user_test.rb 36 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
  2. require 'test_helper'
  3. class UserTest < ActiveSupport::TestCase
  4. test 'user' do
  5. tests = [
  6. {
  7. name: '#1 - simple create',
  8. create: {
  9. firstname: 'Firstname',
  10. lastname: 'Lastname',
  11. email: 'some@example.com',
  12. login: 'some@example.com',
  13. updated_by_id: 1,
  14. created_by_id: 1,
  15. },
  16. create_verify: {
  17. firstname: 'Firstname',
  18. lastname: 'Lastname',
  19. image: nil,
  20. fullname: 'Firstname Lastname',
  21. email: 'some@example.com',
  22. login: 'some@example.com',
  23. },
  24. },
  25. {
  26. name: '#2 - simple create - no lastname',
  27. create: {
  28. firstname: 'Firstname Lastname',
  29. lastname: '',
  30. email: 'some@example.com',
  31. login: 'some@example.com',
  32. updated_by_id: 1,
  33. created_by_id: 1,
  34. },
  35. create_verify: {
  36. firstname: 'Firstname',
  37. lastname: 'Lastname',
  38. image: nil,
  39. email: 'some@example.com',
  40. login: 'some@example.com',
  41. },
  42. },
  43. {
  44. name: '#3 - simple create - no firstname',
  45. create: {
  46. firstname: '',
  47. lastname: 'Firstname Lastname',
  48. email: 'some@example.com',
  49. login: 'some@example.com',
  50. updated_by_id: 1,
  51. created_by_id: 1,
  52. },
  53. create_verify: {
  54. firstname: 'Firstname',
  55. lastname: 'Lastname',
  56. image: nil,
  57. email: 'some@example.com',
  58. login: 'some@example.com',
  59. },
  60. },
  61. {
  62. name: '#4 - simple create - nil as lastname',
  63. create: {
  64. firstname: 'Firstname Lastname',
  65. lastname: '',
  66. email: 'some@example.com',
  67. login: 'some@example.com',
  68. updated_by_id: 1,
  69. created_by_id: 1,
  70. },
  71. create_verify: {
  72. firstname: 'Firstname',
  73. lastname: 'Lastname',
  74. image: nil,
  75. email: 'some@example.com',
  76. login: 'some@example.com',
  77. },
  78. },
  79. {
  80. name: '#5 - simple create - no lastname, firstname with ","',
  81. create: {
  82. firstname: 'Lastname, Firstname',
  83. lastname: '',
  84. email: 'some@example.com',
  85. login: 'some@example.com',
  86. updated_by_id: 1,
  87. created_by_id: 1,
  88. },
  89. create_verify: {
  90. firstname: 'Firstname',
  91. lastname: 'Lastname',
  92. email: 'some@example.com',
  93. login: 'some@example.com',
  94. },
  95. },
  96. {
  97. name: '#6 - simple create - no lastname/firstname',
  98. create: {
  99. firstname: '',
  100. lastname: '',
  101. email: 'firstname.lastname@example.com',
  102. login: 'login-1',
  103. updated_by_id: 1,
  104. created_by_id: 1,
  105. },
  106. create_verify: {
  107. firstname: 'Firstname',
  108. lastname: 'Lastname',
  109. fullname: 'Firstname Lastname',
  110. email: 'firstname.lastname@example.com',
  111. login: 'login-1',
  112. },
  113. },
  114. {
  115. name: '#7 - simple create - no lastname/firstnam',
  116. create: {
  117. firstname: '',
  118. lastname: '',
  119. email: 'FIRSTNAME.lastname@example.com',
  120. login: 'login-2',
  121. updated_by_id: 1,
  122. created_by_id: 1,
  123. },
  124. create_verify: {
  125. firstname: 'Firstname',
  126. lastname: 'Lastname',
  127. email: 'firstname.lastname@example.com',
  128. login: 'login-2',
  129. },
  130. },
  131. {
  132. name: '#8 - simple create - nill as fristname and lastname',
  133. create: {
  134. firstname: '',
  135. lastname: '',
  136. email: 'FIRSTNAME.lastname@example.com',
  137. login: 'login-3',
  138. updated_by_id: 1,
  139. created_by_id: 1,
  140. },
  141. create_verify: {
  142. firstname: 'Firstname',
  143. lastname: 'Lastname',
  144. email: 'firstname.lastname@example.com',
  145. login: 'login-3',
  146. },
  147. },
  148. {
  149. name: '#11 - update create with login/email check',
  150. create: {
  151. firstname: '',
  152. lastname: '',
  153. email: 'caoyaoewfzfw@21222cn.com',
  154. updated_by_id: 1,
  155. created_by_id: 1,
  156. },
  157. create_verify: {
  158. firstname: '',
  159. lastname: '',
  160. fullname: 'caoyaoewfzfw@21222cn.com',
  161. email: 'caoyaoewfzfw@21222cn.com',
  162. login: 'caoyaoewfzfw@21222cn.com',
  163. },
  164. update: {
  165. email: 'caoyaoewfzfw@212224cn.com',
  166. },
  167. update_verify: {
  168. firstname: '',
  169. lastname: '',
  170. email: 'caoyaoewfzfw@212224cn.com',
  171. fullname: 'caoyaoewfzfw@212224cn.com',
  172. login: 'caoyaoewfzfw@212224cn.com',
  173. }
  174. },
  175. {
  176. name: '#12 - update create with login/email check',
  177. create: {
  178. firstname: 'Firstname',
  179. lastname: 'Lastname',
  180. email: 'some_tEst11@example.com',
  181. updated_by_id: 1,
  182. created_by_id: 1,
  183. },
  184. create_verify: {
  185. firstname: 'Firstname',
  186. lastname: 'Lastname',
  187. fullname: 'Firstname Lastname',
  188. email: 'some_test11@example.com',
  189. },
  190. update: {
  191. email: 'some_Test11-1@example.com',
  192. },
  193. update_verify: {
  194. firstname: 'Firstname',
  195. lastname: 'Lastname',
  196. email: 'some_test11-1@example.com',
  197. fullname: 'Firstname Lastname',
  198. login: 'some_test11-1@example.com',
  199. }
  200. },
  201. ]
  202. default_disable_in_test_env = Service::Image::Zammad.const_get(:DISABLE_IN_TEST_ENV)
  203. silence_warnings do
  204. Service::Image::Zammad.const_set(:DISABLE_IN_TEST_ENV, false)
  205. end
  206. tests.each do |test|
  207. # check if user exists
  208. user = User.find_by(login: test[:create][:login])
  209. user&.destroy!
