Revert "Fixes #2605 - Deletion via API impossible when user logged in at some point."
This reverts commit 0242c05165
.
This commit is contained in:
parent
0242c05165
commit
a0dc877e33
5 changed files with 15 additions and 30 deletions
|
@ -170,6 +170,7 @@ curl http://localhost/api/v1/organization/{id} -v -u #{login}:#{password} -H "Co
|
||||||
=end
|
=end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
|
model_references_check(Organization, params)
|
||||||
model_destroy_render(Organization, params)
|
model_destroy_render(Organization, params)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -174,6 +174,7 @@ class UsersController < ApplicationController
|
||||||
user = User.find(params[:id])
|
user = User.find(params[:id])
|
||||||
authorize!(user)
|
authorize!(user)
|
||||||
|
|
||||||
|
model_references_check(User, params)
|
||||||
model_destroy_render(User, params)
|
model_destroy_render(User, params)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
class Controllers::OrganizationsControllerPolicy < Controllers::ApplicationControllerPolicy
|
class Controllers::OrganizationsControllerPolicy < Controllers::ApplicationControllerPolicy
|
||||||
permit! %i[destroy import_example], to: 'admin.organization'
|
permit! :import_example, to: 'admin.organization'
|
||||||
permit! :import_start, to: 'admin.user'
|
permit! :import_start, to: 'admin.user'
|
||||||
permit! %i[create update search history], to: ['ticket.agent', 'admin.organization']
|
permit! %i[create update destroy search history], to: ['ticket.agent', 'admin.organization']
|
||||||
|
|
||||||
def show?
|
def show?
|
||||||
return true if user.permissions?(['ticket.agent', 'admin.organization'])
|
return true if user.permissions?(['ticket.agent', 'admin.organization'])
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
require 'rails_helper'
|
require 'rails_helper'
|
||||||
|
|
||||||
RSpec.describe 'Organization', type: :request do
|
RSpec.describe 'Organization', type: :request, searchindex: true do
|
||||||
|
|
||||||
let!(:admin) do
|
let!(:admin) do
|
||||||
create(:admin, groups: Group.all)
|
create(:admin, groups: Group.all)
|
||||||
|
@ -39,20 +39,21 @@ RSpec.describe 'Organization', type: :request do
|
||||||
create(:customer, organization: organization)
|
create(:customer, organization: organization)
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'request handling', searchindex: true do
|
before do
|
||||||
before do
|
configure_elasticsearch do
|
||||||
configure_elasticsearch do
|
|
||||||
|
|
||||||
travel 1.minute
|
travel 1.minute
|
||||||
|
|
||||||
rebuild_searchindex
|
rebuild_searchindex
|
||||||
|
|
||||||
# execute background jobs
|
# execute background jobs
|
||||||
Scheduler.worker(true)
|
Scheduler.worker(true)
|
||||||
|
|
||||||
sleep 6
|
sleep 6
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe 'request handling' do
|
||||||
|
|
||||||
it 'does index with agent' do
|
it 'does index with agent' do
|
||||||
|
|
||||||
|
@ -569,13 +570,4 @@ RSpec.describe 'Organization', type: :request do
|
||||||
expect(organization2.active).to eq(false)
|
expect(organization2.active).to eq(false)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'DELETE /api/v1/organizations', authenticated_as: -> { create(:admin) }, searchindex: false do
|
|
||||||
it 'does organization deletion' do
|
|
||||||
organization = create(:organization)
|
|
||||||
delete "/api/v1/organizations/#{organization.id}", params: {}, as: :json
|
|
||||||
expect(response).to have_http_status(:ok)
|
|
||||||
expect { organization.reload }.to raise_error(ActiveRecord::RecordNotFound)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -1142,15 +1142,6 @@ RSpec.describe 'User', type: :request do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'DELETE /api/v1/users', authenticated_as: -> { create(:admin) }, searchindex: false do
|
|
||||||
it 'does user deletion' do
|
|
||||||
customer = create(:customer)
|
|
||||||
delete "/api/v1/users/#{customer.id}", params: {}, as: :json
|
|
||||||
expect(response).to have_http_status(:ok)
|
|
||||||
expect { customer.reload }.to raise_error(ActiveRecord::RecordNotFound)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
describe 'POST /api/v1/users', authenticated_as: -> { create(:admin) }, searchindex: false do
|
describe 'POST /api/v1/users', authenticated_as: -> { create(:admin) }, searchindex: false do
|
||||||
def make_request(params)
|
def make_request(params)
|
||||||
post '/api/v1/users', params: params, as: :json
|
post '/api/v1/users', params: params, as: :json
|
||||||
|
|
Loading…
Reference in a new issue