diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index 16ff6ebc5..d94687946 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -170,6 +170,7 @@ curl http://localhost/api/v1/organization/{id} -v -u #{login}:#{password} -H "Co =end def destroy + model_references_check(Organization, params) model_destroy_render(Organization, params) end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 6975cc8e3..4eea0d051 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -174,6 +174,7 @@ class UsersController < ApplicationController user = User.find(params[:id]) authorize!(user) + model_references_check(User, params) model_destroy_render(User, params) end diff --git a/app/policies/controllers/organizations_controller_policy.rb b/app/policies/controllers/organizations_controller_policy.rb index d45c0b04a..2530cb618 100644 --- a/app/policies/controllers/organizations_controller_policy.rb +++ b/app/policies/controllers/organizations_controller_policy.rb @@ -1,7 +1,7 @@ class Controllers::OrganizationsControllerPolicy < Controllers::ApplicationControllerPolicy - permit! %i[destroy import_example], to: 'admin.organization' + permit! :import_example, to: 'admin.organization' permit! :import_start, to: 'admin.user' - permit! %i[create update search history], to: ['ticket.agent', 'admin.organization'] + permit! %i[create update destroy search history], to: ['ticket.agent', 'admin.organization'] def show? return true if user.permissions?(['ticket.agent', 'admin.organization']) diff --git a/spec/requests/organization_spec.rb b/spec/requests/organization_spec.rb index babc13e7d..c91c2f8ed 100644 --- a/spec/requests/organization_spec.rb +++ b/spec/requests/organization_spec.rb @@ -1,6 +1,6 @@ require 'rails_helper' -RSpec.describe 'Organization', type: :request do +RSpec.describe 'Organization', type: :request, searchindex: true do let!(:admin) do create(:admin, groups: Group.all) @@ -39,20 +39,21 @@ RSpec.describe 'Organization', type: :request do create(:customer, organization: organization) end - describe 'request handling', searchindex: true do - before do - configure_elasticsearch do + before do + configure_elasticsearch do - travel 1.minute + travel 1.minute - rebuild_searchindex + rebuild_searchindex - # execute background jobs - Scheduler.worker(true) + # execute background jobs + Scheduler.worker(true) - sleep 6 - end + sleep 6 end + end + + describe 'request handling' do it 'does index with agent' do @@ -569,13 +570,4 @@ RSpec.describe 'Organization', type: :request do expect(organization2.active).to eq(false) end end - - describe 'DELETE /api/v1/organizations', authenticated_as: -> { create(:admin) }, searchindex: false do - it 'does organization deletion' do - organization = create(:organization) - delete "/api/v1/organizations/#{organization.id}", params: {}, as: :json - expect(response).to have_http_status(:ok) - expect { organization.reload }.to raise_error(ActiveRecord::RecordNotFound) - end - end end diff --git a/spec/requests/user_spec.rb b/spec/requests/user_spec.rb index 871de4543..0e96ffcf5 100644 --- a/spec/requests/user_spec.rb +++ b/spec/requests/user_spec.rb @@ -1142,15 +1142,6 @@ RSpec.describe 'User', type: :request do end end - describe 'DELETE /api/v1/users', authenticated_as: -> { create(:admin) }, searchindex: false do - it 'does user deletion' do - customer = create(:customer) - delete "/api/v1/users/#{customer.id}", params: {}, as: :json - expect(response).to have_http_status(:ok) - expect { customer.reload }.to raise_error(ActiveRecord::RecordNotFound) - end - end - describe 'POST /api/v1/users', authenticated_as: -> { create(:admin) }, searchindex: false do def make_request(params) post '/api/v1/users', params: params, as: :json