  210. user = User.create!(test[:create])
  211. test[:create_verify].each do |key, value|
  212. next if key == :image_md5
  213. if user.respond_to?(key)
  214. result = user.send(key)
  215. if value.nil?
  216. assert_nil(result, "create check #{key} in (#{test[:name]})")
  217. else
  218. assert_equal(result, value, "create check #{key} in (#{test[:name]})")
  219. end
  220. else
  221. assert_equal(user[key], value, "create check #{key} in (#{test[:name]})")
  222. end
  223. end
  224. if test[:update]
  225. user.update!(test[:update])
  226. test[:update_verify].each do |key, value|
  227. next if key == :image_md5
  228. if user.respond_to?(key)
  229. assert_equal(user.send(key), value, "update check #{key} in (#{test[:name]})")
  230. else
  231. assert_equal(user[key], value, "update check #{key} in (#{test[:name]})")
  232. end
  233. end
  234. end
  235. user.destroy!
  236. end
  237. silence_warnings do
  238. Service::Image::Zammad.const_set(:DISABLE_IN_TEST_ENV, default_disable_in_test_env)
  239. end
  240. end
  241. test 'strange spaces' do
  242. name = "#{Time.zone.now.to_i}-#{SecureRandom.uuid}"
  243. email = "customer_email#{name}@example.com"
  244. customer = User.create!(
  245. firstname: 'Role',
  246. lastname: "Customer#{name}",
  247. email: " #{email} ",
  248. password: 'customerpw',
  249. active: true,
  250. roles: Role.where(name: %w[Customer]),
  251. updated_by_id: 1,
  252. created_by_id: 1,
  253. )
  254. assert(customer)
  255. assert_equal(email, customer.email)
  256. customer.destroy!
  257. name = "#{Time.zone.now.to_i}-#{SecureRandom.uuid}"
  258. email = "customer_email#{name}@example.com"
  259. customer = User.create!(
  260. firstname: "\u{00a0}\u{00a0}Role",
  261. lastname: "Customer#{name} \u{00a0}",
  262. email: "\u{00a0}#{email}\u{00a0}",
  263. password: 'customerpw',
  264. active: true,
  265. roles: Role.where(name: %w[Customer]),
  266. updated_by_id: 1,
  267. created_by_id: 1,
  268. )
  269. assert(customer)
  270. assert_equal('Role', customer.firstname)
  271. assert_equal("Customer#{name}", customer.lastname)
  272. assert_equal(email, customer.email)
  273. customer.destroy!
  274. name = "#{Time.zone.now.to_i}-#{SecureRandom.uuid}"
  275. email = "customer_email#{name}@example.com"
  276. customer = User.create!(
  277. firstname: "\u{200B}\u{200B}Role",
  278. lastname: "Customer#{name} \u{200B}",
  279. email: "\u{200B}#{email}\u{200B}",
  280. password: 'customerpw',
  281. active: true,
  282. roles: Role.where(name: %w[Customer]),
  283. updated_by_id: 1,
  284. created_by_id: 1,
  285. )
  286. assert(customer)
  287. assert_equal('Role', customer.firstname)
  288. assert_equal("Customer#{name}", customer.lastname)
  289. assert_equal(email, customer.email)
  290. customer.destroy!
  291. name = "#{Time.zone.now.to_i}-#{SecureRandom.uuid}"
  292. email = "customer_email#{name}@example.com"
  293. customer = User.create!(
  294. firstname: "\u{200B}\u{200B}Role\u{00a0}",
  295. lastname: "\u{00a0}\u{00a0}Customer#{name} \u{200B}",
  296. email: "\u{200B}#{email}\u{200B}",
  297. password: 'customerpw',
  298. active: true,
  299. roles: Role.where(name: %w[Customer]),
  300. updated_by_id: 1,
  301. created_by_id: 1,
  302. )
  303. assert(customer)
  304. assert_equal('Role', customer.firstname)
  305. assert_equal("Customer#{name}", customer.lastname)
  306. assert_equal(email, customer.email)
  307. customer.destroy!
