practical 0.1.0 → 3.0.0.pre.alpha1

data/app/lib/practical/test/shared/memberships/controllers/organization/membership.rb

@@ -0,0 +1,400 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Memberships::Controllers::Organization::Membership
+  extend ActiveSupport::Concern
+
+  included do
+    test "index: lists all non-archived-by_user membership types and membership invitations" do
+      user = users.organization_1_owner
+      organization = organizations.organization_1
+      sign_in(user)
+
+      self_archived_user = users.archived_organization_1_manager
+      self_archived_user.memberships.update!(state: :archived_by_user)
+
+      active_membership_user = users.organization_1_manager
+      pending_reacceptance_user = users.works_at_org_1_and_2
+      archived_by_organization_user = users.retired_staff
+
+      membership_invitation = organization.membership_invitations.create!(email: Faker::Internet.email, membership_type: :staff, sender: user)
+
+      pending_reacceptance_user.memberships.find_by!(organization: organization).update!(state: :pending_reacceptance)
+
+      assert_index_policies_applied(organization: organization) do
+        get organization_memberships_url(organization)
+      end
+
+      assert_response :ok
+      assert_dom 'td', text: active_membership_user.name
+      assert_dom 'td', text: pending_reacceptance_user.name
+      assert_dom 'td', text: archived_by_organization_user.name
+      assert_dom 'td', text: membership_invitation.email
+      assert_dom 'td', text: self_archived_user.name, count: 0
+    end
+
+    test "create: creates a new invitation" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      email = Faker::Internet.email
+
+      params = {
+        organization_new_membership_invitation_form: {
+          email: email,
+          membership_type: :staff
+        }
+      }
+
+      assert_difference "MembershipInvitation.count", +1 do
+      assert_no_difference "Membership.count" do
+      assert_create_policies_applied(organization: organization) do
+        post organization_memberships_url(organization), params: params, as: :json
+      end
+      end
+      end
+
+      assert_json_redirected_to(organization_memberships_url(organization))
+      message = I18n.t('organization_memberships.invitation_sent_message', email: email)
+      assert_flash_message(type: :success, message: message, icon_name: 'envelope-dot')
+    end
+
+    test "create: resends a pending invitation" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      email = users.invited_user_1.email
+      previous_invitation = organization.membership_invitations.find_by!(email: email)
+      previous_invitation.update!(last_sent_at: 1.hour.ago)
+
+      params = {
+        organization_new_membership_invitation_form: {
+          email: email,
+          membership_type: :organization_manager
+        }
+      }
+
+      assert_no_difference "MembershipInvitation.count" do
+      assert_create_policies_applied(organization: organization) do
+        post organization_memberships_url(organization), params: params, as: :json
+      end
+      end
+
+      assert_json_redirected_to(organization_memberships_url(organization))
+      message = I18n.t('organization_memberships.invitation_sent_message', email: email)
+      assert_flash_message(type: :success, message: message, icon_name: 'envelope-dot')
+    end
+
+    test "create: marks a archived_by_organization invitation as pending_reacceptance" do
+      user = users.organization_2_owner
+      organization = organizations.organization_2
+      sign_in(user)
+
+      email = users.organization_1_staff.email
+      previous_membership = organization.memberships.includes(:user).find_by!(user: {email: email})
+      assert_equal true, previous_membership.pending_reacceptance?
+
+      params = {
+        organization_new_membership_invitation_form: {
+          email: email,
+          membership_type: :organization_manager
+        }
+      }
+
+      assert_no_difference "MembershipInvitation.count" do
+      assert_create_policies_applied(organization: organization) do
+        post organization_memberships_url(organization), params: params, as: :json
+      end
+      end
+
+      assert_json_redirected_to(organization_memberships_url(organization))
+      assert_flash_message(type: :notice, message: I18n.t('organization_memberships.awaiting_reacceptance_message'), icon_name: 'circle-info')
+    end
+
+    test "create: does nothing & returns a flash message if given an email for an active membership" do
+      user = users.organization_1_manager
+      organization = organizations.organization_1
+      sign_in(user)
+
+      email = users.works_at_org_1_and_2.email
+      previous_membership = organization.memberships.includes(:user).find_by!(user: {email: email})
+      assert_equal true, previous_membership.active?
