user_test.rb 39 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264
  1. # Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
  2. require 'test_helper'
  3. class UserTest < ActiveSupport::TestCase
  4. test 'user' do
  5. tests = [
  6. {
  7. name: '#1 - simple create',
  8. create: {
  9. firstname: 'Firstname',
  10. lastname: 'Lastname',
  11. email: 'some@example.com',
  12. login: 'some@example.com',
  13. updated_by_id: 1,
  14. created_by_id: 1,
  15. },
  16. create_verify: {
  17. firstname: 'Firstname',
  18. lastname: 'Lastname',
  19. image: nil,
  20. fullname: 'Firstname Lastname',
  21. email: 'some@example.com',
  22. login: 'some@example.com',
  23. },
  24. },
  25. {
  26. name: '#2 - simple create - no lastname',
  27. create: {
  28. firstname: 'Firstname Lastname',
  29. lastname: '',
  30. email: 'some@example.com',
  31. login: 'some@example.com',
  32. updated_by_id: 1,
  33. created_by_id: 1,
  34. },
  35. create_verify: {
  36. firstname: 'Firstname',
  37. lastname: 'Lastname',
  38. image: nil,
  39. email: 'some@example.com',
  40. login: 'some@example.com',
  41. },
  42. },
  43. {
  44. name: '#3 - simple create - no firstname',
  45. create: {
  46. firstname: '',
  47. lastname: 'Firstname Lastname',
  48. email: 'some@example.com',
  49. login: 'some@example.com',
  50. updated_by_id: 1,
  51. created_by_id: 1,
  52. },
  53. create_verify: {
  54. firstname: 'Firstname',
  55. lastname: 'Lastname',
  56. image: nil,
  57. email: 'some@example.com',
  58. login: 'some@example.com',
  59. },
  60. },
  61. {
  62. name: '#4 - simple create - nil as lastname',
  63. create: {
  64. firstname: 'Firstname Lastname',
  65. lastname: '',
  66. email: 'some@example.com',
  67. login: 'some@example.com',
  68. updated_by_id: 1,
  69. created_by_id: 1,
  70. },
  71. create_verify: {
  72. firstname: 'Firstname',
  73. lastname: 'Lastname',
  74. image: nil,
  75. email: 'some@example.com',
  76. login: 'some@example.com',
  77. },
  78. },
  79. {
  80. name: '#5 - simple create - no lastname, firstname with ","',
  81. create: {
  82. firstname: 'Lastname, Firstname',
  83. lastname: '',
  84. email: 'some@example.com',
  85. login: 'some@example.com',
  86. updated_by_id: 1,
  87. created_by_id: 1,
  88. },
  89. create_verify: {
  90. firstname: 'Firstname',
  91. lastname: 'Lastname',
  92. email: 'some@example.com',
  93. login: 'some@example.com',
  94. },
  95. },
  96. {
  97. name: '#6 - simple create - no lastname/firstname',
  98. create: {
  99. firstname: '',
  100. lastname: '',
  101. email: 'firstname.lastname@example.com',
  102. login: 'login-1',
  103. updated_by_id: 1,
  104. created_by_id: 1,
  105. },
  106. create_verify: {
  107. firstname: 'Firstname',
  108. lastname: 'Lastname',
  109. fullname: 'Firstname Lastname',
  110. email: 'firstname.lastname@example.com',
  111. login: 'login-1',
  112. },
  113. },
  114. {
  115. name: '#7 - simple create - no lastname/firstnam',
  116. create: {
  117. firstname: '',
  118. lastname: '',
  119. email: 'FIRSTNAME.lastname@example.com',
  120. login: 'login-2',
  121. updated_by_id: 1,
  122. created_by_id: 1,
  123. },
  124. create_verify: {
  125. firstname: 'Firstname',
  126. lastname: 'Lastname',
  127. email: 'firstname.lastname@example.com',
  128. login: 'login-2',
  129. },
  130. },
  131. {
  132. name: '#8 - simple create - nill as fristname and lastname',
  133. create: {
  134. firstname: '',
  135. lastname: '',
  136. email: 'FIRSTNAME.lastname@example.com',
  137. login: 'login-3',