  308. name = "#{Time.zone.now.to_i}-#{SecureRandom.uuid}"
  309. email = "customer_email#{name}@example.com"
  310. customer = User.create!(
  311. firstname: "\u{200a}\u{200b}\u{202F}\u{205F}Role\u{2007}\u{2008}",
  312. lastname: "\u{00a0}\u{00a0}Customer#{name}\u{3000}\u{FEFF}\u{2000}",
  313. email: "\u{200B}#{email}\u{200B}\u{2007}\u{2008}",
  314. password: 'customerpw',
  315. active: true,
  316. roles: Role.where(name: %w[Customer]),
  317. updated_by_id: 1,
  318. created_by_id: 1,
  319. )
  320. assert(customer)
  321. assert_equal('Role', customer.firstname)
  322. assert_equal("Customer#{name}", customer.lastname)
  323. assert_equal(email, customer.email)
  324. customer.destroy!
  325. end
  326. test 'without email - but login eq email' do
  327. name = SecureRandom.uuid
  328. login = "admin-role_without_email#{name}@example.com"
  329. email = "admin-role_without_email#{name}@example.com"
  330. admin = User.create_or_update(
  331. login: login,
  332. firstname: 'Role',
  333. lastname: "Admin#{name}",
  334. # email: "",
  335. password: 'adminpw',
  336. active: true,
  337. roles: Role.where(name: %w[Admin Agent]),
  338. updated_by_id: 1,
  339. created_by_id: 1,
  340. )
  341. assert(admin.id)
  342. assert_equal(admin.login, login)
  343. assert_equal(admin.email, '')
  344. admin.email = email
  345. admin.save!
  346. assert_equal(admin.login, login)
  347. assert_equal(admin.email, email)
  348. admin.email = ''
  349. admin.save!
  350. assert(admin.id)
  351. assert(admin.login)
  352. assert_not_equal(admin.login, login)
  353. assert_equal(admin.email, '')
  354. admin.destroy!
  355. end
  356. test 'without email - but login ne email' do
  357. name = SecureRandom.uuid
  358. login = "admin-role_without_email#{name}"
  359. email = "admin-role_without_email#{name}@example.com"
  360. admin = User.create_or_update(
  361. login: login,
  362. firstname: 'Role',
  363. lastname: "Admin#{name}",
  364. # email: "",
  365. password: 'adminpw',
  366. active: true,
  367. roles: Role.where(name: %w[Admin Agent]),
  368. updated_by_id: 1,
  369. created_by_id: 1,
  370. )
  371. assert(admin.id)
  372. assert_equal(admin.login, login)
  373. assert_equal(admin.email, '')
  374. admin.email = email
  375. admin.save!
  376. assert_equal(admin.login, login)
  377. assert_equal(admin.email, email)
  378. admin.email = ''
  379. admin.save!
  380. assert(admin.id)
  381. assert_equal(admin.login, login)
  382. assert_equal(admin.email, '')
  383. admin.destroy!
  384. end
  385. test 'uniq email' do
  386. name = SecureRandom.uuid
  387. email1 = "admin1-role_without_email#{name}@example.com"
  388. admin1 = User.create!(
  389. login: email1,
  390. firstname: 'Role',
  391. lastname: "Admin1#{name}",
  392. email: email1,
  393. password: 'adminpw',
  394. active: true,
  395. roles: Role.where(name: %w[Admin Agent]),
  396. updated_by_id: 1,
  397. created_by_id: 1,
  398. )
  399. assert(admin1.id)
  400. assert_equal(admin1.email, email1)
  401. assert_raises(ActiveRecord::RecordInvalid) do
  402. User.create!(
  403. login: "#{email1}-1",
  404. firstname: 'Role',
  405. lastname: "Admin1#{name}",
  406. email: email1,
  407. password: 'adminpw',
  408. active: true,
  409. roles: Role.where(name: %w[Admin Agent]),
  410. updated_by_id: 1,
  411. created_by_id: 1,
  412. )
  413. end
  414. email2 = "admin2-role_without_email#{name}@example.com"
  415. admin2 = User.create!(
  416. firstname: 'Role',
  417. lastname: "Admin2#{name}",
  418. email: email2,
  419. password: 'adminpw',
  420. active: true,
  421. roles: Role.where(name: %w[Admin Agent]),
  422. updated_by_id: 1,
  423. created_by_id: 1,
  424. )
  425. assert_raises(ActiveRecord::RecordInvalid) do
  426. admin2.email = email1
  427. admin2.save!
  428. end
  429. admin2.destroy!
  430. admin1.destroy!
