Merge pull request #403 from alphagov/add-admin-validate-signature

Add an admin interface for validating signatures

app/assets/stylesheets/petitions/_buttons.scss

@@ -44,6 +44,10 @@
   outline: none;
 }
 
-.button-secondary{
+.button-secondary {
   @include button-override($panel-colour);
 }
+
+.button-warning{
+  @include button-override($red);
+}

app/assets/stylesheets/petitions/admin/views/_shared.scss

@@ -64,6 +64,8 @@
   }
 
   .button_to {
+    display: inline-block;
+
     input[type=submit] {
       margin: 0;
       font-size: 12px;

app/controllers/admin/signatures_controller.rb

@@ -1,6 +1,16 @@
 class Admin::SignaturesController < Admin::AdminController
   before_action :fetch_signature
 
+  def validate
+    begin
+      @signature.validate!
+      redirect_to admin_search_url(q: @signature.email), notice: "Signature validated successfully"
+    rescue StandardError => e
+      Appsignal.send_exception e
+      redirect_to admin_search_url(q: @signature.email), alert: "Signature could not be validated - please contact support"
+    end
+  end
+
   def destroy
     if @signature.destroy
       redirect_to admin_search_url(q: @signature.email), notice: "Signature removed successfully"

app/views/admin/signatures/_signature.html.erb

@@ -5,9 +5,21 @@
   <td><%= date_time_format(signature.updated_at) %></td>
   <% if signature.creator? %>
     <td>Yes</td>
-    <td>&nbsp;</td>
+    <td>
+      <% if signature.pending? %>
+        <%= button_to 'Validate', validate_admin_signature_path(signature), method: :post, class: 'button', data: { confirm: 'Validate signature?' } %>
+      <% else %>
+        &nbsp;
+      <% end %>
+    </td>
   <% else %>
     <td>No</td>
-    <td><%= button_to 'Delete', admin_signature_path(signature), method: :delete, class: 'button', data: { confirm: 'Delete signature?' } %></td>
+    <td>
+      <% if signature.pending? %>
+        <%= button_to 'Validate', validate_admin_signature_path(signature), method: :post, class: 'button', data: { confirm: 'Validate signature?' } %>
+      <% else %>
+        <%= button_to 'Delete', admin_signature_path(signature), method: :delete, class: 'button-warning', data: { confirm: 'Delete signature?' } %>
+      <% end %>
+    </td>
   <% end %>
 </tr>

config/routes.rb

@@ -85,7 +85,9 @@
         resource 'schedule-debate', :only => [:show, :update], as: :schedule_debate, controller: :schedule_debate
       end
       resources :profile, :only => [:edit, :update]
-      resources :signatures, :only => [:destroy]
+      resources :signatures, :only => [:destroy] do
+        post :validate, :on => :member
+      end
       resources :user_sessions, :only => [:create]
       get 'logout' => 'user_sessions#destroy', :as => :logout
       get 'login' => 'user_sessions#new', :as => :login

features/admin/search_for_signatures_by_email.feature

@@ -16,6 +16,14 @@ Feature: Searching for signatures as Terry
     When I search for petitions signed by "[email protected]" from the admin hub
     Then I should see 2 petitions associated with the email address
 
+  Scenario: Validating a pending signature
+    Given 1 petition with a pending signature by "[email protected]"
+    And I am logged in as a moderator
+    When I search for petitions signed by "[email protected]" from the admin hub
+    Then I should see the email address is pending
+    When I click the validate button
+    Then I should see the email address is validated
+
   Scenario: Deleting a signature
     Given 1 petition signed by "[email protected]"
     And I am logged in as a moderator

features/step_definitions/admin_search_steps.rb

@@ -4,6 +4,12 @@
   end
 end
 
+Given(/^(\d+) petitions? with a pending signature by "([^"]*)"$/) do |petition_count, email|
+  petition_count.times do
+    FactoryGirl.create(:pending_signature, :petition => FactoryGirl.create(:open_petition), :email => email)
+  end
+end
+
 When(/^I search for petitions signed by "([^"]*)"( from the admin hub)?$/) do |email, from_the_hub|
   if from_the_hub.blank?
     visit admin_petitions_url
@@ -66,6 +72,19 @@
   expect(page).to have_css("form")
 end
 
+Then(/^I should see the email address is pending$/) do
+  expect(page).to have_button "Validate"
+end
+
+When(/^I click the validate button$/) do
+  click_button "Validate"
+end
+
+Then(/^I should see the email address is validated$/) do
+  expect(page).not_to have_button "Validate"
+  expect(page).to have_button "Delete"
+end
+
 When(/^I click the delete button$/) do
   click_button "Delete"
 end

spec/controllers/admin/signatures_controller_spec.rb

@@ -30,6 +30,41 @@
     before { login_as(user) }
     before { expect(Signature).to receive(:find).with(signature.id.to_s).and_return(signature) }
 
+    describe "POST /admin/signatures/:id/validate" do
+      context "when the signature is validated" do
+        before do
+          expect(signature).to receive(:validate!).and_return(true)
+          post :validate, id: signature.id
+        end
+
+        it "redirects to the search page" do
+          expect(response).to redirect_to("https://moderate.petition.parliament.uk/admin/search?q=user%40example.com")
+        end
+
+        it "sets the flash notice message" do
+          expect(flash[:notice]).to eq("Signature validated successfully")
+        end
+      end
+
+      context "when the signature is not validated" do
+        let(:exception) { ActiveRecord::StatementInvalid.new("Invalid SQL") }
+
+        before do
+          expect(signature).to receive(:validate!).and_raise(exception)
+          expect(Appsignal).to receive(:send_exception).with(exception)
+          post :validate, id: signature.id
+        end
+
+        it "redirects to the search page" do
+          expect(response).to redirect_to("https://moderate.petition.parliament.uk/admin/search?q=user%40example.com")
+        end
+
+        it "sets the flash alert message" do
+          expect(flash[:alert]).to eq("Signature could not be validated - please contact support")
+        end
+      end
+    end
+
     describe "DELETE /admin/signatures/:id" do
       context "when the signature is destroyed" do
         before do