Use separate actions to select/deselect investments

This is consistent to what we usually do. Also, we're applying the same criteria mentioned in commit 72704d776: > We're also making these actions idempotent, so sending many requests > to the same action will get the same result, which wasn't the case > with the `toggle` action. Although it's a low probability case, the > `toggle` action could result in [selecting an investment] when trying > to [deselect] it if someone else has [deselected it] it between the > time the page loaded and the time the admin clicked on the > "[Selected]" button.
2024-10-09 01:56:32 +02:00
parent 463112c2ea
commit 54a48d63e1
7 changed files with 87 additions and 25 deletions
--- a/spec/controllers/admin/budget_investments_controller_spec.rb
+++ b/spec/controllers/admin/budget_investments_controller_spec.rb
@@ -38,18 +38,63 @@ describe Admin::BudgetInvestmentsController, :admin do
    end
  end

-  describe "PATCH toggle selection" do
-    it "uses the toggle_selection authorization rules" do
-      investment = create(:budget_investment)
+  describe "PATCH select" do
+    let(:investment) { create(:budget_investment, :feasible, :finished) }

-      patch :toggle_selection, xhr: true, params: {
-        id: investment,
-        budget_id: investment.budget,
-      }
+    it "selects the investment" do
+      expect do
+        patch :select, xhr: true, params: { id: investment, budget_id: investment.budget }
+      end.to change { investment.reload.selected? }.from(false).to(true)
+
+      expect(response).to be_successful
+    end
+
+    it "does not modify already selected investments" do
+      investment.update!(selected: true)
+
+      expect do
+        patch :select, xhr: true, params: { id: investment, budget_id: investment.budget }
+      end.not_to change { investment.reload.selected? }
+    end
+
+    it "uses the select/deselect authorization rules" do
+      investment.update!(valuation_finished: false)
+
+      patch :select, xhr: true, params: { id: investment, budget_id: investment.budget }

      expect(flash[:alert]).to eq "You do not have permission to carry out the action " \
-                                  "'toggle_selection' on Investment."
+                                  "'select' on Investment."
      expect(investment).not_to be_selected
    end
  end
+
+  describe "PATCH deselect" do
+    let(:investment) { create(:budget_investment, :feasible, :finished, :selected) }
+
+    it "deselects the investment" do
+      expect do
+        patch :deselect, xhr: true, params: { id: investment, budget_id: investment.budget }
+      end.to change { investment.reload.selected? }.from(true).to(false)
+
+      expect(response).to be_successful
+    end
+
+    it "does not modify non-selected investments" do
+      investment.update!(selected: false)
+
+      expect do
+        patch :deselect, xhr: true, params: { id: investment, budget_id: investment.budget }
+      end.not_to change { investment.reload.selected? }
+    end
+
+    it "uses the select/deselect authorization rules" do
+      investment.update!(valuation_finished: false)
+
+      patch :deselect, xhr: true, params: { id: investment, budget_id: investment.budget }
+
+      expect(flash[:alert]).to eq "You do not have permission to carry out the action " \
+                                  "'deselect' on Investment."
+      expect(investment).to be_selected
+    end
+  end
 end