From 51d057ff9fcce75a587cd4c8fa64a33c3eadddbd Mon Sep 17 00:00:00 2001
From: vishal kalletla <vishuk1201@gmail.com>
Date: Thu, 12 Dec 2024 13:08:45 -0500
Subject: [PATCH] do not store as hash data for a string value (#4822)

* do not store as hash data for a string value

* allow admin to add/edit reason when the broker application status is pending

* add spec

* rubocop fix
---
 .../exchanges/broker_applicants_controller.rb |  2 +-
 .../shared/brokers/_broker_fields.html.erb    |  4 +-
 .../broker_applicants_controller_spec.rb      | 71 +++++++++++++------
 3 files changed, 53 insertions(+), 24 deletions(-)

diff --git a/app/controllers/exchanges/broker_applicants_controller.rb b/app/controllers/exchanges/broker_applicants_controller.rb
index ecfda628f54..50df9bdfc52 100644
--- a/app/controllers/exchanges/broker_applicants_controller.rb
+++ b/app/controllers/exchanges/broker_applicants_controller.rb
@@ -38,7 +38,7 @@ def edit
 
   def update
     broker_role = @broker_applicant.broker_role
-    broker_role.update_attributes(reason: params.require(:person).require(:broker_role_attributes).permit(:reason)) if params.dig(:person, :broker_role_attributes, :reason).present?
+    broker_role.update_attributes(reason:  params.require(:person).require(:broker_role_attributes).permit(:reason)[:reason]) if params.dig(:person, :broker_role_attributes, :reason).present?
     # TODO: This params['deny'] stuff might have to be changed to params['commit']['action_name']
     if params['deny']
       broker_role.deny!
diff --git a/app/views/shared/brokers/_broker_fields.html.erb b/app/views/shared/brokers/_broker_fields.html.erb
index a306e3d9e8a..354f0685d66 100644
--- a/app/views/shared/brokers/_broker_fields.html.erb
+++ b/app/views/shared/brokers/_broker_fields.html.erb
@@ -39,7 +39,7 @@
   </dl>
   <section class="my-3">
     <%= f.fields_for :broker_role do |broker_role_fields| %>
-      <% disabled = (broker_or_staff_role.active? || broker_or_staff_role.agency_pending?) ? true : false %>
+      <% disabled = broker_or_staff_role.active? ? true : false %>
       <label for="licensed" class="d-flex align-items-center">
         <%= broker_role_fields.check_box :license, id: "licensed" %>
         <span class="ml-1"><%= l10n("license") %></span>
@@ -214,7 +214,7 @@
                   <%end%>
                 </td>
               </tr>
-              <% disabled = (broker_or_staff_role.active? || broker_or_staff_role.agency_pending?) ? true : false %>
+              <% disabled = broker_or_staff_role.active? ? true : false %>
               <tr>
                 <th style="vertical-align: top;"><%= l10n("reason") %>
                   <span class="text-danger"></span>:
diff --git a/spec/controllers/exchanges/broker_applicants_controller_spec.rb b/spec/controllers/exchanges/broker_applicants_controller_spec.rb
index 403f28aac01..4dbd887d740 100644
--- a/spec/controllers/exchanges/broker_applicants_controller_spec.rb
+++ b/spec/controllers/exchanges/broker_applicants_controller_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 RSpec.describe Exchanges::BrokerApplicantsController do
@@ -7,7 +9,7 @@
 
     before :each do
       sign_in(user)
-      get :index, format: :js, xhr:true
+      get :index, format: :js, xhr: true
     end
 
     it "should render index" do
@@ -33,7 +35,7 @@
 
     before :each do
       sign_in(user)
-      get :edit, params:{id: broker_role.person.id}, format: :html, xhr:true
+      get :edit, params: {id: broker_role.person.id}, format: :html, xhr: true
     end
 
     it "should render edit" do
@@ -106,7 +108,7 @@
 
     context 'when application denied' do
       before :each do
-        put :update, params:{id: broker_role.person.id, deny: true}, format: :js
+        put :update, params: {id: broker_role.person.id, deny: true}, format: :js
         broker_role.reload
       end
 
@@ -138,21 +140,48 @@
       end
 
       context "for pending application" do
-        before :each do
-          allow(broker_role).to receive(:is_primary_broker?).and_return(true)
-          broker_role.pending!
-          put :update, params: { id: broker_role.person.id, extend: true }, format: :js
-          broker_role.reload
-        end
+        context 'application_extended' do
+          before :each do
+            allow(broker_role).to receive(:is_primary_broker?).and_return(true)
+            broker_role.pending!
+            put :update, params: { id: broker_role.person.id, extend: true }, format: :js
+            broker_role.reload
+          end
 
