Главная Обзор Помощь
Вход
SMusatov
/
zammad
зеркало из https://github.com/zammad/zammad.git
1
0
Ответвить 0
Файлы
Ветка: stable-2.2
Ветки Метки
zammad
/
test
/
controllers
/
tickets_controller_test.rb

tickets_controller_test.rb 48 KB
Постоянная ссылка История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110 
  1. 

  2. require 'test_helper'
    3. 

  3. 

  4. class TicketsControllerTest < ActionDispatch::IntegrationTest
    5. 

  5.   setup do
    6. 

  6. 

  7.     # set accept header
    8. 

  8.     @headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
    9. 

  9. 

  10.     # create agent
    11. 

  11.     roles  = Role.where(name: %w[Admin Agent])
    12. 

  12.     groups = Group.all
    13. 

  13. 

  14.     UserInfo.current_user_id = 1
    15. 

  15.     @admin = User.create_or_update(
    16. 

  16.       login: 'tickets-admin',
    17. 

  17.       firstname: 'Tickets',
    18. 

  18.       lastname: 'Admin',
    19. 

  19.       email: 'tickets-admin@example.com',
    20. 

  20.       password: 'adminpw',
    21. 

  21.       active: true,
    22. 

  22.       roles: roles,
    23. 

  23.       groups: groups,
    24. 

  24.     )
    25. 

  25. 

  26.     # create agent
    27. 

  27.     roles = Role.where(name: 'Agent')
    28. 

  28.     @agent = User.create_or_update(
    29. 

  29.       login: 'tickets-agent@example.com',
    30. 

  30.       firstname: 'Tickets',
    31. 

  31.       lastname: 'Agent',
    32. 

  32.       email: 'tickets-agent@example.com',
    33. 

  33.       password: 'agentpw',
    34. 

  34.       active: true,
    35. 

  35.       roles: roles,
    36. 

  36.       groups: groups,
    37. 

  37.     )
    38. 

  38. 

  39.     # create customer without org
    40. 

  40.     roles = Role.where(name: 'Customer')
    41. 

  41.     @customer_without_org = User.create_or_update(
    42. 

  42.       login: 'tickets-customer1@example.com',
    43. 

  43.       firstname: 'Tickets',
    44. 

  44.       lastname: 'Customer1',
    45. 

  45.       email: 'tickets-customer1@example.com',
    46. 

  46.       password: 'customer1pw',
    47. 

  47.       active: true,
    48. 

  48.       roles: roles,
    49. 

  49.     )
    50. 

  50. 

  51.   end
    52. 

  52. 

  53.   test '01.01 ticket create with agent - missing group' do
    54. 

  54.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    55. 

  55.     params = {
    56. 

  56.       title: 'a new ticket #1',
    57. 

  57.       article: {
    58. 

  58.         content_type: 'text/plain', # or text/html
    59. 

  59.         body: 'some body',
    60. 

  60.         sender: 'Customer',
    61. 

  61.         type: 'note',
    62. 

  62.       },
    63. 

  63.     }
    64. 

  64.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    65. 

  65.     assert_response(422)
    66. 

  66.     result = JSON.parse(@response.body)
    67. 

  67.     assert_equal(Hash, result.class)
    68. 

  68.     assert_equal('Group can\'t be blank', result['error_human'])
    69. 

  69.   end
    70. 

  70. 

  71.   test '01.02 ticket create with agent - wrong group' do
    72. 

  72.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    73. 

  73.     params = {
    74. 

  74.       title: 'a new ticket #2',
    75. 

  75.       group: 'not_existing',
    76. 

  76.       article: {
    77. 

  77.         content_type: 'text/plain', # or text/html
    78. 

  78.         body: 'some body',
    79. 

  79.         sender: 'Customer',
    80. 

  80.         type: 'note',
    81. 

  81.       },
    82. 

  82.     }
    83. 

  83.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    84. 

  84.     assert_response(422)
    85. 

  85.     result = JSON.parse(@response.body)
    86. 

  86.     assert_equal(Hash, result.class)
    87. 

  87.     assert_equal('No lookup value found for \'group\': "not_existing"', result['error'])
    88. 

  88.   end
    89. 

  89. 

  90.   test '01.03 ticket create with agent - missing article.body' do
    91. 

  91.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    92. 

  92.     params = {
    93. 

  93.       title: 'a new ticket #3',
    94. 

  94.       group: 'Users',
    95. 

  95.       priority: '2 normal',
    96. 

  96.       state: 'new',
    97. 

  97.       customer_id: @customer_without_org.id,
    98. 

  98.       article: {},
    99. 

  99.     }
    100. 

  100.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    101. 

  101.     assert_response(422)
    102. 

  102.     result = JSON.parse(@response.body)
    103. 

  103.     assert_equal(Hash, result.class)
    104. 

  104.     assert_equal('Need at least article: { body: "some text" }', result['error'])
    105. 

  105.   end
    106. 

  106. 

  107.   test '01.03 ticket create with agent - minimal article' do
    108. 

  108.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    109. 

  109.     params = {
    110. 

  110.       title: 'a new ticket #3',
    111. 

  111.       group: 'Users',
    112. 

  112.       priority: '2 normal',
    113. 

  113.       state: 'new',
    114. 

  114.       customer_id: @customer_without_org.id,
    115. 

  115.       article: {
    116. 

  116.         body: 'some test 123',
    117. 

  117.       },
    118. 

  118.     }
    119. 

  119.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    120. 

  120.     assert_response(201)
    121. 

  121.     result = JSON.parse(@response.body)
    122. 

  122.     assert_equal(Hash, result.class)
    123. 

  123.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    124. 

  124.     assert_equal('a new ticket #3', result['title'])
    125. 

  125.     assert_equal(@customer_without_org.id, result['customer_id'])
    126. 

  126.     assert_equal(@agent.id, result['updated_by_id'])
    127. 

  127.     assert_equal(@agent.id, result['created_by_id'])
    128. 

  128.   end
    129. 

  129. 

  130.   test '01.04 ticket create with agent - wrong owner_id - 0' do
    131. 

  131.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    132. 

  132.     params = {
    133. 

  133.       title: 'a new ticket #4',
    134. 

  134.       group: 'Users',
    135. 

  135.       priority: '2 normal',
    136. 

  136.       owner_id: 0,
    137. 

  137.       state: 'new',
    138. 

  138.       customer_id: @customer_without_org.id,
    139. 

  139.       article: {
    140. 

  140.         body: 'some test 123',
    141. 

  141.       },
    142. 

  142.     }
    143. 

  143.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    144. 

  144.     assert_response(422)
    145. 

  145.     result = JSON.parse(@response.body)
    146. 

  146.     assert_equal(Hash, result.class)
    147. 

  147.     assert_equal('Invalid value for param \'owner_id\': 0', result['error'])
    148. 

  148.   end
    149. 

  149. 

  150.   test '01.05 ticket create with agent - wrong owner_id - ""' do
    151. 

  151.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    152. 

  152.     params = {
    153. 

  153.       title: 'a new ticket #5',
    154. 

  154.       group: 'Users',
    155. 

  155.       priority: '2 normal',
    156. 

  156.       owner_id: '',
    157. 

  157.       state: 'new',
    158. 

  158.       customer_id: @customer_without_org.id,
    159. 

  159.       article: {
    160. 

  160.         body: 'some test 123',
    161. 

  161.       },
    162. 

  162.     }
    163. 

  163.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    164. 

  164.     #assert_response(422)
    165. 

  165.     #result = JSON.parse(@response.body)
    166. 

  166.     #assert_equal(Hash, result.class)
    167. 

  167.     #assert_equal('Invalid value for param \'owner_id\': ""', result['error'])
    168. 

  168.     assert_response(201)
    169. 

  169.     result = JSON.parse(@response.body)
    170. 

  170.     assert_equal(Hash, result.class)
    171. 

  171.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    172. 

  172.     assert_equal('a new ticket #5', result['title'])
    173. 

