Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Tree: 0d519f4847
Branches Tags
zammad
/
spec
/
policies
/
controllers
/
time_accountings_controller_policy_spec.rb

time_accountings_controller_policy_spec.rb 2.5 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
    2. 

  2. 

  3. require 'rails_helper'
    4. 

  4. 

  5. describe Controllers::TimeAccountingsControllerPolicy do
    6. 

  6.   subject { described_class.new(user, record) }
    7. 

  7. 

  8.   let(:group)                   { ticket.group }
    9. 

  9.   let(:ticket)                  { create(:ticket) }
    10. 

  10.   let(:time_accounting_enabled) { true }
    11. 

  11. 

  12.   let(:record_class) { TimeAccountingsController }
    13. 

  13.   let(:record) do
    14. 

  14.     rec        = record_class.new
    15. 

  15.     rec.params = { ticket_id: ticket.id }
    16. 

  16. 

  17.     rec
    18. 

  18.   end
    19. 

  19. 

  20.   before do
    21. 

  21.     Setting.set 'time_accounting', time_accounting_enabled
    22. 

  22.   end
    23. 

  23. 

  24.   context 'with agent who has update access to ticket' do
    25. 

  25.     let(:user) { create(:agent, groups: [group]) }
    26. 

  26. 

  27.     it { is_expected.to forbid_actions(:update, :destroy) }
    28. 

  28.     it { is_expected.to permit_actions(:index, :show, :create) }
    29. 

  29. 

  30.     context 'when time accounting is disabled' do
    31. 

  31.       let(:time_accounting_enabled) { false }
    32. 

  32. 

  33.       it { is_expected.to forbid_actions(:create) }
    34. 

  34.       it { is_expected.to permit_actions(:index, :show) }
    35. 

  35.     end
    36. 

  36. 

  37.     context 'when time accounting is not allowed' do
    38. 

  38.       before do
    39. 

  39.         allow_any_instance_of(Ticket::TimeAccountingPolicy)
    40. 

  40.           .to receive(:create?).and_return(false)
    41. 

  41.       end
    42. 

  42. 

  43.       it { is_expected.to forbid_actions(:create) }
    44. 

  44.       it { is_expected.to permit_actions(:index, :show) }
    45. 

  45.     end
    46. 

  46. 

  47.     context 'when time accounting selector is present and not matching' do
    48. 

  48.       before do
    49. 

  49.         allow_any_instance_of(Ticket::TimeAccountingPolicy)
    50. 

  50.           .to receive(:create?).and_return(true)
    51. 

  51.       end
    52. 

  52. 

  53.       it { is_expected.to permit_actions(:create, :index, :show) }
    54. 

  54.     end
    55. 

  55.   end
    56. 

  56. 

  57.   context 'with agent who has no access to ticket' do
    58. 

  58.     let(:user) { create(:agent) }
    59. 

  59. 

  60.     it { is_expected.to forbid_actions(:index, :show, :create, :update, :destroy) }
    61. 

  61.   end
    62. 

  62. 

  63.   context 'with agent who has read access to ticket' do
    64. 

  64.     let(:user) { create(:agent) }
    65. 

  65. 

  66.     before do
    67. 

  67.       user.user_groups.create! group: group, access: 'read'
    68. 

  68.     end
    69. 

  69. 

  70.     it { is_expected.to forbid_actions(:index, :show, :create, :update, :destroy) }
    71. 

  71.   end
    72. 

  72. 

  73.   context 'with admin who has no access to ticket' do
    74. 

  74.     let(:user) { create(:admin) }
    75. 

  75. 

  76.     it { is_expected.to permit_actions(:index, :show, :create, :update, :destroy) }
    77. 

  77.   end
    78. 

  78. 

  79.   context 'with customer who has access to ticket' do
    80. 

  80.     let(:user) { create(:customer) }
    81. 

  81. 

  82.     before do
    83. 

  83.       ticket.update! customer: user
    84. 

  84.     end
    85. 

  85. 

  86.     it { is_expected.to forbid_actions(:index, :show, :create, :update, :destroy) }
    87. 

  87.   end
    88. 

  88. end
    89.