Merge pull request #4483 from nhsuk/add-shared-example-for-reporting-api-controller-tests

Al Davidson · web-flow · commit 3c5ae9b04f5b · 2025-09-03T15:01:13.000+01:00
Refactor tests for common Reporting API controller behaviour to a shared example
diff --git a/spec/controllers/api/reporting/totals_controller_spec.rb b/spec/controllers/api/reporting/totals_controller_spec.rb
@@ -3,86 +3,5 @@
 require "spec_helper"
 
 RSpec.describe API::Reporting::TotalsController do
-  let(:team) { create(:team, :with_one_nurse) }
-  let(:user) { team.users.first }
-
-  let(:valid_payload) do
-    {
-      data: {
-        user: user.as_json,
-        cis2_info: {
-          organisation_code: team.organisation.ods_code,
-          workgroups: [team.workgroup],
-          role_code: CIS2Info::NURSE_ROLE
-        }
-      }
-    }
-  end
-
-  let(:invalid_payload) { { user: { id: -1 } } }
-
-  context "when the :reporting_api feature flag is not enabled" do
-    before { Flipper.disable(:reporting_api) }
-
-    describe "#index" do
-      context "when the request has a JWT param" do
-        let(:params) { { jwt: jwt } }
-
-        context "which is valid" do
-          let(:jwt) do
-            JWT.encode(
-              valid_payload,
-              Settings.reporting_api.client_app.secret,
-              ReportingAPI::OneTimeToken::JWT_SIGNING_ALGORITHM
-            )
-          end
-
-          it "responds with status :forbidden" do
-            get :index, params: { jwt: jwt }
-            expect(response.status).to eq(403)
-          end
-        end
-      end
-    end
-  end
-
-  context "when the :reporting_api feature flag is enabled" do
-    before { Flipper.enable(:reporting_api) }
-
-    describe "#index" do
-      context "when the request has a JWT param" do
-        let(:params) { { jwt: jwt } }
-
-        context "which is valid" do
-          let(:jwt) do
-            JWT.encode(
-              valid_payload,
-              Settings.reporting_api.client_app.secret,
-              ReportingAPI::OneTimeToken::JWT_SIGNING_ALGORITHM
-            )
-          end
-
-          it "responds with status 200" do
-            get :index, params: { jwt: jwt }
-            expect(response.status).to eq(200)
-          end
-        end
-
-        context "which is not valid" do
-          let(:jwt) do
-            JWT.encode(
-              invalid_payload,
-              Settings.reporting_api.client_app.secret,
-              ReportingAPI::OneTimeToken::JWT_SIGNING_ALGORITHM
-            )
-          end
-
-          it "responds with status :forbidden" do
-            get :index, params: { jwt: jwt }
-            expect(response.status).to eq(403)
-          end
-        end
-      end
-    end
-  end
+  it_behaves_like "a ReportingAPI controller"
 end
diff --git a/spec/support/reporting_api_helper.rb b/spec/support/reporting_api_helper.rb
@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module ReportingAPIHelper
+  def valid_jwt_payload
+    team = create(:team, :with_one_nurse)
+    user = team.users.first
+    {
+      data: {
+        user: user.as_json,
+        cis2_info: {
+          organisation_code: team.organisation.ods_code,
+          workgroups: [team.workgroup],
+          role_code: CIS2Info::NURSE_ROLE
+        }
+      }
+    }
+  end
+
+  def valid_jwt
+    JWT.encode(
+      valid_jwt_payload,
+      Settings.reporting_api.client_app.secret,
+      "HS512"
+    )
+  end
+
+  def invalid_jwt_payload
+    { user: { id: -1 } }
+  end
+
+  def jwt_with_invalid_payload
+    JWT.encode(
+      invalid_jwt_payload,
+      Settings.reporting_api.client_app.secret,
+      "HS512"
+    )
+  end
+end
diff --git a/spec/support/shared_examples/a_reporting_api_controller.rb b/spec/support/shared_examples/a_reporting_api_controller.rb
@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+shared_examples "a ReportingAPI controller" do
+  let(:team) { create(:team, :with_one_nurse) }
+  let(:user) { team.users.first }
+
+  include ReportingAPIHelper
+
+  context "when the reporting_api feature flag is disabled" do
+    before { Flipper.disable(:reporting_api) }
+
+    describe "#index" do
+      context "when the request has a JWT param" do
+        let(:params) { { jwt: jwt } }
+
+        context "which is valid" do
+          let(:jwt) { valid_jwt }
+
+          it "responds with status :forbidden" do
+            get :index, params: { jwt: jwt }
+            expect(response.status).to eq(403)
+          end
+        end
+      end
+    end
+  end
+
+  context "when the :reporting_api feature flag is enabled" do
+    before { Flipper.enable(:reporting_api) }
+
+    describe "#index" do
+      context "when the request has a JWT param" do
+        let(:params) { { jwt: jwt } }
+
+        context "which is valid" do
+          let(:jwt) { valid_jwt }
+
+          it "responds with status 200" do
+            get :index, params: { jwt: jwt }
+            expect(response.status).to eq(200)
+          end
+        end
+
+        context "which is not valid" do
+          let(:jwt) { jwt_with_invalid_payload }
+
+          it "responds with status :forbidden" do
+            get :index, params: { jwt: jwt }
+            expect(response.status).to eq(403)
+          end
+        end
+      end
+    end
+  end
+end
