123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228 |
- # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
- require 'rails_helper'
- describe Controllers::LinksControllerPolicy do
- subject { described_class.new(user, record) }
- include_context 'basic Knowledge Base'
- let(:record_class) { LinksController }
- let(:record) do
- rec = record_class.new
- rec.action_name = action_name
- rec.params = params
- rec
- end
- describe '#add' do
- context 'with target ticket and source ticket' do
- let(:ticket_source) { create(:ticket) }
- let(:ticket_target) { create(:ticket) }
- let(:action_name) { :add }
- let(:params) do
- {
- link_object_source: 'Ticket',
- link_object_source_number: ticket_source.number,
- link_object_target: 'Ticket',
- link_object_target_value: ticket_target.id,
- action: action_name.to_s
- }
- end
- context 'when user has full permission on target and access on source' do
- let(:user) { create(:agent, groups: [ticket_target.group, ticket_source.group]) }
- it { is_expected.to permit_action(action_name) }
- end
- context 'when user has no permission on target' do
- let(:user) { create(:agent, groups: [ticket_source.group]) }
- it { is_expected.to forbid_action(action_name) }
- end
- context 'when user has no permission on source' do
- let(:user) { create(:agent, groups: [ticket_target.group]) }
- it { is_expected.to forbid_action(action_name) }
- end
- end
- context 'with target ticket and source knowledge base answer' do
- let(:ticket_target) { create(:ticket) }
- let(:action_name) { :add }
- let(:params) do
- {
- link_object_source: 'KnowledgeBase::Answer::Translation',
- link_object_source_number: kb_answer_source.id,
- link_object_target: 'Ticket',
- link_object_target_value: ticket_target.id,
- action: action_name.to_s
- }
- end
- context 'when user has full permission on target and accces on source' do
- let(:kb_answer_source) { published_answer.translations.first }
- let(:user) { create(:agent, groups: [ticket_target.group]) }
- it { is_expected.to permit_action(action_name) }
- end
- context 'when user has no permission on target' do
- let(:kb_answer_source) { published_answer.translations.first }
- let(:user) { create(:agent) }
- it { is_expected.to forbid_action(action_name) }
- end
- context 'when user has no access on source' do
- let(:kb_answer_source) { archived_answer.translations.first }
- let(:user) { create(:agent, groups: [ticket_target.group]) }
- it { is_expected.to forbid_action(action_name) }
- end
- end
- context 'with target knowledge base answer and source ticket' do
- let(:ticket_source) { create(:ticket) }
- let(:kb_answer_target) { published_answer.translations.first }
- let(:action_name) { :remove }
- let(:params) do
- {
- link_object_source: 'Ticket',
- link_object_source_number: ticket_source.number,
- link_object_target: 'KnowledgeBase::Answer::Translation',
- link_object_target_value: kb_answer_target.id,
- }
- end
- context 'when user has full permission on target and accces on source' do
- let(:role) { create(:role, permission_names: %w[knowledge_base.editor]) }
- let(:user) { create(:agent, groups: [ticket_source.group], roles: [role]) }
- it { is_expected.to permit_action(action_name) }
- end
- context 'when user has no permission on target' do
- let(:user) { create(:agent, groups: [ticket_source.group]) }
- it { is_expected.to forbid_action(action_name) }
- end
- context 'when user has no accces on source' do
- let(:role) { create(:role, permission_names: %w[knowledge_base.editor]) }
- let(:ticket_source) { create(:ticket, group: create(:group)) }
- let(:user) { create(:agent, roles: [role]) }
- it { is_expected.to permit_action(action_name) }
- end
- end
- end
- describe '#remove' do
- context 'with target ticket and source ticket' do
- let(:ticket_source) { create(:ticket) }
- let(:ticket_target) { create(:ticket) }
- let(:action_name) { :remove }
- let(:params) do
- {
- link_object_source: 'Ticket',
- link_object_source_value: ticket_source.id,
- link_object_target: 'Ticket',
- link_object_target_value: ticket_target.id,
- action: action_name.to_s
- }
- end
- context 'when user has full permission on target and access on source' do
- let(:user) { create(:agent, groups: [ticket_target.group, ticket_source.group]) }
- it { is_expected.to permit_action(action_name) }
- end
- context 'when user has no permission on target' do
- let(:user) { create(:agent, groups: [ticket_source.group]) }
- it { is_expected.to forbid_action(action_name) }
- end
- context 'when user has no permission on source' do
- let(:user) { create(:agent, groups: [ticket_target.group]) }
- it { is_expected.to permit_action(action_name) }
- end
- end
- context 'with target ticket and source knowledge base answer' do
- let(:ticket_target) { create(:ticket) }
- let(:action_name) { :remove }
- let(:params) do
- {
- link_object_source: 'KnowledgeBase::Answer::Translation',
- link_object_source_value: kb_answer_source.id,
- link_object_target: 'Ticket',
- link_object_target_value: ticket_target.id,
- action: action_name.to_s
- }
- end
- context 'when user has full permission on target and access on source' do
- let(:kb_answer_source) { published_answer.translations.first }
- let(:user) { create(:agent, groups: [ticket_target.group]) }
- it { is_expected.to permit_action(action_name) }
- end
- context 'when user has no permission on target' do
- let(:kb_answer_source) { published_answer.translations.first }
- let(:user) { create(:agent) }
- it { is_expected.to forbid_action(action_name) }
- end
- context 'when user has no permission on source' do
- let(:kb_answer_source) { archived_answer.translations.first }
- let(:user) { create(:agent, groups: [ticket_target.group]) }
- it { is_expected.to permit_action(action_name) }
- end
- end
- context 'with target knowledge base answer and source ticket' do
- let(:ticket_source) { create(:ticket) }
- let(:kb_answer_target) { published_answer.translations.first }
- let(:action_name) { :remove }
- let(:params) do
- {
- link_object_source: 'Ticket',
- link_object_source_number: ticket_source.number,
- link_object_target: 'KnowledgeBase::Answer::Translation',
- link_object_target_value: kb_answer_target.id,
- }
- end
- context 'when user has full permission on target and accces on source' do
- let(:role) { create(:role, permission_names: %w[knowledge_base.editor]) }
- let(:user) { create(:agent, groups: [ticket_source.group], roles: [role]) }
- it { is_expected.to permit_action(action_name) }
- end
- context 'when user has no permission on target' do
- let(:user) { create(:agent, groups: [ticket_source.group]) }
- it { is_expected.to forbid_action(action_name) }
- end
- context 'when user has no accces on source' do
- let(:role) { create(:role, permission_names: %w[knowledge_base.editor]) }
- let(:ticket_source) { create(:ticket, group: create(:group)) }
- let(:user) { create(:agent, roles: [role]) }
- it { is_expected.to permit_action(action_name) }
- end
- end
- end
- end
|