  138. updated_by_id: 1,
  139. created_by_id: 1,
  140. },
  141. create_verify: {
  142. firstname: 'Firstname',
  143. lastname: 'Lastname',
  144. email: 'firstname.lastname@example.com',
  145. login: 'login-3',
  146. },
  147. },
  148. {
  149. name: '#11 - update create with login/email check',
  150. create: {
  151. firstname: '',
  152. lastname: '',
  153. email: 'caoyaoewfzfw@21222cn.com',
  154. updated_by_id: 1,
  155. created_by_id: 1,
  156. },
  157. create_verify: {
  158. firstname: '',
  159. lastname: '',
  160. fullname: 'caoyaoewfzfw@21222cn.com',
  161. email: 'caoyaoewfzfw@21222cn.com',
  162. login: 'caoyaoewfzfw@21222cn.com',
  163. },
  164. update: {
  165. email: 'caoyaoewfzfw@212224cn.com',
  166. },
  167. update_verify: {
  168. firstname: '',
  169. lastname: '',
  170. email: 'caoyaoewfzfw@212224cn.com',
  171. fullname: 'caoyaoewfzfw@212224cn.com',
  172. login: 'caoyaoewfzfw@212224cn.com',
  173. }
  174. },
  175. {
  176. name: '#12 - update create with login/email check',
  177. create: {
  178. firstname: 'Firstname',
  179. lastname: 'Lastname',
  180. email: 'some_tEst11@example.com',
  181. updated_by_id: 1,
  182. created_by_id: 1,
  183. },
  184. create_verify: {
  185. firstname: 'Firstname',
  186. lastname: 'Lastname',
  187. fullname: 'Firstname Lastname',
  188. email: 'some_test11@example.com',
  189. },
  190. update: {
  191. email: 'some_Test11-1@example.com',
  192. },
  193. update_verify: {
  194. firstname: 'Firstname',
  195. lastname: 'Lastname',
  196. email: 'some_test11-1@example.com',
  197. fullname: 'Firstname Lastname',
  198. login: 'some_test11-1@example.com',
  199. }
  200. },
  201. ]
  202. default_disable_in_test_env = Service::Image::Zammad.const_get(:DISABLE_IN_TEST_ENV)
  203. silence_warnings do
  204. Service::Image::Zammad.const_set(:DISABLE_IN_TEST_ENV, false)
  205. end
  206. tests.each do |test|
  207. # check if user exists
  208. user = User.find_by(login: test[:create][:login])
  209. user&.destroy!
  210. user = User.create!(test[:create])
  211. test[:create_verify].each do |key, value|
  212. next if key == :image_md5
  213. if user.respond_to?(key)
  214. result = user.send(key)
  215. if value.nil?
  216. assert_nil(result, "create check #{key} in (#{test[:name]})")
  217. else
  218. assert_equal(result, value, "create check #{key} in (#{test[:name]})")
  219. end
  220. else
  221. assert_equal(user[key], value, "create check #{key} in (#{test[:name]})")
  222. end
  223. end
  224. if test[:update]
  225. user.update!(test[:update])
  226. test[:update_verify].each do |key, value|
  227. next if key == :image_md5
  228. if user.respond_to?(key)
  229. assert_equal(user.send(key), value, "update check #{key} in (#{test[:name]})")
  230. else
  231. assert_equal(user[key], value, "update check #{key} in (#{test[:name]})")
  232. end
  233. end
  234. end
  235. user.destroy!
  236. end
  237. silence_warnings do
  238. Service::Image::Zammad.const_set(:DISABLE_IN_TEST_ENV, default_disable_in_test_env)
  239. end
  240. end
  241. test 'strange spaces' do
  242. name = "#{Time.zone.now.to_i}-#{SecureRandom.uuid}"
  243. email = "customer_email#{name}@example.com"
  244. customer = User.create!(
  245. firstname: 'Role',
  246. lastname: "Customer#{name}",
  247. email: " #{email} ",
  248. password: 'customerpw',
  249. active: true,
  250. roles: Role.where(name: %w[Customer]),
  251. updated_by_id: 1,
  252. created_by_id: 1,
  253. )
  254. assert(customer)
  255. assert_equal(email, customer.email)
  256. customer.destroy!