  173.     assert_equal(@customer_without_org.id, result['customer_id'])
    174. 

  174.     assert_equal(@agent.id, result['updated_by_id'])
    175. 

  175.     assert_equal(@agent.id, result['created_by_id'])
    176. 

  176.   end
    177. 

  177. 

  178.   test '01.06 ticket create with agent - wrong owner_id - 99999' do
    179. 

  179.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    180. 

  180.     params = {
    181. 

  181.       title: 'a new ticket #6',
    182. 

  182.       group: 'Users',
    183. 

  183.       priority: '2 normal',
    184. 

  184.       owner_id: 99_999,
    185. 

  185.       state: 'new',
    186. 

  186.       customer_id: @customer_without_org.id,
    187. 

  187.       article: {
    188. 

  188.         body: 'some test 123',
    189. 

  189.       },
    190. 

  190.     }
    191. 

  191.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    192. 

  192.     assert_response(422)
    193. 

  193.     result = JSON.parse(@response.body)
    194. 

  194.     assert_equal(Hash, result.class)
    195. 

  195.     assert_equal('Invalid value for param \'owner_id\': 99999', result['error'])
    196. 

  196.   end
    197. 

  197. 

  198.   test '01.07 ticket create with agent - wrong owner_id - nil' do
    199. 

  199.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    200. 

  200.     params = {
    201. 

  201.       title: 'a new ticket #7',
    202. 

  202.       group: 'Users',
    203. 

  203.       priority: '2 normal',
    204. 

  204.       owner_id: nil,
    205. 

  205.       state: 'new',
    206. 

  206.       customer_id: @customer_without_org.id,
    207. 

  207.       article: {
    208. 

  208.         body: 'some test 123',
    209. 

  209.       },
    210. 

  210.     }
    211. 

  211.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    212. 

  212.     assert_response(201)
    213. 

  213.     result = JSON.parse(@response.body)
    214. 

  214.     assert_equal(Hash, result.class)
    215. 

  215.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    216. 

  216.     assert_equal('a new ticket #7', result['title'])
    217. 

  217.     assert_equal(@customer_without_org.id, result['customer_id'])
    218. 

  218.     assert_equal(@agent.id, result['updated_by_id'])
    219. 

  219.     assert_equal(@agent.id, result['created_by_id'])
    220. 

  220.   end
    221. 

  221. 

  222.   test '01.08 ticket create with agent - minimal article with guess customer' do
    223. 

  223.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    224. 

  224.     params = {
    225. 

  225.       title: 'a new ticket #8',
    226. 

  226.       group: 'Users',
    227. 

  227.       priority: '2 normal',
    228. 

  228.       state: 'new',
    229. 

  229.       customer_id: 'guess:some_new_customer@example.com',
    230. 

  230.       article: {
    231. 

  231.         body: 'some test 123',
    232. 

  232.       },
    233. 

  233.     }
    234. 

  234.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    235. 

  235.     assert_response(201)
    236. 

  236.     result = JSON.parse(@response.body)
    237. 

  237.     assert_equal(Hash, result.class)
    238. 

  238.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    239. 

  239.     assert_equal('a new ticket #8', result['title'])
    240. 

  240.     assert_equal(User.lookup(email: 'some_new_customer@example.com').id, result['customer_id'])
    241. 

  241.     assert_equal(@agent.id, result['updated_by_id'])
    242. 

  242.     assert_equal(@agent.id, result['created_by_id'])
    243. 

  243.   end
    244. 

  244. 

  245.   test '01.09 ticket create with agent - minimal article with guess customer' do
    246. 

  246.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    247. 

  247.     params = {
    248. 

  248.       title: 'a new ticket #9',
    249. 

  249.       group: 'Users',
    250. 

  250.       customer_id: 'guess:some_new_customer@example.com',
    251. 

  251.       article: {
    252. 

  252.         body: 'some test 123',
    253. 

  253.       },
    254. 

  254.     }
    255. 

  255.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    256. 

  256.     assert_response(201)
    257. 

  257.     result = JSON.parse(@response.body)
    258. 

  258.     assert_equal(Hash, result.class)
    259. 

  259.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    260. 

  260.     assert_equal('a new ticket #9', result['title'])
    261. 

  261.     assert_equal(User.lookup(email: 'some_new_customer@example.com').id, result['customer_id'])
    262. 

  262.     assert_equal(@agent.id, result['updated_by_id'])
    263. 

  263.     assert_equal(@agent.id, result['created_by_id'])
    264. 

  264.   end
    265. 

  265. 

  266.   test '01.10 ticket create with agent - minimal article with missing body - with customer' do
    267. 

  267.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    268. 

  268.     params = {
    269. 

  269.       title: 'a new ticket #10',
    270. 

  270.       group: 'Users',
    271. 

  271.       customer_id: @customer_without_org.id,
    272. 

  272.       article: {
    273. 

  273.         subject: 'some test 123',
    274. 

  274.       },
    275. 

  275.     }
    276. 

  276.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    277. 

  277.     assert_response(422)
    278. 

  278.     result = JSON.parse(@response.body)
    279. 

  279.     assert_equal(Hash, result.class)
    280. 

  280.     assert_equal('Need at least article: { body: "some text" }', result['error'])
    281. 

  281.   end
    282. 

  282. 

  283.   test '01.11 ticket create with agent - minimal article and attachment with customer' do
    284. 

  284.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    285. 

  285.     params = {
    286. 

  286.       title: 'a new ticket #11',
    287. 

  287.       group: 'Users',
    288. 

  288.       customer_id: @customer_without_org.id,
    289. 

  289.       article: {
    290. 

  290.         subject: 'some test 123',
    291. 

  291.         body: 'some test 123',
    292. 

  292.         attachments: [
    293. 

  293.           'filename' => 'some_file.txt',
    294. 

  294.           'data' => 'dGVzdCAxMjM=',
    295. 

  295.           'mime-type' => 'text/plain',
    296. 

  296.         ],
    297. 

  297.       },
    298. 

  298.     }
    299. 

  299.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    300. 

  300.     assert_response(201)
    301. 

  301.     result = JSON.parse(@response.body)
    302. 

  302.     assert_equal(Hash, result.class)
    303. 

  303.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    304. 

  304.     assert_equal('a new ticket #11', result['title'])
    305. 

  305.     assert_equal(@customer_without_org.id, result['customer_id'])
    306. 

  306.     assert_equal(@agent.id, result['updated_by_id'])
    307. 

  307.     assert_equal(@agent.id, result['created_by_id'])
    308. 

  308. 

  309.     ticket = Ticket.find(result['id'])
    310. 

  310.     assert_equal(1, ticket.articles.count)
    311. 

  311.     assert_equal(1, ticket.articles.first.attachments.count)
    312. 

  312.     file = ticket.articles.first.attachments.first
    313. 

  313.     assert_equal('test 123', file.content)
    314. 

  314.     assert_equal('some_file.txt', file.filename)
    315. 

  315.     assert_equal('text/plain', file.preferences['Mime-Type'])
    316. 

  316.     assert_not(file.preferences['Content-ID'])
    317. 

  317.   end
    318. 

  318. 

  319.   test '01.12 ticket create with agent - minimal article and attachment with customer' do
    320. 

  320.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    321. 

  321.     params = {
    322. 

  322.       title: 'a new ticket #12',
    323. 

  323.       group: 'Users',
    324. 

  324.       customer_id: @customer_without_org.id,
    325. 

  325.       article: {
    326. 

  326.         subject: 'some test 123',
    327. 

  327.         body: 'some test 123',
    328. 

  328.         attachments: [
    329. 

  329.           {
    330. 

  330.             'filename' => 'some_file1.txt',
    331. 

  331.             'data' => 'dGVzdCAxMjM=',
    332. 

  332.             'mime-type' => 'text/plain',
    333. 

  333.           },
    334. 

  334.           {
    335. 

  335.             'filename' => 'some_file2.txt',
    336. 

  336.             'data' => 'w6TDtsO8w58=',
    337. 

  337.             'mime-type' => 'text/plain',
    338. 

