# encoding: utf-8 require 'test_helper' class SearchControllerTest < ActionDispatch::IntegrationTest def base_data # clear cache Cache.clear # remove background jobs Delayed::Job.destroy_all # set current user UserInfo.current_user_id = 1 # set accept header @headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' } # create agent roles = Role.where(name: %w(Admin Agent)) groups = Group.all @admin = User.create_or_update( login: 'search-admin', firstname: 'Search', lastname: 'Admin', email: 'search-admin@example.com', password: 'adminpw', active: true, roles: roles, groups: groups, ) # create agent roles = Role.where(name: 'Agent') @agent = User.create_or_update( login: 'search-agent@example.com', firstname: 'Search 1234', lastname: 'Agent', email: 'search-agent@example.com', password: 'agentpw', active: true, roles: roles, groups: groups, ) # create customer without org roles = Role.where(name: 'Customer') @customer_without_org = User.create_or_update( login: 'search-customer1@example.com', firstname: 'Search', lastname: 'Customer1', email: 'search-customer1@example.com', password: 'customer1pw', active: true, roles: roles, ) # create orgs @organization = Organization.create_or_update( name: 'Rest Org', ) @organization2 = Organization.create_or_update( name: 'Rest Org #2', ) @organization3 = Organization.create_or_update( name: 'Rest Org #3', ) # create customer with org @customer_with_org2 = User.create_or_update( login: 'search-customer2@example.com', firstname: 'Search', lastname: 'Customer2', email: 'search-customer2@example.com', password: 'customer2pw', active: true, roles: roles, organization_id: @organization.id, ) @customer_with_org3 = User.create_or_update( login: 'search-customer3@example.com', firstname: 'Search', lastname: 'Customer3', email: 'search-customer3@example.com', password: 'customer3pw', active: true, roles: roles, organization_id: @organization.id, ) Ticket.all.destroy_all @ticket1 = Ticket.create( title: 'test 1234-1', group: Group.lookup(name: 'Users'), customer_id: @customer_without_org.id, state: Ticket::State.lookup(name: 'new'), priority: Ticket::Priority.lookup(name: '2 normal'), updated_by_id: 1, created_by_id: 1, ) @article1 = Ticket::Article.create( ticket_id: @ticket1.id, from: 'some_sender1@example.com', to: 'some_recipient1@example.com', subject: 'some subject1', message_id: 'some@id', body: 'some message1', internal: false, sender: Ticket::Article::Sender.where(name: 'Customer').first, type: Ticket::Article::Type.where(name: 'email').first, updated_by_id: 1, created_by_id: 1, ) sleep 1 @ticket2 = Ticket.create( title: 'test 1234-2', group: Group.lookup(name: 'Users'), customer_id: @customer_with_org2.id, state: Ticket::State.lookup(name: 'new'), priority: Ticket::Priority.lookup(name: '2 normal'), updated_by_id: 1, created_by_id: 1, ) @article2 = Ticket::Article.create( ticket_id: @ticket2.id, from: 'some_sender2@example.com', to: 'some_recipient2@example.com', subject: 'some subject2', message_id: 'some@id', body: 'some message2', internal: false, sender: Ticket::Article::Sender.where(name: 'Customer').first, type: Ticket::Article::Type.where(name: 'email').first, updated_by_id: 1, created_by_id: 1, ) sleep 1 @ticket3 = Ticket.create( title: 'test 1234-2', group: Group.lookup(name: 'Users'), customer_id: @customer_with_org3.id, state: Ticket::State.lookup(name: 'new'), priority: Ticket::Priority.lookup(name: '2 normal'), updated_by_id: 1, created_by_id: 1, ) @article3 = Ticket::Article.create( ticket_id: @ticket3.id, from: 'some_sender3@example.com', to: 'some_recipient3@example.com', subject: 'some subject3', message_id: 'some@id', body: 'some message3', internal: false, sender: Ticket::Article::Sender.where(name: 'Customer').first, type: Ticket::Article::Type.where(name: 'email').first, updated_by_id: 1, created_by_id: 1, ) # configure es if ENV['ES_URL'] #fail "ERROR: Need ES_URL - hint ES_URL='http://172.0.0.1:9200'" Setting.set('es_url', ENV['ES_URL']) # Setting.set('es_url', 'http://172.0.0.1:9200') # Setting.set('es_index', 'estest.local_zammad') # Setting.set('es_user', 'elasticsearch') # Setting.set('es_password', 'zammad') # set max attachment size in mb Setting.set('es_attachment_max_size_in_mb', 1) if ENV['ES_INDEX'] #fail "ERROR: Need ES_INDEX - hint ES_INDEX='estest.local_zammad'" Setting.set('es_index', ENV['ES_INDEX']) end # drop/create indexes #Rake::Task["searchindex:drop"].execute #Rake::Task["searchindex:create"].execute system('rake searchindex:rebuild') # execute background jobs Scheduler.worker(true) sleep 6 end end test 'settings index with nobody' do base_data params = { query: 'test 1234', limit: 2, } post '/api/v1/search/ticket', params.to_json, @headers assert_response(401) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert_not(result.empty?) assert_equal('authentication failed', result['error']) post '/api/v1/search/user', params.to_json, @headers assert_response(401) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert_not(result.empty?) assert_equal('authentication failed', result['error']) post '/api/v1/search', params.to_json, @headers assert_response(401) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert_not(result.empty?) assert_equal('authentication failed', result['error']) end test 'settings index with admin' do base_data credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-admin@example.com', 