  257. name = "#{Time.zone.now.to_i}-#{SecureRandom.uuid}"
  258. email = "customer_email#{name}@example.com"
  259. customer = User.create!(
  260. firstname: "\u{00a0}\u{00a0}Role",
  261. lastname: "Customer#{name} \u{00a0}",
  262. email: "\u{00a0}#{email}\u{00a0}",
  263. password: 'customerpw',
  264. active: true,
  265. roles: Role.where(name: %w[Customer]),
  266. updated_by_id: 1,
  267. created_by_id: 1,
  268. )
  269. assert(customer)
  270. assert_equal('Role', customer.firstname)
  271. assert_equal("Customer#{name}", customer.lastname)
  272. assert_equal(email, customer.email)
  273. customer.destroy!
  274. name = "#{Time.zone.now.to_i}-#{SecureRandom.uuid}"
  275. email = "customer_email#{name}@example.com"
  276. customer = User.create!(
  277. firstname: "\u{200B}\u{200B}Role",
  278. lastname: "Customer#{name} \u{200B}",
  279. email: "\u{200B}#{email}\u{200B}",
  280. password: 'customerpw',
  281. active: true,
  282. roles: Role.where(name: %w[Customer]),
  283. updated_by_id: 1,
  284. created_by_id: 1,
  285. )
  286. assert(customer)
  287. assert_equal('Role', customer.firstname)
  288. assert_equal("Customer#{name}", customer.lastname)
  289. assert_equal(email, customer.email)
  290. customer.destroy!
  291. name = "#{Time.zone.now.to_i}-#{SecureRandom.uuid}"
  292. email = "customer_email#{name}@example.com"
  293. customer = User.create!(
  294. firstname: "\u{200B}\u{200B}Role\u{00a0}",
  295. lastname: "\u{00a0}\u{00a0}Customer#{name} \u{200B}",
  296. email: "\u{200B}#{email}\u{200B}",
  297. password: 'customerpw',
  298. active: true,
  299. roles: Role.where(name: %w[Customer]),
  300. updated_by_id: 1,
  301. created_by_id: 1,
  302. )
  303. assert(customer)
  304. assert_equal('Role', customer.firstname)
  305. assert_equal("Customer#{name}", customer.lastname)
  306. assert_equal(email, customer.email)
  307. customer.destroy!
  308. name = "#{Time.zone.now.to_i}-#{SecureRandom.uuid}"
  309. email = "customer_email#{name}@example.com"
  310. customer = User.create!(
  311. firstname: "\u{200a}\u{200b}\u{202F}\u{205F}Role\u{2007}\u{2008}",
  312. lastname: "\u{00a0}\u{00a0}Customer#{name}\u{3000}\u{FEFF}\u{2000}",
  313. email: "\u{200B}#{email}\u{200B}\u{2007}\u{2008}",
  314. password: 'customerpw',
  315. active: true,
  316. roles: Role.where(name: %w[Customer]),
  317. updated_by_id: 1,
  318. created_by_id: 1,
  319. )
  320. assert(customer)
  321. assert_equal('Role', customer.firstname)
  322. assert_equal("Customer#{name}", customer.lastname)
  323. assert_equal(email, customer.email)
  324. customer.destroy!
  325. end
  326. test 'without email - but login eq email' do
  327. name = SecureRandom.uuid
  328. login = "admin-role_without_email#{name}@example.com"
  329. email = "admin-role_without_email#{name}@example.com"
  330. admin = User.create_or_update(
  331. login: login,
  332. firstname: 'Role',
  333. lastname: "Admin#{name}",
  334. # email: "",
  335. password: 'adminpw',
  336. active: true,
  337. roles: Role.where(name: %w[Admin Agent]),
  338. updated_by_id: 1,
  339. created_by_id: 1,
  340. )
  341. assert(admin.id)
  342. assert_equal(admin.login, login)
  343. assert_equal(admin.email, '')
  344. admin.email = email
  345. admin.save!
  346. assert_equal(admin.login, login)
  347. assert_equal(admin.email, email)
  348. admin.email = ''
  349. admin.save!
  350. assert(admin.id)
  351. assert(admin.login)
  352. assert_not_equal(admin.login, login)
  353. assert_equal(admin.email, '')
  354. admin.destroy!