  338.           },
    339. 

  339.         ],
    340. 

  340.       },
    341. 

  341.     }
    342. 

  342.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    343. 

  343.     assert_response(201)
    344. 

  344.     result = JSON.parse(@response.body)
    345. 

  345.     assert_equal(Hash, result.class)
    346. 

  346.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    347. 

  347.     assert_equal('a new ticket #12', result['title'])
    348. 

  348.     assert_equal(@customer_without_org.id, result['customer_id'])
    349. 

  349.     assert_equal(@agent.id, result['updated_by_id'])
    350. 

  350.     assert_equal(@agent.id, result['created_by_id'])
    351. 

  351. 

  352.     ticket = Ticket.find(result['id'])
    353. 

  353.     assert_equal(1, ticket.articles.count)
    354. 

  354.     assert_equal(2, ticket.articles.first.attachments.count)
    355. 

  355.     file = ticket.articles.first.attachments.first
    356. 

  356.     assert_equal('test 123', file.content)
    357. 

  357.     assert_equal('some_file1.txt', file.filename)
    358. 

  358.     assert_equal('text/plain', file.preferences['Mime-Type'])
    359. 

  359.     assert_not(file.preferences['Content-ID'])
    360. 

  360.   end
    361. 

  361. 

  362.   test '01.13 ticket create with agent - minimal article and attachment missing mine-type with customer' do
    363. 

  363.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    364. 

  364.     params = {
    365. 

  365.       title: 'a new ticket #13',
    366. 

  366.       group: 'Users',
    367. 

  367.       customer_id: @customer_without_org.id,
    368. 

  368.       article: {
    369. 

  369.         subject: 'some test 123',
    370. 

  370.         body: 'some test 123',
    371. 

  371.         attachments: [
    372. 

  372.           'filename' => 'some_file.txt',
    373. 

  373.           'data' => 'ABC_INVALID_BASE64',
    374. 

  374.           'mime-type' => 'text/plain',
    375. 

  375.         ],
    376. 

  376.       },
    377. 

  377.     }
    378. 

  378.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    379. 

  379.     assert_response(422)
    380. 

  380.     result = JSON.parse(@response.body)
    381. 

  381.     assert_equal(Hash, result.class)
    382. 

  382.     assert_equal('Invalid base64 for attachment with index \'0\'', result['error'])
    383. 

  383.   end
    384. 

  384. 

  385.   test '01.14 ticket create with agent - minimal article and attachment invalid base64 with customer' do
    386. 

  386.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    387. 

  387.     params = {
    388. 

  388.       title: 'a new ticket #14',
    389. 

  389.       group: 'Users',
    390. 

  390.       customer_id: @customer_without_org.id,
    391. 

  391.       article: {
    392. 

  392.         subject: 'some test 123',
    393. 

  393.         body: 'some test 123',
    394. 

  394.         attachments: [
    395. 

  395.           'filename' => 'some_file.txt',
    396. 

  396.           'data' => 'dGVzdCAxMjM=',
    397. 

  397.         ],
    398. 

  398.       },
    399. 

  399.     }
    400. 

  400.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    401. 

  401.     assert_response(422)
    402. 

  402.     result = JSON.parse(@response.body)
    403. 

  403.     assert_equal(Hash, result.class)
    404. 

  404.     assert_equal('Attachment needs \'mime-type\' param for attachment with index \'0\'', result['error'])
    405. 

  405.   end
    406. 

  406. 

  407.   test '01.15 ticket create with agent - minimal article and inline attachments with customer' do
    408. 

  408.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    409. 

  409.     params = {
    410. 

  410.       title: 'a new ticket #15',
    411. 

  411.       group: 'Users',
    412. 

  412.       customer_id: @customer_without_org.id,
    413. 

  413.       article: {
    414. 

  414.         content_type: 'text/html',
    415. 

  415.         subject: 'some test 123',
    416. 

  416.         body: 'some test 123 <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUA
    417. 

  417. AAAFCAYAAACNbyblAAAAHElEQVQI12P4//8/w38GIAXDIBKE0DHxgljNBAAO
    418. 

  418. 9TXL0Y4OHwAAAABJRU5ErkJggg==" alt="Red dot" /> <img src="data:image/jpeg;base64,/9j/4QAYRXhpZgAASUkqAAgAAAAAAAAAAAAAAP/sABFEdWNreQABAAQAAAAJAAD/4QMtaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLwA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/PiA8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5zOm1ldGEvIiB4OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA1LjMtYzAxMSA2Ni4xNDU2NjEsIDIwMTIvMDIvMDYtMTQ6NTY6MjcgICAgICAgICI+IDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+IDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PSIiIHhtbG5zOnhtcD0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLyIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bXA6Q3JlYXRvclRvb2w9IkFkb2JlIFBob3Rvc2hvcCBDUzYgKE1hY2ludG9zaCkiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6QzJCOTE2NzlGQUEwMTFFNjg0M0NGQjU0OUU4MTFEOEIiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6QzJCOTE2N0FGQUEwMTFFNjg0M0NGQjU0OUU4MTFEOEIiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDpDMkI5MTY3N0ZBQTAxMUU2ODQzQ0ZCNTQ5RTgxMUQ4QiIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDpDMkI5MTY3OEZBQTAxMUU2ODQzQ0ZCNTQ5RTgxMUQ4QiIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/Pv/uAA5BZG9iZQBkwAAAAAH/2wCEABQRERoTGioZGSo1KCEoNTEpKCgpMUE4ODg4OEFEREREREREREREREREREREREREREREREREREREREREREREREQBFhoaIh0iKRoaKTkpIik5RDktLTlEREREOERERERERERERERERERERERERERERERERERERERERERERERERERERP/AABEIABAADAMBIgACEQEDEQH/xABbAAEBAAAAAAAAAAAAAAAAAAAEBQEBAQAAAAAAAAAAAAAAAAAABAUQAAEEAgMAAAAAAAAAAAAAAAABAhIDESIxBAURAAICAwAAAAAAAAAAAAAAAAESABNRoQP/2gAMAwEAAhEDEQA/AJDq1rfF3Imeg/1+lFy2oR564DKWWWbweV+Buf/Z">',
    419. 

  419.       },
    420. 

  420.     }
    421. 

  421. 

  422.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    423. 

  423.     assert_response(201)
    424. 

  424.     result = JSON.parse(@response.body)
    425. 

  425.     assert_equal(Hash, result.class)
    426. 

  426.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    427. 

  427.     assert_equal('a new ticket #15', result['title'])
    428. 

  428.     assert_equal(@customer_without_org.id, result['customer_id'])
    429. 

  429.     assert_equal(@agent.id, result['updated_by_id'])
    430. 

  430.     assert_equal(@agent.id, result['created_by_id'])
    431. 

  431. 

  432.     ticket = Ticket.find(result['id'])
    433. 

  433.     assert_equal(1, ticket.articles.count)
    434. 

  434.     assert_equal(2, ticket.articles.first.attachments.count)
    435. 

  435.     file = ticket.articles.first.attachments[0]
    436. 

  436.     assert_equal('d3c1e09bdefb92b6a06b791a24ca9599', Digest::MD5.hexdigest(file.content))
    437. 

  437.     assert_match(/#{ticket.id}\..+?@zammad.example.com/, file.filename)
    438. 

  438.     assert_equal('image/png', file.preferences['Mime-Type'])
    439. 

  439.     assert(file.preferences['Content-ID'])
    440. 

  440.     file = ticket.articles.first.attachments[1]
    441. 

  441.     assert_equal('006a2ca3793b550c8fe444acdeb39252', Digest::MD5.hexdigest(file.content))
    442. 

  442.     assert_match(/#{ticket.id}\..+?@zammad.example.com/, file.filename)
    443. 

  443.     assert_equal('image/jpeg', file.preferences['Mime-Type'])
    444. 

  444.     assert(file.preferences['Content-ID'])
    445. 

  445.   end
    446. 

  446. 

