| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 |
- require 'test_helper'
- class PackagesControllerTest < ActionDispatch::IntegrationTest
- setup do
- # set accept header
- @headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
- # create agent
- roles = Role.where(name: %w[Admin Agent])
- groups = Group.all
- UserInfo.current_user_id = 1
- @admin = User.create_or_update(
- login: 'packages-admin',
- firstname: 'Packages',
- lastname: 'Admin',
- email: 'packages-admin@example.com',
- password: 'adminpw',
- active: true,
- roles: roles,
- groups: groups,
- )
- # create agent
- roles = Role.where(name: 'Agent')
- @agent = User.create_or_update(
- login: 'packages-agent@example.com',
- firstname: 'Rest',
- lastname: 'Agent',
- email: 'packages-agent@example.com',
- password: 'agentpw',
- active: true,
- roles: roles,
- groups: groups,
- )
- # create customer without org
- roles = Role.where(name: 'Customer')
- @customer_without_org = User.create_or_update(
- login: 'packages-customer1@example.com',
- firstname: 'Packages',
- lastname: 'Customer1',
- email: 'packages-customer1@example.com',
- password: 'customer1pw',
- active: true,
- roles: roles,
- )
- end
- test '01 packages index with nobody' do
- # index
- get '/api/v1/packages', params: {}, headers: @headers
- assert_response(401)
- result = JSON.parse(@response.body)
- assert_equal(Hash, result.class)
- assert_not(result['packages'])
- assert_equal('authentication failed', result['error'])
- end
- test '02 packages index with admin' do
- credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-admin@example.com', 'adminpw')
- # index
- get '/api/v1/packages', params: {}, headers: @headers.merge('Authorization' => credentials)
- assert_response(200)
- result = JSON.parse(@response.body)
- assert_equal(Hash, result.class)
- assert(result['packages'])
- end
- test '03 packages index with admin and wrong pw' do
- credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-admin@example.com', 'wrongadminpw')
- # index
- get '/api/v1/packages', params: {}, headers: @headers.merge('Authorization' => credentials)
- assert_response(401)
- result = JSON.parse(@response.body)
- assert_equal(Hash, result.class)
- assert_equal('authentication failed', result['error'])
- end
- test '04 packages index with inactive admin' do
- @admin.active = false
- @admin.save!
- credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-admin@example.com', 'adminpw')
- # index
- get '/api/v1/packages', params: {}, headers: @headers.merge('Authorization' => credentials)
- assert_response(401)
- result = JSON.parse(@response.body)
- assert_equal(Hash, result.class)
- assert_equal('authentication failed', result['error'])
- end
- test '05 packages index with agent' do
- credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-agent@example.com', 'agentpw')
- # index
- get '/api/v1/packages', params: {}, headers: @headers.merge('Authorization' => credentials)
- assert_response(401)
- result = JSON.parse(@response.body)
- assert_equal(Hash, result.class)
- assert_not(result['packages'])
- assert_equal('Not authorized (user)!', result['error'])
- end
- test '06 packages index with customer' do
- credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-customer1@example.com', 'customer1pw')
- # index
- get '/api/v1/packages', params: {}, headers: @headers.merge('Authorization' => credentials)
- assert_response(401)
- result = JSON.parse(@response.body)
- assert_equal(Hash, result.class)
- assert_not(result['packages'])
- assert_equal('Not authorized (user)!', result['error'])
- end
- end
|
