123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372 |
- # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
- RSpec.shared_examples 'FormUpdater::HasSecurityOptions' do |type:|
- context 'with security options' do
- let(:base_data) do
- case type
- when 'create'
- {
- 'articleSenderType' => 'email-out',
- }
- when 'edit'
- {
- 'article' => {
- 'articleType' => 'email',
- },
- }
- end
- end
- let(:data) { base_data }
- before do
- Setting.set('smime_integration', true)
- Setting.set('smime_config', smime_config) if defined?(smime_config)
- end
- shared_examples 'resolving security field' do |expected_result:|
- it 'resolves security field' do
- result = resolved_result.resolve[:fields]
- expect(result['security']).to include(expected_result)
- end
- end
- shared_examples 'not resolving security field' do
- it 'does not resolve security field' do
- result = resolved_result.resolve[:fields]
- expect(result['security']).to be_nil
- end
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => [] },
- securityDefaultOptions: { 'SMIME' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- }
- context 'when PGP is activated as well' do
- before do
- Setting.set('pgp_integration', true)
- end
- security_messages =
- {
- 'PGP' => { 'encryption' => { message: 'There was no recipient found.', messagePlaceholder: [] }, 'sign' => { message: 'There was no PGP key found.', messagePlaceholder: [] } },
- 'SMIME' => { 'encryption' => { message: 'There was no recipient found.', messagePlaceholder: [] }, 'sign' => { message: 'There was no certificate found.', messagePlaceholder: [] } }
- }
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => [], 'PGP' => [] },
- securityDefaultOptions: { 'SMIME' => [], 'PGP' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- securityMessages: security_messages,
- }
- end
- context 'when secure mailing is not configured' do
- before do
- Setting.set('smime_integration', false)
- end
- it_behaves_like 'not resolving security field'
- end
- context 'without article type present' do
- let(:data) do
- base_data.tap do |data|
- case type
- when 'create'
- data.delete('articleSenderType')
- when 'edit'
- data['article'].delete('articleType')
- end
- end
- end
- it_behaves_like 'not resolving security field'
- end
- context 'with phone article type present' do
- let(:data) do
- base_data.tap do |data|
- case type
- when 'create'
- data['articleSenderType'] = 'phone-out'
- when 'edit'
- data['article']['articleType'] = 'phone'
- end
- end
- end
- it_behaves_like 'not resolving security field'
- end
- context 'when user has no agent permission' do
- let(:user) { create(:customer, groups: [group]) }
- it_behaves_like 'not resolving security field'
- end
- context 'with recipient present' do
- let(:recipient_email_address) { 'smime2@example.com' }
- let(:customer) { create(:customer, email: recipient_email_address) }
- let(:data) do
- base_data.tap do |data|
- case type
- when 'create'
- data['customer_id'] = customer.id.to_s
- when 'edit'
- data['article']['to'] = [customer.email]
- end
- end
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => [] },
- securityDefaultOptions: { 'SMIME' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- securityMessages: { 'SMIME'=>{ 'encryption' => { message: "Can't find S/MIME encryption certificates for: smime2@example.com", messagePlaceholder: [] }, 'sign' => { message: 'There was no certificate found.', messagePlaceholder: [] } } }
- }
- context 'with recipient certificate present' do
- before do
- create(:smime_certificate, fixture: recipient_email_address)
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => ['encryption'] },
- securityDefaultOptions: { 'SMIME' => ['encryption'] },
- value: { 'method' => 'SMIME', 'options' => ['encryption'] },
- securityMessages: { 'SMIME' => { 'encryption' => { message: 'The certificates for %s were found.', messagePlaceholder: ['smime2@example.com'] }, 'sign' => { message: 'There was no certificate found.', messagePlaceholder: [] } } }
- }
- end
- end
- context 'with additional recipient present' do
- let(:recipient_email_address) { 'smime3@example.com' }
- let(:data) do
- base_data.tap do |data|
- case type
- when 'create'
- data['cc'] = [recipient_email_address]
- when 'edit'
- data['article']['cc'] = [recipient_email_address]
- end
- end
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => [] },
- securityDefaultOptions: { 'SMIME' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- }
- context 'with recipient certificate present' do
- before do
- create(:smime_certificate, fixture: recipient_email_address)
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME'=>['encryption'] },
- securityDefaultOptions: { 'SMIME' => ['encryption'] },
- value: { 'method' => 'SMIME', 'options' => ['encryption'] },
- }
- end
- context 'when email address is invalid' do
- let(:recipient_email_address) { 'invalid-email-address' }
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => [] },
- securityDefaultOptions: { 'SMIME' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- }
- end
- end
- context 'with both recipient and additional recipient present' do
- let(:recipient_email_address1) { 'smime2@example.com' }
