Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/main' into job-cadastro-sindico
Browse files Browse the repository at this point in the history
  • Loading branch information
DaniloRibeiro07 committed Jul 22, 2024
2 parents eb6b980 + 505bf6e commit 4ea54bb
Show file tree
Hide file tree
Showing 6 changed files with 66 additions and 7 deletions.
7 changes: 6 additions & 1 deletion app/controllers/bills_controller.rb
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
class BillsController < ApplicationController
rescue_from Faraday::ConnectionFailed, with: :connection_refused
before_action :authenticate_resident!, only: %i[index show]
before_action :unit_for_current_resident
before_action :unit_for_current_resident, only: %i[index show]
before_action :request_open_bills_list, only: :index
before_action :request_bill_details, only: :show
before_action :autorize_resident, only: :show
before_action :set_breadcrumbs_for_action, only: %i[index show]

def index; end
Expand Down Expand Up @@ -34,4 +35,8 @@ def connection_refused
def set_breadcrumbs_for_action
add_breadcrumb I18n.t("breadcrumb.bill.#{action_name}")
end

def autorize_resident
redirect_to root_path, alert: t('alerts.receipt.not_autorized') unless @bill.unit_id == @unit.id
end
end
10 changes: 10 additions & 0 deletions app/controllers/receipts_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ class ReceiptsController < ApplicationController
before_action :authenticate_resident!, only: %i[create new]
before_action :define_resident, only: %i[create new]
before_action :set_bill_id, only: %i[create new]
before_action :set_unit_id, only: %i[new create]
before_action :autorize_resident, only: %i[new create]
before_action :check_image_presence, only: :create
before_action :set_breadcrumbs_for_action, only: :new

Expand Down Expand Up @@ -34,4 +36,12 @@ def check_image_presence
@resident.add_error
render 'new', status: :unprocessable_entity
end

def set_unit_id
@unit_id = params[:unit_id]
end

def autorize_resident
redirect_to root_path, alert: t('alerts.receipt.not_autorized') unless @unit_id.to_i == @resident.residence.id
end
end
2 changes: 1 addition & 1 deletion app/views/bills/show.html.erb
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
</div>
<div class="d-flex justify-content-center mt-4">
<% if @bill.status == 'pending' %>
<%= link_to new_bill_receipt_path(@bill_id), class:"btn btn-dark rounded-pill d-flex align-items-baseline pb-2 mb-2 shadow-sm" do %>
<%= link_to new_bill_receipt_path(@bill_id, unit_id: @bill.unit_id), class:"btn btn-dark rounded-pill d-flex align-items-baseline pb-2 mb-2 shadow-sm" do %>
<i class="bi bi-card-text me-1 fs-6"></i> <p class="m-0 fs-sm">Enviar Comprovante</p>
<% end %>
<% end %>
Expand Down
2 changes: 2 additions & 0 deletions app/views/receipts/new.html.erb
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@
<%= render("shared/errors", model: @resident, attribute: :receipt) if @resident.errors[:receipt].any? %>
</div>

<%= f.hidden_field :unit_id, value: @unit_id %>
<%= f.submit 'Enviar', class: 'btn btn-dark rounded-pill px-4 mt-1' %>
<% end %>
</div>
3 changes: 2 additions & 1 deletion config/locales/models/receipt.pt-BR.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,5 @@ pt-BR:
alerts:
receipt:
not_sended: 'Impossível enviar o comprovante ao servidor do PagueAluguel'
inexistent_image: 'Comprovante não pode ficar em branco'
inexistent_image: 'Comprovante não pode ficar em branco'
not_autorized: Você não tem permissão para acessar essa página
49 changes: 45 additions & 4 deletions spec/requests/bills_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,21 @@

expect(response).to redirect_to new_resident_session_path
end

it 'must be authenticated as Resident for that bill to see (other resident)' do
create :resident, :with_residence
resident = create :resident, :with_residence
json_data_details = Rails.root.join('spec/support/json/bill_1_details.json').read
response_for_unit_one = double('faraday_response', body: json_data_details, success?: true)

allow(Faraday).to receive(:get).and_return(response_for_unit_one)

login_as resident, scope: :resident
get bill_path 1, params: { unit_id: 1 }

expect(response).to redirect_to root_path
expect(flash[:alert]).to eq 'Você não tem permissão para acessar essa página'
end
end

context 'GET /bills/bill_id/receipts/new' do
Expand All @@ -33,6 +48,21 @@

expect(response).to redirect_to new_resident_session_path
end

it 'must be authenticated as Resident for that bill to see (other resident)' do
create :resident, :with_residence
resident = create :resident, :with_residence
json_data_details = Rails.root.join('spec/support/json/bill_1_details.json').read
response_for_unit_one = double('faraday_response', body: json_data_details, success?: true)

allow(Faraday).to receive(:get).and_return(response_for_unit_one)

login_as resident, scope: :resident
get new_bill_receipt_path 1, params: { unit_id: 1 }

expect(response).to redirect_to root_path
expect(flash[:alert]).to eq 'Você não tem permissão para acessar essa página'
end
end

context 'GET /bills' do
Expand All @@ -53,19 +83,30 @@
end

context 'POST /bills/{bill_id}/receipts' do
it 'must be authenticated as Resident to see (not authenticated)' do
post bill_receipts_path 1, params: { image: 'receipt.jpg', unid_id: 1 }
it 'must be authenticated as Resident to post (not authenticated)' do
post bill_receipts_path 1, params: { image: 'receipt.jpg', bill_id: 1 }

expect(response).to redirect_to new_resident_session_path
end

it 'must be authenticated as Resident to see (authenticated as super manager)' do
it 'must be authenticated as Resident to post (authenticated as super manager)' do
manager = create :manager, is_super: true

login_as manager, scope: :manager
post bill_receipts_path 1, params: { image: 'receipt.jpg', unid_id: 1 }
post bill_receipts_path 1, params: { image: 'receipt.jpg', bill_id: 1 }

expect(response).to redirect_to new_resident_session_path
end

it 'must be authenticated as Resident for that bill to post (other resident)' do
create :resident, :with_residence
resident = create :resident, :with_residence

login_as resident, scope: :resident
post bill_receipts_path 1, params: { unit_id: 1, image: 'receipt.jpg', bill_id: 1 }

expect(response).to redirect_to root_path
expect(flash[:alert]).to eq 'Você não tem permissão para acessar essa página'
end
end
end

0 comments on commit 4ea54bb

Please sign in to comment.