handling old/stale account requests

rubyforgood · Sep 2, 2024 · a84ada2 · a84ada2
1 parent 51524e0
commit a84ada2
Show file tree

Hide file tree

Showing 11 changed files with 151 additions and 14 deletions.
diff --git a/app/controllers/admin/account_requests_controller.rb b/app/controllers/admin/account_requests_controller.rb
@@ -1,4 +1,6 @@
 class Admin::AccountRequestsController < AdminController
+  before_action :set_account_request, only: [:reject, :close]
+
   def index
     @open_account_requests = AccountRequest.requested.order('created_at DESC')
       .page(params[:open_page]).per(15)
@@ -11,12 +13,25 @@ def for_rejection
   end
 
   def reject
-    account_request = AccountRequest.find(account_request_params[:id])
-    account_request.reject!(account_request_params[:rejection_reason])
+    @account_request.reject!(account_request_params[:rejection_reason])
     redirect_to admin_account_requests_path, notice: "Account request rejected!"
   end
 
+  def close
+    if @account_request.close!(account_request_params[:rejection_reason])
+      redirect_to admin_account_requests_path, notice: "Account request closed!"
+    else
+      redirect_to admin_account_requests_path, error: "Account cannot be closed"
+    end
+  end
+
   def account_request_params
     params.require(:account_request).permit(:id, :rejection_reason)
   end
+
+  private
+
+  def set_account_request
+    @account_request = AccountRequest.find(account_request_params[:id])
+  end
 end
diff --git a/app/models/account_request.rb b/app/models/account_request.rb
@@ -30,10 +30,10 @@ class AccountRequest < ApplicationRecord
 
   has_one :organization, dependent: :nullify
 
-  enum status: %w[started user_confirmed admin_approved rejected].map { |v| [v, v] }.to_h
+  enum status: %w[started user_confirmed admin_approved rejected admin_closed].map { |v| [v, v] }.to_h
 
   scope :requested, -> { where(status: %w[started user_confirmed]) }
-  scope :closed, -> { where(status: %w[admin_approved rejected]) }
+  scope :closed, -> { where(status: %w[admin_approved rejected admin_closed]) }
 
   def self.get_by_identity_token(identity_token)
     decrypted_token = JWT.decode(identity_token, Rails.application.secret_key_base, true, { algorithm: 'HS256' })
@@ -62,6 +62,11 @@ def processed?
     organization.present?
   end
 
+  # @return [Boolean]
+  def can_be_closed?
+    started? || user_confirmed?
+  end
+
   def confirm!
     update!(confirmed_at: Time.current, status: 'user_confirmed')
     AccountRequestMailer.approval_request(account_request_id: id).deliver_later
@@ -73,6 +78,12 @@ def reject!(reason)
     AccountRequestMailer.rejection(account_request_id: id).deliver_later
   end
 
+  # @param reason [String]
+  def close!(reason)
+    return false unless can_be_closed?
+    update!(status: 'admin_closed', rejection_reason: reason)
+  end
+
   private
 
   def email_not_already_used_by_organization

diff --git a/app/views/admin/account_requests/_close_admin_modal.html.erb b/app/views/admin/account_requests/_close_admin_modal.html.erb
@@ -0,0 +1,25 @@
+<div class="modal" id="close-modal">
+  <div class="modal-dialog">
+
+    <!-- Modal content-->
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">
+          Close Account Request
+        </h4>
+        <button type="button" class="close btn-close" data-bs-dismiss="modal">&times;</button>
+      </div>
+      <div class="modal-body">
+        <%= simple_form_for AccountRequest.new, url: close_admin_account_requests_path, method: :post do |f| %>
+          <%= f.hidden_field :id, id: :reject_account_request_id %>
+          <div class="form-inputs">
+            <%= f.input :rejection_reason, required: true, autofocus: true, wrapper: :input_group %>
+          </div>
+          <%= submit_button %>
+        <% end %>
+      </div>
+    </div>
+
+  </div>
+
+</div>
diff --git a/app/views/admin/account_requests/_open_account_request.html.erb b/app/views/admin/account_requests/_open_account_request.html.erb
@@ -13,5 +13,10 @@
   <td><%= js_button(text: 'Reject',
                     icon: 'ban',
                     class: 'reject-button',
-                    data: { request_id: open_account_request.id }) %></td>
+                    data: { request_id: open_account_request.id, modal: 'rejection' }) %></td>
+  <td><%= js_button(text: 'Close(Admin)',
+                  icon: 'times',
+                  class: 'reject-button',
+                  data: { request_id: open_account_request.id, modal: 'close' }) %></td>
+
 </tr>
diff --git a/app/views/admin/account_requests/_rejection_modal.html.erb b/app/views/admin/account_requests/_rejection_modal.html.erb
@@ -23,14 +23,14 @@
   </div>
 
 </div>
-
 <script type="module">
   $(() => {
     $('.reject-button').click((event) => {
       event.preventDefault();
-      $('#account_request_rejection_reason').val('');
-      $('#reject_account_request_id').val($(event.target).data('requestId'));
-      $('#rejection-modal').modal('show');
+      let classModal = $(event.target).data('modal')
+      $(`#${classModal}-modal #account_request_rejection_reason`).val('');
+      $(`#${classModal}-modal #reject_account_request_id`).val($(event.target).data('requestId'));
+      $(`#${classModal}-modal`).modal('show');
     })
   })
 </script>
diff --git a/app/views/admin/account_requests/for_rejection.html.erb b/app/views/admin/account_requests/for_rejection.html.erb
@@ -40,6 +40,7 @@
   </section>
 