  447.   test '01.16 ticket create with agent - minimal article and inline attachments with customer' do
    448. 

  448.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    449. 

  449.     params = {
    450. 

  450.       title: 'a new ticket #16',
    451. 

  451.       group: 'Users',
    452. 

  452.       customer_id: @customer_without_org.id,
    453. 

  453.       article: {
    454. 

  454.         content_type: 'text/html',
    455. 

  455.         subject: 'some test 123',
    456. 

  456.         body: 'some test 123 <img src="data:image/jpeg;base64,/9j/4QAYRXhpZgAASUkqAAgAAAAAAAAAAAAAAP/sABFEdWNreQABAAQAAAAJAAD/4QMtaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLwA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/PiA8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5zOm1ldGEvIiB4OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA1LjMtYzAxMSA2Ni4xNDU2NjEsIDIwMTIvMDIvMDYtMTQ6NTY6MjcgICAgICAgICI+IDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+IDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PSIiIHhtbG5zOnhtcD0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLyIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bXA6Q3JlYXRvclRvb2w9IkFkb2JlIFBob3Rvc2hvcCBDUzYgKE1hY2ludG9zaCkiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6QzJCOTE2NzlGQUEwMTFFNjg0M0NGQjU0OUU4MTFEOEIiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6QzJCOTE2N0FGQUEwMTFFNjg0M0NGQjU0OUU4MTFEOEIiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDpDMkI5MTY3N0ZBQTAxMUU2ODQzQ0ZCNTQ5RTgxMUQ4QiIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDpDMkI5MTY3OEZBQTAxMUU2ODQzQ0ZCNTQ5RTgxMUQ4QiIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/Pv/uAA5BZG9iZQBkwAAAAAH/2wCEABQRERoTGioZGSo1KCEoNTEpKCgpMUE4ODg4OEFEREREREREREREREREREREREREREREREREREREREREREREREQBFhoaIh0iKRoaKTkpIik5RDktLTlEREREOERERERERERERERERERERERERERERERERERERERERERERERERERERP/AABEIABAADAMBIgACEQEDEQH/xABbAAEBAAAAAAAAAAAAAAAAAAAEBQEBAQAAAAAAAAAAAAAAAAAABAUQAAEEAgMAAAAAAAAAAAAAAAABAhIDESIxBAURAAICAwAAAAAAAAAAAAAAAAESABNRoQP/2gAMAwEAAhEDEQA/AJDq1rfF3Imeg/1+lFy2oR564DKWWWbweV+Buf/Z"
    457. 

  457. >',
    458. 

  458.         attachments: [
    459. 

  459.           'filename' => 'some_file.txt',
    460. 

  460.           'data' => 'dGVzdCAxMjM=',
    461. 

  461.           'mime-type' => 'text/plain',
    462. 

  462.         ],
    463. 

  463.       },
    464. 

  464.     }
    465. 

  465. 

  466.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    467. 

  467.     assert_response(201)
    468. 

  468.     result = JSON.parse(@response.body)
    469. 

  469.     assert_equal(Hash, result.class)
    470. 

  470.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    471. 

  471.     assert_equal('a new ticket #16', result['title'])
    472. 

  472.     assert_equal(@customer_without_org.id, result['customer_id'])
    473. 

  473.     assert_equal(@agent.id, result['updated_by_id'])
    474. 

  474.     assert_equal(@agent.id, result['created_by_id'])
    475. 

  475. 

  476.     ticket = Ticket.find(result['id'])
    477. 

  477.     assert_equal(1, ticket.articles.count)
    478. 

  478.     assert_equal(2, ticket.articles.first.attachments.count)
    479. 

  479.     file = ticket.articles.first.attachments[0]
    480. 

  480.     assert_equal('006a2ca3793b550c8fe444acdeb39252', Digest::MD5.hexdigest(file.content))
    481. 

  481.     assert_match(/#{ticket.id}\..+?@zammad.example.com/, file.filename)
    482. 

  482.     assert_equal('image/jpeg', file.preferences['Mime-Type'])
    483. 

  483.     assert(file.preferences['Content-ID'])
    484. 

  484.     file = ticket.articles.first.attachments[1]
    485. 

  485.     assert_equal('39d0d586a701e199389d954f2d592720', Digest::MD5.hexdigest(file.content))
    486. 

  486.     assert_equal('some_file.txt', file.filename)
    487. 

  487.     assert_equal('text/plain', file.preferences['Mime-Type'])
    488. 

  488.     assert_not(file.preferences['Content-ID'])
    489. 

  489.   end
    490. 

  490. 

  491.   test '02.02 ticket create with agent' do
    492. 

  492.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    493. 

  493.     params = {
    494. 

  494.       title: 'a new ticket #1',
    495. 

  495.       state: 'new',
    496. 

  496.       priority: '2 normal',
    497. 

  497.       group: 'Users',
    498. 

  498.       customer: 'tickets-customer1@example.com',
    499. 

  499.       article: {
    500. 

  500.         content_type: 'text/plain', # or text/html
    501. 

  501.         body: 'some body',
    502. 

  502.       },
    503. 

  503.       links: {
    504. 

  504.         Ticket: {
    505. 

  505.           parent: [1],
    506. 

  506.         }
    507. 

  507.       }
    508. 

  508.     }
    509. 

  509.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    510. 

  510.     assert_response(201)
    511. 

  511.     result = JSON.parse(@response.body)
    512. 

  512.     assert_equal(Hash, result.class)
    513. 

  513.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    514. 

  514.     assert_equal('a new ticket #1', result['title'])
    515. 

  515.     assert_equal(@agent.id, result['updated_by_id'])
    516. 

  516.     assert_equal(@agent.id, result['created_by_id'])
    517. 

  517.     links = Link.list(
    518. 

  518.       link_object: 'Ticket',
    519. 

  519.       link_object_value: result['id'],
    520. 

  520.     )
    521. 

  521.     assert_equal('child', links[0]['link_type'])
    522. 

  522.     assert_equal('Ticket', links[0]['link_object'])
    523. 

  523.     assert_equal(1, links[0]['link_object_value'])
    524. 

  524.   end
    525. 

  525. 

  526.   test '02.03 ticket with wrong ticket id' do
    527. 

  527.     group = Group.create_or_update(
    528. 

  528.       name: "GroupWithoutPermission-#{rand(9_999_999_999)}",
    529. 

  529.       active: true,
    530. 

  530.       updated_by_id: 1,
    531. 

  531.       created_by_id: 1,
    532. 

  532.     )
    533. 

  533.     ticket = Ticket.create!(
    534. 

  534.       title: 'ticket with wrong ticket id',
    535. 

  535.       group_id: group.id,
    536. 

  536.       customer_id: @customer_without_org.id,
    537. 

  537.       state: Ticket::State.lookup(name: 'new'),
    538. 

  538.       priority: Ticket::Priority.lookup(name: '2 normal'),
    539. 

  539.       updated_by_id: 1,
    540. 

  540.       created_by_id: 1,
    541. 

  541.     )
    542. 

  542.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    543. 

  543.     get "/api/v1/tickets/#{ticket.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
    544. 

  544.     assert_response(401)
    545. 

  545.     result = JSON.parse(@response.body)
    546. 

  546.     assert_equal(Hash, result.class)
    547. 

  547.     assert_equal('Not authorized', result['error'])
    548. 

  548. 

  549.     params = {
    550. 

  550.       title: 'ticket with wrong ticket id - 2',
    551. 

  551.     }
    552. 

  552.     put "/api/v1/tickets/#{ticket.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    553. 

  553.     assert_response(401)
    554. 

  554.     result = JSON.parse(@response.body)
    555. 

  555.     assert_equal(Hash, result.class)
    556. 

  556.     assert_equal('Not authorized', result['error'])
    557. 

  557. 

  558.     delete "/api/v1/tickets/#{ticket.id}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    559. 

  559.     assert_response(401)
    560. 

  560.     result = JSON.parse(@response.body)
    561. 

  561.     assert_equal(Hash, result.class)
    562. 