+
+      params = {
+        organization_new_membership_invitation_form: {
+          email: email,
+          membership_type: :organization_manager
+        }
+      }
+
+      assert_no_difference "MembershipInvitation.count" do
+      assert_create_policies_applied(organization: organization) do
+        post organization_memberships_url(organization), params: params, as: :json
+      end
+      end
+
+      assert_json_redirected_to(organization_memberships_url(organization))
+      assert_flash_message(type: :success, message: I18n.t('organization_memberships.already_member_message'), icon_name: 'circle-check')
+    end
+
+    test "create: renders errors as JSON if given an email for a membership archived_by_user" do
+      user = users.organization_1_manager
+      organization = organizations.organization_1
+      sign_in(user)
+
+      email = users.works_at_org_1_and_2.email
+      previous_membership = organization.memberships.includes(:user).find_by!(user: {email: email})
+      previous_membership.update!(state: :archived_by_user)
+
+      params = {
+        organization_new_membership_invitation_form: {
+          email: email,
+          membership_type: :organization_manager
+        }
+      }
+
+      assert_no_difference "MembershipInvitation.count" do
+      assert_create_policies_applied(organization: organization) do
+        post organization_memberships_url(organization), params: params, as: :json
+      end
+      end
+
+      assert_response :bad_request
+
+      assert_error_json_contains(
+        container_id: "organization_new_membership_invitation_form_base_errors",
+        element_id: "organization_new_membership_invitation_form_base",
+        message: I18n.t('activemodel.errors.models.organization/new_membership_invitation_form.attributes.base.cannot_be_resent'),
+        type: "cannot_be_resent"
+      )
+    end
+
+    test "create: renders errors as JSON if given an email for a non-visible invitation" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      email = users.invited_user_1.email
+      previous_invitation = organization.membership_invitations.find_by!(email: email)
+      previous_invitation.update!(visible: false)
+
+      params = {
+        organization_new_membership_invitation_form: {
+          email: email,
+          membership_type: :organization_manager
+        }
+      }
+
+      assert_no_difference "MembershipInvitation.count" do
+      assert_create_policies_applied(organization: organization) do
+        post organization_memberships_url(organization), params: params, as: :json
+      end
+      end
+
+      assert_response :bad_request
+
+      assert_error_json_contains(
+        container_id: "organization_new_membership_invitation_form_base_errors",
+        element_id: "organization_new_membership_invitation_form_base",
+        message: I18n.t('activemodel.errors.models.organization/new_membership_invitation_form.attributes.base.cannot_be_resent'),
+        type: "cannot_be_resent"
+      )
+    end
+
+    test "create: renders errors as JSON if given an email for an invitation that was just sent out" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      email = users.invited_user_1.email
+      previous_invitation = organization.membership_invitations.find_by!(email: email)
+      previous_invitation.update!(last_sent_at: Time.now.utc)
+
+      params = {
+        organization_new_membership_invitation_form: {
+          email: email,
+          membership_type: :organization_manager
+        }
+      }
+
+      assert_no_difference "MembershipInvitation.count" do
+      assert_create_policies_applied(organization: organization) do
+        post organization_memberships_url(organization), params: params, as: :json
+      end
+      end
+
+      assert_response :bad_request
+
+      assert_error_json_contains(
+        container_id: "organization_new_membership_invitation_form_base_errors",
+        element_id: "organization_new_membership_invitation_form_base",
+        message: I18n.t('activemodel.errors.models.organization/new_membership_invitation_form.attributes.base.cannot_be_resent'),
+        type: "cannot_be_resent"
+      )
+    end
+
+    test "create: renders errors as JSON" do
+      user = users.organization_1_manager
+      organization = organizations.organization_1
+
+      sign_in(user)
+
+      params = {
+        organization_new_membership_invitation_form: {
+          email: "",
+          membership_type: :staff
+        }
+      }
+
+      assert_no_difference "MembershipInvitation.count" do
+      assert_create_policies_applied(organization: organization) do
+        post organization_memberships_url(organization), params: params, as: :json
+      end
+      end
+      assert_response :bad_request
+
+      assert_error_json_contains(
+        container_id: "organization_new_membership_invitation_form_email_errors",
+        element_id: "organization_new_membership_invitation_form_email",
+        message: "can't be blank",
+        type: "blank"
+      )
+    end
+
+    test "create: renders errors as HTML" do
+      user = users.organization_1_manager