   <%= render partial: 'rejection_modal' %>
+  <%= render partial: 'close_admin_modal' %>
 <% else %>
   <h1>Account Request not found!</h1>
 <% end %>
diff --git a/app/views/admin/account_requests/index.html.erb b/app/views/admin/account_requests/index.html.erb
@@ -44,6 +44,7 @@
 </section>
 
 <%= render partial: 'rejection_modal' %>
+<%= render partial: 'close_admin_modal' %>
 
 <section class="content-header">
   <div class="container-fluid">
@@ -108,9 +109,10 @@
   $(() => {
     $('.reject-button').click((event) => {
       event.preventDefault();
-      $('#account_request_rejection_reason').val('');
-      $('#reject_account_request_id').val($(event.target).data('requestId'));
-      $('#rejection-modal').modal('show');
+      let classModal = $(event.target).data('modal')
+      $(`#${classModal}-modal #account_request_rejection_reason`).val('');
+      $(`#${classModal}-modal #reject_account_request_id`).val($(event.target).data('requestId'));
+      $(`#${classModal}-modal`).modal('show');
     })
   })
 </script>
diff --git a/config/routes.rb b/config/routes.rb
@@ -76,6 +76,7 @@ def set_up_flipper
     resources :barcode_items
     resources :account_requests, only: [:index] do
       post :reject, on: :collection
+      post :close, on: :collection
       get :for_rejection, on: :collection
     end
     resources :questions

diff --git a/spec/controllers/admin/account_requests_controller_spec.rb b/spec/controllers/admin/account_requests_controller_spec.rb
@@ -0,0 +1,33 @@
+RSpec.describe Admin::AccountRequestsController, type: :controller do
+  before do
+    sign_in(create(:super_admin, organization: nil))
+  end
+
+  let(:account_request) { create(:account_request) }
+  let(:rejection_params) do
+    {
+      account_request: {
+        id: account_request.id,
+        rejection_reason: "some rejection reason"
+      }
+    }
+  end
+
+  describe "POST #reject" do
+    it "should reject the account request" do
+      post :reject, params: rejection_params
+      expect(account_request.reload).to be_rejected
+      expect(flash[:notice]).to eq("Account request rejected!")
+      expect(response).to redirect_to(admin_account_requests_path)
+    end
+  end
+
+  describe "POST #close" do
+    it "should close the account request" do
+      post :close, params: rejection_params
+      expect(account_request.reload).to be_admin_closed
+      expect(flash[:notice]).to eq("Account request closed!")
+      expect(response).to redirect_to(admin_account_requests_path)
+    end
+  end
+end
diff --git a/spec/models/account_request_spec.rb b/spec/models/account_request_spec.rb
@@ -129,6 +129,18 @@
     end
   end
 
+  describe '#can_be_closed?' do
+    it 'returns true when the status can be closed' do
+      subject.status = %w[started user_confirmed].sample
+      expect(subject.can_be_closed?).to eq(true)
+    end
+
+    it 'returns false when the status cannot be closed' do
+      subject.status = 'rejected'
+      expect(subject.can_be_closed?).to eq(false)
+    end
+  end
+
   specify '#confirm!' do
     mail_double = instance_double(ActionMailer::MessageDelivery, deliver_later: nil)
     allow(AccountRequestMailer).to receive(:approval_request).and_return(mail_double)
@@ -159,6 +171,12 @@
     expect(mail_double).to have_received(:deliver_later)
   end
 
+  specify "#close!" do
+    account_request.close!('because I said so')
+    expect(account_request.reload.rejection_reason).to eq('because I said so')
+    expect(account_request).to be_admin_closed
+  end
+
   describe "versioning" do
     it { is_expected.to be_versioned }
   end

diff --git a/spec/system/admin/account_requests_system_spec.rb b/spec/system/admin/account_requests_system_spec.rb
@@ -29,7 +29,7 @@
       end
 
       it 'should reject the account', js: true do
-        find(%(a[data-request-id="#{request4.id}"])).click
+        find(%(a[data-modal="rejection"][data-request-id="#{request4.id}"])).click
         fill_in 'account_request_rejection_reason', with: 'Because I said so'
         click_on 'Save'
         expect(request4.reload).to be_rejected
@@ -40,6 +40,19 @@
           expect(page).not_to have_content(request4.name)
         end
       end
+
+      it 'should close the account', js: true do
+        find(%(a[data-modal="close"][data-request-id="#{request4.id}"])).click
+        fill_in 'account_request_rejection_reason', with: 'Because I said so'
+        click_on 'Save'
+        expect(request4.reload).to be_admin_closed
+        within "#closed-account-requests" do
+          expect(page).to have_content(request4.name)
+        end
+        within '#open-account-requests' do
+          expect(page).not_to have_content(request4.name)
+        end
+      end
     end
 
     context "user visits the index page" do
@@ -89,7 +102,7 @@
       end
 
       it 'should reject the account', js: true do
-        find(%(a[data-request-id="#{request4.id}"])).click
+        find(%(a[data-modal="rejection"][data-request-id="#{request4.id}"])).click
         fill_in 'account_request_rejection_reason', with: 'Because I said so'
         click_on 'Save'
         expect(request4.reload).to be_rejected
@@ -100,6 +113,19 @@
           expect(page).not_to have_content(request4.name)
         end
       end
+
+      it 'should close the account', js: true do
+        find(%(a[data-modal="close"][data-request-id="#{request4.id}"])).click
+        fill_in 'account_request_rejection_reason', with: 'Because I said so'
+        click_on 'Save'
+        expect(request4.reload).to be_admin_closed
+        within "#closed-account-requests" do
+          expect(page).to have_content(request4.name)
+        end
+        within '#open-account-requests' do
+          expect(page).not_to have_content(request4.name)
+        end
+      end
     end
   end
 end