add_first_admin_spec.rb 3.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe Gql::Mutations::User::AddFirstAdmin, :aggregate_failures, set_up: false, type: :request do
  4. context 'when adding the first admin user' do
  5. let(:query) do
  6. <<~QUERY
  7. mutation userAddFirstAdmin($input: UserSignupInput!) {
  8. userAddFirstAdmin(input: $input) {
  9. session {
  10. id
  11. afterAuth {
  12. type
  13. data
  14. }
  15. }
  16. errors {
  17. message
  18. field
  19. }
  20. }
  21. }
  22. QUERY
  23. end
  24. let(:variables) do
  25. {
  26. input: {
  27. email: 'bender@futurama.fiction',
  28. firstname: 'Bender',
  29. lastname: 'Rodríguez',
  30. password: 'IloveBender1337'
  31. }
  32. }
  33. end
  34. let(:headers) do
  35. {
  36. 'X-Browser-Fingerprint' => 'some-fingerprint',
  37. }
  38. end
  39. let(:graphql_response) do
  40. post '/graphql', params: { query: query, variables: variables }, headers: headers, as: :json
  41. json_response
  42. end
  43. before do
  44. allow(Calendar).to receive(:init_setup)
  45. allow(TextModule).to receive(:load)
  46. Setting.set('system_init_done', false)
  47. end
  48. context 'with an empty system' do
  49. it 'creates a new user' do
  50. expect(graphql_response['data']['userAddFirstAdmin']).to include({ 'session' => include({ 'id' => a_kind_of(String) }), 'errors' => nil })
  51. expect(User.find_by(email: 'bender@futurama.fiction')).to be_present
  52. expect(Calendar).to have_received(:init_setup)
  53. expect(TextModule).to have_received(:load)
  54. end
  55. end
  56. context 'without an email address' do
  57. let(:variables) do
  58. {
  59. input: {
  60. email: '',
  61. firstname: 'Bender',
  62. lastname: 'Rodríguez',
  63. password: 'IloveBender1337'
  64. }
  65. }
  66. end
  67. it 'fails with an error' do
  68. expect(graphql_response['errors'].first['message']).to eq("The required attribute 'email' is missing.")
  69. end
  70. end
  71. context 'with a weak password' do
  72. let(:variables) do
  73. {
  74. input: {
  75. email: 'bender@futurama.fiction',
  76. firstname: 'Bender',
  77. lastname: 'Rodríguez',
  78. password: '1234'
  79. }
  80. }
  81. end
  82. it 'fails with an error' do
  83. expect(graphql_response['data']['userAddFirstAdmin']['errors'].first['message']).to match(%r{Invalid password})
  84. end
  85. end
  86. context 'when system has already been configured' do
  87. before do
  88. Setting.set('system_init_done', true)
  89. create(:admin)
  90. end
  91. it 'fails with an error' do
  92. expect(graphql_response['data']['userAddFirstAdmin']['errors']).to eq(
  93. [{ 'message' => 'This system has already been configured and an administrator account exists.', 'field' => nil }]
  94. )
  95. end
  96. end
  97. end
  98. end