diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index d94687946..16ff6ebc5 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -170,7 +170,6 @@ curl http://localhost/api/v1/organization/{id} -v -u #{login}:#{password} -H "Co =end def destroy - model_references_check(Organization, params) model_destroy_render(Organization, params) end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 4eea0d051..6975cc8e3 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -174,7 +174,6 @@ class UsersController < ApplicationController user = User.find(params[:id]) authorize!(user) - model_references_check(User, params) model_destroy_render(User, params) end diff --git a/app/policies/controllers/organizations_controller_policy.rb b/app/policies/controllers/organizations_controller_policy.rb index 2530cb618..d45c0b04a 100644 --- a/app/policies/controllers/organizations_controller_policy.rb +++ b/app/policies/controllers/organizations_controller_policy.rb @@ -1,7 +1,7 @@ class Controllers::OrganizationsControllerPolicy < Controllers::ApplicationControllerPolicy - permit! :import_example, to: 'admin.organization' + permit! %i[destroy import_example], to: 'admin.organization' permit! :import_start, to: 'admin.user' - permit! %i[create update destroy search history], to: ['ticket.agent', 'admin.organization'] + permit! %i[create update search history], to: ['ticket.agent', 'admin.organization'] def show? return true if user.permissions?(['ticket.agent', 'admin.organization']) diff --git a/spec/requests/organization_spec.rb b/spec/requests/organization_spec.rb index c91c2f8ed..babc13e7d 100644 --- a/spec/requests/organization_spec.rb +++ b/spec/requests/organization_spec.rb @@ -1,6 +1,6 @@ require 'rails_helper' -RSpec.describe 'Organization', type: :request, searchindex: true do +RSpec.describe 'Organization', type: :request do let!(:admin) do create(:admin, groups: Group.all) @@ -39,21 +39,20 @@ RSpec.describe 'Organization', type: :request, searchindex: true do create(:customer, organization: organization) end - before do - configure_elasticsearch do + describe 'request handling', searchindex: true do + before do + configure_elasticsearch do - travel 1.minute + travel 1.minute - rebuild_searchindex + rebuild_searchindex - # execute background jobs - Scheduler.worker(true) + # execute background jobs + Scheduler.worker(true) - sleep 6 + sleep 6 + end end - end - - describe 'request handling' do it 'does index with agent' do @@ -570,4 +569,13 @@ RSpec.describe 'Organization', type: :request, searchindex: true do expect(organization2.active).to eq(false) end end + + describe 'DELETE /api/v1/organizations', authenticated_as: -> { create(:admin) }, searchindex: false do + it 'does organization deletion' do + organization = create(:organization) + delete "/api/v1/organizations/#{organization.id}", params: {}, as: :json + expect(response).to have_http_status(:ok) + expect { organization.reload }.to raise_error(ActiveRecord::RecordNotFound) + end + end end diff --git a/spec/requests/user_spec.rb b/spec/requests/user_spec.rb index 0e96ffcf5..871de4543 100644 --- a/spec/requests/user_spec.rb +++ b/spec/requests/user_spec.rb @@ -1142,6 +1142,15 @@ RSpec.describe 'User', type: :request do end end + describe 'DELETE /api/v1/users', authenticated_as: -> { create(:admin) }, searchindex: false do + it 'does user deletion' do + customer = create(:customer) + delete "/api/v1/users/#{customer.id}", params: {}, as: :json + expect(response).to have_http_status(:ok) + expect { customer.reload }.to raise_error(ActiveRecord::RecordNotFound) + end + end + describe 'POST /api/v1/users', authenticated_as: -> { create(:admin) }, searchindex: false do def make_request(params) post '/api/v1/users', params: params, as: :json