Move account removing access integration tests

... to new structure, which provides coverage for different roles
alphagov · Sep 4, 2024 · a7fbc61 · a7fbc61
1 parent a150632
commit a7fbc61
Show file tree

Hide file tree

Showing 2 changed files with 49 additions and 26 deletions.
diff --git a/test/integration/account/access_and_permissions_test.rb b/test/integration/account/access_and_permissions_test.rb
@@ -1,27 +1,6 @@
 require "test_helper"
 
 class Account::AccessAndPermissionsTest < ActionDispatch::IntegrationTest
-  context "removing access to apps" do
-    setup do
-      application = create(:application, name: "app-name", description: "app-description")
-      @user = create(:admin_user)
-      @user.grant_application_signin_permission(application)
-    end
-
-    should "allow admins to remove their access to apps" do
-      visit new_user_session_path
-      signin_with @user
-
-      visit account_applications_path
-
-      click_on "Remove access to app-name"
-      click_on "Confirm"
-
-      table = find("table caption[text()='Apps you don\\'t have access to']").ancestor("table")
-      assert table.has_content?("app-name")
-    end
-  end
-
   %i[superadmin admin].each do |admin_role|
     context "as a #{admin_role}" do
       setup do

diff --git a/test/integration/account/removing_access_test.rb b/test/integration/account/removing_access_test.rb
@@ -1,29 +1,73 @@
 require "test_helper"
 
 class Account::RemovingAccessTest < ActionDispatch::IntegrationTest
+  def assert_remove_access
+    visit account_applications_path
+
+    click_on "Remove access to #{@application.name}"
+    click_on "Confirm"
+
+    apps_without_access_table = find(
+      "table caption[text()='Apps you don\\'t have access to']",
+    ).ancestor("table")
+
+    assert apps_without_access_table.has_content?(@application.name)
+    assert_not @user.has_access_to?(@application)
+  end
+
   context "when the signin permission is delegatable" do
+    setup do
+      @application = create(
+        :application,
+        with_delegatable_supported_permissions: [SupportedPermission::SIGNIN_NAME],
+      )
+    end
+
     %i[superadmin admin super_organisation_admin organisation_admin].each do |role|
       context "as a #{role}" do
-        should "be able to remove access" do
-          skip
+        setup do
+          @user = create(:"#{role}_user", with_signin_permissions_for: [@application])
+          visit new_user_session_path
+          signin_with @user
         end
+
+        should("be able to remove access") { assert_remove_access }
       end
     end
   end
 
   context "when the signin permission is not delegatable" do
+    setup do
+      @application = create(
+        :application,
+        with_non_delegatable_supported_permissions: [SupportedPermission::SIGNIN_NAME],
+      )
+    end
+
     %i[superadmin admin].each do |admin_role|
       context "as a #{admin_role}" do
-        should "be able to remove access" do
-          skip
+        setup do
+          @user = create(:"#{admin_role}_user", with_signin_permissions_for: [@application])
+          visit new_user_session_path
+          signin_with @user
         end
+
+        should("be able to remove access") { assert_remove_access }
       end
     end
 
     %i[super_organisation_admin organisation_admin].each do |publishing_manager_role|
       context "as a #{publishing_manager_role}" do
+        setup do
+          @user = create(:"#{publishing_manager_role}_user", with_signin_permissions_for: [@application])
+          visit new_user_session_path
+          signin_with @user
+        end
+
         should "not be able to remove access" do
-          skip
+          visit account_applications_path
+
+          assert_not page.has_link?("Remove access to #{@application.name}")
         end
       end
     end