From 50c1633124344a10b4a08c3ecdfbb226293a3b06 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 11 Sep 2016 15:24:10 +0200
Subject: [PATCH] Improved user/org search.

---
 app/controllers/organizations_controller.rb   |  32 ++++--
 app/controllers/users_controller.rb           |  30 +++--
 test/controllers/tickets_controller_test.rb   |   4 +-
 .../user_organization_controller_test.rb      | 105 +++++++++++++++---
 4 files changed, 130 insertions(+), 41 deletions(-)

diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb
index baa16ae29..825831b02 100644
--- a/app/controllers/organizations_controller.rb
+++ b/app/controllers/organizations_controller.rb
@@ -255,10 +255,10 @@ curl http://localhost/api/v1/organization/{id} -v -u #{login}:#{password} -H "Co
     end
 
     # build result list
-    if !params[:full]
+    if params[:label]
       organizations = []
       organization_all.each { |organization|
-        a = { id: organization.id, label: organization.name }
+        a = { id: organization.id, label: organization.name, value: organization.name }
         organizations.push a
       }
 
@@ -267,18 +267,26 @@ curl http://localhost/api/v1/organization/{id} -v -u #{login}:#{password} -H "Co
       return
     end
 
-    organization_ids = []
-    assets = {}
-    organization_all.each { |organization|
-      assets = organization.assets(assets)
-      organization_ids.push organization.id
-    }
+    if params[:full]
+      organization_ids = []
+      assets = {}
+      organization_all.each { |organization|
+        assets = organization.assets(assets)
+        organization_ids.push organization.id
+      }
 
-    # return result
-    render json: {
-      assets: assets,
-      organization_ids: organization_ids.uniq,
+      # return result
+      render json: {
+        assets: assets,
+        organization_ids: organization_ids.uniq,
+      }
+    end
+
+    list = []
+    organization_all.each { |organization|
+      list.push organization.attributes
     }
+    render json: list, status: :ok
   end
 
   # GET /api/v1/organizations/history/1
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 5ad3e529e..30ceeabe9 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -361,7 +361,7 @@ class UsersController < ApplicationController
     end
 
     # build result list
-    if !params[:full]
+    if params[:label]
       users = []
       user_all.each { |user|
         realname = user.firstname.to_s + ' ' + user.lastname.to_s
@@ -377,18 +377,26 @@ class UsersController < ApplicationController
       return
     end
 
-    user_ids = []
-    assets   = {}
-    user_all.each { |user|
-      assets = user.assets(assets)
-      user_ids.push user.id
-    }
+    if params[:full]
+      user_ids = []
+      assets   = {}
+      user_all.each { |user|
+        assets = user.assets(assets)
+        user_ids.push user.id
+      }
 
-    # return result
-    render json: {
-      assets: assets,
-      user_ids: user_ids.uniq,
+      # return result
+      render json: {
+        assets: assets,
+        user_ids: user_ids.uniq,
+      }
+    end
+
+    list = []
+    user_all.each { |user|
+      list.push user.attributes
     }
+    render json: list, status: :ok
   end
 
   # @path       [GET] /users/recent
diff --git a/test/controllers/tickets_controller_test.rb b/test/controllers/tickets_controller_test.rb
index bffc326a5..a1750fd86 100644
--- a/test/controllers/tickets_controller_test.rb
+++ b/test/controllers/tickets_controller_test.rb
@@ -280,7 +280,7 @@ class TicketsControllerTest < ActionDispatch::IntegrationTest
     assert_equal(Ticket::Article::Type.lookup(name: 'note').id, article_result['type_id'])
 
     Scheduler.worker(true)
-    get "/api/v1/tickets/search?query=\"#{CGI.escape(title)}\"", {}, @headers.merge('Authorization' => credentials)
+    get "/api/v1/tickets/search?query=#{CGI.escape(title)}", {}, @headers.merge('Authorization' => credentials)
     assert_response(200)
     result = JSON.parse(@response.body)
     assert_equal(Hash, result.class)
@@ -595,7 +595,7 @@ class TicketsControllerTest < ActionDispatch::IntegrationTest
     assert_equal(Ticket::Article::Type.lookup(name: 'note').id, article_result['type_id'])
 
     Scheduler.worker(true)
-    get "/api/v1/tickets/search?query=\"#{CGI.escape(title)}\"", {}, @headers.merge('Authorization' => credentials)
+    get "/api/v1/tickets/search?query=#{CGI.escape(title)}", {}, @headers.merge('Authorization' => credentials)
     assert_response(200)
     result = JSON.parse(@response.body)
     assert_equal(Hash, result.class)
diff --git a/test/controllers/user_organization_controller_test.rb b/test/controllers/user_organization_controller_test.rb
index 3d3284096..749735ad7 100644
--- a/test/controllers/user_organization_controller_test.rb
+++ b/test/controllers/user_organization_controller_test.rb
@@ -290,16 +290,47 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
 
     # create user with customer role
     role = Role.lookup(name: 'Customer')
-    params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent_by_agent@example.com', role_ids: [ role.id ] }
+    params = { firstname: 'Customer First', lastname: 'Customer Last', email: 'new_agent_by_agent@example.com', role_ids: [ role.id ] }
     post '/api/v1/users', params.to_json, @headers.merge('Authorization' => credentials)
     assert_response(201)
-    result = JSON.parse(@response.body)
-    assert(result)
-    user = User.find(result['id'])
+    result_user1 = JSON.parse(@response.body)
+    assert(result_user1)
+    user = User.find(result_user1['id'])
     assert_not(user.role?('Admin'))
     assert_not(user.role?('Agent'))
     assert(user.role?('Customer'))
 
