search_controller_test.rb 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447
  1. require 'test_helper'
  2. require 'rake'
  3. class SearchControllerTest < ActionDispatch::IntegrationTest
  4. setup do
  5. # set current user
  6. UserInfo.current_user_id = 1
  7. # set accept header
  8. @headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
  9. # create agent
  10. roles = Role.where(name: %w[Admin Agent])
  11. groups = Group.all
  12. @admin = User.create_or_update(
  13. login: 'search-admin',
  14. firstname: 'Search',
  15. lastname: 'Admin',
  16. email: 'search-admin@example.com',
  17. password: 'adminpw',
  18. active: true,
  19. roles: roles,
  20. groups: groups,
  21. )
  22. # create agent
  23. roles = Role.where(name: 'Agent')
  24. @agent = User.create_or_update(
  25. login: 'search-agent@example.com',
  26. firstname: 'Search 1234',
  27. lastname: 'Agent',
  28. email: 'search-agent@example.com',
  29. password: 'agentpw',
  30. active: true,
  31. roles: roles,
  32. groups: groups,
  33. )
  34. # create customer without org
  35. roles = Role.where(name: 'Customer')
  36. @customer_without_org = User.create_or_update(
  37. login: 'search-customer1@example.com',
  38. firstname: 'Search',
  39. lastname: 'Customer1',
  40. email: 'search-customer1@example.com',
  41. password: 'customer1pw',
  42. active: true,
  43. roles: roles,
  44. )
  45. # create orgs
  46. @organization = Organization.create_or_update(
  47. name: 'Rest Org',
  48. )
  49. @organization2 = Organization.create_or_update(
  50. name: 'Rest Org #2',
  51. )
  52. @organization3 = Organization.create_or_update(
  53. name: 'Rest Org #3',
  54. )
  55. # create customer with org
  56. @customer_with_org2 = User.create_or_update(
  57. login: 'search-customer2@example.com',
  58. firstname: 'Search',
  59. lastname: 'Customer2',
  60. email: 'search-customer2@example.com',
  61. password: 'customer2pw',
  62. active: true,
  63. roles: roles,
  64. organization_id: @organization.id,
  65. )
  66. @customer_with_org3 = User.create_or_update(
  67. login: 'search-customer3@example.com',
  68. firstname: 'Search',
  69. lastname: 'Customer3',
  70. email: 'search-customer3@example.com',
  71. password: 'customer3pw',
  72. active: true,
  73. roles: roles,
  74. organization_id: @organization.id,
  75. )
  76. @ticket1 = Ticket.create!(
  77. title: 'test 1234-1',
  78. group: Group.lookup(name: 'Users'),
  79. customer_id: @customer_without_org.id,
  80. state: Ticket::State.lookup(name: 'new'),
  81. priority: Ticket::Priority.lookup(name: '2 normal'),
  82. )
  83. @article1 = Ticket::Article.create!(
  84. ticket_id: @ticket1.id,
  85. from: 'some_sender1@example.com',
  86. to: 'some_recipient1@example.com',
  87. subject: 'some subject1',
  88. message_id: 'some@id',
  89. body: 'some message1',
  90. internal: false,
  91. sender: Ticket::Article::Sender.where(name: 'Customer').first,
  92. type: Ticket::Article::Type.where(name: 'email').first,
  93. )
  94. travel 1.second
  95. @ticket2 = Ticket.create!(
  96. title: 'test 1234-2',
  97. group: Group.lookup(name: 'Users'),
  98. customer_id: @customer_with_org2.id,
  99. state: Ticket::State.lookup(name: 'new'),
  100. priority: Ticket::Priority.lookup(name: '2 normal'),
  101. )
  102. @article2 = Ticket::Article.create!(
  103. ticket_id: @ticket2.id,
  104. from: 'some_sender2@example.com',
  105. to: 'some_recipient2@example.com',
  106. subject: 'some subject2',
  107. message_id: 'some@id',
  108. body: 'some message2',
  109. internal: false,
  110. sender: Ticket::Article::Sender.where(name: 'Customer').first,
  111. type: Ticket::Article::Type.where(name: 'email').first,
  112. )
  113. travel 1.second
  114. @ticket3 = Ticket.create!(
  115. title: 'test 1234-2',
  116. group: Group.lookup(name: 'Users'),
  117. customer_id: @customer_with_org3.id,
  118. state: Ticket::State.lookup(name: 'new'),
  119. priority: Ticket::Priority.lookup(name: '2 normal'),
  120. )
  121. @article3 = Ticket::Article.create!(
  122. ticket_id: @ticket3.id,
  123. from: 'some_sender3@example.com',
  124. to: 'some_recipient3@example.com',
  125. subject: 'some subject3',
  126. message_id: 'some@id',
  127. body: 'some message3',
  128. internal: false,
  129. sender: Ticket::Article::Sender.where(name: 'Customer').first,
  130. type: Ticket::Article::Type.where(name: 'email').first,
  131. )
  132. # configure es
  133. if ENV['ES_URL'].present?
