Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Tree: a85d811dbb
Branches Tags
zammad
/
spec
/
requests
/
package_spec.rb

package_spec.rb 2.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. # Copyright (C) 2012-2023 Zammad Foundation, https://zammad-foundation.org/
    2. 

  2. 

  3. require 'rails_helper'
    4. 

  4. 

  5. RSpec.describe 'Packages', type: :request do
    6. 

  6. 

  7.   let(:admin) do
    8. 

  8.     create(:admin)
    9. 

  9.   end
    10. 

  10.   let(:agent) do
    11. 

  11.     create(:agent)
    12. 

  12.   end
    13. 

  13.   let(:customer) do
    14. 

  14.     create(:customer)
    15. 

  15.   end
    16. 

  16. 

  17.   describe 'request handling' do
    18. 

  18. 

  19.     it 'does packages index with nobody' do
    20. 

  20.       get '/api/v1/packages', as: :json
    21. 

  21.       expect(response).to have_http_status(:forbidden)
    22. 

  22. 

  23.       expect(json_response).to be_a(Hash)
    24. 

  24.       expect(json_response['packages']).to be_falsey
    25. 

  25.       expect(json_response['error']).to eq('Authentication required')
    26. 

  26.     end
    27. 

  27. 

  28.     it 'does packages index with admin' do
    29. 

  29.       authenticated_as(admin)
    30. 

  30.       get '/api/v1/packages', as: :json
    31. 

  31. 

  32.       expect(response).to have_http_status(:ok)
    33. 

  33.       expect(json_response).to be_a(Hash)
    34. 

  34.       expect(json_response['packages']).to be_truthy
    35. 

  35.     end
    36. 

  36. 

  37.     it 'does packages index with admin and wrong pw' do
    38. 

  38.       authenticated_as(admin, password: 'wrongadminpw')
    39. 

  39.       get '/api/v1/packages', as: :json
    40. 

  40. 

  41.       expect(response).to have_http_status(:unauthorized)
    42. 

  42.       expect(json_response).to be_a(Hash)
    43. 

  43.       expect(json_response['error']).to eq('Invalid BasicAuth credentials')
    44. 

  44.     end
    45. 

  45. 

  46.     it 'does packages index with inactive admin' do
    47. 

  47.       admin = create(:admin, active: false, password: 'we need a password here')
    48. 

  48. 

  49.       authenticated_as(admin, password: 'wrong password')
    50. 

  50.       get '/api/v1/packages', as: :json
    51. 

  51. 

  52.       expect(response).to have_http_status(:unauthorized)
    53. 

  53.       expect(json_response).to be_a(Hash)
    54. 

  54.       expect(json_response['error']).to eq('Invalid BasicAuth credentials')
    55. 

  55.     end
    56. 

  56. 

  57.     it 'does packages index with agent' do
    58. 

  58.       authenticated_as(agent)
    59. 

  59.       get '/api/v1/packages', as: :json
    60. 

  60. 

  61.       expect(response).to have_http_status(:forbidden)
    62. 

  62.       expect(json_response).to be_a(Hash)
    63. 

  63.       expect(json_response['packages']).to be_falsey
    64. 

  64.       expect(json_response['error']).to eq('Not authorized (user)!')
    65. 

  65.     end
    66. 

  66. 

  67.     it 'does packages index with customer' do
    68. 

  68.       authenticated_as(customer)
    69. 

  69.       get '/api/v1/packages', as: :json
    70. 

  70. 

  71.       expect(response).to have_http_status(:forbidden)
    72. 

  72.       expect(json_response).to be_a(Hash)
    73. 

  73.       expect(json_response['packages']).to be_falsey
    74. 

  74.       expect(json_response['error']).to eq('Not authorized (user)!')
    75. 

  75.     end
    76. 

  76.   end
    77. 

  77. end
    78.