From e0e8cfc0d873da8e26a622cdeecafca3a29d89a8 Mon Sep 17 00:00:00 2001 From: Kat Date: Thu, 7 Mar 2024 10:22:47 +0000 Subject: [PATCH] Check if current org DSA is signed --- .../create_log_actions_component.rb | 2 +- ...rotection_confirmation_banner_component.rb | 8 ++-- .../create_log_actions_component_spec.rb | 14 +++++- ...tion_confirmation_banner_component_spec.rb | 48 +++++++++++++++++++ 4 files changed, 66 insertions(+), 6 deletions(-) diff --git a/app/components/create_log_actions_component.rb b/app/components/create_log_actions_component.rb index 80124e22e..4b451c2cc 100644 --- a/app/components/create_log_actions_component.rb +++ b/app/components/create_log_actions_component.rb @@ -15,7 +15,7 @@ class CreateLogActionsComponent < ViewComponent::Base return false if bulk_upload.present? return true if user.support? - user.organisation.organisation_or_stock_owner_signed_dsa_and_holds_own_stock? + user.organisation.data_protection_confirmed? && user.organisation.organisation_or_stock_owner_signed_dsa_and_holds_own_stock? end def create_button_href diff --git a/app/components/data_protection_confirmation_banner_component.rb b/app/components/data_protection_confirmation_banner_component.rb index 195df3580..7ce852ae0 100644 --- a/app/components/data_protection_confirmation_banner_component.rb +++ b/app/components/data_protection_confirmation_banner_component.rb @@ -15,13 +15,13 @@ class DataProtectionConfirmationBannerComponent < ViewComponent::Base return true if org_without_dpo? return false if !org_or_user_org.holds_own_stock? && org_or_user_org.stock_owners.empty? && org_or_user_org.absorbed_organisations.empty? - !org_or_user_org.organisation_or_stock_owner_signed_dsa_and_holds_own_stock? + !org_or_user_org.data_protection_confirmed? || !org_or_user_org.organisation_or_stock_owner_signed_dsa_and_holds_own_stock? end def header_text if org_without_dpo? "To create logs your organisation must state a data protection officer. They must sign the Data Sharing Agreement." - elsif !org_or_user_org.holds_own_stock? + elsif !org_or_user_org.holds_own_stock? && org_or_user_org.data_protection_confirmed? "Your organisation does not own stock. To create logs your stock owner(s) must accept the Data Sharing Agreement on CORE." elsif user.is_dpo? "Your organisation must accept the Data Sharing Agreement before you can create any logs." @@ -53,7 +53,7 @@ private def link_text if dpo_required? "Contact helpdesk to assign a data protection officer" - elsif !org_or_user_org.holds_own_stock? + elsif !org_or_user_org.holds_own_stock? && org_or_user_org.data_protection_confirmed? "View or add stock owners" else "Read the Data Sharing Agreement" @@ -63,7 +63,7 @@ private def link_href if dpo_required? GlobalConstants::HELPDESK_URL - elsif !org_or_user_org.holds_own_stock? + elsif !org_or_user_org.holds_own_stock? && org_or_user_org.data_protection_confirmed? stock_owners_organisation_path(org_or_user_org) else data_sharing_agreement_organisation_path(org_or_user_org) diff --git a/spec/components/create_log_actions_component_spec.rb b/spec/components/create_log_actions_component_spec.rb index 5ad3d4bc3..8444b939e 100644 --- a/spec/components/create_log_actions_component_spec.rb +++ b/spec/components/create_log_actions_component_spec.rb @@ -120,7 +120,7 @@ RSpec.describe CreateLogActionsComponent, type: :component do user.organisation.update!(holds_own_stock: false) end - context "and stock owners that have signed data sharing agreement" do + context "and has signed DSA and stock owners have signed DSA" do before do parent_organisation = create(:organisation) create(:organisation_relationship, child_organisation: user.organisation, parent_organisation:) @@ -131,6 +131,18 @@ RSpec.describe CreateLogActionsComponent, type: :component do end end + context "and hasn't signed DSA and and stock owners have signed DSA" do + before do + user.organisation.data_protection_confirmation.update!(confirmed: false) + parent_organisation = create(:organisation) + create(:organisation_relationship, child_organisation: user.organisation, parent_organisation:) + end + + it "renders actions" do + expect(component.display_actions?).to eq(false) + end + end + context "and no stock owners have signed data sharing agreement" do before do parent_organisation = create(:organisation, :without_dpc) diff --git a/spec/components/data_protection_confirmation_banner_component_spec.rb b/spec/components/data_protection_confirmation_banner_component_spec.rb index faab1d169..3064a1b8e 100644 --- a/spec/components/data_protection_confirmation_banner_component_spec.rb +++ b/spec/components/data_protection_confirmation_banner_component_spec.rb @@ -61,6 +61,24 @@ RSpec.describe DataProtectionConfirmationBannerComponent, type: :component do expect(render).to have_selector("p", text: "Your organisation must accept the Data Sharing Agreement before you can create any logs.") end end + + context "and org doesn't own stock and has a parent organisation that hasn't signed DSA" do + before do + organisation.data_protection_confirmation.update!(confirmed: false) + organisation.update!(holds_own_stock: false) + parent_organisation = create(:organisation, :without_dpc, holds_own_stock: true) + create(:organisation_relationship, child_organisation: organisation, parent_organisation:) + end + + it "displays the banner and asks to sign" do + expect(component.display_banner?).to eq(true) + expect(render).to have_link( + "Read the Data Sharing Agreement", + href: "/organisations/#{organisation.id}/data-sharing-agreement", + ) + expect(render).to have_selector("p", text: "Your data protection officer must accept the Data Sharing Agreement on CORE before you can create any logs.") + end + end end context "when org has a signed data sharing agremeent" do @@ -132,6 +150,20 @@ RSpec.describe DataProtectionConfirmationBannerComponent, type: :component do expect(render).to have_selector("p", text: "Your data protection officer must accept the Data Sharing Agreement on CORE before you can create any logs.") expect(render).to have_selector("p", text: "You can ask: #{dpo.name}") end + + context "and has a parent organisation that owns stock and has signed DSA" do + before do + parent_organisation = create(:organisation, holds_own_stock: true) + create(:organisation_relationship, child_organisation: organisation, parent_organisation:) + end + + it "displays the banner and shows DPOs" do + expect(component.display_banner?).to eq(true) + expect(render.css("a")).to be_empty + expect(render).to have_selector("p", text: "Your data protection officer must accept the Data Sharing Agreement on CORE before you can create any logs.") + expect(render).to have_selector("p", text: "You can ask: #{dpo.name}") + end + end end context "when user is a DPO" do @@ -146,6 +178,22 @@ RSpec.describe DataProtectionConfirmationBannerComponent, type: :component do ) expect(render).to have_selector("p", text: "Your organisation must accept the Data Sharing Agreement before you can create any logs.") end + + context "and has a parent organisation that owns stock and has signed DSA" do + before do + parent_organisation = create(:organisation, holds_own_stock: true) + create(:organisation_relationship, child_organisation: organisation, parent_organisation:) + end + + it "displays the banner and asks to sign" do + expect(component.display_banner?).to eq(true) + expect(render).to have_link( + "Read the Data Sharing Agreement", + href: "/organisations/#{organisation.id}/data-sharing-agreement", + ) + expect(render).to have_selector("p", text: "Your organisation must accept the Data Sharing Agreement before you can create any logs.") + end + end end end