- let(:recipient_email_address2) { 'smime3@example.com' }
- let(:customer) { create(:customer, email: recipient_email_address1) }
- let(:data) do
- base_data.tap do |data|
- case type
- when 'create'
- data['customer_id'] = customer.id.to_s
- data['cc'] = [recipient_email_address2]
- when 'edit'
- data['article']['to'] = [customer.email]
- data['article']['cc'] = [recipient_email_address2]
- end
- end
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => [] },
- securityDefaultOptions: { 'SMIME' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- }
- context 'with only one recipient certificate present' do
- before do
- create(:smime_certificate, fixture: recipient_email_address1)
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => [] },
- securityDefaultOptions: { 'SMIME' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- }
- end
- context 'with both recipient certificates present' do
- before do
- create(:smime_certificate, fixture: recipient_email_address1)
- create(:smime_certificate, fixture: recipient_email_address2)
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => ['encryption'] },
- securityDefaultOptions: { 'SMIME' => ['encryption'] },
- value: { 'method' => 'SMIME', 'options' => ['encryption'] },
- }
- end
- end
- context 'with group present' do
- let(:data) { base_data.tap { |data| data['group_id'] = group.id } }
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => [] },
- securityDefaultOptions: { 'SMIME' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- }
- context 'when the group has a configured sender address' do
- let(:system_email_address) { 'smime1@example.com' }
- let(:email_address) { create(:email_address, email: system_email_address) }
- let(:group) { create(:group, email_address: email_address) }
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => [] },
- securityDefaultOptions: { 'SMIME' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- }
- context 'with sender certificate present' do
- before do
- create(:smime_certificate, :with_private, fixture: system_email_address)
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME'=>['sign'] },
- securityDefaultOptions: { 'SMIME' => ['sign'] },
- value: { 'method' => 'SMIME', 'options' => ['sign'] },
- }
- end
- end
- end
- context 'with recipient and group present' do
- let(:recipient_email_address) { 'smime2@example.com' }
- let(:system_email_address) { 'smime1@example.com' }
- let(:customer) { create(:customer, email: recipient_email_address) }
- let(:email_address) { create(:email_address, email: system_email_address) }
- let(:group) { create(:group, email_address: email_address) }
- let(:data) do
- base_data.tap do |data|
- case type
- when 'create'
- data['customer_id'] = customer.id.to_s
- data['group_id'] = group.id
- when 'edit'
- data['article']['to'] = [customer.email]
- data['group_id'] = group.id
- end
- end
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => [] },
- securityDefaultOptions: { 'SMIME' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- }
- context 'with recipient and sender certificates present' do
- before do
- create(:smime_certificate, fixture: recipient_email_address)
- create(:smime_certificate, :with_private, fixture: system_email_address)
- end
- it_behaves_like 'resolving security field', expected_result: {
- securityAllowed: { 'SMIME' => %w[sign encryption] },
- securityDefaultOptions: { 'SMIME' => %w[sign encryption] },
- value: { 'method' => 'SMIME', 'options' => %w[sign encryption] },
- }
- context 'with default group configuration' do
- let(:smime_config) do
- {
- 'group_id' => group_defaults
- }
- end
- let(:group_defaults) do
- {
- 'default_encryption' => {
- group.id.to_s => default_encryption,
- },
- 'default_sign' => {
- group.id.to_s => default_sign,
- }
- }
- end
- let(:default_encryption) { true }
- let(:default_sign) { true }
- it_behaves_like 'resolving security field', expected_result: {
- securityDefaultOptions: { 'SMIME' => %w[sign encryption] },
- value: { 'method' => 'SMIME', 'options' => %w[sign encryption] }
- }
- context 'when it has no value' do
- let(:group_defaults) { {} }
- it_behaves_like 'resolving security field', expected_result: {
- securityDefaultOptions: { 'SMIME' => %w[sign encryption] },
- value: { 'method' => 'SMIME', 'options' => %w[sign encryption] },
- }
- end
- context 'when encryption is disabled' do
- let(:default_encryption) { false }
- it_behaves_like 'resolving security field', expected_result: {
- securityDefaultOptions: { 'SMIME' => ['sign'] },
- value: { 'method' => 'SMIME', 'options' => ['sign'] },
- }
- end
- context 'when signing is disabled' do
- let(:default_sign) { false }
- it_behaves_like 'resolving security field', expected_result: {
- securityDefaultOptions: { 'SMIME' => ['encryption'] },
- value: { 'method' => 'SMIME', 'options' => ['encryption'] },
- }
- end
- context 'when both encryption and signing are disabled' do
- let(:default_encryption) { false }
- let(:default_sign) { false }
- it_behaves_like 'resolving security field', expected_result: {
- securityDefaultOptions: { 'SMIME' => [] },
- value: { 'method' => 'SMIME', 'options' => [] },
- }
- end
- end
- end
- end
- end
- end
|