From d865c0ae792eebcc89ec8321db410703046728de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius?= Date: Mon, 22 Jul 2024 02:44:33 -0300 Subject: [PATCH 1/4] =?UTF-8?q?Testa=20a=20autoriza=C3=A7=C3=A3o=20do=20co?= =?UTF-8?q?mprovante?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Lucas Oliveira --- app/controllers/bills_controller.rb | 7 ++++++- app/controllers/receipts_controller.rb | 10 ++++++++++ app/views/bills/show.html.erb | 2 +- app/views/receipts/new.html.erb | 2 ++ 4 files changed, 19 insertions(+), 2 deletions(-) diff --git a/app/controllers/bills_controller.rb b/app/controllers/bills_controller.rb index b2d637b..8446b8a 100644 --- a/app/controllers/bills_controller.rb +++ b/app/controllers/bills_controller.rb @@ -1,9 +1,10 @@ class BillsController < ApplicationController rescue_from Faraday::ConnectionFailed, with: :connection_refused before_action :authenticate_resident!, only: %i[index show] - before_action :unit_for_current_resident + before_action :unit_for_current_resident, only: %i[index show] before_action :request_open_bills_list, only: :index before_action :request_bill_details, only: :show + before_action :autorize_resident, only: :show before_action :set_breadcrumbs_for_action, only: %i[index show] def index; end @@ -34,4 +35,8 @@ def connection_refused def set_breadcrumbs_for_action add_breadcrumb I18n.t("breadcrumb.bill.#{action_name}") end + + def autorize_resident + redirect_to root_path, alert: t('alerts.bill.not_autorized') unless @bill.unit_id == @unit.id + end end diff --git a/app/controllers/receipts_controller.rb b/app/controllers/receipts_controller.rb index 7dc7dea..d30a102 100644 --- a/app/controllers/receipts_controller.rb +++ b/app/controllers/receipts_controller.rb @@ -2,6 +2,8 @@ class ReceiptsController < ApplicationController before_action :authenticate_resident!, only: %i[create new] before_action :define_resident, only: %i[create new] before_action :set_bill_id, only: %i[create new] + before_action :set_unit_id, only: %i[new create] + before_action :autorize_resident, only: %i[new create] before_action :check_image_presence, only: :create before_action :set_breadcrumbs_for_action, only: :new @@ -34,4 +36,12 @@ def check_image_presence @resident.add_error render 'new', status: :unprocessable_entity end + + def set_unit_id + @unit_id = params[:unit_id] + end + + def autorize_resident + redirect_to root_path, alert: t('alerts.bill.not_autorized') unless @unit_id.to_i == @resident.residence.id + end end diff --git a/app/views/bills/show.html.erb b/app/views/bills/show.html.erb index abf8efa..6ee2cec 100644 --- a/app/views/bills/show.html.erb +++ b/app/views/bills/show.html.erb @@ -31,7 +31,7 @@
<% if @bill.status == 'pending' %> - <%= link_to new_bill_receipt_path(@bill_id), class:"btn btn-dark rounded-pill d-flex align-items-baseline pb-2 mb-2 shadow-sm" do %> + <%= link_to new_bill_receipt_path(@bill_id, unit_id: @bill.unit_id), class:"btn btn-dark rounded-pill d-flex align-items-baseline pb-2 mb-2 shadow-sm" do %>

Enviar Comprovante

<% end %> <% end %> diff --git a/app/views/receipts/new.html.erb b/app/views/receipts/new.html.erb index 4696c77..5c6cfb0 100644 --- a/app/views/receipts/new.html.erb +++ b/app/views/receipts/new.html.erb @@ -9,6 +9,8 @@ <%= render("shared/errors", model: @resident, attribute: :receipt) if @resident.errors[:receipt].any? %>