+    # search as agent
+    Scheduler.worker(true)
+    get "/api/v1/users/search?query=#{CGI.escape('First')}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Array, result.class)
+    assert_equal(result_user1['id'], result[0]['id'])
+    assert_equal('Customer First', result[0]['firstname'])
+    assert_equal('Customer Last', result[0]['lastname'])
+    assert_not(result[0]['role_ids'])
+    assert_not(result[0]['roles'])
+
+    get "/api/v1/users/search?query=#{CGI.escape('First')}&expand=true", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Array, result.class)
+    assert_equal(result_user1['id'], result[0]['id'])
+    assert_equal('Customer First', result[0]['firstname'])
+    assert_equal('Customer Last', result[0]['lastname'])
+    assert(result[0]['role_ids'])
+    assert(result[0]['roles'])
+
+    get "/api/v1/users/search?query=#{CGI.escape('First')}&label=true", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Array, result.class)
+    assert_equal(result_user1['id'], result[0]['id'])
+    assert_equal('Customer First Customer Last <new_agent_by_agent@example.com>', result[0]['label'])
+    assert_equal('Customer First Customer Last <new_agent_by_agent@example.com>', result[0]['value'])
+    assert_not(result[0]['role_ids'])
+    assert_not(result[0]['roles'])
   end
 
   test 'user index and create with customer1' do
@@ -338,6 +369,10 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
     post '/api/v1/users', params.to_json, @headers.merge('Authorization' => credentials)
     assert_response(401)
 
+    # search
+    Scheduler.worker(true)
+    get "/api/v1/users/search?query=#{CGI.escape('First')}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
   end
 
   test 'user index with customer2' do
@@ -364,6 +399,10 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
     assert_equal(result.class, Hash)
     assert(result['error'])
 
+    # search
+    Scheduler.worker(true)
+    get "/api/v1/users/search?query=#{CGI.escape('First')}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
   end
 
   test 'organization index with agent' do
@@ -381,15 +420,41 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
     get "/api/v1/organizations/#{@organization.id}", {}, @headers.merge('Authorization' => credentials)
     assert_response(200)
     result = JSON.parse(@response.body)
-    assert_equal( result.class, Hash)
-    assert_equal( result['name'], 'Rest Org')
+    assert_equal(result.class, Hash)
+    assert_equal(result['name'], 'Rest Org')
 
     get "/api/v1/organizations/#{@organization2.id}", {}, @headers.merge('Authorization' => credentials)
     assert_response(200)
     result = JSON.parse(@response.body)
-    assert_equal( result.class, Hash)
-    assert_equal( result['name'], 'Rest Org #2')
+    assert_equal(result.class, Hash)
+    assert_equal(result['name'], 'Rest Org #2')
 
+    # search as agent
+    Scheduler.worker(true)
+    get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Array, result.class)
+    assert_equal('Zammad Foundation', result[0]['name'])
+    assert_not(result[0]['member_ids'])
+    assert_not(result[0]['members'])
+
+    get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&expand=true", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Array, result.class)
+    assert_equal('Zammad Foundation', result[0]['name'])
+    assert(result[0]['member_ids'])
+    assert(result[0]['members'])
+
+    get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&label=true", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Array, result.class)
+    assert_equal('Zammad Foundation', result[0]['label'])
+    assert_equal('Zammad Foundation', result[0]['value'])
+    assert_not(result[0]['member_ids'])
+    assert_not(result[0]['members'])
   end
 
   test 'organization index with customer1' do
@@ -407,15 +472,19 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
     get "/api/v1/organizations/#{@organization.id}", {}, @headers.merge('Authorization' => credentials)
     assert_response(200)
     result = JSON.parse(@response.body)
-    assert_equal( result.class, Hash)
-    assert_equal( result['name'], nil)
+    assert_equal(result.class, Hash)
+    assert_equal(result['name'], nil)
 
     get "/api/v1/organizations/#{@organization2.id}", {}, @headers.merge('Authorization' => credentials)
     assert_response(200)
     result = JSON.parse(@response.body)
-    assert_equal( result.class, Hash)
-    assert_equal( result['name'], nil)
+    assert_equal(result.class, Hash)
+    assert_equal(result['name'], nil)
 
+    # search
+    Scheduler.worker(true)
+    get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
   end
 
   test 'organization index with customer2' do
@@ -433,15 +502,19 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
     get "/api/v1/organizations/#{@organization.id}", {}, @headers.merge('Authorization' => credentials)
     assert_response(200)
     result = JSON.parse(@response.body)
-    assert_equal( result.class, Hash)
-    assert_equal( result['name'], 'Rest Org')
+    assert_equal(result.class, Hash)
+    assert_equal(result['name'], 'Rest Org')
 
     get "/api/v1/organizations/#{@organization2.id}", {}, @headers.merge('Authorization' => credentials)
     assert_response(401)
     result = JSON.parse(@response.body)
-    assert_equal( result.class, Hash)
-    assert_equal( result['name'], nil)
+    assert_equal(result.class, Hash)
+    assert_equal(result['name'], nil)
 
+    # search
+    Scheduler.worker(true)
+    get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
   end
 
 end