remove authenticate for InquiriesController#show action

department-of-veterans-affairs · Apr 24, 2024 · 648bb6b · 648bb6b
1 parent dd5686d
commit 648bb6b
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 9 deletions.
diff --git a/modules/ask_va_api/app/controllers/ask_va_api/v0/inquiries_controller.rb b/modules/ask_va_api/app/controllers/ask_va_api/v0/inquiries_controller.rb
@@ -6,7 +6,7 @@ class InquiriesController < ApplicationController
       around_action :handle_exceptions
       before_action :get_inquiries_by_icn, only: [:index]
       before_action :get_inquiry_by_id, only: [:show]
-      skip_before_action :authenticate, only: %i[unauth_create upload_attachment test_create]
+      skip_before_action :authenticate, only: %i[unauth_create upload_attachment test_create show]
       skip_before_action :verify_authenticity_token, only: %i[unauth_create upload_attachment test_create]
 
       def index
@@ -63,6 +63,8 @@ def create_reply
       private
 
       def get_inquiry_by_id
+        entity_class = AskVAApi::Inquiries::Entity
+        retriever = Inquiries::Retriever.new(user_mock_data: params[:mock], entity_class:)
         inq = retriever.fetch_by_id(id: params[:id])
         @inquiry = Result.new(payload: Inquiries::Serializer.new(inq).serializable_hash, status: :ok)
       end

diff --git a/modules/ask_va_api/spec/requests/v0/inquiries_spec.rb b/modules/ask_va_api/spec/requests/v0/inquiries_spec.rb
@@ -237,14 +237,6 @@
                         'Data Validation: No Inquiries found by ID A-20240423-30709'
       end
     end
-
-    context 'when user is not signed in' do
-      before do
-        get "#{inquiry_path}/#{valid_id}"
-      end
-
-      it { expect(response).to have_http_status(:unauthorized) }
-    end
   end
 
   describe 'GET #download_attachment' do