idoit_spec.rb 7.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe 'Idoit', type: :request do
  4. let!(:admin) do
  5. create(:admin, groups: Group.all)
  6. end
  7. let!(:agent) do
  8. create(:agent, groups: Group.all)
  9. end
  10. let!(:customer) do
  11. create(:customer)
  12. end
  13. let!(:token) do
  14. 'some_token'
  15. end
  16. let!(:endpoint) do
  17. 'https://idoit.example.com/i-doit/'
  18. end
  19. def read_message(file)
  20. Rails.root.join('test', 'data', 'idoit', "#{file}.json").read
  21. end
  22. before do
  23. Setting.set('idoit_integration', true)
  24. Setting.set('idoit_config', {
  25. api_token: token,
  26. endpoint: endpoint,
  27. client_id: '',
  28. })
  29. end
  30. describe 'request handling' do
  31. it 'does unclear urls' do
  32. params = {
  33. api_token: token,
  34. endpoint: endpoint,
  35. client_id: '',
  36. }
  37. authenticated_as(agent)
  38. post '/api/v1/integration/idoit/verify', params: params, as: :json
  39. expect(response).to have_http_status(:forbidden)
  40. expect(json_response).to be_a(Hash)
  41. expect(json_response).not_to be_blank
  42. expect(json_response['error']).to eq('User authorization failed.')
  43. stub_request(:post, "#{endpoint}src/jsonrpc.php")
  44. .with(body: "{\"method\":\"cmdb.object_types\",\"params\":{\"apikey\":\"#{token}\"},\"version\":\"2.0\",\"id\":42}")
  45. .to_return(status: 200, body: read_message('object_types_response'), headers: {})
  46. params = {
  47. api_token: token,
  48. endpoint: endpoint,
  49. client_id: '',
  50. }
  51. authenticated_as(admin)
  52. post '/api/v1/integration/idoit/verify', params: params, as: :json
  53. expect(response).to have_http_status(:ok)
  54. expect(json_response).to be_a(Hash)
  55. expect(json_response).not_to be_blank
  56. expect(json_response['result']).to eq('ok')
  57. expect(json_response['response']).to be_truthy
  58. expect(json_response['response']['jsonrpc']).to eq('2.0')
  59. expect(json_response['response']['result']).to be_truthy
  60. params = {
  61. api_token: token,
  62. endpoint: " #{endpoint}/",
  63. client_id: '',
  64. }
  65. post '/api/v1/integration/idoit/verify', params: params, as: :json
  66. expect(response).to have_http_status(:ok)
  67. expect(json_response).to be_a(Hash)
  68. expect(json_response).not_to be_blank
  69. expect(json_response['result']).to eq('ok')
  70. expect(json_response['response']).to be_truthy
  71. expect(json_response['response']['jsonrpc']).to eq('2.0')
  72. expect(json_response['response']['result']).to be_truthy
  73. end
  74. it 'does list all object types' do
  75. stub_request(:post, "#{endpoint}src/jsonrpc.php")
  76. .with(body: "{\"method\":\"cmdb.object_types\",\"params\":{\"apikey\":\"#{token}\"},\"version\":\"2.0\",\"id\":42}")
  77. .to_return(status: 200, body: read_message('object_types_response'), headers: {})
  78. params = {
  79. method: 'cmdb.object_types',
  80. }
  81. authenticated_as(agent)
  82. post '/api/v1/integration/idoit', params: params, as: :json
  83. expect(response).to have_http_status(:ok)
  84. expect(json_response).to be_a(Hash)
  85. expect(json_response).not_to be_blank
  86. expect(json_response['result']).to eq('ok')
  87. expect(json_response['response']).to be_truthy
  88. expect(json_response['response']['jsonrpc']).to eq('2.0')
  89. expect(json_response['response']['result']).to be_truthy
  90. expect(json_response['response']['result'][0]['id']).to eq('1')
  91. expect(json_response['response']['result'][0]['title']).to eq('System service')
  92. params = {
  93. method: 'cmdb.object_types',
  94. }
  95. authenticated_as(admin)
  96. post '/api/v1/integration/idoit', params: params, as: :json
  97. expect(response).to have_http_status(:ok)
