end + + context "when there is 1 duplicate log being deleted" do + it "renders page" do + request + expect(response).to have_http_status(:ok) + + expect(page).to have_content("Are you sure you want to delete this duplicate log?") + expect(page).to have_button(text: "Delete this log") + expect(page).to have_link(text: "Log #{duplicate_log.id}", href: sales_log_path(duplicate_log.id)) + expect(page).not_to have_link(text: "Log #{id}", href: sales_log_path(id)) + expect(page).to have_link(text: "Cancel", href: sales_log_path(id)) # update with correct path when known + end + end + + context "when there are multiple duplicate logs being deleted" do + let!(:duplicate_log_2) do + duplicate = sales_log.dup + duplicate.id = nil + duplicate.save! + duplicate + end + + it "renders page" do + request + expect(response).to have_http_status(:ok) + + expect(page).to have_content("Are you sure you want to delete these duplicate logs?") + expect(page).to have_content("These logs will be deleted:") + expect(page).to have_button(text: "Delete these logs") + expect(page).to have_link(text: "Log #{duplicate_log.id}", href: sales_log_path(duplicate_log.id)) + expect(page).to have_link(text: "Log #{duplicate_log_2.id}", href: sales_log_path(duplicate_log_2.id)) + expect(page).to have_link(text: "Cancel", href: sales_log_path(id)) # update with correct path when known + end + end + + context "when log does not exist" do + let(:id) { -1 } + + it "returns 404" do + request + expect(response).to have_http_status(:not_found) + end + end + + context "when user is not authorised" do + let(:other_user) { create(:user) } + + before do + allow(other_user).to receive(:need_two_factor_authentication?).and_return(false) + sign_in other_user + end + + it "returns 404" do + request + expect(response).to have_http_status(:unauthorized) + end + end + end end