Skip to content

Commit

Permalink
Merge pull request #145 from etalab/bugfix/scopes-cleaned
Browse files Browse the repository at this point in the history 
BUGFIX Summary submit which cleans checked scopes not included by default
  • Loading branch information
@skelz0r
skelz0r authored Apr 8, 2024
2 parents 23b15f9 + e57bd92 commit b098879
Show file tree
Hide file tree
Showing 2 changed files with 75 additions and 37 deletions.
11 changes: 10 additions & 1 deletion app/form_builders/authorization_request_form_builder.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,12 +97,21 @@ def dsfr_scope(scope, opts = {})
nil
),
dsfr_scope_label(scope),
scope.included? ? scope_hidden_field(scope) : nil
include_scope_hidden_field?(scope, disabled) ? scope_hidden_field(scope) : nil
].compact
)
end
end

def include_scope_hidden_field?(scope, disabled)
if disabled
scope.included? ||
@object.scopes.include?(scope.value)
else
scope.included?
end
end

def dsfr_scope_options(scope, disabled: false)
{
disabled: disabled || check_box_disabled || scope.included?,
Expand Down
101 changes: 65 additions & 36 deletions spec/features/authorization_requests/scopes_spec.rb
View file
Original file line number Diff line number Diff line change
@@ -1,54 +1,83 @@
RSpec.describe 'Authorization request with a scope step' do
let(:user) { create(:user) }
let(:authorization_request) do
authorization_request = create(:authorization_request, :api_particulier, fill_all_attributes: true, applicant: user)
authorization_request.current_build_step = 'basic_infos'
authorization_request.scopes = nil
authorization_request.save!
authorization_request
end
let(:authorization_request_form) { authorization_request.form }
RSpec.describe 'Authorization request with scopes' do
describe 'at the scope step' do
let(:user) { create(:user) }
let(:authorization_request) do
authorization_request = create(:authorization_request, :api_particulier, fill_all_attributes: true, applicant: user)
authorization_request.current_build_step = 'basic_infos'
authorization_request.scopes = nil
authorization_request.save!
authorization_request
end
let(:authorization_request_form) { authorization_request.form }

let(:scope_step_name) { I18n.t('wicked.scopes') }
let(:scope_step_name) { I18n.t('wicked.scopes') }

before do
sign_in(user)
before do
sign_in(user)

visit authorization_request_form_build_path(form_uid: authorization_request_form.uid, authorization_request_id: authorization_request.id, id: scope_step_name)
end
visit authorization_request_form_build_path(form_uid: authorization_request_form.uid, authorization_request_id: authorization_request.id, id: scope_step_name)
end

describe 'submitting no scope' do
subject(:submitting_without_scope) do
within(css_id(authorization_request)) do
click_link_or_button 'next_authorization_request'
describe 'submitting no scope' do
subject(:submitting_without_scope) do
within(css_id(authorization_request)) do
click_link_or_button 'next_authorization_request'
end
end

it 'does not change scopes and displays an error' do
expect {
submitting_without_scope
}.not_to change { authorization_request.reload.scopes }

expect(page).to have_css('.fr-alert')
end
end

it 'does not change scopes and displays an error' do
expect {
submitting_without_scope
}.not_to change { authorization_request.reload.scopes }
describe 'submitting with one scope' do
subject(:submitting_without_scope) do
within(css_id(authorization_request)) do
check 'authorization_request_api_particulier_scopes_cnaf_quotient_familial'

expect(page).to have_css('.fr-alert')
click_link_or_button 'next_authorization_request'
end
end

it 'changes scopes and change step' do
expect {
submitting_without_scope
}.to change { authorization_request.reload.scopes }.to(['cnaf_quotient_familial'])

expect(page).to have_no_css('.fr-alert')
expect(page).to have_no_current_path(authorization_request_form_build_path(form_uid: authorization_request_form.uid, authorization_request_id: authorization_request.id, id: scope_step_name))
end
end
end

describe 'submitting with one scope' do
subject(:submitting_without_scope) do
within(css_id(authorization_request)) do
check 'authorization_request_api_particulier_scopes_cnaf_quotient_familial'
describe 'at the review step, with some scopes defined' do
let(:user) { create(:user) }
let(:authorization_request) do
authorization_request = create(:authorization_request, :api_entreprise, fill_all_attributes: true, applicant: user)
authorization_request.scopes = default_scopes + additional_scopes
authorization_request.save!
authorization_request
end
let(:default_scopes) { AuthorizationDefinition.find('api_entreprise').scopes.select(&:included?).map(&:value) }
let(:additional_scopes) { %w[unites_legales_etablissements_insee] }

click_link_or_button 'next_authorization_request'
end
before do
sign_in(user)

visit summary_authorization_request_form_path(form_uid: authorization_request.form.uid, id: authorization_request.id)
end

it 'changes scopes and change step' do
expect {
submitting_without_scope
}.to change { authorization_request.reload.scopes }.to(['cnaf_quotient_familial'])
it 'keeps the scopes on submit' do
check 'authorization_request_api_entreprise_terms_of_service_accepted'
check 'authorization_request_api_entreprise_data_protection_officer_informed'

click_on 'submit_authorization_request'

expect(page).to have_no_css('.fr-alert')
expect(page).to have_no_current_path(authorization_request_form_build_path(form_uid: authorization_request_form.uid, authorization_request_id: authorization_request.id, id: scope_step_name))
expect(authorization_request.reload.scopes).to match_array((default_scopes + additional_scopes))
end
end
end

0 comments on commit b098879

Please sign in to comment.