  355. end
  356. test 'without email - but login ne email' do
  357. name = SecureRandom.uuid
  358. login = "admin-role_without_email#{name}"
  359. email = "admin-role_without_email#{name}@example.com"
  360. admin = User.create_or_update(
  361. login: login,
  362. firstname: 'Role',
  363. lastname: "Admin#{name}",
  364. # email: "",
  365. password: 'adminpw',
  366. active: true,
  367. roles: Role.where(name: %w[Admin Agent]),
  368. updated_by_id: 1,
  369. created_by_id: 1,
  370. )
  371. assert(admin.id)
  372. assert_equal(admin.login, login)
  373. assert_equal(admin.email, '')
  374. admin.email = email
  375. admin.save!
  376. assert_equal(admin.login, login)
  377. assert_equal(admin.email, email)
  378. admin.email = ''
  379. admin.save!
  380. assert(admin.id)
  381. assert_equal(admin.login, login)
  382. assert_equal(admin.email, '')
  383. admin.destroy!
  384. end
  385. test 'uniq email' do
  386. name = SecureRandom.uuid
  387. email1 = "admin1-role_without_email#{name}@example.com"
  388. admin1 = User.create!(
  389. login: email1,
  390. firstname: 'Role',
  391. lastname: "Admin1#{name}",
  392. email: email1,
  393. password: 'adminpw',
  394. active: true,
  395. roles: Role.where(name: %w[Admin Agent]),
  396. updated_by_id: 1,
  397. created_by_id: 1,
  398. )
  399. assert(admin1.id)
  400. assert_equal(admin1.email, email1)
  401. assert_raises(ActiveRecord::RecordInvalid) do
  402. User.create!(
  403. login: "#{email1}-1",
  404. firstname: 'Role',
  405. lastname: "Admin1#{name}",
  406. email: email1,
  407. password: 'adminpw',
  408. active: true,
  409. roles: Role.where(name: %w[Admin Agent]),
  410. updated_by_id: 1,
  411. created_by_id: 1,
  412. )
  413. end
  414. email2 = "admin2-role_without_email#{name}@example.com"
  415. admin2 = User.create!(
  416. firstname: 'Role',
  417. lastname: "Admin2#{name}",
  418. email: email2,
  419. password: 'adminpw',
  420. active: true,
  421. roles: Role.where(name: %w[Admin Agent]),
  422. updated_by_id: 1,
  423. created_by_id: 1,
  424. )
  425. assert_raises(ActiveRecord::RecordInvalid) do
  426. admin2.email = email1
  427. admin2.save!
  428. end
  429. admin1.email = admin1.email
  430. admin1.save!
  431. admin2.destroy!
  432. admin1.destroy!
  433. end
  434. test 'uniq email - multiple use' do
  435. Setting.set('user_email_multiple_use', true)
  436. name = SecureRandom.uuid
  437. email1 = "admin1-role_without_email#{name}@example.com"
  438. admin1 = User.create!(
  439. login: email1,
  440. firstname: 'Role',
  441. lastname: "Admin1#{name}",
  442. email: email1,
  443. password: 'adminpw',
  444. active: true,
  445. roles: Role.where(name: %w[Admin Agent]),
  446. updated_by_id: 1,
  447. created_by_id: 1,
  448. )
  449. assert(admin1.id)
  450. assert_equal(admin1.email, email1)
  451. admin2 = User.create!(
  452. login: "#{email1}-1",
  453. firstname: 'Role',
  454. lastname: "Admin1#{name}",
  455. email: email1,
  456. password: 'adminpw',
  457. active: true,
  458. roles: Role.where(name: %w[Admin Agent]),
  459. updated_by_id: 1,
  460. created_by_id: 1,
  461. )
  462. assert_equal(admin2.email, email1)
  463. admin2.destroy!
  464. admin1.destroy!
  465. Setting.set('user_email_multiple_use', false)
  466. end
  467. test 'ensure roles' do
  468. name = SecureRandom.uuid
  469. admin = User.create_or_update(
  470. login: "admin-role#{name}@example.com",
  471. firstname: 'Role',
  472. lastname: "Admin#{name}",
  473. email: "admin-role#{name}@example.com",
  474. password: 'adminpw',
  475. active: true,
  476. roles: Role.where(name: %w[Admin Agent]),
  477. updated_by_id: 1,
  478. created_by_id: 1,
  479. )
  480. customer1 = User.create_or_update(
  481. login: "user-ensure-role1-#{name}@example.com",
  482. firstname: 'Role',
  483. lastname: "Customer#{name}",
  484. email: "user-ensure-role1-#{name}@example.com",
  485. password: 'customerpw',
  486. active: true,
  487. updated_by_id: 1,
  488. created_by_id: 1,
  489. )
  490. assert_equal(customer1.role_ids.sort, Role.signup_role_ids)
  491. roles = Role.where(name: 'Agent')
  492. customer1.roles = roles
  493. customer1.save!