  431. end
  432. test 'uniq email - multiple use' do
  433. Setting.set('user_email_multiple_use', true)
  434. name = SecureRandom.uuid
  435. email1 = "admin1-role_without_email#{name}@example.com"
  436. admin1 = User.create!(
  437. login: email1,
  438. firstname: 'Role',
  439. lastname: "Admin1#{name}",
  440. email: email1,
  441. password: 'adminpw',
  442. active: true,
  443. roles: Role.where(name: %w[Admin Agent]),
  444. updated_by_id: 1,
  445. created_by_id: 1,
  446. )
  447. assert(admin1.id)
  448. assert_equal(admin1.email, email1)
  449. admin2 = User.create!(
  450. login: "#{email1}-1",
  451. firstname: 'Role',
  452. lastname: "Admin1#{name}",
  453. email: email1,
  454. password: 'adminpw',
  455. active: true,
  456. roles: Role.where(name: %w[Admin Agent]),
  457. updated_by_id: 1,
  458. created_by_id: 1,
  459. )
  460. assert_equal(admin2.email, email1)
  461. admin2.destroy!
  462. admin1.destroy!
  463. Setting.set('user_email_multiple_use', false)
  464. end
  465. test 'ensure roles' do
  466. name = SecureRandom.uuid
  467. admin = User.create_or_update(
  468. login: "admin-role#{name}@example.com",
  469. firstname: 'Role',
  470. lastname: "Admin#{name}",
  471. email: "admin-role#{name}@example.com",
  472. password: 'adminpw',
  473. active: true,
  474. roles: Role.where(name: %w[Admin Agent]),
  475. updated_by_id: 1,
  476. created_by_id: 1,
  477. )
  478. customer1 = User.create_or_update(
  479. login: "user-ensure-role1-#{name}@example.com",
  480. firstname: 'Role',
  481. lastname: "Customer#{name}",
  482. email: "user-ensure-role1-#{name}@example.com",
  483. password: 'customerpw',
  484. active: true,
  485. updated_by_id: 1,
  486. created_by_id: 1,
  487. )
  488. assert_equal(customer1.role_ids.sort, Role.signup_role_ids)
  489. roles = Role.where(name: 'Agent')
  490. customer1.roles = roles
  491. customer1.save!
  492. assert_equal(customer1.role_ids.count, 1)
  493. assert_equal(customer1.role_ids.first, roles.first.id)
  494. assert_equal(customer1.roles.first.id, roles.first.id)
  495. customer1.roles = []
  496. customer1.save!
  497. assert_equal(customer1.role_ids.sort, Role.signup_role_ids)
  498. customer1.destroy!
  499. customer2 = User.create_or_update(
  500. login: "user-ensure-role2-#{name}@example.com",
  501. firstname: 'Role',
  502. lastname: "Customer#{name}",
  503. email: "user-ensure-role2-#{name}@example.com",
  504. password: 'customerpw',
  505. roles: roles,
  506. active: true,
  507. updated_by_id: 1,
  508. created_by_id: 1,
  509. )
  510. assert_equal(customer2.role_ids.count, 1)
  511. assert_equal(customer2.role_ids.first, roles.first.id)
  512. assert_equal(customer2.roles.first.id, roles.first.id)
  513. roles = Role.where(name: 'Admin')
  514. customer2.role_ids = [roles.first.id]
  515. customer2.save!
  516. assert_equal(customer2.role_ids.count, 1)
  517. assert_equal(customer2.role_ids.first, roles.first.id)
  518. assert_equal(customer2.roles.first.id, roles.first.id)
  519. customer2.roles = []
  520. customer2.save!
  521. assert_equal(customer2.role_ids.sort, Role.signup_role_ids)
  522. customer2.destroy!
  523. customer3 = User.create_or_update(
  524. login: "user-ensure-role2-#{name}@example.com",
  525. firstname: 'Role',
  526. lastname: "Customer#{name}",
  527. email: "user-ensure-role2-#{name}@example.com",
  528. password: 'customerpw',
  529. roles: roles,
  530. active: true,
  531. updated_by_id: 1,
  532. created_by_id: 1,
  533. )
  534. customer3.roles = Role.where(name: %w[Admin Agent])
  535. customer3.roles.each do |role|
  536. assert_not_equal(role.name, 'Customer')
  537. end
  538. customer3.roles = Role.where(name: 'Admin')
  539. customer3.roles.each do |role|
  540. assert_not_equal(role.name, 'Customer')
  541. end
  542. customer3.roles = Role.where(name: 'Agent')
  543. customer3.roles.each do |role|
  544. assert_not_equal(role.name, 'Customer')
  545. end
  546. customer3.destroy!
  547. admin.destroy!