  134. #fail "ERROR: Need ES_URL - hint ES_URL='http://127.0.0.1:9200'"
  135. Setting.set('es_url', ENV['ES_URL'])
  136. # Setting.set('es_url', 'http://127.0.0.1:9200')
  137. # Setting.set('es_index', 'estest.local_zammad')
  138. # Setting.set('es_user', 'elasticsearch')
  139. # Setting.set('es_password', 'zammad')
  140. if ENV['ES_INDEX_RAND'].present?
  141. ENV['ES_INDEX'] = "es_index_#{rand(999_999_999)}"
  142. end
  143. if ENV['ES_INDEX'].blank?
  144. raise "ERROR: Need ES_INDEX - hint ES_INDEX='estest.local_zammad'"
  145. end
  146. Setting.set('es_index', ENV['ES_INDEX'])
  147. # set max attachment size in mb
  148. Setting.set('es_attachment_max_size_in_mb', 1)
  149. travel 1.minute
  150. # drop/create indexes
  151. Rake::Task.clear
  152. Zammad::Application.load_tasks
  153. #Rake::Task["searchindex:drop"].execute
  154. #Rake::Task["searchindex:create"].execute
  155. Rake::Task['searchindex:rebuild'].execute
  156. # execute background jobs
  157. Scheduler.worker(true)
  158. sleep 6
  159. end
  160. end
  161. teardown do
  162. if ENV['ES_URL'].present?
  163. Rake::Task['searchindex:drop'].execute
  164. end
  165. end
  166. test 'settings index with nobody' do
  167. params = {
  168. query: 'test 1234',
  169. limit: 2,
  170. }
  171. post '/api/v1/search/ticket', params: params.to_json, headers: @headers
  172. assert_response(401)
  173. result = JSON.parse(@response.body)
  174. assert_equal(Hash, result.class)
  175. assert_not(result.blank?)
  176. assert_equal('authentication failed', result['error'])
  177. post '/api/v1/search/user', params: params.to_json, headers: @headers
  178. assert_response(401)
  179. result = JSON.parse(@response.body)
  180. assert_equal(Hash, result.class)
  181. assert_not(result.blank?)
  182. assert_equal('authentication failed', result['error'])
  183. post '/api/v1/search', params: params.to_json, headers: @headers
  184. assert_response(401)
  185. result = JSON.parse(@response.body)
  186. assert_equal(Hash, result.class)
  187. assert_not(result.blank?)