  494. assert_equal(customer1.role_ids.count, 1)
  495. assert_equal(customer1.role_ids.first, roles.first.id)
  496. assert_equal(customer1.roles.first.id, roles.first.id)
  497. customer1.roles = []
  498. customer1.save!
  499. assert_equal(customer1.role_ids.sort, Role.signup_role_ids)
  500. customer1.destroy!
  501. customer2 = User.create_or_update(
  502. login: "user-ensure-role2-#{name}@example.com",
  503. firstname: 'Role',
  504. lastname: "Customer#{name}",
  505. email: "user-ensure-role2-#{name}@example.com",
  506. password: 'customerpw',
  507. roles: roles,
  508. active: true,
  509. updated_by_id: 1,
  510. created_by_id: 1,
  511. )
  512. assert_equal(customer2.role_ids.count, 1)
  513. assert_equal(customer2.role_ids.first, roles.first.id)
  514. assert_equal(customer2.roles.first.id, roles.first.id)
  515. roles = Role.where(name: 'Admin')
  516. customer2.role_ids = [roles.first.id]
  517. customer2.save!
  518. assert_equal(customer2.role_ids.count, 1)
  519. assert_equal(customer2.role_ids.first, roles.first.id)
  520. assert_equal(customer2.roles.first.id, roles.first.id)
  521. customer2.roles = []
  522. customer2.save!
  523. assert_equal(customer2.role_ids.sort, Role.signup_role_ids)
  524. customer2.destroy!
  525. customer3 = User.create_or_update(
  526. login: "user-ensure-role2-#{name}@example.com",
  527. firstname: 'Role',
  528. lastname: "Customer#{name}",
  529. email: "user-ensure-role2-#{name}@example.com",
  530. password: 'customerpw',
  531. roles: roles,
  532. active: true,
  533. updated_by_id: 1,
  534. created_by_id: 1,
  535. )
  536. customer3.roles = Role.where(name: %w[Admin Agent])
  537. customer3.roles.each do |role|
  538. assert_not_equal(role.name, 'Customer')
  539. end
  540. customer3.roles = Role.where(name: 'Admin')
  541. customer3.roles.each do |role|
  542. assert_not_equal(role.name, 'Customer')
  543. end
  544. customer3.roles = Role.where(name: 'Agent')
  545. customer3.roles.each do |role|
  546. assert_not_equal(role.name, 'Customer')
  547. end
  548. customer3.destroy!
  549. admin.destroy!
  550. end
  551. test 'user default preferences' do
  552. name = SecureRandom.uuid
  553. groups = Group.where(name: 'Users')
  554. roles = Role.where(name: 'Agent')
  555. agent1 = User.create_or_update(
  556. login: "agent-default-preferences#{name}@example.com",
  557. firstname: 'Preferences',
  558. lastname: "Agent#{name}",
  559. email: "agent-default-preferences#{name}@example.com",
  560. password: 'agentpw',
  561. active: true,
  562. roles: roles,
  563. groups: groups,
  564. preferences: {
  565. locale: 'de-de',
  566. },
  567. updated_by_id: 1,
  568. created_by_id: 1,
  569. )
  570. agent1 = User.find(agent1.id)
  571. assert(agent1.preferences)
  572. assert(agent1.preferences['locale'])
  573. assert_equal(agent1.preferences['locale'], 'de-de')
  574. assert(agent1.preferences['notification_config'])
  575. assert(agent1.preferences['notification_config']['matrix'])
  576. assert(agent1.preferences['notification_config']['matrix']['create'])
  577. assert(agent1.preferences['notification_config']['matrix']['update'])
  578. roles = Role.where(name: 'Customer')
  579. customer1 = User.create_or_update(
  580. login: "customer-default-preferences#{name}@example.com",
  581. firstname: 'Preferences',
  582. lastname: "Customer#{name}",
  583. email: "customer-default-preferences#{name}@example.com",
  584. password: 'customerpw',
  585. active: true,
  586. roles: roles,
  587. preferences: {
  588. locale: 'de-de',
  589. },
  590. updated_by_id: 1,
  591. created_by_id: 1,
  592. )
  593. customer1 = User.find(customer1.id)
  594. assert(customer1.preferences)
  595. assert(customer1.preferences['locale'])
