demarches-normaliennes/spec/controllers/administrateurs/procedure_administrateurs_controller_spec.rb

describe Administrateurs::ProcedureAdministrateursController, type: :controller do
  let(:signed_in_admin) { create(:administrateur, active: true) }
  let(:other_admin) { create(:administrateur, active: true) }
  let!(:administrateurs_procedure) { create(:administrateurs_procedure, administrateur: signed_in_admin, procedure: procedure, manager: manager) }
  let!(:procedure) { create(:procedure, administrateurs: [other_admin]) }
  render_views

  before do
    sign_in(signed_in_admin.user)
  end

  describe '#create' do
    context 'as manager' do
      let(:manager) { true }
      subject { post :create, params: { procedure_id: procedure.id, administrateur: { email: create(:administrateur).email } }, format: :turbo_stream }
      it { is_expected.to have_http_status(:forbidden) }
    end
  end

  describe '#destroy' do
    let(:manager) { false }

    def destroy_admin(admin_to_remove)
      delete :destroy, params: { procedure_id: procedure.id, id: admin_to_remove.id }, format: :turbo_stream
    end

    context 'when removing another admin' do
      before do
        destroy_admin(other_admin)
      end

      it 'removes the admin from the procedure' do
        expect(response.body).to include('alert-success')
        expect(other_admin.procedures.reload).not_to include(procedure)
      end

      context 'then removing oneself' do
        before do
          destroy_admin(signed_in_admin)
        end

        it 'removes the admin from the procedure' do
          expect(response.body).to include('alert-danger')
          expect(signed_in_admin.procedures.reload).to include(procedure)
        end
      end
    end

    context 'when removing oneself from a procedure' do
      before do
        destroy_admin(signed_in_admin)
      end

      it 'removes the admin from the procedure' do
        expect(response).to redirect_to admin_procedures_path
        expect(signed_in_admin.procedures.reload).not_to include(procedure)
      end
    end
  end
end
Add specs for Administrateurs::ProcedureAdministrateursController 2022-01-05 16:19:26 +01:00			`describe Administrateurs::ProcedureAdministrateursController, type: :controller do`
feat(procedure_admins): allow self remove from procedure 2022-11-21 12:29:12 +01:00			`let(:signed_in_admin) { create(:administrateur, active: true) }`
			`let(:other_admin) { create(:administrateur, active: true) }`
feat(Administrateurs::ProcedureAdministrateurs): ensure admin from super admin can not add administrateur 2022-07-21 16:52:31 +02:00			`let!(:administrateurs_procedure) { create(:administrateurs_procedure, administrateur: signed_in_admin, procedure: procedure, manager: manager) }`
			`let!(:procedure) { create(:procedure, administrateurs: [other_admin]) }`
refactor(turbo): use turbo in procedure administrateurs controller 2022-04-19 12:28:29 +02:00			`render_views`
Add specs for Administrateurs::ProcedureAdministrateursController 2022-01-05 16:19:26 +01:00
			`before do`
			`sign_in(signed_in_admin.user)`
			`end`

feat(Administrateurs::ProcedureAdministrateurs): ensure admin from super admin can not add administrateur 2022-07-21 16:52:31 +02:00			`describe '#create' do`
			`context 'as manager' do`
			`let(:manager) { true }`
			`subject { post :create, params: { procedure_id: procedure.id, administrateur: { email: create(:administrateur).email } }, format: :turbo_stream }`
			`it { is_expected.to have_http_status(:forbidden) }`
			`end`
			`end`

Add specs for Administrateurs::ProcedureAdministrateursController 2022-01-05 16:19:26 +01:00			`describe '#destroy' do`
feat(Administrateurs::ProcedureAdministrateurs): ensure admin from super admin can not add administrateur 2022-07-21 16:52:31 +02:00			`let(:manager) { false }`
feat(procedure_admins): allow self remove from procedure 2022-11-21 12:29:12 +01:00
			`def destroy_admin(admin_to_remove)`
refactor(turbo): use turbo in procedure administrateurs controller 2022-04-19 12:28:29 +02:00			`delete :destroy, params: { procedure_id: procedure.id, id: admin_to_remove.id }, format: :turbo_stream`
Add specs for Administrateurs::ProcedureAdministrateursController 2022-01-05 16:19:26 +01:00			`end`

			`context 'when removing another admin' do`
feat(procedure_admins): allow self remove from procedure 2022-11-21 12:29:12 +01:00			`before do`
			`destroy_admin(other_admin)`
			`end`
Add specs for Administrateurs::ProcedureAdministrateursController 2022-01-05 16:19:26 +01:00
			`it 'removes the admin from the procedure' do`
feat(procedure_admins): allow self remove from procedure 2022-11-21 12:29:12 +01:00			`expect(response.body).to include('alert-success')`
			`expect(other_admin.procedures.reload).not_to include(procedure)`
			`end`

			`context 'then removing oneself' do`
			`before do`
			`destroy_admin(signed_in_admin)`
			`end`

			`it 'removes the admin from the procedure' do`
			`expect(response.body).to include('alert-danger')`
			`expect(signed_in_admin.procedures.reload).to include(procedure)`
			`end`
Fix ProcedureAdministrateursController#destroy - The "no remove oneself" rule wasn't actually enforced - `flash.error` is not a flash category 2022-01-05 16:21:59 +01:00			`end`
			`end`

			`context 'when removing oneself from a procedure' do`
feat(procedure_admins): allow self remove from procedure 2022-11-21 12:29:12 +01:00			`before do`
			`destroy_admin(signed_in_admin)`
			`end`
Fix ProcedureAdministrateursController#destroy - The "no remove oneself" rule wasn't actually enforced - `flash.error` is not a flash category 2022-01-05 16:21:59 +01:00
feat(procedure_admins): allow self remove from procedure 2022-11-21 12:29:12 +01:00			`it 'removes the admin from the procedure' do`
			`expect(response).to redirect_to admin_procedures_path`
			`expect(signed_in_admin.procedures.reload).not_to include(procedure)`
Add specs for Administrateurs::ProcedureAdministrateursController 2022-01-05 16:19:26 +01:00			`end`
			`end`
			`end`
			`end`