Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Browse Source

Fixes #3611 - New location notification with X-On-Behalf.

Dominik Klein 3 years ago
parent
00169d67a9
commit
6cbe99704f
2 changed files with 31 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      app/controllers/application_controller/handles_devices.rb
  2. 29 0
      spec/requests/api_auth_on_behalf_of_spec.rb

+ 2 - 0
app/controllers/application_controller/handles_devices.rb
View File 

@@ -17,6 +17,7 @@ module ApplicationController::HandlesDevices
 
     switched_from_user_id = ENV['SWITCHED_FROM_USER_ID'] || session[:switched_from_user_id]
 
     return true if params[:controller] == 'init' # do no device logging on static initial page
 
     return true if switched_from_user_id
 
+    return true if current_user_on_behalf # do no device logging for the user on behalf feature
 
     return true if !user
 
     return true if !user.permissions?('user_preferences.device')
 
     return true if type == 'SSO'
 
@@ -42,6 +43,7 @@ module ApplicationController::HandlesDevices
 
 
     # if ip has not changed and ttl in still valid
 
     remote_ip = ENV['TEST_REMOTE_IP'] || request.remote_ip
 
+
 
     return true if time_to_check == false && session[:user_device_remote_ip] == remote_ip
 
 
     session[:user_device_remote_ip] = remote_ip

+ 29 - 0
spec/requests/api_auth_on_behalf_of_spec.rb
View File 

@@ -211,5 +211,34 @@ RSpec.describe 'Api Auth On Behalf Of', type: :request do
 
         expect(customer.id).to eq(json_response['created_by_id'])
 
       end
 
     end
 
+
 
+    context 'when customer account has device user permission' do
 
+      let(:customer_user_devices_role) do
 
+        create(:role).tap { |role| role.permission_grant('user_preferences.device') }
 
+      end
 
+
 
+      let(:customer) do
 
+        create(:customer, firstname: 'Behalf of', role_ids: Role.signup_role_ids.push(customer_user_devices_role.id))
 
+      end
 
+
 
+      it 'creates Ticket because of behalf of customer user, which should not trigger a new user device' do
 
+        params = {
 
+          title:       'a new ticket #3',
 
+          group:       'Users',
 
+          priority:    '2 normal',
 
+          state:       'new',
 
+          customer_id: customer.id,
 
+          article:     {
 
+            body: 'some test 123',
 
+          },
 
+        }
 
+        authenticated_as(admin, on_behalf_of: customer.email)
 
+        post '/api/v1/tickets', params: params, as: :json
 
+        expect(response).to have_http_status(:created)
 
+        expect(customer.id).to eq(json_response['created_by_id'])
 
+
 
+        expect { Scheduler.worker(true) }.to change(UserDevice, :count).by(0)
 
+      end
 
+    end
 
   end
 
 end