data_privacy_task_spec.rb 3.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687
  1. # Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe DataPrivacyTask, type: :model do
  4. describe '.perform' do
  5. let(:organization) { create(:organization, name: 'test') }
  6. let!(:admin) { create(:admin) }
  7. let(:user) { create(:customer, organization: organization) }
  8. it 'blocks other objects than user objects' do
  9. expect { create(:data_privacy_task, deletable: create(:chat)) }.to raise_error(ActiveRecord::RecordInvalid, 'Validation failed: Deletable is not a User')
  10. end
  11. it 'blocks the multiple deletion tasks for the same user' do
  12. create(:data_privacy_task, deletable: user)
  13. expect { create(:data_privacy_task, deletable: user) }.to raise_error(ActiveRecord::RecordInvalid, 'Validation failed: Deletable has an existing DataPrivacyTask queued')
  14. end
  15. it 'blocks deletion task for user id 1' do
  16. expect { create(:data_privacy_task, deletable: User.find(1)) }.to raise_error(ActiveRecord::RecordInvalid, 'Validation failed: Deletable is undeletable system User with ID 1')
  17. end
  18. it 'blocks deletion task for yourself' do
  19. UserInfo.current_user_id = user.id
  20. expect { create(:data_privacy_task, deletable: user) }.to raise_error(ActiveRecord::RecordInvalid, 'Validation failed: Deletable is your current account')
  21. end
  22. it 'blocks deletion task for last admin' do
  23. expect { create(:data_privacy_task, deletable: admin) }.to raise_error(ActiveRecord::RecordInvalid, 'Validation failed: Deletable is last account with admin permissions')
  24. end
  25. it 'allows deletion task for last two admins' do
  26. create(:admin)
  27. admin = create(:admin)
  28. expect(create(:data_privacy_task, deletable: admin)).to be_truthy
  29. end
  30. it 'sets no error message when user is already deleted' do
  31. task = create(:data_privacy_task, deletable: user)
  32. user.destroy
  33. task.perform
  34. expect(task.reload.state).to eq('completed')
  35. end
  36. end
  37. describe '#prepare_deletion_preview' do
  38. let(:organization) { create(:organization, name: 'Zammad GmbH') }
  39. let(:user) { create(:customer, firstname: 'Nicole', lastname: 'Braun', organization: organization, email: 'secret@example.com') }
  40. let(:task) { create(:data_privacy_task, deletable: user) }
  41. context 'when storing user data' do
  42. let(:pseudonymous_data) do
  43. {
  44. 'firstname' => 'N*e',
  45. 'lastname' => 'B*n',
  46. 'email' => 's*t@e*e.com',
  47. 'organization' => 'Z*d G*H',
  48. }
  49. end
  50. it 'creates pseudonymous representation' do
  51. expect(task[:preferences][:user]).to eq(pseudonymous_data)
  52. end
  53. end
  54. context 'when User is owner of Tickets' do
  55. let!(:owner_tickets) { create_list(:ticket, 3, owner: user) }
  56. it 'stores the numbers' do
  57. expect(task[:preferences][:owner_tickets]).to eq(owner_tickets.reverse.map(&:number))
  58. end
  59. end
  60. context 'when User is customer of Tickets' do
  61. let!(:customer_tickets) { create_list(:ticket, 3, customer: user) }
  62. it 'stores the numbers' do
  63. expect(task[:preferences][:customer_tickets]).to eq(customer_tickets.reverse.map(&:number))
  64. end
  65. end
  66. end
  67. end