  596. assert_equal(customer1.preferences['locale'], 'de-de')
  597. assert_not(customer1.preferences['notification_config'])
  598. customer1 = User.find(customer1.id)
  599. customer1.roles = Role.where(name: 'Agent')
  600. customer1 = User.find(customer1.id)
  601. assert(customer1.preferences)
  602. assert(customer1.preferences['locale'])
  603. assert_equal(customer1.preferences['locale'], 'de-de')
  604. assert(customer1.preferences['notification_config'])
  605. assert(customer1.preferences['notification_config']['matrix']['create'])
  606. assert(customer1.preferences['notification_config']['matrix']['update'])
  607. end
  608. test 'permission' do
  609. test_role_1 = Role.create_or_update(
  610. name: 'Test1',
  611. note: 'To configure your system.',
  612. preferences: {
  613. not: ['Test3'],
  614. },
  615. updated_by_id: 1,
  616. created_by_id: 1
  617. )
  618. test_role_2 = Role.create_or_update(
  619. name: 'Test2',
  620. note: 'To work on Tickets.',
  621. preferences: {
  622. not: ['Test3'],
  623. },
  624. updated_by_id: 1,
  625. created_by_id: 1
  626. )
  627. test_role_3 = Role.create_or_update(
  628. name: 'Test3',
  629. note: 'People who create Tickets ask for help.',
  630. preferences: {
  631. not: %w[Test1 Test2],
  632. },
  633. updated_by_id: 1,
  634. created_by_id: 1
  635. )
  636. test_role_4 = Role.create_or_update(
  637. name: 'Test4',
  638. note: 'Access the report area.',
  639. preferences: {},
  640. created_by_id: 1,
  641. updated_by_id: 1,
  642. )
  643. name = SecureRandom.uuid
  644. assert_raises(RuntimeError) do
  645. User.create_or_update(
  646. login: "customer-role#{name}@example.com",
  647. firstname: 'Role',
  648. lastname: "Customer#{name}",
  649. email: "customer-role#{name}@example.com",
  650. password: 'customerpw',
  651. active: true,
  652. roles: [test_role_1, test_role_3],
  653. updated_by_id: 1,
  654. created_by_id: 1,
  655. )
  656. end
  657. assert_raises(RuntimeError) do
  658. User.create_or_update(
  659. login: "customer-role#{name}@example.com",
  660. firstname: 'Role',
  661. lastname: "Customer#{name}",
  662. email: "customer-role#{name}@example.com",
  663. password: 'customerpw',
  664. active: true,
  665. roles: [test_role_2, test_role_3],
  666. updated_by_id: 1,
  667. created_by_id: 1,
  668. )
  669. end
  670. user1 = User.create_or_update(
  671. login: "customer-role#{name}@example.com",
  672. firstname: 'Role',
  673. lastname: "Customer#{name}",
  674. email: "customer-role#{name}@example.com",
  675. password: 'customerpw',
  676. active: true,
  677. roles: [test_role_1, test_role_2],
  678. updated_by_id: 1,
  679. created_by_id: 1,
  680. )
  681. assert(user1.role_ids.include?(test_role_1.id))
  682. assert(user1.role_ids.include?(test_role_2.id))
  683. assert_not(user1.role_ids.include?(test_role_3.id))
  684. assert_not(user1.role_ids.include?(test_role_4.id))
  685. user1 = User.create_or_update(
  686. login: "customer-role#{name}@example.com",
  687. firstname: 'Role',
  688. lastname: "Customer#{name}",
  689. email: "customer-role#{name}@example.com",
  690. password: 'customerpw',
  691. active: true,
  692. roles: [test_role_1, test_role_4],
  693. updated_by_id: 1,
  694. created_by_id: 1,
  695. )
  696. assert(user1.role_ids.include?(test_role_1.id))
  697. assert_not(user1.role_ids.include?(test_role_2.id))
  698. assert_not(user1.role_ids.include?(test_role_3.id))
  699. assert(user1.role_ids.include?(test_role_4.id))
  700. assert_raises(RuntimeError) do
  701. User.create_or_update(
  702. login: "customer-role#{name}@example.com",
  703. firstname: 'Role',
  704. lastname: "Customer#{name}",
  705. email: "customer-role#{name}@example.com",
  706. password: 'customerpw',
  707. active: true,