  98. expect(json_response).to be_a(Hash)
  99. expect(json_response).not_to be_blank
  100. expect(json_response['result']).to eq('ok')
  101. expect(json_response['response']).to be_truthy
  102. expect(json_response['response']['jsonrpc']).to eq('2.0')
  103. expect(json_response['response']['result']).to be_truthy
  104. expect(json_response['response']['result'][0]['id']).to eq('1')
  105. expect(json_response['response']['result'][0]['title']).to eq('System service')
  106. end
  107. it 'does query objects' do
  108. stub_request(:post, "#{endpoint}src/jsonrpc.php")
  109. .with(body: "{\"method\":\"cmdb.objects\",\"params\":{\"apikey\":\"#{token}\",\"filter\":{\"ids\":[\"33\"]}},\"version\":\"2.0\",\"id\":42}")
  110. .to_return(status: 200, body: read_message('object_types_filter_response'), headers: {})
  111. params = {
  112. method: 'cmdb.objects',
  113. filter: {
  114. ids: ['33']
  115. },
  116. }
  117. authenticated_as(agent)
  118. post '/api/v1/integration/idoit', params: params, as: :json
  119. expect(response).to have_http_status(:ok)
  120. expect(json_response).to be_a(Hash)
  121. expect(json_response).not_to be_blank
  122. expect(json_response['result']).to eq('ok')
  123. expect(json_response['response']).to be_truthy
  124. expect(json_response['response']['jsonrpc']).to eq('2.0')
  125. expect(json_response['response']['result']).to be_truthy
  126. expect(json_response['response']['result'][0]['id']).to eq('26')
  127. expect(json_response['response']['result'][0]['title']).to eq('demo.example.com')
  128. expect(json_response['response']['result'][0]['type_title']).to eq('Virtual server')
  129. expect(json_response['response']['result'][0]['cmdb_status_title']).to eq('in operation')
  130. end
  131. end
  132. describe 'SSL verification' do
  133. describe '.verify' do
  134. def request(verify: false)
  135. params = {
  136. api_token: token,
  137. endpoint: endpoint,
  138. client_id: '',
  139. verify_ssl: verify
  140. }
  141. authenticated_as(admin)
  142. post '/api/v1/integration/idoit/verify', params: params, as: :json
  143. expect(response).to have_http_status(:ok)
  144. end
  145. it 'does verify SSL' do
  146. allow(UserAgent).to receive(:get_http)
  147. request(verify: true)
  148. expect(UserAgent).to have_received(:get_http).with(URI::HTTPS, hash_including(verify_ssl: true)).once
  149. end
  150. it 'does not verify SSL' do
  151. allow(UserAgent).to receive(:get_http)
  152. request
  153. expect(UserAgent).to have_received(:get_http).with(URI::HTTPS, hash_including(verify_ssl: false)).once
  154. end
  155. end
  156. describe '.query' do
  157. def request(verify: false)
  158. Setting.set('idoit_config', Setting.get('idoit_config').merge(verify_ssl: verify))
  159. stub_request(:post, "#{endpoint}src/jsonrpc.php")
  160. .with(body: "{\"method\":\"cmdb.object_types\",\"params\":{\"apikey\":\"#{token}\"},\"version\":\"2.0\",\"id\":42}")
  161. .to_return(status: 200, body: read_message('object_types_response'), headers: {})
  162. params = {
  163. method: 'cmdb.objects',
  164. filter: {
  165. ids: ['33']
  166. },
  167. }
  168. authenticated_as(agent)
  169. post '/api/v1/integration/idoit', params: params, as: :json
  170. expect(response).to have_http_status(:ok)
  171. end
  172. it 'does verify SSL' do
  173. allow(UserAgent).to receive(:get_http)
  174. request(verify: true)
  175. expect(UserAgent).to have_received(:get_http).with(URI::HTTPS, hash_including(verify_ssl: true)).once
  176. end
  177. it 'does not verify SSL' do
  178. allow(UserAgent).to receive(:get_http)
  179. request
  180. expect(UserAgent).to have_received(:get_http).with(URI::HTTPS, hash_including(verify_ssl: false)).once
  181. end
  182. end
  183. end
  184. end