  548. end
  549. test 'permission' do
  550. test_role_1 = Role.create_or_update(
  551. name: 'Test1',
  552. note: 'To configure your system.',
  553. preferences: {
  554. not: ['Test3'],
  555. },
  556. updated_by_id: 1,
  557. created_by_id: 1
  558. )
  559. test_role_2 = Role.create_or_update(
  560. name: 'Test2',
  561. note: 'To work on Tickets.',
  562. preferences: {
  563. not: ['Test3'],
  564. },
  565. updated_by_id: 1,
  566. created_by_id: 1
  567. )
  568. test_role_3 = Role.create_or_update(
  569. name: 'Test3',
  570. note: 'People who create Tickets ask for help.',
  571. preferences: {
  572. not: %w[Test1 Test2],
  573. },
  574. updated_by_id: 1,
  575. created_by_id: 1
  576. )
  577. test_role_4 = Role.create_or_update(
  578. name: 'Test4',
  579. note: 'Access the report area.',
  580. preferences: {},
  581. created_by_id: 1,
  582. updated_by_id: 1,
  583. )
  584. name = SecureRandom.uuid
  585. assert_raises(RuntimeError) do
  586. User.create_or_update(
  587. login: "customer-role#{name}@example.com",
  588. firstname: 'Role',
  589. lastname: "Customer#{name}",
  590. email: "customer-role#{name}@example.com",
  591. password: 'customerpw',
  592. active: true,
  593. roles: [test_role_1, test_role_3],
  594. updated_by_id: 1,
  595. created_by_id: 1,
  596. )
  597. end
  598. assert_raises(RuntimeError) do
  599. User.create_or_update(
  600. login: "customer-role#{name}@example.com",
  601. firstname: 'Role',
  602. lastname: "Customer#{name}",
  603. email: "customer-role#{name}@example.com",
  604. password: 'customerpw',
  605. active: true,
  606. roles: [test_role_2, test_role_3],
  607. updated_by_id: 1,
  608. created_by_id: 1,
  609. )
  610. end
  611. user1 = User.create_or_update(
  612. login: "customer-role#{name}@example.com",
  613. firstname: 'Role',
  614. lastname: "Customer#{name}",
  615. email: "customer-role#{name}@example.com",
  616. password: 'customerpw',
  617. active: true,
  618. roles: [test_role_1, test_role_2],
  619. updated_by_id: 1,
  620. created_by_id: 1,
  621. )
  622. assert(user1.role_ids.include?(test_role_1.id))
  623. assert(user1.role_ids.include?(test_role_2.id))
  624. assert_not(user1.role_ids.include?(test_role_3.id))
  625. assert_not(user1.role_ids.include?(test_role_4.id))
  626. user1 = User.create_or_update(
  627. login: "customer-role#{name}@example.com",
  628. firstname: 'Role',
  629. lastname: "Customer#{name}",
  630. email: "customer-role#{name}@example.com",
  631. password: 'customerpw',
  632. active: true,
  633. roles: [test_role_1, test_role_4],
  634. updated_by_id: 1,
  635. created_by_id: 1,
  636. )
  637. assert(user1.role_ids.include?(test_role_1.id))
  638. assert_not(user1.role_ids.include?(test_role_2.id))
  639. assert_not(user1.role_ids.include?(test_role_3.id))
  640. assert(user1.role_ids.include?(test_role_4.id))
  641. assert_raises(RuntimeError) do
  642. User.create_or_update(
  643. login: "customer-role#{name}@example.com",
  644. firstname: 'Role',
  645. lastname: "Customer#{name}",
  646. email: "customer-role#{name}@example.com",
  647. password: 'customerpw',
  648. active: true,
  649. roles: [test_role_1, test_role_3],
  650. updated_by_id: 1,
  651. created_by_id: 1,
  652. )
  653. end
  654. assert_raises(RuntimeError) do
  655. User.create_or_update(
  656. login: "customer-role#{name}@example.com",
  657. firstname: 'Role',
  658. lastname: "Customer#{name}",
  659. email: "customer-role#{name}@example.com",
  660. password: 'customerpw',
  661. active: true,
  662. roles: [test_role_2, test_role_3],
  663. updated_by_id: 1,
  664. created_by_id: 1,
  665. )
  666. end
  667. assert(user1.role_ids.include?(test_role_1.id))
  668. assert_not(user1.role_ids.include?(test_role_2.id))
  669. assert_not(user1.role_ids.include?(test_role_3.id))
  670. assert(user1.role_ids.include?(test_role_4.id))
  671. end
  672. test 'permission default' do
  673. name = SecureRandom.uuid
  674. admin_count = User.with_permissions('admin').count
  675. admin = User.create_or_update(
  676. login: "admin-role#{name}@example.com",
  677. firstname: 'Role',
  678. lastname: "Admin#{name}",
  679. email: "admin-role#{name}@example.com",
  680. password: 'adminpw',
  681. active: true,
  682. roles: Role.where(name: %w[Admin Agent]),
  683. updated_by_id: 1,
  684. created_by_id: 1,
  685. )
  686. agent_count = User.with_permissions('ticket.agent').count
  687. agent = User.create_or_update(
  688. login: "agent-role#{name}@example.com",
  689. firstname: 'Role',
  690. lastname: "Agent#{name}",
  691. email: "agent-role#{name}@example.com",
  692. password: 'agentpw',
  693. active: true,
  694. roles: Role.where(name: 'Agent'),
  695. updated_by_id: 1,
  696. created_by_id: 1,
  697. )
  698. customer_count = User.with_permissions('ticket.customer').count
  699. customer = User.create_or_update(
  700. login: "customer-role#{name}@example.com",
  701. firstname: 'Role',
  702. lastname: "Customer#{name}",
  703. email: "customer-role#{name}@example.com",
  704. password: 'customerpw',
  705. active: true,
  706. roles: Role.where(name: 'Customer'),
  707. updated_by_id: 1,
  708. created_by_id: 1,
  709. )
  710. users = User.with_permissions('not_existing')
  711. assert(users.blank?)