+ <%= f.hidden_field :unit_id, value: @unit_id %> + <%= f.submit 'Enviar', class: 'btn btn-dark rounded-pill px-4 mt-1' %> <% end %> \ No newline at end of file From ab6bd8ddef43c11545aa10d3b2d9e78d7d2ab959 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius?= Date: Mon, 22 Jul 2024 03:05:10 -0300 Subject: [PATCH 2/4] =?UTF-8?q?Testa=20a=20autoriza=C3=A7=C3=A3o=20para=20?= =?UTF-8?q?show?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Lucas Oliveira --- spec/requests/bills_spec.rb | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/spec/requests/bills_spec.rb b/spec/requests/bills_spec.rb index 5e6c625..d26d7c9 100644 --- a/spec/requests/bills_spec.rb +++ b/spec/requests/bills_spec.rb @@ -16,6 +16,20 @@ expect(response).to redirect_to new_resident_session_path end + + it 'must be authenticated as Resident for that bill to see (other resident)' do + create :resident, :with_residence + resident = create :resident, :with_residence + json_data_details = Rails.root.join('spec/support/json/bill_1_details.json').read + response_for_unit_one = double('faraday_response', body: json_data_details, success?: true) + + allow(Faraday).to receive(:get).and_return(response_for_unit_one) + + login_as resident, scope: :resident + get bill_path 1, params: { unit_id: 1 } + + expect(response).to redirect_to root_path + end end context 'GET /bills/bill_id/receipts/new' do From b3aec1b6c68f5fd8ad679ca5040484e10aece016 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius?= Date: Mon, 22 Jul 2024 03:23:27 -0300 Subject: [PATCH 3/4] =?UTF-8?q?Testa=20a=20autoriza=C3=A7=C3=A3o=20no=20po?= =?UTF-8?q?st=20e=20corrige=20mock=20no=20teste=20de=20commom=5Farea?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Lucas Oliveira --- spec/requests/bills_spec.rb | 32 ++++++++++++++++--- .../resident_reserves_common_area_spec.rb | 2 ++ 2 files changed, 30 insertions(+), 4 deletions(-) diff --git a/spec/requests/bills_spec.rb b/spec/requests/bills_spec.rb index d26d7c9..f4d96b2 100644 --- a/spec/requests/bills_spec.rb +++ b/spec/requests/bills_spec.rb @@ -47,6 +47,20 @@ expect(response).to redirect_to new_resident_session_path end + + it 'must be authenticated as Resident for that bill to see (other resident)' do + create :resident, :with_residence + resident = create :resident, :with_residence + json_data_details = Rails.root.join('spec/support/json/bill_1_details.json').read + response_for_unit_one = double('faraday_response', body: json_data_details, success?: true) + + allow(Faraday).to receive(:get).and_return(response_for_unit_one) + + login_as resident, scope: :resident + get new_bill_receipt_path 1, params: { unit_id: 1 } + + expect(response).to redirect_to root_path + end end context 'GET /bills' do @@ -67,19 +81,29 @@ end context 'POST /bills/{bill_id}/receipts' do - it 'must be authenticated as Resident to see (not authenticated)' do - post bill_receipts_path 1, params: { image: 'receipt.jpg', unid_id: 1 } + it 'must be authenticated as Resident to post (not authenticated)' do + post bill_receipts_path 1, params: { image: 'receipt.jpg', bill_id: 1 } expect(response).to redirect_to new_resident_session_path end - it 'must be authenticated as Resident to see (authenticated as super manager)' do + it 'must be authenticated as Resident to post (authenticated as super manager)' do manager = create :manager, is_super: true login_as manager, scope: :manager - post bill_receipts_path 1, params: { image: 'receipt.jpg', unid_id: 1 } + post bill_receipts_path 1, params: { image: 'receipt.jpg', bill_id: 1 } expect(response).to redirect_to new_resident_session_path end + + it 'must be authenticated as Resident for that bill to post (other resident)' do + create :resident, :with_residence + resident = create :resident, :with_residence + + login_as resident, scope: :resident + post bill_receipts_path 1, params: { unit_id: 1, image: 'receipt.jpg', bill_id: 1 } + + expect(response).to redirect_to