  562.     assert_equal('Not authorized', result['error'])
    563. 

  563.   end
    564. 

  564. 

  565.   test '02.04 ticket with correct ticket id' do
    566. 

  566.     title = "ticket with corret ticket id testagent#{rand(999_999_999)}"
    567. 

  567.     ticket = Ticket.create!(
    568. 

  568.       title: title,
    569. 

  569.       group: Group.lookup(name: 'Users'),
    570. 

  570.       customer_id: @customer_without_org.id,
    571. 

  571.       state: Ticket::State.lookup(name: 'new'),
    572. 

  572.       priority: Ticket::Priority.lookup(name: '2 normal'),
    573. 

  573.       updated_by_id: 1,
    574. 

  574.       created_by_id: 1,
    575. 

  575.     )
    576. 

  576.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
    577. 

  577.     get "/api/v1/tickets/#{ticket.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
    578. 

  578.     assert_response(200)
    579. 

  579.     result = JSON.parse(@response.body)
    580. 

  580.     assert_equal(Hash, result.class)
    581. 

  581.     assert_equal(ticket.id, result['id'])
    582. 

  582.     assert_equal(title, result['title'])
    583. 

  583.     assert_equal(ticket.customer_id, result['customer_id'])
    584. 

  584.     assert_equal(1, result['updated_by_id'])
    585. 

  585.     assert_equal(1, result['created_by_id'])
    586. 

  586. 

  587.     params = {
    588. 

  588.       title: "#{title} - 2",
    589. 

  589.       customer_id: @agent.id,
    590. 

  590.     }
    591. 

  591.     put "/api/v1/tickets/#{ticket.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    592. 

  592.     assert_response(200)
    593. 

  593.     result = JSON.parse(@response.body)
    594. 

  594.     assert_equal(Hash, result.class)
    595. 

  595.     assert_equal(ticket.id, result['id'])
    596. 

  596.     assert_equal("#{title} - 2", result['title'])
    597. 

  597.     assert_equal(@agent.id, result['customer_id'])
    598. 

  598.     assert_equal(@agent.id, result['updated_by_id'])
    599. 

  599.     assert_equal(1, result['created_by_id'])
    600. 

  600. 

  601.     params = {
    602. 

  602.       ticket_id: ticket.id,
    603. 

  603.       subject: 'some subject',
    604. 

  604.       body: 'some body',
    605. 

  605.     }
    606. 

  606.     post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    607. 

  607.     assert_response(201)
    608. 

  608.     article_result = JSON.parse(@response.body)
    609. 

  609.     assert_equal(Hash, article_result.class)
    610. 

  610.     assert_equal(ticket.id, article_result['ticket_id'])
    611. 

  611.     assert_equal('Tickets Agent', article_result['from'])
    612. 

  612.     assert_equal('some subject', article_result['subject'])
    613. 

  613.     assert_equal('some body', article_result['body'])
    614. 

  614.     assert_equal('text/plain', article_result['content_type'])
    615. 

  615.     assert_equal(false, article_result['internal'])
    616. 

  616.     assert_equal(@agent.id, article_result['created_by_id'])
    617. 

  617.     assert_equal(Ticket::Article::Sender.lookup(name: 'Agent').id, article_result['sender_id'])
    618. 

  618.     assert_equal(Ticket::Article::Type.lookup(name: 'note').id, article_result['type_id'])
    619. 

  619. 

  620.     Scheduler.worker(true)
    621. 

  621.     get "/api/v1/tickets/search?query=#{CGI.escape(title)}", params: {}, headers: @headers.merge('Authorization' => credentials)
    622. 

  622.     assert_response(200)
    623. 

  623.     result = JSON.parse(@response.body)
    624. 

  624.     assert_equal(Hash, result.class)
    625. 

  625.     assert_equal(ticket.id, result['tickets'][0])
    626. 

  626.     assert_equal(1, result['tickets_count'])
    627. 

  627. 

  628.     params = {
    629. 

  629.       condition: {
    630. 

  630.         'ticket.title' => {
    631. 

  631.           operator: 'contains',
    632. 

  632.           value: title,
    633. 

  633.         },
    634. 

  634.       },
    635. 

  635.     }
    636. 

  636.     post '/api/v1/tickets/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    637. 

  637.     assert_response(200)
    638. 

  638.     result = JSON.parse(@response.body)
    639. 

  639.     assert_equal(Hash, result.class)
    640. 

  640.     assert_equal(ticket.id, result['tickets'][0])
    641. 

  641.     assert_equal(1, result['tickets_count'])
    642. 

  642. 

  643.     delete "/api/v1/ticket_articles/#{article_result['id']}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    644. 

  644.     assert_response(200)
    645. 

  645. 

  646.     params = {
    647. 

  647.       from: 'something which should not be changed on server side',
    648. 

  648.       ticket_id: ticket.id,
    649. 

  649.       subject: 'some subject',
    650. 

  650.       body: 'some body',
    651. 

  651.       type: 'email',
    652. 

  652.       internal: true,
    653. 

  653.     }
    654. 

  654.     post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    655. 

  655.     assert_response(201)
    656. 

  656.     result = JSON.parse(@response.body)
    657. 

  657.     assert_equal(Hash, result.class)
    658. 

  658.     assert_equal(ticket.id, result['ticket_id'])
    659. 

  659.     assert_equal('"Tickets Agent via Zammad" <zammad@localhost>', result['from'])
    660. 

  660.     assert_equal('some subject', result['subject'])
    661. 

  661.     assert_equal('some body', result['body'])
    662. 

  662.     assert_equal('text/plain', result['content_type'])
    663. 

  663.     assert_equal(true, result['internal'])
    664. 

  664.     assert_equal(@agent.id, result['created_by_id'])
    665. 

  665.     assert_equal(Ticket::Article::Sender.lookup(name: 'Agent').id, result['sender_id'])
    666. 

  666.     assert_equal(Ticket::Article::Type.lookup(name: 'email').id, result['type_id'])
    667. 

  667. 

  668.     params = {
    669. 

  669.       subject: 'new subject',
    670. 

  670.     }
    671. 

  671.     put "/api/v1/ticket_articles/#{result['id']}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    672. 

  672.     assert_response(200)
    673. 

  673.     result = JSON.parse(@response.body)
    674. 

  674.     assert_equal(Hash, result.class)
    675. 

  675.     assert_equal(ticket.id, result['ticket_id'])
    676. 

  676.     assert_equal('"Tickets Agent via Zammad" <zammad@localhost>', result['from'])
    677. 

  677.     assert_equal('new subject', result['subject'])
    678. 

  678.     assert_equal('some body', result['body'])
    679. 

  679.     assert_equal('text/plain', result['content_type'])
    680. 

  680.     assert_equal(true, result['internal'])
    681. 

  681.     assert_equal(@agent.id, result['created_by_id'])
    682. 

  682.     assert_equal(Ticket::Article::Sender.lookup(name: 'Agent').id, result['sender_id'])
    683. 

  683.     assert_equal(Ticket::Article::Type.lookup(name: 'email').id, result['type_id'])
    684. 

  684. 

  685.     delete "/api/v1/ticket_articles/#{result['id']}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    686. 

  686.     assert_response(401)
    687. 

  687.     result = JSON.parse(@response.body)
    688. 

  688.     assert_equal(Hash, result.class)
    689. 

  689.     assert_equal('Not authorized (admin permission required)!', result['error'])
    690. 

  690. 

  691.     delete "/api/v1/tickets/#{ticket.id}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    692. 

  692.     assert_response(401)
    693. 

  693.     result = JSON.parse(@response.body)
    694. 

  694.     assert_equal(Hash, result.class)
    695. 

  695.     assert_equal('Not authorized (admin permission required)!', result['error'])
    696. 

  696.   end
    697. 

  697. 

  698.   test '02.05 ticket with correct ticket id' do
    699. 

  699.     ticket = Ticket.create!(
    700. 

  700.       title: 'ticket with corret ticket id',
    701. 