+      organization = organizations.organization_1
+
+      sign_in(user)
+
+      params = {
+        organization_new_membership_invitation_form: {
+          email: "",
+          membership_type: :staff
+        }
+      }
+
+      assert_no_difference "MembershipInvitation.count" do
+      assert_create_policies_applied(organization: organization) do
+        post organization_memberships_url(organization), params: params
+      end
+      end
+      assert_response :bad_request
+
+      assert_error_dom(
+        container_id: "organization_new_membership_invitation_form_email_errors",
+        message: "can't be blank"
+      )
+    end
+
+    test "edit: renders the form" do
+      user = users.organization_1_owner
+      organization = organizations.organization_1
+      sign_in(user)
+
+      membership = users.organization_1_manager.memberships.find_by!(organization: organization)
+
+      assert_edit_policies_applied(organization: organization, membership: membership) do
+        get edit_organization_membership_url(organization, membership)
+      end
+
+      assert_response :ok
+
+      css_select "form[action='#{organization_membership_url(organization, membership)}']"
+    end
+
+    test "update: can archive an active membership" do
+      user = users.organization_1_owner
+      organization = organizations.organization_1
+      sign_in(user)
+
+      membership = users.organization_1_manager.memberships.find_by!(organization: organization)
+
+      assert_update_policies_applied(organization: organization, membership: membership) do
+        patch organization_membership_url(organization, membership), params: {organization_membership_form: {
+          state: :archived_by_organization
+        }}
+      end
+
+      assert_flash_message(type: :success, message: I18n.t('organization_memberships.updated_message'), icon_name: 'circle-check')
+      assert_redirected_to edit_organization_membership_url(organization, membership)
+      assert_equal true, membership.reload.archived_by_organization?
+    end
+
+    test "update: can archive a pending_reacceptance membership" do
+      user = users.organization_2_owner
+      organization = organizations.organization_2
+      sign_in(user)
+
+      membership = users.organization_1_staff.memberships.find_by!(organization: organization)
+
+      assert_update_policies_applied(organization: organization, membership: membership) do
+        patch organization_membership_url(organization, membership), params: {organization_membership_form: {
+          state: :archived_by_organization
+        }}
+      end
+
+      assert_redirected_to edit_organization_membership_url(organization, membership)
+      assert_equal true, membership.reload.archived_by_organization?
+    end
+
+    test "update: can unarchive an archived_by_organization membership" do
+      user = users.organization_1_owner
+      organization = organizations.organization_1
+      sign_in(user)
+
+      membership = users.archived_organization_1_manager.memberships.find_by!(organization: organization)
+
+      assert_update_policies_applied(organization: organization, membership: membership) do
+        patch organization_membership_url(organization, membership), params: {organization_membership_form: {
+          state: :pending_reacceptance
+        }}
+      end
+
+      assert_flash_message(type: :success, message: I18n.t('organization_memberships.updated_message'), icon_name: 'circle-check')
+      assert_redirected_to edit_organization_membership_url(organization, membership)
+      assert_equal true, membership.reload.pending_reacceptance?
+    end
+
+    test "update: update the membership_type" do
+      user = users.organization_1_owner
+      organization = organizations.organization_1
+      sign_in(user)
+
+      membership = users.organization_1_manager.memberships.find_by!(organization: organization)
+
+      assert_update_policies_applied(organization: organization, membership: membership) do
+        patch organization_membership_url(organization, membership), params: {organization_membership_form: {
+          membership_type: :staff
+        }}
+      end
+
+      assert_redirected_to edit_organization_membership_url(organization, membership)
+      assert_equal true, membership.reload.staff?
+    end
+
+    test "update: returns an error if trying to archive the only organization_manager" do
+      user = users.organization_2_owner
+      organization = organizations.organization_2
+      sign_in(user)
+
+      membership = user.memberships.find_by!(organization: organization)
+
+      assert_update_policies_applied(organization: organization, membership: membership) do
+        patch organization_membership_url(organization, membership), params: {organization_membership_form: {
+          state: :archived_by_organization
+        }}
+      end
+
+      assert_response :bad_request
+
+      assert_error_dom(
+        container_id: "generic_errors_organization_membership_form",
+        message: /This member cannot be archived/
+      )
+
+      assert_equal true, membership.reload.active?
