Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Fixes #3611 - New location notification with X-On-Behalf.

Browse source
This commit is contained in:
Dominik Klein 2021-07-05 12:19:06 +02:00
parent 00169d67a9
commit 6cbe99704f
2 changed files with 31 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/application_controller/handles_devices.rb
View file

@ -17,6 +17,7 @@ module ApplicationController::HandlesDevices
switched_from_user_id = ENV['SWITCHED_FROM_USER_ID'] || session[:switched_from_user_id] switched_from_user_id = ENV['SWITCHED_FROM_USER_ID'] || session[:switched_from_user_id]
return true if params[:controller] == 'init' # do no device logging on static initial page return true if params[:controller] == 'init' # do no device logging on static initial page
return true if switched_from_user_id return true if switched_from_user_id
return true if current_user_on_behalf # do no device logging for the user on behalf feature
return true if !user return true if !user
return true if !user.permissions?('user_preferences.device') return true if !user.permissions?('user_preferences.device')
return true if type == 'SSO' return true if type == 'SSO'
@ -42,6 +43,7 @@ module ApplicationController::HandlesDevices
# if ip has not changed and ttl in still valid # if ip has not changed and ttl in still valid
remote_ip = ENV['TEST_REMOTE_IP'] || request.remote_ip remote_ip = ENV['TEST_REMOTE_IP'] || request.remote_ip
return true if time_to_check == false && session[:user_device_remote_ip] == remote_ip return true if time_to_check == false && session[:user_device_remote_ip] == remote_ip
session[:user_device_remote_ip] = remote_ip session[:user_device_remote_ip] = remote_ip

29
spec/requests/api_auth_on_behalf_of_spec.rb
View file

@ -211,5 +211,34 @@ RSpec.describe 'Api Auth On Behalf Of', type: :request do
expect(customer.id).to eq(json_response['created_by_id']) expect(customer.id).to eq(json_response['created_by_id'])
end end
end end
context 'when customer account has device user permission' do
let(:customer_user_devices_role) do
create(:role).tap { |role| role.permission_grant('user_preferences.device') }
end
let(:customer) do
create(:customer, firstname: 'Behalf of', role_ids: Role.signup_role_ids.push(customer_user_devices_role.id))
end
it 'creates Ticket because of behalf of customer user, which should not trigger a new user device' do
params = {
title: 'a new ticket #3',
group: 'Users',
priority: '2 normal',
state: 'new',
customer_id: customer.id,
article: {
body: 'some test 123',
},
}
authenticated_as(admin, on_behalf_of: customer.email)
post '/api/v1/tickets', params: params, as: :json
expect(response).to have_http_status(:created)
expect(customer.id).to eq(json_response['created_by_id'])
expect { Scheduler.worker(true) }.to change(UserDevice, :count).by(0)
end
end
end end
end end