object_spec.rb 3.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe ObjectManager::Object do
  4. describe 'attribute permissions', db_strategy: :reset do
  5. let(:user) { create(:user, roles: [role_attribute_permissions]) }
  6. let(:skip_permission) { false }
  7. let(:attribute) { described_class.new('Ticket').attributes(user, skip_permission: skip_permission).detect { |attribute| attribute[:name] == attribute_name } }
  8. let(:role_attribute_permissions) do
  9. create(:role).tap do |role|
  10. role.permission_grant('admin.organization')
  11. role.permission_grant('ticket.agent')
  12. end
  13. end
  14. let(:attribute_name) { 'example_attribute' }
  15. before do
  16. create(:object_manager_attribute_text, name: attribute_name, screens: screens)
  17. ObjectManager::Attribute.migration_execute
  18. end
  19. context 'when true and false values for show exist' do
  20. let(:screens) do
  21. {
  22. create: {
  23. 'admin.organization': {
  24. shown: true
  25. },
  26. 'ticket.agent': {
  27. shown: false
  28. }
  29. }
  30. }
  31. end
  32. it 'uses true' do
  33. expect(attribute[:screen]['create']['shown']).to be true
  34. end
  35. context 'with skip_permission: true' do
  36. let(:skip_permission) { true }
  37. it 'uses true' do
  38. expect(attribute[:screen]['create']['shown']).to be true
  39. end
  40. end
  41. end
  42. context 'when -all- is present' do
  43. let(:screens) do
  44. {
  45. create: {
  46. '-all-': {
  47. shown: true
  48. },
  49. 'admin.organization': {
  50. shown: false
  51. },
  52. 'ticket.agent': {
  53. shown: false
  54. }
  55. }
  56. }
  57. end
  58. it 'takes its values into account' do
  59. expect(attribute[:screen]['create']['shown']).to be true
  60. end
  61. context 'with skip_permission: true' do
  62. let(:skip_permission) { true }
  63. it 'takes its values into account' do
  64. expect(attribute[:screen]['create']['shown']).to be true
  65. end
  66. end
  67. end
  68. context 'when non boolean values are present' do
  69. let(:screens) do
  70. {
  71. create: {
  72. '-all-': {
  73. shown: true,
  74. item_class: 'column'
  75. },
  76. 'admin.organization': {
  77. shown: false
  78. },
  79. 'ticket.agent': {
  80. shown: false
  81. }
  82. }
  83. }
  84. end
  85. it 'takes these values into account' do
  86. expect(attribute[:screen]['create']['item_class']).to eq('column')
  87. end
  88. context 'with skip_permission: true' do
  89. let(:skip_permission) { true }
  90. it 'takes these values into account' do
  91. expect(attribute[:screen]['create']['item_class']).to eq('column')
  92. end
  93. end
  94. end
  95. context 'when agent is also customer' do
  96. let(:user) { create(:agent_and_customer) }
  97. let(:screens) do
  98. {
  99. create: {
  100. 'ticket.customer': {
  101. filter: [2, 4]
  102. },
  103. 'ticket.agent': {
  104. filter: [3, 5]
  105. }
  106. }
  107. }
  108. end
  109. it 'prefers agent over customer permissions' do
  110. expect(attribute[:screen]['create']['filter']).to eq([3, 5])
  111. end
  112. context 'with skip_permission: true' do
  113. let(:skip_permission) { true }
  114. it 'prefers agent over customer permissions' do
  115. expect(attribute[:screen]['create']['filter']).to eq([3, 5])
  116. end
  117. end
  118. end
  119. end
  120. end