  701.       group: Group.lookup(name: 'Users'),
    702. 

  702.       customer_id: @customer_without_org.id,
    703. 

  703.       state: Ticket::State.lookup(name: 'new'),
    704. 

  704.       priority: Ticket::Priority.lookup(name: '2 normal'),
    705. 

  705.       updated_by_id: 1,
    706. 

  706.       created_by_id: 1,
    707. 

  707.     )
    708. 

  708.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-admin', 'adminpw')
    709. 

  709.     get "/api/v1/tickets/#{ticket.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
    710. 

  710.     assert_response(200)
    711. 

  711.     result = JSON.parse(@response.body)
    712. 

  712.     assert_equal(Hash, result.class)
    713. 

  713.     assert_equal(ticket.id, result['id'])
    714. 

  714.     assert_equal('ticket with corret ticket id', result['title'])
    715. 

  715.     assert_equal(ticket.customer_id, result['customer_id'])
    716. 

  716.     assert_equal(1, result['updated_by_id'])
    717. 

  717.     assert_equal(1, result['created_by_id'])
    718. 

  718. 

  719.     params = {
    720. 

  720.       title: 'ticket with corret ticket id - 2',
    721. 

  721.       customer_id: @agent.id,
    722. 

  722.     }
    723. 

  723.     put "/api/v1/tickets/#{ticket.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    724. 

  724.     assert_response(200)
    725. 

  725.     result = JSON.parse(@response.body)
    726. 

  726.     assert_equal(Hash, result.class)
    727. 

  727.     assert_equal(ticket.id, result['id'])
    728. 

  728.     assert_equal('ticket with corret ticket id - 2', result['title'])
    729. 

  729.     assert_equal(@agent.id, result['customer_id'])
    730. 

  730.     assert_equal(@admin.id, result['updated_by_id'])
    731. 

  731.     assert_equal(1, result['created_by_id'])
    732. 

  732. 

  733.     params = {
    734. 

  734.       from: 'something which should not be changed on server side',
    735. 

  735.       ticket_id: ticket.id,
    736. 

  736.       subject: 'some subject',
    737. 

  737.       body: 'some body',
    738. 

  738.     }
    739. 

  739.     post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    740. 

  740.     assert_response(201)
    741. 

  741.     result = JSON.parse(@response.body)
    742. 

  742.     assert_equal(Hash, result.class)
    743. 

  743.     assert_equal(ticket.id, result['ticket_id'])
    744. 

  744.     assert_equal('Tickets Admin', result['from'])
    745. 

  745.     assert_equal('some subject', result['subject'])
    746. 

  746.     assert_equal('some body', result['body'])
    747. 

  747.     assert_equal('text/plain', result['content_type'])
    748. 

  748.     assert_equal(false, result['internal'])
    749. 

  749.     assert_equal(@admin.id, result['created_by_id'])
    750. 

  750.     assert_equal(Ticket::Article::Sender.lookup(name: 'Agent').id, result['sender_id'])
    751. 

  751.     assert_equal(Ticket::Article::Type.lookup(name: 'note').id, result['type_id'])
    752. 

  752. 

  753.     params = {
    754. 

  754.       subject: 'new subject',
    755. 

  755.       internal: true,
    756. 

  756.     }
    757. 

  757.     put "/api/v1/ticket_articles/#{result['id']}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    758. 

  758.     assert_response(200)
    759. 

  759.     result = JSON.parse(@response.body)
    760. 

  760.     assert_equal(Hash, result.class)
    761. 

  761.     assert_equal(ticket.id, result['ticket_id'])
    762. 

  762.     assert_equal('Tickets Admin', result['from'])
    763. 

  763.     assert_equal('new subject', result['subject'])
    764. 

  764.     assert_equal('some body', result['body'])
    765. 

  765.     assert_equal('text/plain', result['content_type'])
    766. 

  766.     assert_equal(true, result['internal'])
    767. 

  767.     assert_equal(@admin.id, result['created_by_id'])
    768. 

  768.     assert_equal(Ticket::Article::Sender.lookup(name: 'Agent').id, result['sender_id'])
    769. 

  769.     assert_equal(Ticket::Article::Type.lookup(name: 'note').id, result['type_id'])
    770. 

  770. 

  771.     delete "/api/v1/ticket_articles/#{result['id']}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    772. 

  772.     assert_response(200)
    773. 

  773. 

  774.     params = {
    775. 

  775.       ticket_id: ticket.id,
    776. 

  776.       subject: 'some subject',
    777. 

  777.       body: 'some body',
    778. 

  778.       type: 'email',
    779. 

  779.     }
    780. 

  780.     post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    781. 

  781.     assert_response(201)
    782. 

  782.     result = JSON.parse(@response.body)
    783. 

  783.     assert_equal(Hash, result.class)
    784. 

  784.     assert_equal(ticket.id, result['ticket_id'])
    785. 

  785.     assert_equal('"Tickets Admin via Zammad" <zammad@localhost>', result['from'])
    786. 

  786.     assert_equal('some subject', result['subject'])
    787. 

  787.     assert_equal('some body', result['body'])
    788. 

  788.     assert_equal('text/plain', result['content_type'])
    789. 

  789.     assert_equal(false, result['internal'])
    790. 

  790.     assert_equal(@admin.id, result['created_by_id'])
    791. 

  791.     assert_equal(Ticket::Article::Sender.lookup(name: 'Agent').id, result['sender_id'])
    792. 

  792.     assert_equal(Ticket::Article::Type.lookup(name: 'email').id, result['type_id'])
    793. 

  793. 

  794.     delete "/api/v1/ticket_articles/#{result['id']}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    795. 

  795.     assert_response(200)
    796. 

  796. 

  797.     delete "/api/v1/tickets/#{ticket.id}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    798. 

  798.     assert_response(200)
    799. 

  799.   end
    800. 

  800. 

  801.   test '02.05 ticket pagination' do
    802. 

  802.     title = "ticket pagination #{rand(999_999_999)}"
    803. 

  803.     tickets = []
    804. 

  804.     (1..20).each do |count|
    805. 

  805.       ticket = Ticket.create!(
    806. 

  806.         title: "#{title} - #{count}",
    807. 

  807.         group: Group.lookup(name: 'Users'),
    808. 

  808.         customer_id: @customer_without_org.id,
    809. 

  809.         state: Ticket::State.lookup(name: 'new'),
    810. 

  810.         priority: Ticket::Priority.lookup(name: '2 normal'),
    811. 

  811.         updated_by_id: 1,
    812. 

  812.         created_by_id: 1,
    813. 

  813.       )
    814. 

  814.       Ticket::Article.create!(
    815. 

  815.         type: Ticket::Article::Type.lookup(name: 'note'),
    816. 

  816.         sender: Ticket::Article::Sender.lookup(name: 'Customer'),
    817. 

  817.         from: 'sender',
    818. 

  818.         subject: 'subject',
    819. 

  819.         body: 'some body',
    820. 

  820.         ticket_id: ticket.id,
    821. 

  821.         updated_by_id: 1,
    822. 

  822.         created_by_id: 1,
    823. 

  823.       )
    824. 

  824.       tickets.push ticket
    825. 

  825.       travel 2.seconds
    826. 

  826.     end
    827. 

  827. 

  828.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-admin', 'adminpw')
    829. 

  829.     get "/api/v1/tickets/search?query=#{CGI.escape(title)}&limit=40", params: {}, headers: @headers.merge('Authorization' => credentials)
    830. 

  830.     assert_response(200)
    831. 

  831.     result = JSON.parse(@response.body)
    832. 

  832.     assert_equal(Hash, result.class)
    833. 

  833.     assert_equal(tickets[19].id, result['tickets'][0])
    834. 

  834.     assert_equal(tickets[0].id, result['tickets'][19])
    835. 

  835.     assert_equal(20, result['tickets_count'])
    836. 

  836. 

  837.     get "/api/v1/tickets/search?query=#{CGI.escape(title)}&limit=10", params: {}, headers: @headers.merge('Authorization' => credentials)
    838. 

