prescribers: Allow to refuse OTHER organization authorization

An OTHER organization should not have an authorization, which means we sometime have to refuse it
gip-inclusion · Sep 23, 2024 · 23aa602 · 23aa602
1 parent e6fa3f0
commit 23aa602
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 1 deletion.
diff --git a/itou/prescribers/admin.py b/itou/prescribers/admin.py
@@ -198,7 +198,12 @@ def response_change(self, request, obj):
         if "_authorization_action_refuse" in request.POST:
             # Same checks in change_form template to display the button
             if request.user.is_superuser or obj.has_pending_authorization():
-                if self.get_queryset(request).filter(siret=obj.siret, kind=PrescriberOrganizationKind.OTHER).exists():
+                if (
+                    self.get_queryset(request)
+                    .filter(siret=obj.siret, kind=PrescriberOrganizationKind.OTHER)
+                    .exclude(pk=obj.pk)
+                    .exists()
+                ):
                     msg = (
                         "Impossible de refuser cette habilitation: cela changerait son type vers “Autre” "
                         "et une autre organisation de type “Autre” a le même SIRET."

diff --git a/tests/prescribers/tests.py b/tests/prescribers/tests.py
@@ -293,6 +293,45 @@ def test_refuse_prescriber_habilitation_by_superuser(self):
             "department": prescriber_organization.department,
             "kind": prescriber_organization.kind,
             "name": prescriber_organization.name,
+            "siret": prescriber_organization.siret,
+            "_authorization_action_refuse": "Refuser+l'habilitation",
+            **self.FORMSETS_PAYLOAD,
+        }
+
+        response = self.client.post(url, data=post_data)
+        assert response.status_code == 302
+
+        updated_prescriber_organization = PrescriberOrganization.objects.get(pk=prescriber_organization.pk)
+        assert not updated_prescriber_organization.is_authorized
+        assert updated_prescriber_organization.kind == PrescriberOrganizationKind.OTHER
+        assert updated_prescriber_organization.authorization_updated_by == self.superuser
+        assert updated_prescriber_organization.authorization_status == PrescriberAuthorizationStatus.REFUSED
+
+    def test_refuse_prescriber_habilitation_kind_other(self):
+        # An OTHER organization should not have an authorization, which means we sometime have to refuse it
+
+        self.client.force_login(self.superuser)
+
+        prescriber_organization = PrescriberOrganizationFactory(
+            authorized=True,
+            siret="83987278500010",
+            department="14",
+            post_code="14000",
+            authorization_updated_at=datetime.now(tz=get_current_timezone()),
+            kind=PrescriberOrganizationKind.OTHER,
+        )
+
+        url = reverse("admin:prescribers_prescriberorganization_change", args=[prescriber_organization.pk])
+        response = self.client.get(url)
+        self.assertContains(response, self.REFUSE_BUTTON_LABEL)
+
+        post_data = {
+            "id": prescriber_organization.pk,
+            "post_code": prescriber_organization.post_code,
+            "department": prescriber_organization.department,
+            "kind": prescriber_organization.kind,
+            "name": prescriber_organization.name,
+            "siret": prescriber_organization.siret,
             "_authorization_action_refuse": "Refuser+l'habilitation",
             **self.FORMSETS_PAYLOAD,
         }