  712. users = User.with_permissions('admin')
  713. assert_equal(admin_count + 1, users.count)
  714. assert_equal(admin.login, users.last.login)
  715. users = User.with_permissions('admin.session')
  716. assert_equal(admin_count + 1, users.count)
  717. assert_equal(admin.login, users.last.login)
  718. users = User.with_permissions(['admin.session', 'not_existing'])
  719. assert_equal(admin_count + 1, users.count)
  720. assert_equal(admin.login, users.last.login)
  721. users = User.with_permissions('ticket.agent')
  722. assert_equal(agent_count + 1, users.count)
  723. assert_equal(agent.login, users.last.login)
  724. users = User.with_permissions(['ticket.agent', 'not_existing'])
  725. assert_equal(agent_count + 1, users.count)
  726. assert_equal(agent.login, users.last.login)
  727. users = User.with_permissions('ticket.customer')
  728. assert_equal(customer_count + 1, users.count)
  729. assert_equal(customer.login, users.last.login)
  730. users = User.with_permissions(['ticket.customer', 'not_existing'])
  731. assert_equal(customer_count + 1, users.count)
  732. assert_equal(customer.login, users.last.login)
  733. end
  734. test 'min admin permission check' do
  735. # delete inital admin
  736. User.find_by(login: 'admin@example.com').destroy
  737. # store current admin count
  738. admin_count_inital = User.with_permissions('admin').count
  739. assert_equal(0, admin_count_inital)
  740. # create two admin users
  741. random = SecureRandom.uuid
  742. admin1 = User.create_or_update(
  743. login: "1admin-role#{random}@example.com",
  744. firstname: 'Role',
  745. lastname: "Admin#{random}",
  746. email: "admin-role#{random}@example.com",
  747. password: 'adminpw',
  748. active: true,
  749. roles: Role.where(name: %w[Admin Agent]),
  750. updated_by_id: 1,
  751. created_by_id: 1,
  752. )
  753. random = SecureRandom.uuid
  754. admin2 = User.create_or_update(
  755. login: "2admin-role#{random}@example.com",
  756. firstname: 'Role',
  757. lastname: "Admin#{random}",
  758. email: "admin-role#{random}@example.com",
  759. password: 'adminpw',
  760. active: true,
  761. roles: Role.where(name: %w[Admin Agent]),
  762. updated_by_id: 1,
  763. created_by_id: 1,
  764. )
  765. random = SecureRandom.uuid
  766. admin3 = User.create_or_update(
  767. login: "2admin-role#{random}@example.com",
  768. firstname: 'Role',
  769. lastname: "Admin#{random}",
  770. email: "admin-role#{random}@example.com",
  771. password: 'adminpw',
  772. active: true,
  773. roles: Role.where(name: %w[Admin Agent]),
  774. updated_by_id: 1,
  775. created_by_id: 1,
  776. )
  777. admin_count_inital = User.with_permissions('admin').count
  778. assert_equal(3, admin_count_inital)
  779. admin1.update!(roles: Role.where(name: %w[Agent]))
  780. admin_count_inital = User.with_permissions('admin').count
  781. assert_equal(2, admin_count_inital)
  782. admin2.update!(roles: Role.where(name: %w[Agent]))
  783. admin_count_inital = User.with_permissions('admin').count
  784. assert_equal(1, admin_count_inital)
  785. assert_raises(Exceptions::UnprocessableEntity) do
  786. admin3.update!(roles: Role.where(name: %w[Agent]))
  787. end
  788. admin_count_inital = User.with_permissions('admin').count
  789. assert_equal(1, admin_count_inital)
  790. assert_raises(Exceptions::UnprocessableEntity) do
  791. admin3.active = false
  792. admin3.save!
  793. end
  794. assert_equal(1, User.with_permissions('admin').count)
  795. admin_role = Role.find_by(name: 'Admin')
  796. assert_raises(Exceptions::UnprocessableEntity) do
  797. admin_role.active = false
  798. admin_role.save!
  799. end
  800. assert_raises(Exceptions::UnprocessableEntity) do
  801. admin_role.permission_revoke('admin')
  802. end
  803. assert_equal(1, User.with_permissions('admin').count)
  804. end
  805. test 'only valid agent in group permission check' do
  806. name = SecureRandom.uuid
  807. group = Group.create!(
  808. name: "ValidAgentGroupPermission-#{name}",
  809. active: true,
  810. updated_by_id: 1,
  811. created_by_id: 1,
  812. )
  813. roles = Role.where(name: 'Agent')
  814. User.create_or_update(
  815. login: "valid_agent_permission-1#{name}@example.com",
  816. firstname: 'valid_agent_group_permission-1',
  817. lastname: "Agent#{name}",
  818. email: "valid_agent_permission-1#{name}@example.com",
  819. password: 'agentpw',
  820. active: true,
  821. roles: roles,
  822. groups: [group],
  823. updated_by_id: 1,
  824. created_by_id: 1,
  825. )
  826. agent2 = User.create_or_update(
  827. login: "valid_agent_permission-2#{name}@example.com",
  828. firstname: 'valid_agent_group_permission-2',
  829. lastname: "Agent#{name}",
  830. email: "valid_agent_permission-2#{name}@example.com",
  831. password: 'agentpw',
  832. active: true,
  833. roles: roles,
  834. groups: [group],
  835. updated_by_id: 1,
  836. created_by_id: 1,
  837. )
  838. assert_equal(2, User.group_access(group.id, 'full').count)
  839. agent2.active = false
  840. agent2.save!