  838.     assert_response(200)
    839. 

  839.     result = JSON.parse(@response.body)
    840. 

  840.     assert_equal(Hash, result.class)
    841. 

  841.     assert_equal(tickets[19].id, result['tickets'][0])
    842. 

  842.     assert_equal(tickets[10].id, result['tickets'][9])
    843. 

  843.     assert_equal(10, result['tickets_count'])
    844. 

  844. 

  845.     get "/api/v1/tickets/search?query=#{CGI.escape(title)}&limit=40&page=1&per_page=5", params: {}, headers: @headers.merge('Authorization' => credentials)
    846. 

  846.     assert_response(200)
    847. 

  847.     result = JSON.parse(@response.body)
    848. 

  848.     assert_equal(Hash, result.class)
    849. 

  849.     assert_equal(tickets[19].id, result['tickets'][0])
    850. 

  850.     assert_equal(tickets[15].id, result['tickets'][4])
    851. 

  851.     assert_equal(5, result['tickets_count'])
    852. 

  852. 

  853.     get "/api/v1/tickets/search?query=#{CGI.escape(title)}&limit=40&page=2&per_page=5", params: {}, headers: @headers.merge('Authorization' => credentials)
    854. 

  854.     assert_response(200)
    855. 

  855.     result = JSON.parse(@response.body)
    856. 

  856.     assert_equal(Hash, result.class)
    857. 

  857.     assert_equal(tickets[14].id, result['tickets'][0])
    858. 

  858.     assert_equal(tickets[10].id, result['tickets'][4])
    859. 

  859.     assert_equal(5, result['tickets_count'])
    860. 

  860. 

  861.     get '/api/v1/tickets?limit=40&page=1&per_page=5', params: {}, headers: @headers.merge('Authorization' => credentials)
    862. 

  862.     assert_response(200)
    863. 

  863.     result = JSON.parse(@response.body)
    864. 

  864.     assert_equal(Array, result.class)
    865. 

  865.     tickets = Ticket.order(:id).limit(5)
    866. 

  866.     assert_equal(tickets[0].id, result[0]['id'])
    867. 

  867.     assert_equal(tickets[4].id, result[4]['id'])
    868. 

  868.     assert_equal(5, result.count)
    869. 

  869. 

  870.     get '/api/v1/tickets?limit=40&page=2&per_page=5', params: {}, headers: @headers.merge('Authorization' => credentials)
    871. 

  871.     assert_response(200)
    872. 

  872.     result = JSON.parse(@response.body)
    873. 

  873.     assert_equal(Array, result.class)
    874. 

  874.     tickets = Ticket.order(:id).limit(10)
    875. 

  875.     assert_equal(tickets[5].id, result[0]['id'])
    876. 

  876.     assert_equal(tickets[9].id, result[4]['id'])
    877. 

  877.     assert_equal(5, result.count)
    878. 

  878. 

  879.   end
    880. 

  880. 

  881.   test '03.01 ticket create with customer minimal' do
    882. 

  882.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-customer1@example.com', 'customer1pw')
    883. 

  883.     params = {
    884. 

  884.       title: 'a new ticket #c1',
    885. 

  885.       state: 'new',
    886. 

  886.       priority: '2 normal',
    887. 

  887.       group: 'Users',
    888. 

  888.       article: {
    889. 

  889.         body: 'some body',
    890. 

  890.       },
    891. 

  891.     }
    892. 

  892.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    893. 

  893.     assert_response(201)
    894. 

  894.     result = JSON.parse(@response.body)
    895. 

  895.     assert_equal(Hash, result.class)
    896. 

  896.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    897. 

  897.     assert_equal('a new ticket #c1', result['title'])
    898. 

  898.     assert_equal(@customer_without_org.id, result['customer_id'])
    899. 

  899.     assert_equal(@customer_without_org.id, result['updated_by_id'])
    900. 

  900.     assert_equal(@customer_without_org.id, result['created_by_id'])
    901. 

  901.   end
    902. 

  902. 

  903.   test '03.02 ticket create with customer with wrong customer' do
    904. 

  904.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-customer1@example.com', 'customer1pw')
    905. 

  905.     params = {
    906. 

  906.       title: 'a new ticket #c2',
    907. 

  907.       state: 'new',
    908. 

  908.       priority: '2 normal',
    909. 

  909.       group: 'Users',
    910. 

  910.       customer_id: @agent.id,
    911. 

  911.       article: {
    912. 

  912.         content_type: 'text/plain', # or text/html
    913. 

  913.         body: 'some body',
    914. 

  914.         sender: 'System',
    915. 

  915.       },
    916. 

  916.     }
    917. 

  917.     post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    918. 

  918.     assert_response(201)
    919. 

  919.     result = JSON.parse(@response.body)
    920. 

  920.     assert_equal(Hash, result.class)
    921. 

  921.     assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
    922. 

  922.     assert_equal('a new ticket #c2', result['title'])
    923. 

  923.     assert_equal(@customer_without_org.id, result['customer_id'])
    924. 

  924.     assert_equal(@customer_without_org.id, result['updated_by_id'])
    925. 

  925.     assert_equal(@customer_without_org.id, result['created_by_id'])
    926. 

  926.   end
    927. 

  927. 

  928.   test '03.03 ticket with wrong ticket id' do
    929. 

  929.     ticket = Ticket.create!(
    930. 

  930.       title: 'ticket with wrong ticket id',
    931. 

  931.       group: Group.lookup(name: 'Users'),
    932. 

  932.       customer_id: @agent.id,
    933. 

  933.       state: Ticket::State.lookup(name: 'new'),
    934. 

  934.       priority: Ticket::Priority.lookup(name: '2 normal'),
    935. 

  935.       updated_by_id: 1,
    936. 

  936.       created_by_id: 1,
    937. 

  937.     )
    938. 

  938.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-customer1@example.com', 'customer1pw')
    939. 

  939.     get "/api/v1/tickets/#{ticket.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
    940. 

  940.     assert_response(401)
    941. 

  941.     result = JSON.parse(@response.body)
    942. 

  942.     assert_equal(Hash, result.class)
    943. 

  943.     assert_equal('Not authorized', result['error'])
    944. 

  944. 

  945.     params = {
    946. 

  946.       title: 'ticket with wrong ticket id - 2',
    947. 

  947.     }
    948. 

  948.     put "/api/v1/tickets/#{ticket.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    949. 

  949.     assert_response(401)
    950. 

  950.     result = JSON.parse(@response.body)
    951. 

  951.     assert_equal(Hash, result.class)
    952. 

  952.     assert_equal('Not authorized', result['error'])
    953. 

  953. 

  954.     delete "/api/v1/tickets/#{ticket.id}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    955. 

  955.     assert_response(401)
    956. 

  956.     result = JSON.parse(@response.body)
    957. 

  957.     assert_equal(Hash, result.class)
    958. 

  958.     assert_equal('Not authorized', result['error'])
    959. 

  959.   end
    960. 

  960. 

  961.   test '03.04 ticket with correct ticket id' do
    962. 

  962.     title = "ticket with corret ticket id testme#{rand(999_999_999)}"
    963. 

  963.     ticket = Ticket.create!(
    964. 

  964.       title: title,
    965. 

  965.       group: Group.lookup(name: 'Users'),
    966. 

  966.       customer_id: @customer_without_org.id,
    967. 

  967.       state: Ticket::State.lookup(name: 'new'),
    968. 

  968.       priority: Ticket::Priority.lookup(name: '2 normal'),
    969. 

  969.       updated_by_id: 1,
    970. 

  970.       created_by_id: 1,
    971. 

  971.     )
    972. 

  972.     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-customer1@example.com', 'customer1pw')
    973. 

  973.     get "/api/v1/tickets/#{ticket.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
    974. 

  974.     assert_response(200)
    975. 

  975.     result = JSON.parse(@response.body)
    976. 

  976.     assert_equal(Hash, result.class)
    977. 

  977.     assert_equal(ticket.id, result['id'])
    978. 

