token_test.rb 3.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
  1. require 'test_helper'
  2. class TokenTest < ActiveSupport::TestCase
  3. test 'token' do
  4. groups = Group.all
  5. roles = Role.where(name: 'Agent')
  6. agent1 = User.create_or_update(
  7. login: 'token-agent1@example.com',
  8. firstname: 'Token',
  9. lastname: 'Agent1',
  10. email: 'token-agent1@example.com',
  11. password: 'agentpw',
  12. active: true,
  13. roles: roles,
  14. groups: groups,
  15. updated_by_id: 1,
  16. created_by_id: 1,
  17. )
  18. # invalid token
  19. user = Token.check(
  20. action: 'PasswordReset',
  21. name: '1NV4L1D',
  22. )
  23. assert_not(user)
  24. # generate fresh token
  25. token = Token.create(
  26. action: 'PasswordReset',
  27. user_id: agent1.id,
  28. )
  29. assert(token)
  30. assert_nil(token.persistent)
  31. user = Token.check(
  32. action: 'PasswordReset_NotExisting',
  33. name: token.name,
  34. )
  35. assert_not(user)
  36. user = Token.check(
  37. action: 'PasswordReset',
  38. name: token.name,
  39. )
  40. assert(user)
  41. assert_equal('Token', user.firstname)
  42. assert_equal('Agent1', user.lastname)
  43. assert_equal('token-agent1@example.com', user.email)
  44. # two days but not persistent
  45. token = Token.create(
  46. action: 'PasswordReset',
  47. user_id: agent1.id,
  48. created_at: 2.days.ago,
  49. persistent: false,
  50. )
  51. user = Token.check(
  52. action: 'PasswordReset',
  53. name: token.name,
  54. )
  55. assert_not(user)
  56. # two days but persistent
  57. token = Token.create(
  58. action: 'iCal',
  59. user_id: agent1.id,
  60. created_at: 2.days.ago,
  61. persistent: true,
  62. )
  63. user = Token.check(
  64. action: 'iCal',
  65. name: token.name,
  66. )
  67. assert(user)
  68. assert_equal('Token', user.firstname)
  69. assert_equal('Agent1', user.lastname)
  70. assert_equal('token-agent1@example.com', user.email)
  71. # api token with permissions
  72. token = Token.create(
  73. action: 'api',
  74. label: 'some label',
  75. persistent: true,
  76. user_id: agent1.id,
  77. preferences: {
  78. permission: ['admin', 'ticket.agent'], # agent has no access to admin.*
  79. }
  80. )
  81. user = Token.check(
  82. action: 'api',
  83. name: token.name,
  84. permission: 'admin.session',
  85. )
  86. assert_not(user)
  87. user = Token.check(
  88. action: 'api',
  89. name: token.name,
  90. permission: 'admin',
  91. )
  92. assert_not(user)
  93. user = Token.check(
  94. action: 'api',
  95. name: token.name,
  96. permission: 'ticket',
  97. )
  98. assert_not(user)
  99. user = Token.check(
  100. action: 'api',
  101. name: token.name,
  102. permission: 'ticket.agent.sub',
  103. )
  104. assert(user)
  105. user = Token.check(
  106. action: 'api',
  107. name: token.name,
  108. permission: 'admin_not_extisting',
  109. )
  110. assert_not(user)
  111. user = Token.check(
  112. action: 'api',
  113. name: token.name,
  114. permission: 'ticket.agent',
  115. )
  116. assert(user)
  117. assert_equal('Token', user.firstname)
  118. assert_equal('Agent1', user.lastname)
  119. assert_equal('token-agent1@example.com', user.email)
  120. user = Token.check(
  121. action: 'api',
  122. name: token.name,
  123. permission: ['ticket.agent', 'not_existing'],
  124. )
  125. assert(user)
  126. assert_equal('Token', user.firstname)
  127. assert_equal('Agent1', user.lastname)
  128. assert_equal('token-agent1@example.com', user.email)
  129. end
  130. end