  841. assert_equal(1, User.group_access(group.id, 'full').count)
  842. agent2.active = true
  843. agent2.save!
  844. assert_equal(2, User.group_access(group.id, 'full').count)
  845. roles = Role.where(name: 'Customer')
  846. agent2.roles = roles
  847. agent2.save!
  848. assert_equal(1, User.group_access(group.id, 'full').count)
  849. end
  850. test 'preferences[:notification_sound][:enabled] value check' do
  851. name = SecureRandom.uuid
  852. roles = Role.where(name: 'Agent')
  853. agent1 = User.create!(
  854. login: "agent-default-preferences-1#{name}@example.com",
  855. firstname: 'valid_agent_group_permission-1',
  856. lastname: "Agent#{name}",
  857. email: "agent-default-preferences-1#{name}@example.com",
  858. password: 'agentpw',
  859. active: true,
  860. roles: roles,
  861. preferences: {
  862. notification_sound: {
  863. enabled: true,
  864. }
  865. },
  866. updated_by_id: 1,
  867. created_by_id: 1,
  868. )
  869. assert_equal(true, agent1.preferences[:notification_sound][:enabled])
  870. agent2 = User.create!(
  871. login: "agent-default-preferences-2#{name}@example.com",
  872. firstname: 'valid_agent_group_permission-2',
  873. lastname: "Agent#{name}",
  874. email: "agent-default-preferences-2#{name}@example.com",
  875. password: 'agentpw',
  876. active: true,
  877. roles: roles,
  878. preferences: {
  879. notification_sound: {
  880. enabled: false,
  881. }
  882. },
  883. updated_by_id: 1,
  884. created_by_id: 1,
  885. )
  886. assert_equal(false, agent2.preferences[:notification_sound][:enabled])
  887. agent3 = User.create!(
  888. login: "agent-default-preferences-3#{name}@example.com",
  889. firstname: 'valid_agent_group_permission-3',
  890. lastname: "Agent#{name}",
  891. email: "agent-default-preferences-3#{name}@example.com",
  892. password: 'agentpw',
  893. active: true,
  894. roles: roles,
  895. preferences: {
  896. notification_sound: {
  897. enabled: true,
  898. }
  899. },
  900. updated_by_id: 1,
  901. created_by_id: 1,
  902. )
  903. assert_equal(true, agent3.preferences[:notification_sound][:enabled])
  904. agent3.preferences[:notification_sound][:enabled] = 'false'
  905. agent3.save!
  906. agent3.reload
  907. assert_equal(false, agent3.preferences[:notification_sound][:enabled])
  908. agent4 = User.create!(
  909. login: "agent-default-preferences-4#{name}@example.com",
  910. firstname: 'valid_agent_group_permission-4',
  911. lastname: "Agent#{name}",
  912. email: "agent-default-preferences-4#{name}@example.com",
  913. password: 'agentpw',
  914. active: true,
  915. roles: roles,
  916. preferences: {
  917. notification_sound: {
  918. enabled: false,
  919. }
  920. },
  921. updated_by_id: 1,
  922. created_by_id: 1,
  923. )
  924. assert_equal(false, agent4.preferences[:notification_sound][:enabled])
  925. agent4.preferences[:notification_sound][:enabled] = 'true'
  926. agent4.save!
  927. agent4.reload
  928. assert_equal(true, agent4.preferences[:notification_sound][:enabled])
  929. agent4.preferences[:notification_sound][:enabled] = 'invalid'
  930. assert_raises(Exceptions::UnprocessableEntity) do
  931. agent4.save!
