scope_spec.rb 3.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe ActivityStreamPolicy::Scope do
  4. subject(:scope) { described_class.new(user, ActivityStream) }
  5. describe '#resolve' do
  6. let!(:activity_streams) do
  7. {
  8. permissionless: {
  9. grouped: create(:activity_stream, permission_id: nil, group_id: Group.first.id),
  10. groupless: create(:activity_stream, permission_id: nil, group_id: nil),
  11. },
  12. admin: {
  13. grouped: create(:activity_stream, permission_id: admin_permission.id, group_id: Group.first.id),
  14. groupless: create(:activity_stream, permission_id: admin_permission.id, group_id: nil),
  15. },
  16. agent: {
  17. grouped: create(:activity_stream, permission_id: agent_permission.id, group_id: Group.first.id),
  18. groupless: create(:activity_stream, permission_id: agent_permission.id, group_id: nil),
  19. }
  20. }
  21. end
  22. let(:admin_permission) { Permission.find_by(name: 'admin') }
  23. let(:agent_permission) { Permission.find_by(name: 'ticket.agent') }
  24. context 'with customer' do
  25. let(:user) { create(:customer) }
  26. it 'returns an empty ActiveRecord::Relation (no arrays--must be chainable!)' do
  27. expect(scope.resolve)
  28. .to be_empty
  29. .and be_an(ActiveRecord::Relation)
  30. end
  31. end
  32. context 'with groupless agent' do
  33. let(:user) { create(:agent, groups: []) }
  34. it 'returns agent ActivityStreams (w/o permission: nil)' do
  35. expect(scope.resolve)
  36. .to contain_exactly(activity_streams[:agent][:groupless])
  37. end
  38. it 'does not include groups’ agent ActivityStreams' do
  39. expect(scope.resolve)
  40. .not_to include([activity_streams[:agent][:grouped]])
  41. end
  42. end
  43. context 'with grouped agent' do
  44. let(:user) { create(:agent, groups: [Group.first]) }
  45. it 'returns same ActivityStreams as groupless agent, plus groups’ (WITH permission: nil)' do
  46. expect(scope.resolve)
  47. .to contain_exactly(activity_streams[:permissionless][:grouped], *activity_streams[:agent].values)
  48. end
  49. end
  50. context 'with groupless admin' do
  51. # Why do we need Import Mode?
  52. # Without it, create(:admin) generates yet another ActivityStream
  53. let(:user) do
  54. Setting.set('import_mode', true)
  55. .then { create(:admin, groups: []) }
  56. .tap { Setting.set('import_mode', false) }
  57. end
  58. it 'returns agent/admin ActivityStreams (w/o permission: nil)' do
  59. expect(scope.resolve)
  60. .to contain_exactly(activity_streams[:admin][:groupless], activity_streams[:agent][:groupless])
  61. end
  62. it 'does not include groups’ agent ActivityStreams' do
  63. expect(scope.resolve)
  64. .not_to include([activity_streams[:admin][:grouped]])
  65. end
  66. end
  67. context 'with grouped admin' do
  68. # Why do we need Import Mode?
  69. # Without it, create(:admin) generates yet another ActivityStream
  70. let(:user) do
  71. Setting.set('import_mode', true)
  72. .then { create(:admin, groups: [Group.first]) }
  73. .tap { Setting.set('import_mode', false) }
  74. end
  75. it 'returns same ActivityStreams as groupless admin, plus groups’ (WITH permission: nil)' do
  76. expect(scope.resolve)
  77. .to contain_exactly(activity_streams[:permissionless][:grouped], *activity_streams[:admin].values, *activity_streams[:agent].values)
  78. end
  79. end
  80. end
  81. end