'adminpw') params = { query: '1234*', limit: 1, } post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert(result) assert_equal('Ticket', result['result'][0]['type']) assert_equal(@ticket3.id, result['result'][0]['id']) assert_equal('User', result['result'][1]['type']) assert_equal(@agent.id, result['result'][1]['id']) assert_not(result['result'][2]) params = { query: '1234*', limit: 10, } post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert(result) assert_equal('Ticket', result['result'][0]['type']) assert_equal(@ticket3.id, result['result'][0]['id']) assert_equal('Ticket', result['result'][1]['type']) assert_equal(@ticket2.id, result['result'][1]['id']) assert_equal('Ticket', result['result'][2]['type']) assert_equal(@ticket1.id, result['result'][2]['id']) assert_equal('User', result['result'][3]['type']) assert_equal(@agent.id, result['result'][3]['id']) assert_not(result['result'][4]) params = { query: '1234*', limit: 10, } post '/api/v1/search/ticket', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert(result) assert_equal('Ticket', result['result'][0]['type']) assert_equal(@ticket3.id, result['result'][0]['id']) assert_equal('Ticket', result['result'][1]['type']) assert_equal(@ticket2.id, result['result'][1]['id']) assert_equal('Ticket', result['result'][2]['type']) assert_equal(@ticket1.id, result['result'][2]['id']) assert_not(result['result'][3]) params = { query: '1234*', limit: 10, } post '/api/v1/search/user', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert_equal('User', result['result'][0]['type']) assert_equal(@agent.id, result['result'][0]['id']) assert_not(result['result'][1]) end test 'settings index with agent' do base_data credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-agent@example.com', 'agentpw') params = { query: '1234*', limit: 1, } post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert(result) assert_equal('Ticket', result['result'][0]['type']) assert_equal(@ticket3.id, result['result'][0]['id']) assert_equal('User', result['result'][1]['type']) assert_equal(@agent.id, result['result'][1]['id']) assert_not(result['result'][2]) params = { query: '1234*', limit: 10, } post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert(result) assert_equal('Ticket', result['result'][0]['type']) assert_equal(@ticket3.id, result['result'][0]['id']) assert_equal('Ticket', result['result'][1]['type']) assert_equal(@ticket2.id, result['result'][1]['id']) assert_equal('Ticket', result['result'][2]['type']) assert_equal(@ticket1.id, result['result'][2]['id']) assert_equal('User', result['result'][3]['type']) assert_equal(@agent.id, result['result'][3]['id']) assert_not(result['result'][4]) params = { query: '1234*', limit: 10, } post '/api/v1/search/ticket', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert(result) assert_equal('Ticket', result['result'][0]['type']) assert_equal(@ticket3.id, result['result'][0]['id']) assert_equal('Ticket', result['result'][1]['type']) assert_equal(@ticket2.id, result['result'][1]['id']) assert_equal('Ticket', result['result'][2]['type']) assert_equal(@ticket1.id, result['result'][2]['id']) assert_not(result['result'][3]) params = { query: '1234*', limit: 10, } post '/api/v1/search/user', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert_equal('User', result['result'][0]['type']) assert_equal(@agent.id, result['result'][0]['id']) assert_not(result['result'][1]) end test 'settings index with customer 1' do base_data credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-customer1@example.com', 'customer1pw') params = { query: '1234*', limit: 10, } post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert(result) assert_equal('Ticket', result['result'][0]['type']) assert_equal(@ticket1.id, result['result'][0]['id']) assert_not(result['result'][1]) params = { query: '1234*', limit: 10, } post '/api/v1/search/ticket', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert(result) assert_equal('Ticket', result['result'][0]['type']) assert_equal(@ticket1.id, result['result'][0]['id']) assert_not(result['result'][1]) params = { query: '1234*', limit: 10, } post '/api/v1/search/user', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert_not(result['result'][0]) end test 'settings index with customer 2' do base_data credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-customer2@example.com', 'customer2pw') params = { query: '1234*', limit: 10, } post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert(result) assert_equal('Ticket', result['result'][0]['type']) assert_equal(@ticket3.id, result['result'][0]['id']) assert_equal('Ticket', result['result'][1]['type']) assert_equal(@ticket2.id, result['result'][1]['id']) assert_not(result['result'][2]) params = { query: '1234*', limit: 10, } post '/api/v1/search/ticket', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert(result) assert_equal('Ticket', result['result'][0]['type']) assert_equal(@ticket3.id, result['result'][0]['id']) assert_equal('Ticket', result['result'][1]['type']) assert_equal(@ticket2.id, result['result'][1]['id']) assert_not(result['result'][2]) params = { query: '1234*', limit: 10, } post '/api/v1/search/user', params.to_json, @headers.merge('Authorization' => credentials) assert_response(200) result = JSON.parse(@response.body) assert_equal(Hash, result.class) assert_not(result['result'][0]) end end