time_accounting_policy_spec.rb 1.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. describe Ticket::TimeAccountingPolicy do
  4. subject(:policy) { described_class.new(user, record) }
  5. let(:time_accounting_enabled) { true }
  6. let(:record) { build(:ticket_time_accounting, ticket: ticket) }
  7. let(:ticket) { create(:ticket) }
  8. let(:group) { ticket.group }
  9. let(:user) { create(:agent, groups: [group]) }
  10. before do
  11. Setting.set('time_accounting', time_accounting_enabled)
  12. end
  13. context 'when time accounting is disabled' do
  14. let(:time_accounting_enabled) { false }
  15. it { is_expected.to forbid_actions(:create) }
  16. end
  17. context 'when time accounting is enabled' do
  18. it { is_expected.to permit_actions(:create) }
  19. end
  20. context 'when user does not have access to the ticket' do
  21. let(:user) { create(:agent) }
  22. it { is_expected.to forbid_actions(:create) }
  23. end
  24. context 'when user has no access to the ticket by having read permission' do
  25. let(:user) { create(:agent) }
  26. before { user.user_groups.create! group: ticket.group, access: 'read' }
  27. it { is_expected.to forbid_actions(:create) }
  28. end
  29. context 'when user has access to the ticket by having create permission' do
  30. let(:user) { create(:agent) }
  31. before { user.user_groups.create! group: ticket.group, access: 'create' }
  32. it { is_expected.to permit_actions(:create) }
  33. end
  34. context 'when user has access to the ticket by having change permission' do
  35. let(:user) { create(:agent) }
  36. before { user.user_groups.create! group: ticket.group, access: 'change' }
  37. it { is_expected.to permit_actions(:create) }
  38. end
  39. context 'when user has access to the ticket by having customer access' do
  40. let(:user) { create(:customer) }
  41. before { ticket.update! customer: user }
  42. it { is_expected.to forbid_actions(:create) }
  43. end
  44. end