external_data_source_controller_spec.rb 4.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe 'External Data Source', :aggregate_failures, db_adapter: :postgresql, type: :request do
  4. let(:agent) { create(:agent) }
  5. let(:admin) { create(:admin) }
  6. let(:object_name) { 'Ticket' }
  7. let(:attribute) { create(:object_manager_attribute_autocompletion_ajax_external_data_source, object_name:) }
  8. let(:ticket) { create(:ticket) }
  9. let(:url) { "/api/v1/external_data_source/#{attribute.object_lookup.name}/#{attribute.name}?query=abc&search_context%5Bticket_id%5D=#{ticket.id}" }
  10. let(:preview_url) { '/api/v1/external_data_source/preview' }
  11. let(:mocked_payload) { [{ 'value' => 'abc', 'label' => 'abc' }] }
  12. before do
  13. allow(ExternalDataSource).to receive(:new).and_call_original
  14. allow_any_instance_of(ExternalDataSource).to receive(:process).and_return(mocked_payload)
  15. end
  16. context 'without authentication' do
  17. describe '#fetch' do
  18. it 'returns 403 Forbidden' do
  19. get url, as: :json
  20. expect(response).to have_http_status(:forbidden)
  21. expect(json_response).to include('error' => 'Authentication required')
  22. end
  23. end
  24. describe '#preview' do
  25. it 'returns 403 Forbidden' do
  26. post preview_url, params: { data_option: attribute.data_option, query: 'abc' }, as: :json
  27. expect(response).to have_http_status(:forbidden)
  28. expect(json_response).to include('error' => 'Authentication required')
  29. end
  30. end
  31. end
  32. context 'when authenticated as agent', authenticated_as: :agent do
  33. describe '#fetch' do
  34. it 'responds with an array of ExternalCredential records' do
  35. get url, as: :json
  36. expect(response).to have_http_status(:ok)
  37. expect(json_response).to eq('result' => mocked_payload)
  38. expect(ExternalDataSource).to have_received(:new).with(include(render_context: { ticket: ticket, user: agent }))
  39. end
  40. context 'when object is Group' do
  41. let(:object_name) { 'Group' }
  42. it 'returns 403 Forbidden' do
  43. get url, as: :json
  44. expect(response).to have_http_status(:forbidden)
  45. expect(json_response).to include('error' => 'Not authorized')
  46. end
  47. end
  48. end
  49. describe '#preview' do
  50. it 'returns 403 Forbidden' do
  51. post preview_url, params: { data_option: attribute.data_option, query: 'abc' }, as: :json
  52. expect(response).to have_http_status(:forbidden)
  53. expect(json_response).to include('error' => 'User authorization failed.')
  54. end
  55. end
  56. end
  57. context 'when authenticated as admin', authenticated_as: :admin do
  58. describe '#preview' do
  59. it 'responds with an array of ExternalCredential records' do
  60. post preview_url, params: { data_option: attribute.data_option, query: 'abc' }, as: :json
  61. expect(response).to have_http_status(:ok)
  62. expect(json_response).to eq('data' => mocked_payload, 'success' => true)
  63. expect(ExternalDataSource).to have_received(:new).with(include(render_context: { user: admin }))
  64. end
  65. end
  66. describe '#fetch' do
  67. context 'when object is Group' do
  68. let(:object_name) { 'Group' }
  69. let(:group) { create(:group) }
  70. let(:url) { "/api/v1/external_data_source/#{attribute.object_lookup.name}/#{attribute.name}?query=abc&search_context%5Bgroup_id%5D=#{group.id}" }
  71. it 'responds with an array of ExternalCredential records' do
  72. get url, as: :json
  73. expect(response).to have_http_status(:ok)
  74. expect(json_response).to eq('result' => mocked_payload)
  75. expect(ExternalDataSource).to have_received(:new).with(include(render_context: { group: group, user: admin }))
  76. end
  77. end
  78. context 'when customer is given' do
  79. let(:object_name) { 'Group' }
  80. let(:customer) { create(:customer) }
  81. let(:url) { "/api/v1/external_data_source/#{attribute.object_lookup.name}/#{attribute.name}?query=abc&search_context%5Bcustomer_id%5D=#{customer.id}" }
  82. it 'responds with an array of ExternalCredential records' do
  83. get url, as: :json
  84. expect(response).to have_http_status(:ok)
  85. expect(json_response).to eq('result' => mocked_payload)
  86. expect(ExternalDataSource)
  87. .to have_received(:new)
  88. .with(include(
  89. render_context: {
  90. user: admin,
  91. ticket: a_kind_of(Ticket).and(have_attributes(customer: customer))
  92. }
  93. ))
  94. end
  95. end
  96. end
  97. end
  98. end