+    end
+  end
+end

data/app/lib/practical/test/shared/memberships/controllers/organization/membership_invitation.rb

@@ -0,0 +1,148 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Memberships::Controllers::Organization::MembershipInvitation
+  extend ActiveSupport::Concern
+
+  included do
+    test "resend: resends a pending invitation and returns a flash message" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      membership_invitation = organization.membership_invitations.find_by!(email: users.invited_user_1.email)
+      time = Time.now.utc
+
+      Timecop.freeze(time) do
+      assert_policies_applied(organization: organization, membership_invitation: membership_invitation) do
+      assert_no_difference "MembershipInvitation.count" do
+        patch resend_organization_membership_invitation_url(organization, membership_invitation)
+      end
+      end
+      end
+
+      assert_redirected_to organization_memberships_url(organization)
+      message = I18n.t('organization_memberships.invitation_sent_message', email: membership_invitation.email)
+      assert_flash_message(type: :success, message: message, icon_name: 'envelope-dot')
+
+      assert_enqueued_email_with(MembershipInvitationMailer, :invitation, args: [{membership_invitation: membership_invitation}])
+      assert_equal time.to_fs(:db), membership_invitation.reload.last_sent_at.to_fs(:db)
+    end
+
+    test "resend: does nothing if the invitation cannot be resent yet" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      membership_invitation = organization.membership_invitations.find_by!(email: users.invited_user_1.email)
+      membership_invitation.update!(last_sent_at: Time.now.utc)
+      old_last_sent_at = membership_invitation.last_sent_at
+
+      assert_policies_applied(organization: organization, membership_invitation: membership_invitation) do
+      assert_no_difference "MembershipInvitation.count" do
+        patch resend_organization_membership_invitation_url(organization, membership_invitation)
+      end
+      end
+
+      assert_redirected_to organization_memberships_url(organization)
+      message = I18n.t("organization_memberships.cannot_be_resent_message")
+      assert_flash_message(type: :alert, message: message, icon_name: 'triangle-exclamation')
+
+      assert_no_enqueued_emails
+      assert_equal old_last_sent_at.to_fs(:db), membership_invitation.reload.last_sent_at.to_fs(:db)
+    end
+
+    test "resend: returns 404 if the invitation is already tied to a user" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      membership_invitation = users.invited_user_2.membership_invitations.find_by!(organization: organization)
+      old_last_sent_at = membership_invitation.last_sent_at
+
+      assert_policies_applied_on_404(organization: organization) do
+      assert_no_difference "MembershipInvitation.count" do
+        patch resend_organization_membership_invitation_url(organization, membership_invitation)
+      end
+      end
+
+      assert_response :not_found
+      assert_no_enqueued_emails
+    end
+
+    test "resend: does nothing if the invitation is not visible" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      membership_invitation = organization.membership_invitations.find_by!(email: users.invited_user_1.email)
+      membership_invitation.update!(visible: false)
+
+      assert_policies_applied_on_404(organization: organization) do
+      assert_no_difference "MembershipInvitation.count" do
+        patch resend_organization_membership_invitation_url(organization, membership_invitation)
+      end
+      end
+
+      assert_response :not_found
+
+      assert_no_enqueued_emails
+    end
+
+
+    test "destroy: destroys a pending invitation and returns a flash message" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      membership_invitation = organization.membership_invitations.find_by!(email: users.invited_user_1.email)
+
+      assert_policies_applied(organization: organization, membership_invitation: membership_invitation) do
+      assert_difference "MembershipInvitation.count", -1 do
+        delete organization_membership_invitation_url(organization, membership_invitation)
+      end
+      end
+
+      assert_redirected_to organization_memberships_url(organization)
+      message = I18n.t('organization_memberships.invitation_revoked_message', email: membership_invitation.email)
+      assert_flash_message(type: :alert, message: message, icon_name: 'link-slash')
+
+      assert_no_enqueued_emails
+    end
+
+    test "destroy: returns 404 if the invitation is already tied to a user" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      membership_invitation = users.invited_user_2.membership_invitations.find_by!(organization: organization)
+      old_last_sent_at = membership_invitation.last_sent_at
+
+      assert_policies_applied_on_404(organization: organization) do
+      assert_no_difference "MembershipInvitation.count" do
+        delete organization_membership_invitation_url(organization, membership_invitation)
+      end
+      end
+
+      assert_response :not_found
+      assert_no_enqueued_emails
+    end
+
+    test "destroy: returns 404 if the invitation is not visible" do
+      user = users.organization_3_owner
+      organization = organizations.organization_3
+      sign_in(user)
+
+      membership_invitation = organization.membership_invitations.find_by!(email: users.invited_user_1.email)
+      membership_invitation.update!(visible: false)
