2022-01-01 13:38:12 +00:00
|
|
|
# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
|
2021-06-01 12:20:20 +00:00
|
|
|
|
2018-09-19 13:54:49 +00:00
|
|
|
require 'rails_helper'
|
|
|
|
|
|
|
|
RSpec.describe 'Packages', type: :request do
|
|
|
|
|
2020-06-19 09:17:18 +00:00
|
|
|
let(:admin) do
|
|
|
|
create(:admin)
|
2018-09-19 13:54:49 +00:00
|
|
|
end
|
2020-06-19 09:17:18 +00:00
|
|
|
let(:agent) do
|
|
|
|
create(:agent)
|
2018-09-19 13:54:49 +00:00
|
|
|
end
|
2020-06-19 09:17:18 +00:00
|
|
|
let(:customer) do
|
|
|
|
create(:customer)
|
2018-09-19 13:54:49 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
describe 'request handling' do
|
|
|
|
|
|
|
|
it 'does packages index with nobody' do
|
|
|
|
get '/api/v1/packages', as: :json
|
2021-02-04 08:28:41 +00:00
|
|
|
expect(response).to have_http_status(:forbidden)
|
2018-09-19 13:54:49 +00:00
|
|
|
|
|
|
|
expect(json_response).to be_a_kind_of(Hash)
|
|
|
|
expect(json_response['packages']).to be_falsey
|
2021-02-04 08:28:41 +00:00
|
|
|
expect(json_response['error']).to eq('Authentication required')
|
2018-09-19 13:54:49 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'does packages index with admin' do
|
2020-06-19 09:17:18 +00:00
|
|
|
authenticated_as(admin)
|
2018-09-19 13:54:49 +00:00
|
|
|
get '/api/v1/packages', as: :json
|
|
|
|
|
2019-04-15 01:41:17 +00:00
|
|
|
expect(response).to have_http_status(:ok)
|
2018-09-19 13:54:49 +00:00
|
|
|
expect(json_response).to be_a_kind_of(Hash)
|
|
|
|
expect(json_response['packages']).to be_truthy
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does packages index with admin and wrong pw' do
|
2020-06-19 09:17:18 +00:00
|
|
|
authenticated_as(admin, password: 'wrongadminpw')
|
2018-09-19 13:54:49 +00:00
|
|
|
get '/api/v1/packages', as: :json
|
|
|
|
|
2019-04-15 01:41:17 +00:00
|
|
|
expect(response).to have_http_status(:unauthorized)
|
2018-09-19 13:54:49 +00:00
|
|
|
expect(json_response).to be_a_kind_of(Hash)
|
2021-02-04 08:28:41 +00:00
|
|
|
expect(json_response['error']).to eq('Invalid BasicAuth credentials')
|
2018-09-19 13:54:49 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'does packages index with inactive admin' do
|
2020-06-19 09:17:18 +00:00
|
|
|
admin = create(:admin, active: false, password: 'we need a password here')
|
2018-09-19 13:54:49 +00:00
|
|
|
|
2020-06-19 09:17:18 +00:00
|
|
|
authenticated_as(admin)
|
2018-09-19 13:54:49 +00:00
|
|
|
get '/api/v1/packages', as: :json
|
|
|
|
|
2019-04-15 01:41:17 +00:00
|
|
|
expect(response).to have_http_status(:unauthorized)
|
2018-09-19 13:54:49 +00:00
|
|
|
expect(json_response).to be_a_kind_of(Hash)
|
2021-02-04 08:28:41 +00:00
|
|
|
expect(json_response['error']).to eq('Invalid BasicAuth credentials')
|
2018-09-19 13:54:49 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'does packages index with agent' do
|
2020-06-19 09:17:18 +00:00
|
|
|
authenticated_as(agent)
|
2018-09-19 13:54:49 +00:00
|
|
|
get '/api/v1/packages', as: :json
|
|
|
|
|
2021-02-04 08:28:41 +00:00
|
|
|
expect(response).to have_http_status(:forbidden)
|
2018-09-19 13:54:49 +00:00
|
|
|
expect(json_response).to be_a_kind_of(Hash)
|
|
|
|
expect(json_response['packages']).to be_falsey
|
|
|
|
expect(json_response['error']).to eq('Not authorized (user)!')
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does packages index with customer' do
|
2020-06-19 09:17:18 +00:00
|
|
|
authenticated_as(customer)
|
2018-09-19 13:54:49 +00:00
|
|
|
get '/api/v1/packages', as: :json
|
|
|
|
|
2021-02-04 08:28:41 +00:00
|
|
|
expect(response).to have_http_status(:forbidden)
|
2018-09-19 13:54:49 +00:00
|
|
|
expect(json_response).to be_a_kind_of(Hash)
|
|
|
|
expect(json_response['packages']).to be_falsey
|
|
|
|
expect(json_response['error']).to eq('Not authorized (user)!')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|