SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129
							# encoding: utf-8
require 'test_helper'

class TokenTest < ActiveSupport::TestCase
  test 'token' do

    groups = Group.all
    roles  = Role.where(name: 'Agent')
    agent1 = User.create_or_update(
      login: 'token-agent1@example.com',
      firstname: 'Token',
      lastname: 'Agent1',
      email: 'token-agent1@example.com',
      password: 'agentpw',
      active: true,
      roles: roles,
      groups: groups,
      updated_by_id: 1,
      created_by_id: 1,
    )

    # invalid token
    user = Token.check(
      action: 'PasswordReset',
      name: '1NV4L1D',
    )
    assert_not(user)

    # generate fresh token
    token = Token.create(
      action: 'PasswordReset',
      user_id: agent1.id,
    )
    assert(token)
    assert_equal(nil, token.persistent)
    user = Token.check(
      action: 'PasswordReset_NotExisting',
      name: token.name,
    )
    assert_not(user)
    user = Token.check(
      action: 'PasswordReset',
      name: token.name,
    )
    assert(user)
    assert_equal('Token', user.firstname)
    assert_equal('Agent1', user.lastname)
    assert_equal('token-agent1@example.com', user.email)

    # two days but not persistent
    token = Token.create(
      action: 'PasswordReset',
      user_id: agent1.id,
      created_at: 2.days.ago,
      persistent: false,
    )
    user = Token.check(
      action: 'PasswordReset',
      name: token.name,
    )
    assert_not(user)

    # two days but persistent
    token = Token.create(
      action: 'iCal',
      user_id: agent1.id,
      created_at: 2.days.ago,
      persistent: true,
    )
    user = Token.check(
      action: 'iCal',
      name: token.name,
    )
    assert(user)
    assert_equal('Token', user.firstname)
    assert_equal('Agent1', user.lastname)
    assert_equal('token-agent1@example.com', user.email)

    # api token with permissions
    token = Token.create(
      action:      'api',
      label:       'some label',
      persistent:  true,
      user_id:     agent1.id,
      preferences: {
        permission: ['admin', 'ticket.agent'], # agent has no access to admin.*
      }
    )
    user = Token.check(
      action: 'api',
      name: token.name,
      permission: 'admin.session',
    )
    assert_not(user)
    user = Token.check(
      action: 'api',
      name: token.name,
      permission: 'admin',
    )
    assert_not(user)
    user = Token.check(
      action: 'api',
      name: token.name,
      permission: 'ticket',
    )
    assert_not(user)
    user = Token.check(
      action: 'api',
      name: token.name,
      permission: 'ticket.agent',
    )
    assert(user)
    assert_equal('Token', user.firstname)
    assert_equal('Agent1', user.lastname)
    assert_equal('token-agent1@example.com', user.email)

    user = Token.check(
      action: 'api',
      name: token.name,
      permission: ['ticket.agent', 'not_existing'],
    )
    assert(user)
    assert_equal('Token', user.firstname)
    assert_equal('Agent1', user.lastname)
    assert_equal('token-agent1@example.com', user.email)

  end

end