-        it 'should move application to application_extended' do
-          expect(assigns(:broker_applicant))
-          expect(broker_role.aasm_state).to eq 'application_extended'
+          it 'should move application to application_extended' do
+            expect(assigns(:broker_applicant))
+            expect(broker_role.aasm_state).to eq 'application_extended'
+          end
+
+          it 'should redirect' do
+            expect(response).to have_http_status(:redirect)
+            expect(response).to redirect_to('/exchanges/hbx_profiles')
+          end
         end
 
-        it 'should redirect' do
-          expect(response).to have_http_status(:redirect)
-          expect(response).to redirect_to('/exchanges/hbx_profiles')
+        context 'move to pending' do
+          before :each do
+            broker_role.update_attributes({ broker_agency_profile_id: @broker_agency_profile.id })
+            allow(broker_role).to receive(:is_primary_broker?).and_return(true)
+            broker_role.pending!
+            put :update, params: { id: broker_role.person.id, pending: "pending", person: { broker_role_attributes: { training: true, carrier_appointments: {}, reason: "test"} } }, format: :js
+            broker_role.reload
+          end
+
+          it 'should move application to broker_agency_pending' do
+            expect(assigns(:broker_applicant))
+            expect(broker_role.aasm_state).to eq 'broker_agency_pending'
+          end
+
+          it 'should store reason if any' do
+            expect(assigns(:broker_applicant))
+            expect(broker_role.reason).to eq 'test'
+          end
+
+          it 'should redirect' do
+            expect(response).to have_http_status(:redirect)
+            expect(response).to redirect_to('/exchanges/hbx_profiles')
+          end
         end
       end
 
@@ -180,7 +209,7 @@
 
       before :each do
         FactoryBot.create(:hbx_profile)
-        put :update, params:{id: broker_role.person.id, approve: true, person: { broker_role_attributes: { training: true , carrier_appointments: {}} } }, format: :js
+        put :update, params: {id: broker_role.person.id, approve: true, person: { broker_role_attributes: { training: true, carrier_appointments: {}} } }, format: :js
         broker_role.reload
       end
 
@@ -200,7 +229,7 @@
       context 'when application is approved' do
         before :each do
           broker_role.update_attributes({ broker_agency_profile_id: @broker_agency_profile.id })
-          put :update, params: {id: broker_role.person.id, approve: true, person: { broker_role_attributes: { training: true , carrier_appointments: {}} }} , format: :js
+          put :update, params: {id: broker_role.person.id, approve: true, person: { broker_role_attributes: { training: true, carrier_appointments: {}} }}, format: :js
           broker_role.reload
         end
 
@@ -250,7 +279,7 @@
           before :each do
             allow(Settings.aca).to receive(:broker_carrier_appointments_enabled).and_return(true)
             broker_role.update_attributes({ broker_agency_profile_id: @broker_agency_profile.id })
-            put :update, params:{id: broker_role.person.id, pending: true, person:  { broker_role_attributes: { training: true , carrier_appointments: {}} }} , format: :js
+            put :update, params: {id: broker_role.person.id, pending: true, person:  { broker_role_attributes: { training: true, carrier_appointments: {}} }}, format: :js
             broker_role.reload
           end
 
@@ -280,7 +309,7 @@
             person_hash = ActionController::Parameters.new({ broker_role_attributes: { training: true, carrier_appointments: carrier_appointments_hash } }).permit!
             Settings.aca.broker_carrier_appointments_enabled = false
             broker_role.update_attributes({ broker_agency_profile_id: @broker_agency_profile.id })
-            put :update, params:{id: broker_role.person.id, pending: true, person: person_hash}, format: :js
+            put :update, params: {id: broker_role.person.id, pending: true, person: person_hash}, format: :js
             broker_role.reload
           end
 
@@ -305,7 +334,7 @@
         before :each do
           broker_role.update_attributes({ broker_agency_profile_id: @broker_agency_profile.id })
           broker_role.approve!
-          put :update, params:{id: broker_role.person.id, decertify: true}, format: :js
+          put :update, params: {id: broker_role.person.id, decertify: true}, format: :js
           broker_role.reload
         end
 
@@ -322,7 +351,7 @@
           broker_role.update_attributes({ broker_agency_profile_id: @broker_agency_profile.id })
           broker_role.approve!
           broker_role.decertify!
-          put :update, params:{id: broker_role.person.id, recertify: true}, format: :js
+          put :update, params: {id: broker_role.person.id, recertify: true}, format: :js
           broker_role.reload
         end