  188. assert_equal('authentication failed', result['error'])
  189. end
  190. test 'settings index with admin' do
  191. credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-admin@example.com', 'adminpw')
  192. params = {
  193. query: '1234*',
  194. limit: 1,
  195. }
  196. post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  197. assert_response(200)
  198. result = JSON.parse(@response.body)
  199. assert_equal(Hash, result.class)
  200. assert(result)
  201. assert_equal('Ticket', result['result'][0]['type'])
  202. assert_equal(@ticket3.id, result['result'][0]['id'])
  203. assert_equal('User', result['result'][1]['type'])
  204. assert_equal(@agent.id, result['result'][1]['id'])
  205. assert_not(result['result'][2])
  206. params = {
  207. query: '1234*',
  208. limit: 10,
  209. }
  210. post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  211. assert_response(200)
  212. result = JSON.parse(@response.body)
  213. assert_equal(Hash, result.class)
  214. assert(result)
  215. assert_equal('Ticket', result['result'][0]['type'])
  216. assert_equal(@ticket3.id, result['result'][0]['id'])
  217. assert_equal('Ticket', result['result'][1]['type'])
  218. assert_equal(@ticket2.id, result['result'][1]['id'])
  219. assert_equal('Ticket', result['result'][2]['type'])
  220. assert_equal(@ticket1.id, result['result'][2]['id'])
  221. assert_equal('User', result['result'][3]['type'])
  222. assert_equal(@agent.id, result['result'][3]['id'])
  223. assert_not(result['result'][4])
  224. params = {
  225. query: '1234*',
  226. limit: 10,
  227. }
  228. post '/api/v1/search/ticket', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  229. assert_response(200)
  230. result = JSON.parse(@response.body)
  231. assert_equal(Hash, result.class)
  232. assert(result)
  233. assert_equal('Ticket', result['result'][0]['type'])
  234. assert_equal(@ticket3.id, result['result'][0]['id'])
  235. assert_equal('Ticket', result['result'][1]['type'])
  236. assert_equal(@ticket2.id, result['result'][1]['id'])
  237. assert_equal('Ticket', result['result'][2]['type'])
  238. assert_equal(@ticket1.id, result['result'][2]['id'])
  239. assert_not(result['result'][3])
  240. params = {
  241. query: '1234*',
  242. limit: 10,
  243. }
  244. post '/api/v1/search/user', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  245. assert_response(200)
  246. result = JSON.parse(@response.body)
  247. assert_equal(Hash, result.class)
  248. assert_equal('User', result['result'][0]['type'])
  249. assert_equal(@agent.id, result['result'][0]['id'])
  250. assert_not(result['result'][1])
  251. end
  252. test 'settings index with agent' do
  253. credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-agent@example.com', 'agentpw')
  254. params = {
  255. query: '1234*',
  256. limit: 1,
  257. }
  258. post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  259. assert_response(200)
  260. result = JSON.parse(@response.body)
  261. assert_equal(Hash, result.class)
  262. assert(result)
  263. assert_equal('Ticket', result['result'][0]['type'])
  264. assert_equal(@ticket3.id, result['result'][0]['id'])
  265. assert_equal('User', result['result'][1]['type'])
  266. assert_equal(@agent.id, result['result'][1]['id'])
  267. assert_not(result['result'][2])
  268. params = {
  269. query: '1234*',
  270. limit: 10,
  271. }
  272. post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  273. assert_response(200)
  274. result = JSON.parse(@response.body)
  275. assert_equal(Hash, result.class)
  276. assert(result)
  277. assert_equal('Ticket', result['result'][0]['type'])
  278. assert_equal(@ticket3.id, result['result'][0]['id'])
  279. assert_equal('Ticket', result['result'][1]['type'])
  280. assert_equal(@ticket2.id, result['result'][1]['id'])
  281. assert_equal('Ticket', result['result'][2]['type'])
  282. assert_equal(@ticket1.id, result['result'][2]['id'])
  283. assert_equal('User', result['result'][3]['type'])
  284. assert_equal(@agent.id, result['result'][3]['id'])