+
+      assert_policies_applied_on_404(organization: organization) do
+      assert_no_difference "MembershipInvitation.count" do
+        delete organization_membership_invitation_url(organization, membership_invitation)
+      end
+      end
+
+      assert_response :not_found
+      assert_no_enqueued_emails
+    end
+  end
+end

data/app/lib/practical/test/shared/memberships/controllers/user/membership.rb

@@ -0,0 +1,119 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Memberships::Controllers::User::Membership
+  extend ActiveSupport::Concern
+
+  included do
+    test "index: lists all non-archived-by_organization membership types and membership invitations" do
+      extra_organization = Organization.create!(name: Faker::Company.name)
+      invitation_organization = Organization.create(name: Faker::Company.name)
+      invitation_organization.memberships.create!(user: users.user_1, membership_type: :organization_manager, state: :active)
+
+      user = users.works_at_org_1_and_2
+      sign_in(user)
+
+      self_archived_membership = user.memberships.find_by(organization: organizations.organization_1)
+      self_archived_membership.update!(state: :archived_by_user)
+
+      active_membership = user.memberships.find_by!(organization: organizations.organization_2)
+      pending_reacceptance_membership = user.memberships.create!(organization: organizations.organization_3, membership_type: :staff, state: :pending_reacceptance)
+      archived_by_organization_membership = user.memberships.create!(organization: extra_organization, membership_type: :staff, state: :archived_by_organization)
+
+      membership_invitation = invitation_organization.membership_invitations.create!(email: user.email, membership_type: :staff, sender: users.user_1)
+
+      assert_index_policies_applied(user: user) do
+        get user_memberships_url
+      end
+
+      assert_response :ok
+      assert_dom 'td', text: active_membership.organization.name
+      assert_dom 'td', text: pending_reacceptance_membership.organization.name
+      assert_dom 'td', text: self_archived_membership.organization.name
+      assert_dom 'td', text: membership_invitation.organization.name
+      assert_dom 'td', text: archived_by_organization_membership.organization.name, count: 0
+    end
+
+    test "update: can archive an active membership" do
+      user = users.works_at_org_1_and_2
+      sign_in(user)
+
+      membership = user.memberships.find_by!(organization: organizations.organization_1)
+
+      assert_update_policies_applied(user: user, membership: membership) do
+        patch user_membership_url(membership), params: {user_membership_form: {
+          state: :archived_by_user
+        }}
+      end
+
+      assert_flash_message(type: :notice, message: I18n.t('user_memberships.archived_message'), icon_name: 'circle-info')
+      assert_redirected_to user_memberships_url
+      assert_equal true, membership.reload.archived_by_user?
+    end
+
+    test "update: can archive a pending_reacceptance membership" do
+      user = users.organization_1_staff
+      sign_in(user)
+
+      membership = user.memberships.find_by!(organization: organizations.organization_2)
+
+      assert_update_policies_applied(user: user, membership: membership) do
+        patch user_membership_url(membership), params: {user_membership_form: {
+          state: :archived_by_user
+        }}
+      end
+
+      assert_flash_message(type: :notice, message: I18n.t('user_memberships.archived_message'), icon_name: 'circle-info')
+      assert_redirected_to user_memberships_url
+      assert_equal true, membership.reload.archived_by_user?
+    end
+
+    test "update: cannot unarchive an archived_by_organization membership" do
+      user = users.retired_staff
+      sign_in(user)
+
+      membership = user.memberships.find_by!(organization: organizations.organization_1)
+
+      assert_not_found_policies_applied(user: user) do
+        patch user_membership_url(membership), params: {user_membership_form: {
+          state: :pending_reacceptance
+        }}
+      end
+
+      assert_response :not_found
+    end
+
+    test "update: cannot update the membership_type" do
+      user = users.organization_1_owner
+      sign_in(user)
+
+      membership = user.memberships.find_by!(organization: organizations.organization_1)
+
+      assert_update_policies_applied(user: user, membership: membership) do
+        patch user_membership_url(membership), params: {user_membership_form: {
+          membership_type: :staff
+        }}
+      end
+
+      assert_redirected_to user_memberships_url
+      assert_equal true, membership.reload.organization_manager?
+    end
+
+    test "update: returns an error if trying to leave the only organization_manager" do
+      user = users.organization_2_owner
+      sign_in(user)
+
+      membership = user.memberships.find_by!(organization: organizations.organization_2)
+
+      assert_update_policies_applied(user: user, membership: membership) do
+        patch user_membership_url(membership), params: {user_membership_form: {
+          state: :archived_by_organization
+        }}
+      end
+
+      assert_flash_message(type: :alert, message: I18n.t('activemodel.errors.models.user/membership_form.attributes.state.inclusion'), icon_name: 'triangle-exclamation')
+      assert_redirected_to user_memberships_url
+
+      assert_equal true, membership.reload.active?
+    end
+  end
+end