  932. end
  933. assert_raises(Exceptions::UnprocessableEntity) do
  934. User.create!(
  935. login: "agent-default-preferences-5#{name}@example.com",
  936. firstname: 'valid_agent_group_permission-5',
  937. lastname: "Agent#{name}",
  938. email: "agent-default-preferences-5#{name}@example.com",
  939. password: 'agentpw',
  940. active: true,
  941. roles: roles,
  942. preferences: {
  943. notification_sound: {
  944. enabled: 'invalid string',
  945. }
  946. },
  947. updated_by_id: 1,
  948. created_by_id: 1,
  949. )
  950. end
  951. end
  952. test 'cleanup references on destroy' do
  953. agent1 = User.create!(
  954. login: "agent-cleanup_check-1#{name}@example.com",
  955. firstname: 'valid_agent_group_permission-1',
  956. lastname: "Agent#{name}",
  957. email: "agent-cleanup_check-1#{name}@example.com",
  958. password: 'agentpw',
  959. active: true,
  960. roles: Role.where(name: 'Agent'),
  961. groups: Group.all,
  962. updated_by_id: 1,
  963. created_by_id: 1,
  964. )
  965. agent1_id = agent1.id
  966. assert_equal(1, Avatar.list('User', agent1_id).count)
  967. UserDevice.add(
  968. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
  969. '91.115.248.231',
  970. agent1_id,
  971. 'fingerprint1234',
  972. 'session',
  973. )
  974. assert_equal(1, UserDevice.where(user_id: agent1_id).count)
  975. OnlineNotification.add(
  976. type: 'Assigned to you',
  977. object: 'Ticket',
  978. o_id: 1,
  979. seen: false,
  980. user_id: agent1_id,
  981. created_by_id: 1,
  982. updated_by_id: 1,
  983. created_at: Time.zone.now,
  984. updated_at: Time.zone.now,
  985. )
  986. assert_equal(1, OnlineNotification.where(user_id: agent1_id).count)
  987. Authorization.create!(
  988. user: agent1,
  989. uid: '123',
  990. username: '123',
  991. provider: 'some',
  992. token: 'token',
  993. secret: 'secret',
  994. )
  995. assert_equal(1, Authorization.where(user_id: agent1_id).count)
  996. Cti::CallerId.maybe_add(
  997. caller_id: '49123456789',
  998. comment: 'Hairdresser Bob Smith, San Francisco', # optional
  999. level: 'maybe', # known|maybe
  1000. user_id: agent1_id, # optional
  1001. object: 'Ticket',
  1002. o_id: 1,
  1003. )
  1004. assert_equal(1, Cti::CallerId.where(user_id: agent1_id).count)
  1005. Taskbar.create!(
  1006. key: 'Ticket-1',
  1007. callback: 'TicketZoom',
  1008. params: {
  1009. id: 1,
  1010. },
  1011. state: {},
  1012. user_id: agent1_id,
  1013. prio: 1,
  1014. notify: false,
  1015. )
  1016. assert_equal(1, Taskbar.where(user_id: agent1_id).count)
  1017. ticket1 = Ticket.create!(
  1018. title: 'test 1234-1',
  1019. group: Group.lookup(name: 'Users'),
  1020. customer_id: 2,
  1021. owner_id: 2,
  1022. updated_by_id: 1,
  1023. created_by_id: 1,
  1024. )
  1025. RecentView.log(ticket1.class.to_s, ticket1.id, agent1)
  1026. assert_equal(1, RecentView.where(created_by_id: agent1_id).count)
  1027. Token.create!(action: 'api', user_id: agent1_id)
  1028. StatsStore.create(
  1029. stats_storable: agent1,
  1030. key: 'some_key',
  1031. data: { A: 1, B: 2 },
  1032. created_at: Time.zone.now,
  1033. created_by_id: 1,
  1034. )
  1035. item = StatsStore.find_by(
  1036. stats_storable: agent1,
  1037. key: 'some_key',
  1038. )
  1039. assert(item)
  1040. agent1.destroy!
  1041. assert_equal(0, UserDevice.where(user_id: agent1_id).count)
  1042. assert_equal(0, Avatar.list('User', agent1_id, false).count)
  1043. assert_equal(0, OnlineNotification.where(user_id: agent1_id).count)
  1044. assert_equal(0, Authorization.where(user_id: agent1_id).count)
  1045. assert_equal(0, Cti::CallerId.where(user_id: agent1_id).count)
  1046. assert_equal(0, Taskbar.where(user_id: agent1_id).count)
  1047. assert_equal(0, RecentView.where(created_by_id: agent1_id).count)
  1048. assert_equal(0, Token.where(user_id: agent1_id).count)
  1049. assert_equal(0, Token.where(user_id: agent1_id).count)
  1050. item = StatsStore.find_by(
  1051. stats_storable: agent1,
  1052. key: 'some_key',
  1053. )
  1054. assert_nil(item)
  1055. end
  1056. test 'adding group drops cache' do
  1057. agent1 = User.create!(
  1058. login: "agent-cleanup_check-1#{name}@example.com",
  1059. firstname: 'valid_agent_group_permission-1',
  1060. lastname: "Agent#{name}",
  1061. email: "agent-cleanup_check-1#{name}@example.com",
  1062. password: 'agentpw',
  1063. active: true,
  1064. roles: Role.where(name: 'Agent'),
  1065. groups: Group.all,
  1066. updated_by_id: 1,
  1067. created_by_id: 1,
  1068. )
  1069. group1 = Group.create_or_update(
  1070. name: "GroupWithoutPermission-#{SecureRandom.uuid}",
  1071. active: true,
  1072. updated_by_id: 1,
  1073. created_by_id: 1,
  1074. )
  1075. differences = %w[
  1076. group1.attributes_with_association_ids['user_ids'].count
  1077. agent1.attributes_with_association_ids['group_ids'].keys.count
  1078. ]
  1079. assert_difference differences, 1 do
  1080. agent1.groups << group1
  1081. end
  1082. end
  1083. end