  285. assert_not(result['result'][4])
  286. params = {
  287. query: '1234*',
  288. limit: 10,
  289. }
  290. post '/api/v1/search/ticket', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  291. assert_response(200)
  292. result = JSON.parse(@response.body)
  293. assert_equal(Hash, result.class)
  294. assert(result)
  295. assert_equal('Ticket', result['result'][0]['type'])
  296. assert_equal(@ticket3.id, result['result'][0]['id'])
  297. assert_equal('Ticket', result['result'][1]['type'])
  298. assert_equal(@ticket2.id, result['result'][1]['id'])
  299. assert_equal('Ticket', result['result'][2]['type'])
  300. assert_equal(@ticket1.id, result['result'][2]['id'])
  301. assert_not(result['result'][3])
  302. params = {
  303. query: '1234*',
  304. limit: 10,
  305. }
  306. post '/api/v1/search/user', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  307. assert_response(200)
  308. result = JSON.parse(@response.body)
  309. assert_equal(Hash, result.class)
  310. assert_equal('User', result['result'][0]['type'])
  311. assert_equal(@agent.id, result['result'][0]['id'])
  312. assert_not(result['result'][1])
  313. end
  314. test 'settings index with customer 1' do
  315. credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-customer1@example.com', 'customer1pw')
  316. params = {
  317. query: '1234*',
  318. limit: 10,
  319. }
  320. post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  321. assert_response(200)
  322. result = JSON.parse(@response.body)
  323. assert_equal(Hash, result.class)
  324. assert(result)
  325. assert_equal('Ticket', result['result'][0]['type'])
  326. assert_equal(@ticket1.id, result['result'][0]['id'])
  327. assert_not(result['result'][1])
  328. params = {
  329. query: '1234*',
  330. limit: 10,
  331. }
  332. post '/api/v1/search/ticket', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  333. assert_response(200)
  334. result = JSON.parse(@response.body)
  335. assert_equal(Hash, result.class)
  336. assert(result)
  337. assert_equal('Ticket', result['result'][0]['type'])
  338. assert_equal(@ticket1.id, result['result'][0]['id'])
  339. assert_not(result['result'][1])
  340. params = {
  341. query: '1234*',
  342. limit: 10,
  343. }
  344. post '/api/v1/search/user', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  345. assert_response(200)
  346. result = JSON.parse(@response.body)
  347. assert_equal(Hash, result.class)
  348. assert_not(result['result'][0])
  349. end
  350. test 'settings index with customer 2' do
  351. credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-customer2@example.com', 'customer2pw')
  352. params = {
  353. query: '1234*',
  354. limit: 10,
  355. }
  356. post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  357. assert_response(200)
  358. result = JSON.parse(@response.body)
  359. assert_equal(Hash, result.class)
  360. assert(result)
  361. assert_equal('Ticket', result['result'][0]['type'])
  362. assert_equal(@ticket3.id, result['result'][0]['id'])
  363. assert_equal('Ticket', result['result'][1]['type'])
  364. assert_equal(@ticket2.id, result['result'][1]['id'])
  365. assert_not(result['result'][2])
  366. params = {
  367. query: '1234*',
  368. limit: 10,
  369. }
  370. post '/api/v1/search/ticket', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  371. assert_response(200)
  372. result = JSON.parse(@response.body)
  373. assert_equal(Hash, result.class)
  374. assert(result)
  375. assert_equal('Ticket', result['result'][0]['type'])
  376. assert_equal(@ticket3.id, result['result'][0]['id'])
  377. assert_equal('Ticket', result['result'][1]['type'])
  378. assert_equal(@ticket2.id, result['result'][1]['id'])
  379. assert_not(result['result'][2])
  380. params = {
  381. query: '1234*',
  382. limit: 10,
  383. }
  384. post '/api/v1/search/user', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
  385. assert_response(200)
  386. result = JSON.parse(@response.body)
  387. assert_equal(Hash, result.class)
  388. assert_not(result['result'][0])
  389. end
  390. end