Skip to content

Commit

Permalink
fix: only shows link for team members (#2794)
Browse files Browse the repository at this point in the history 
* fix: only shows link for team mebers

* feat: adds hacker check

* test: adds e2e tests

check for disabled button and one for hackers

* fix: removes unneeded main tag

* test: updates test to check for Error page

* test: refactor test
  • Loading branch information
@fpigeonjr
fpigeonjr committed Sep 16, 2024
1 parent 20de436 commit a3d6a80
Show file tree
Hide file tree
Showing 5 changed files with 79 additions and 51 deletions.
2 changes: 1 addition & 1 deletion frontend/cypress/e2e/editAgreementAsBasicUser.cy.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ it("select first agreement and edit icon should not be visible", () => {

it("review first agreement and edit button is disabled", () => {
cy.visit(`/agreements/review/1`);
cy.get('[data-cy="edit-agreement-btn"]').should("be.disabled");
cy.get("h1").contains("Something went wrong").should("exist");
});

it("hack url and see error alert", () => {
Expand Down
13 changes: 13 additions & 0 deletions frontend/cypress/e2e/reviewAgreement.cy.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,3 +289,16 @@ describe("Additional Information accordion", () => {
cy.get("h2").contains("Review Documents").as("info-accordion").should("exist");
});
});

describe("Should not allow non-team members from submitting status changes", () => {
it("should disable submit button", () => {
testLogin("basic");
cy.visit("/agreements/9/budget-lines").wait(1000);
cy.get("span").contains("Plan or Execute Budget Lines").should("have.attr", "aria-disabled", "true");
});
it("should show error page", () => {
testLogin("basic");
cy.visit("/agreements/review/9").wait(1000);
cy.get("h1").contains("Something went wrong").should("exist");
});
});
81 changes: 38 additions & 43 deletions frontend/src/pages/ErrorPage.jsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,50 +12,45 @@ const ErrorPage = () => {
<div className="usa-section">
<div className="grid-container">
<div className="grid-row grid-gap">
<main
className=""
id="main-content"
>
<div className="usa-prose">
<h1>Something went wrong</h1>
<p className="usa-intro">
We’re sorry, something went wrong. The page you’re looking for might have been
removed, had its name changed, or is temporarily unavailable.
</p>
<p>
If you typed the URL directly, check your spelling and capitalization. Our URLs look
like this:
<strong>&lt;agency.gov/example-one&gt;</strong>.
</p>
<p>
Visit our homepage for helpful tools and resources, or contact us and we’ll point
you in the right direction.
</p>
<div className="margin-y-5">
<ul className="usa-button-group">
<li className="usa-button-group__item">
<Link
to="/"
className="usa-button"
>
Visit homepage
</Link>
</li>
<li className="usa-button-group__item">
<button
className="usa-button usa-button--outline"
type="button"
onClick={() => {
alert("Not yet implemented");
}}
>
Contact Us
</button>
</li>
</ul>
</div>
<div className="usa-prose">
<h1>Something went wrong</h1>
<p className="usa-intro">
We’re sorry, something went wrong. The page you’re looking for might have been removed,
had its name changed, or is temporarily unavailable.
</p>
<p>
If you typed the URL directly, check your spelling and capitalization. Our URLs look
like this:
<strong>&lt;agency.gov/example-one&gt;</strong>.
</p>
<p>
Visit our homepage for helpful tools and resources, or contact us and we’ll point you in
the right direction.
</p>
<div className="margin-y-5">
<ul className="usa-button-group">
<li className="usa-button-group__item">
<Link
to="/"
className="usa-button"
>
Visit homepage
</Link>
</li>
<li className="usa-button-group__item">
<button
className="usa-button usa-button--outline"
type="button"
onClick={() => {
alert("Not yet implemented");
}}
>
Contact Us
</button>
</li>
</ul>
</div>
</main>
</div>
</div>
</div>
</div>
Expand Down
26 changes: 19 additions & 7 deletions frontend/src/pages/agreements/details/AgreementBudgetLines.jsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import BLIsByFYSummaryCard from "../../../components/Agreements/AgreementDetails
import BudgetLinesTable from "../../../components/BudgetLineItems/BudgetLinesTable";
import CreateBLIsAndSCs from "../../../components/BudgetLineItems/CreateBLIsAndSCs";
import ServicesComponentAccordion from "../../../components/ServicesComponents/ServicesComponentAccordion";
import Tooltip from "../../../components/UI/USWDS/Tooltip";
import { groupByServicesComponent, hasBlIsInReview } from "../../../helpers/budgetLines.helpers";
import { findDescription, findPeriodEnd, findPeriodStart } from "../../../helpers/servicesComponent.helpers";
import { draftBudgetLineStatuses, getCurrentFiscalYear } from "../../../helpers/utils";
Expand Down Expand Up @@ -153,13 +154,24 @@ const AgreementBudgetLines = ({ agreement, isEditMode, setIsEditMode }) => {

{!isEditMode && (
<div className="grid-row flex-justify-end margin-top-1">
<Link
className="usa-button margin-top-4 margin-right-0"
to={`/agreements/review/${agreement?.id}`}
data-cy="bli-tab-continue-btn"
>
Plan or Execute Budget Lines
</Link>
{canUserEditAgreement ? (
<Link
className="usa-button margin-top-4 margin-right-0"
to={`/agreements/review/${agreement?.id}`}
data-cy="bli-tab-continue-btn"
>
Plan or Execute Budget Lines
</Link>
) : (
<Tooltip label="Only team members on this agreement can send to approval">
<span
className="usa-button margin-top-4 margin-right-0 usa-button--disabled"
aria-disabled="true"
>
Plan or Execute Budget Lines
</span>
</Tooltip>
)}
</div>
)}
</>
Expand Down
8 changes: 8 additions & 0 deletions frontend/src/pages/agreements/review/ReviewAgreement.jsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,9 @@ import PageHeader from "../../../components/UI/PageHeader";
import Tooltip from "../../../components/UI/USWDS/Tooltip";
import { findDescription, findPeriodEnd, findPeriodStart } from "../../../helpers/servicesComponent.helpers";
import { convertCodeForDisplay } from "../../../helpers/utils";
import { useIsUserAllowedToEditAgreement } from "../../../hooks/agreement.hooks";
import { document } from "../../../tests/data";
import ErrorPage from "../../ErrorPage";
import { actionOptions } from "./ReviewAgreement.constants";
import useReviewAgreement from "./ReviewAgreement.hooks";
import suite from "./suite";
Expand Down Expand Up @@ -80,6 +82,12 @@ export const ReviewAgreement = () => {
warning: "warning"
});

const canUserEditAgreement = useIsUserAllowedToEditAgreement(agreement?.id);

if (!canUserEditAgreement) {
return <ErrorPage />;
}

if (isLoadingAgreement) {
return <h1>Loading...</h1>;
}
Expand Down

0 comments on commit a3d6a80

Please sign in to comment.