monitoring_controller_policy_spec.rb 4.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. describe Controllers::MonitoringControllerPolicy do
  4. let(:instance) { described_class.new(user_context, record) }
  5. let(:record_class) { MonitoringController }
  6. let(:action_name) { :sample }
  7. let(:params) { { token: token } }
  8. let(:token) { nil }
  9. let(:user_context) { UserContext.new(user) }
  10. let(:record) do
  11. rec = record_class.new
  12. rec.action_name = action_name
  13. rec.params = params
  14. rec
  15. end
  16. shared_examples 'token or permission' do
  17. let(:user) { create(:admin) }
  18. before do
  19. allow(instance).to receive(:token_or_permission?).and_return(token_or_permission)
  20. end
  21. context 'when token or permission' do
  22. let(:token_or_permission) { true }
  23. it 'permits action' do
  24. expect(instance).to permit_action(action_name)
  25. end
  26. end
  27. context 'when no token or permission' do
  28. let(:token_or_permission) { false }
  29. it 'forbids action' do
  30. expect(instance).to forbid_action(action_name)
  31. end
  32. end
  33. end
  34. shared_examples 'only permission' do
  35. let(:user) { create(:admin) }
  36. before do
  37. allow(instance).to receive(:monitoring_admin?).and_return(permission)
  38. end
  39. context 'when permission' do
  40. let(:permission) { true }
  41. it 'permits action' do
  42. expect(instance).to permit_action(action_name)
  43. end
  44. end
  45. context 'when no permission' do
  46. let(:permission) { false }
  47. it 'forbids action' do
  48. expect(instance).to forbid_action(action_name)
  49. end
  50. end
  51. end
  52. describe '#health_check?' do
  53. let(:action_name) { :health_check }
  54. include_examples 'token or permission'
  55. end
  56. describe '#status?' do
  57. let(:action_name) { :status }
  58. include_examples 'token or permission'
  59. end
  60. describe '#amount_check?' do
  61. let(:action_name) { :amount_check }
  62. include_examples 'token or permission'
  63. end
  64. describe '#token?' do
  65. let(:action_name) { :token }
  66. include_examples 'only permission'
  67. end
  68. describe '#restart_failed_jobs?' do
  69. let(:action_name) { :restart_failed_jobs }
  70. include_examples 'only permission'
  71. end
  72. describe '#token_or_permission' do
  73. context 'when not logged' do
  74. let(:user) { nil }
  75. context 'when no token' do
  76. let(:token) { nil }
  77. it 'returns false' do
  78. expect(instance.send(:token_or_permission?)).to be_falsey
  79. end
  80. end
  81. context 'when token given' do
  82. let(:token) { Setting.get('monitoring_token') }
  83. it 'returns true' do
  84. expect(instance.send(:token_or_permission?)).to be_truthy
  85. end
  86. end
  87. end
  88. context 'when user does not have permission' do
  89. let(:user) { create(:agent) }
  90. it 'returns false' do
  91. expect(instance.send(:token_or_permission?)).to be_falsey
  92. end
  93. context 'when token given' do
  94. let(:token) { Setting.get('monitoring_token') }
  95. it 'returns true' do
  96. expect(instance.send(:token_or_permission?)).to be_truthy
  97. end
  98. end
  99. end
  100. context 'when user has permission' do
  101. let(:user) { create(:admin) }
  102. it 'returns true' do
  103. expect(instance.send(:token_or_permission?)).to be_truthy
  104. end
  105. context 'when token given' do
  106. let(:token) { Setting.get('monitoring_token') }
  107. it 'returns true' do
  108. expect(instance.send(:token_or_permission?)).to be_truthy
  109. end
  110. end
  111. end
  112. end
  113. describe '#valid_token_param?' do
  114. let(:token) { 'token' }
  115. let(:user) { create(:admin) }
  116. before { Setting.set('monitoring_token', token) }
  117. describe 'when tokens match' do
  118. let(:params) { { token: token } }
  119. it 'returns true' do
  120. expect(instance.send(:valid_token_param?)).to be_truthy
  121. end
  122. end
  123. describe 'when tokens do not match' do
  124. let(:params) { { token: 'another_token' } }
  125. it 'returns false' do
  126. expect(instance.send(:valid_token_param?)).to be_falsey
  127. end
  128. end
  129. end
  130. describe '#monitoring_admin?' do
  131. context 'when has monitoring permission' do
  132. let(:user) { create(:admin) }
  133. it 'returns true' do
  134. expect(instance.send(:monitoring_admin?)).to be_truthy
  135. end
  136. context 'when permission is inactive' do
  137. before do
  138. Permission.find_by(name: 'admin.monitoring').update!(active: false)
  139. end
  140. it 'when permission not active returns false' do
  141. expect(instance.send(:monitoring_admin?)).to be_falsey
  142. end
  143. end
  144. end
  145. context 'when does not have monitoring permission' do
  146. let(:user) { create(:agent) }
  147. it 'returns false' do
  148. expect(instance.send(:monitoring_admin?)).to be_falsey
  149. end
  150. end
  151. context 'when no authorized user' do
  152. let(:user) { nil }
  153. it 'returns false' do
  154. expect(instance.send(:monitoring_admin?)).to be_falsey
  155. end
  156. end
  157. end
  158. end