root_path + end end end diff --git a/spec/system/common_area/reservation/resident_reserves_common_area_spec.rb b/spec/system/common_area/reservation/resident_reserves_common_area_spec.rb index 6cd8f88..10aa20f 100644 --- a/spec/system/common_area/reservation/resident_reserves_common_area_spec.rb +++ b/spec/system/common_area/reservation/resident_reserves_common_area_spec.rb @@ -40,6 +40,8 @@ it 'fail if the connection is lost with external application' do common_area = create :common_area resident = create :resident, :with_residence, condo: common_area.condo + allow(Faraday).to receive(:get).and_raise(Faraday::ConnectionFailed) + allow(Faraday).to receive(:post).and_raise(Faraday::ConnectionFailed) travel_to '01/07/2024' do login_as resident, scope: :resident From 066ec4c1e8c676609d19ababbc03f31954dd8570 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius?= Date: Mon, 22 Jul 2024 03:42:56 -0300 Subject: [PATCH 4/4] =?UTF-8?q?Corrige=20erro=20de=20tradu=C3=A7=C3=A3o=20?= =?UTF-8?q?e=20testa=20as=20mensagens?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Lucas Oliveira --- app/controllers/bills_controller.rb | 2 +- app/controllers/receipts_controller.rb | 2 +- config/locales/models/receipt.pt-BR.yml | 3 ++- spec/requests/bills_spec.rb | 3 +++ 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/app/controllers/bills_controller.rb b/app/controllers/bills_controller.rb index 8446b8a..55fce3f 100644 --- a/app/controllers/bills_controller.rb +++ b/app/controllers/bills_controller.rb @@ -37,6 +37,6 @@ def set_breadcrumbs_for_action end def autorize_resident - redirect_to root_path, alert: t('alerts.bill.not_autorized') unless @bill.unit_id == @unit.id + redirect_to root_path, alert: t('alerts.receipt.not_autorized') unless @bill.unit_id == @unit.id end end diff --git a/app/controllers/receipts_controller.rb b/app/controllers/receipts_controller.rb index d30a102..f8f0953 100644 --- a/app/controllers/receipts_controller.rb +++ b/app/controllers/receipts_controller.rb @@ -42,6 +42,6 @@ def set_unit_id end def autorize_resident - redirect_to root_path, alert: t('alerts.bill.not_autorized') unless @unit_id.to_i == @resident.residence.id + redirect_to root_path, alert: t('alerts.receipt.not_autorized') unless @unit_id.to_i == @resident.residence.id end end diff --git a/config/locales/models/receipt.pt-BR.yml b/config/locales/models/receipt.pt-BR.yml index 516aa14..9b35c69 100644 --- a/config/locales/models/receipt.pt-BR.yml +++ b/config/locales/models/receipt.pt-BR.yml @@ -5,4 +5,5 @@ pt-BR: alerts: receipt: not_sended: 'Impossível enviar o comprovante ao servidor do PagueAluguel' - inexistent_image: 'Comprovante não pode ficar em branco' \ No newline at end of file + inexistent_image: 'Comprovante não pode ficar em branco' + not_autorized: Você não tem permissão para acessar essa página \ No newline at end of file diff --git a/spec/requests/bills_spec.rb b/spec/requests/bills_spec.rb index f4d96b2..5b5ec9c 100644 --- a/spec/requests/bills_spec.rb +++ b/spec/requests/bills_spec.rb @@ -29,6 +29,7 @@ get bill_path 1, params: { unit_id: 1 } expect(response).to redirect_to root_path + expect(flash[:alert]).to eq 'Você não tem permissão para acessar essa página' end end @@ -60,6 +61,7 @@ get new_bill_receipt_path 1, params: { unit_id: 1 } expect(response).to redirect_to root_path + expect(flash[:alert]).to eq 'Você não tem permissão para acessar essa página' end end @@ -104,6 +106,7 @@ post bill_receipts_path 1, params: { unit_id: 1, image: 'receipt.jpg', bill_id: 1 } expect(response).to redirect_to root_path + expect(flash[:alert]).to eq 'Você não tem permissão para acessar essa página' end end end