  978.     assert_equal(title, result['title'])
    979. 

  979.     assert_equal(ticket.customer_id, result['customer_id'])
    980. 

  980.     assert_equal(1, result['updated_by_id'])
    981. 

  981.     assert_equal(1, result['created_by_id'])
    982. 

  982. 

  983.     params = {
    984. 

  984.       title: "#{title} - 2",
    985. 

  985.       customer_id: @agent.id,
    986. 

  986.     }
    987. 

  987.     put "/api/v1/tickets/#{ticket.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    988. 

  988.     assert_response(200)
    989. 

  989.     result = JSON.parse(@response.body)
    990. 

  990.     assert_equal(Hash, result.class)
    991. 

  991.     assert_equal(ticket.id, result['id'])
    992. 

  992.     assert_equal("#{title} - 2", result['title'])
    993. 

  993.     assert_equal(ticket.customer_id, result['customer_id'])
    994. 

  994.     assert_equal(@customer_without_org.id, result['updated_by_id'])
    995. 

  995.     assert_equal(1, result['created_by_id'])
    996. 

  996. 

  997.     params = {
    998. 

  998.       ticket_id: ticket.id,
    999. 

  999.       subject: 'some subject',
    1000. 

  1000.       body: 'some body',
    1001. 

  1001.     }
    1002. 

  1002.     post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    1003. 

  1003.     assert_response(201)
    1004. 

  1004.     article_result = JSON.parse(@response.body)
    1005. 

  1005.     assert_equal(Hash, article_result.class)
    1006. 

  1006.     assert_equal(ticket.id, article_result['ticket_id'])
    1007. 

  1007.     assert_equal('Tickets Customer1', article_result['from'])
    1008. 

  1008.     assert_equal('some subject', article_result['subject'])
    1009. 

  1009.     assert_equal('some body', article_result['body'])
    1010. 

  1010.     assert_equal('text/plain', article_result['content_type'])
    1011. 

  1011.     assert_equal(@customer_without_org.id, article_result['created_by_id'])
    1012. 

  1012.     assert_equal(Ticket::Article::Sender.lookup(name: 'Customer').id, article_result['sender_id'])
    1013. 

  1013.     assert_equal(Ticket::Article::Type.lookup(name: 'note').id, article_result['type_id'])
    1014. 

  1014. 

  1015.     Scheduler.worker(true)
    1016. 

  1016.     get "/api/v1/tickets/search?query=#{CGI.escape(title)}", params: {}, headers: @headers.merge('Authorization' => credentials)
    1017. 

  1017.     assert_response(200)
    1018. 

  1018.     result = JSON.parse(@response.body)
    1019. 

  1019.     assert_equal(Hash, result.class)
    1020. 

  1020.     assert_equal(ticket.id, result['tickets'][0])
    1021. 

  1021.     assert_equal(1, result['tickets_count'])
    1022. 

  1022. 

  1023.     params = {
    1024. 

  1024.       condition: {
    1025. 

  1025.         'ticket.title' => {
    1026. 

  1026.           operator: 'contains',
    1027. 

  1027.           value: title,
    1028. 

  1028.         },
    1029. 

  1029.       },
    1030. 

  1030.     }
    1031. 

  1031.     post '/api/v1/tickets/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    1032. 

  1032.     assert_response(200)
    1033. 

  1033.     result = JSON.parse(@response.body)
    1034. 

  1034.     assert_equal(Hash, result.class)
    1035. 

  1035.     assert_equal(ticket.id, result['tickets'][0])
    1036. 

  1036.     assert_equal(1, result['tickets_count'])
    1037. 

  1037. 

  1038.     delete "/api/v1/ticket_articles/#{article_result['id']}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    1039. 

  1039.     assert_response(401)
    1040. 

  1040.     result = JSON.parse(@response.body)
    1041. 

  1041.     assert_equal(Hash, result.class)
    1042. 

  1042.     assert_equal('Not authorized (admin permission required)!', result['error'])
    1043. 

  1043. 

  1044.     params = {
    1045. 

  1045.       ticket_id: ticket.id,
    1046. 

  1046.       subject: 'some subject',
    1047. 

  1047.       body: 'some body',
    1048. 

  1048.       type: 'email',
    1049. 

  1049.       sender: 'Agent',
    1050. 

  1050.     }
    1051. 

  1051.     post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    1052. 

  1052.     assert_response(201)
    1053. 

  1053.     result = JSON.parse(@response.body)
    1054. 

  1054.     assert_equal(Hash, result.class)
    1055. 

  1055.     assert_equal(ticket.id, result['ticket_id'])
    1056. 

  1056.     assert_equal('Tickets Customer1', result['from'])
    1057. 

  1057.     assert_equal('some subject', result['subject'])
    1058. 

  1058.     assert_equal('some body', result['body'])
    1059. 

  1059.     assert_equal('text/plain', result['content_type'])
    1060. 

  1060.     assert_equal(@customer_without_org.id, result['created_by_id'])
    1061. 

  1061.     assert_equal(Ticket::Article::Sender.lookup(name: 'Customer').id, result['sender_id'])
    1062. 

  1062.     assert_equal(Ticket::Article::Type.lookup(name: 'note').id, result['type_id'])
    1063. 

  1063. 

  1064.     delete "/api/v1/ticket_articles/#{result['id']}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    1065. 

  1065.     assert_response(401)
    1066. 

  1066.     result = JSON.parse(@response.body)
    1067. 

  1067.     assert_equal(Hash, result.class)
    1068. 

  1068.     assert_equal('Not authorized (admin permission required)!', result['error'])
    1069. 

  1069. 

  1070.     params = {
    1071. 

  1071.       from: 'something which should not be changed on server side',
    1072. 

  1072.       ticket_id: ticket.id,
    1073. 

  1073.       subject: 'some subject',
    1074. 

  1074.       body: 'some body',
    1075. 

  1075.       type: 'web',
    1076. 

  1076.       sender: 'Agent',
    1077. 

  1077.       internal: true,
    1078. 

  1078.     }
    1079. 

  1079. 

  1080.     post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    1081. 

  1081.     assert_response(201)
    1082. 

  1082.     result = JSON.parse(@response.body)
    1083. 

  1083.     assert_equal(Hash, result.class)
    1084. 

  1084.     assert_equal(ticket.id, result['ticket_id'])
    1085. 

  1085.     assert_equal('Tickets Customer1 <tickets-customer1@example.com>', result['from'])
    1086. 

  1086.     assert_equal('some subject', result['subject'])
    1087. 

  1087.     assert_equal('some body', result['body'])
    1088. 

  1088.     assert_equal('text/plain', result['content_type'])
    1089. 

  1089.     assert_equal(false, result['internal'])
    1090. 

  1090.     assert_equal(@customer_without_org.id, result['created_by_id'])
    1091. 

  1091.     assert_equal(Ticket::Article::Sender.lookup(name: 'Customer').id, result['sender_id'])
    1092. 

  1092.     assert_equal(Ticket::Article::Type.lookup(name: 'web').id, result['type_id'])
    1093. 

  1093. 

  1094.     params = {
    1095. 

  1095.       subject: 'new subject',
    1096. 

  1096.     }
    1097. 

  1097.     put "/api/v1/ticket_articles/#{result['id']}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
    1098. 

  1098.     assert_response(401)
    1099. 

  1099.     result = JSON.parse(@response.body)
    1100. 

  1100.     assert_equal(Hash, result.class)
    1101. 

  1101.     assert_equal('Not authorized (ticket.agent or admin permission required)!', result['error'])
    1102. 

  1102. 

  1103.     delete "/api/v1/tickets/#{ticket.id}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
    1104. 

  1104.     assert_response(401)
    1105. 

  1105.     result = JSON.parse(@response.body)
    1106. 

  1106.     assert_equal(Hash, result.class)
    1107. 

  1107.     assert_equal('Not authorized (admin permission required)!', result['error'])
    1108. 

  1108.   end
    1109. 

  1109. 

  1110. end
    1111.