time_accounting_spec.rb 4.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe 'Ticket::TimeAccounting API', :aggregate_failures, authenticated_as: :user, type: :request do
  4. let(:ticket) { create(:ticket) }
  5. let(:user) { create(:agent, groups: [ticket.group]) }
  6. before do
  7. allow_any_instance_of(Controllers::TimeAccountingsControllerPolicy)
  8. .to receive(policy_action)
  9. .and_return(policy_response)
  10. end
  11. describe 'GET /api/v1/tickets/:ticket_id/time_accountings' do
  12. let(:time_accounting_list) { create_list(:ticket_time_accounting, 3, ticket: ticket, time_unit: 10) }
  13. let(:policy_action) { :index? }
  14. before do
  15. time_accounting_list
  16. get "/api/v1/tickets/#{ticket.id}/time_accountings"
  17. end
  18. context 'with sufficient permissions' do
  19. let(:policy_response) { true }
  20. it 'returns the accounted time entry' do
  21. expect(response).to have_http_status(:ok)
  22. expect(json_response.pluck('id')).to eq(time_accounting_list.pluck(:id))
  23. end
  24. end
  25. context 'without sufficient permissions' do
  26. let(:policy_response) { false }
  27. it 'returns the updated accounted time entry' do
  28. expect(response).to have_http_status(:forbidden)
  29. end
  30. end
  31. end
  32. describe 'GET /api/v1/tickets/:ticket_id/time_accountings/:id' do
  33. let(:time_accounting) { create(:ticket_time_accounting, ticket: ticket, time_unit: 22) }
  34. let(:policy_action) { :show? }
  35. before do
  36. time_accounting
  37. get "/api/v1/tickets/#{ticket.id}/time_accountings/#{time_accounting.id}"
  38. end
  39. context 'with sufficient permissions' do
  40. let(:policy_response) { true }
  41. it 'returns the accounted time entry' do
  42. expect(response).to have_http_status(:ok)
  43. expect(json_response['time_unit']).to eq('22.0')
  44. end
  45. end
  46. context 'without sufficient permissions' do
  47. let(:policy_response) { false }
  48. it 'forbidden' do
  49. expect(response).to have_http_status(:forbidden)
  50. end
  51. end
  52. end
  53. describe 'POST /api/v1/tickets/:ticket_id/time_accountings' do
  54. let(:article) { create(:ticket_article, ticket: ticket) }
  55. let(:params) { { time_unit: 11, ticket_articke_id: article.id } }
  56. let(:policy_action) { :create? }
  57. before do
  58. article
  59. post "/api/v1/tickets/#{ticket.id}/time_accountings", params: params, as: :json
  60. end
  61. context 'with sufficient permissions' do
  62. let(:policy_response) { true }
  63. context 'with article' do
  64. it 'returns the created accounted time entry' do
  65. expect(response).to have_http_status(:created)
  66. expect(json_response['time_unit']).to eq('11.0')
  67. end
  68. end
  69. context 'without article' do
  70. let(:params) { { time_unit: 11 } }
  71. it 'returns the created accounted time entry' do
  72. expect(response).to have_http_status(:created)
  73. expect(json_response['time_unit']).to eq('11.0')
  74. end
  75. end
  76. end
  77. context 'without sufficient permissions' do
  78. let(:policy_response) { false }
  79. it 'forbidden' do
  80. expect(response).to have_http_status(:forbidden)
  81. end
  82. end
  83. end
  84. describe 'PUT /api/v1/tickets/:ticket_id/time_accountings/:id' do
  85. let(:time_accounting) { create(:ticket_time_accounting, ticket: ticket, time_unit: 22) }
  86. let(:params) { { time_unit: 15 } }
  87. let(:policy_action) { :method_missing } # workaround for default_permit!
  88. before do
  89. put "/api/v1/tickets/#{ticket.id}/time_accountings/#{time_accounting.id}", params: params, as: :json
  90. end
  91. context 'with sufficient permissions' do
  92. let(:policy_response) { true }
  93. it 'returns the updated accounted time entry' do
  94. expect(response).to have_http_status(:ok)
  95. expect(json_response['time_unit']).to eq('15.0')
  96. end
  97. end
  98. context 'without sufficient permissions' do
  99. let(:policy_response) { false }
  100. it 'forbidden' do
  101. expect(response).to have_http_status(:forbidden)
  102. end
  103. end
  104. end
  105. describe 'DELETE /api/v1/tickets/:ticket_id/time_accountings/:id' do
  106. let(:time_accounting) { create(:ticket_time_accounting, ticket: ticket, time_unit: 22) }
  107. let(:policy_action) { :method_missing } # workaround for default_permit!
  108. before do
  109. delete "/api/v1/tickets/#{ticket.id}/time_accountings/#{time_accounting.id}"
  110. end
  111. context 'with sufficient permissions' do
  112. let(:policy_response) { true }
  113. it 'returns the updated accounted time entry' do
  114. expect(Ticket::TimeAccounting).not_to exist(time_accounting.id)
  115. expect(response).to have_http_status(:ok)
  116. end
  117. end
  118. context 'without sufficient permissions' do
  119. let(:policy_response) { false }
  120. it 'forbidden' do
  121. expect(response).to have_http_status(:forbidden)
  122. end
  123. end
  124. end
  125. end