  708. roles: [test_role_1, test_role_3],
  709. updated_by_id: 1,
  710. created_by_id: 1,
  711. )
  712. end
  713. assert_raises(RuntimeError) do
  714. User.create_or_update(
  715. login: "customer-role#{name}@example.com",
  716. firstname: 'Role',
  717. lastname: "Customer#{name}",
  718. email: "customer-role#{name}@example.com",
  719. password: 'customerpw',
  720. active: true,
  721. roles: [test_role_2, test_role_3],
  722. updated_by_id: 1,
  723. created_by_id: 1,
  724. )
  725. end
  726. assert(user1.role_ids.include?(test_role_1.id))
  727. assert_not(user1.role_ids.include?(test_role_2.id))
  728. assert_not(user1.role_ids.include?(test_role_3.id))
  729. assert(user1.role_ids.include?(test_role_4.id))
  730. end
  731. test 'permission default' do
  732. name = SecureRandom.uuid
  733. admin_count = User.with_permissions('admin').count
  734. admin = User.create_or_update(
  735. login: "admin-role#{name}@example.com",
  736. firstname: 'Role',
  737. lastname: "Admin#{name}",
  738. email: "admin-role#{name}@example.com",
  739. password: 'adminpw',
  740. active: true,
  741. roles: Role.where(name: %w[Admin Agent]),
  742. updated_by_id: 1,
  743. created_by_id: 1,
  744. )
  745. agent_count = User.with_permissions('ticket.agent').count
  746. agent = User.create_or_update(
  747. login: "agent-role#{name}@example.com",
  748. firstname: 'Role',
  749. lastname: "Agent#{name}",
  750. email: "agent-role#{name}@example.com",
  751. password: 'agentpw',
  752. active: true,
  753. roles: Role.where(name: 'Agent'),
  754. updated_by_id: 1,
  755. created_by_id: 1,
  756. )
  757. customer_count = User.with_permissions('ticket.customer').count
  758. customer = User.create_or_update(
  759. login: "customer-role#{name}@example.com",
  760. firstname: 'Role',
  761. lastname: "Customer#{name}",
  762. email: "customer-role#{name}@example.com",
  763. password: 'customerpw',
  764. active: true,
  765. roles: Role.where(name: 'Customer'),
  766. updated_by_id: 1,
  767. created_by_id: 1,
  768. )
  769. users = User.with_permissions('not_existing')
  770. assert(users.blank?)
  771. users = User.with_permissions('admin')
  772. assert_equal(admin_count + 1, users.count)
  773. assert_equal(admin.login, users.last.login)
  774. users = User.with_permissions('admin.session')
  775. assert_equal(admin_count + 1, users.count)
  776. assert_equal(admin.login, users.last.login)
  777. users = User.with_permissions(['admin.session', 'not_existing'])
  778. assert_equal(admin_count + 1, users.count)
  779. assert_equal(admin.login, users.last.login)
  780. users = User.with_permissions('ticket.agent')
  781. assert_equal(agent_count + 1, users.count)
  782. assert_equal(agent.login, users.last.login)
  783. users = User.with_permissions(['ticket.agent', 'not_existing'])
  784. assert_equal(agent_count + 1, users.count)
  785. assert_equal(agent.login, users.last.login)
  786. users = User.with_permissions('ticket.customer')
  787. assert_equal(customer_count + 1, users.count)
  788. assert_equal(customer.login, users.last.login)
  789. users = User.with_permissions(['ticket.customer', 'not_existing'])
  790. assert_equal(customer_count + 1, users.count)
  791. assert_equal(customer.login, users.last.login)
  792. end
  793. test 'min admin permission check' do
  794. # delete inital admin
  795. User.find_by(login: 'admin@example.com').destroy
  796. # store current admin count
  797. admin_count_inital = User.with_permissions('admin').count
  798. assert_equal(0, admin_count_inital)
  799. # create two admin users
  800. random = SecureRandom.uuid
  801. admin1 = User.create_or_update(
  802. login: "1admin-role#{random}@example.com",
  803. firstname: 'Role',
  804. lastname: "Admin#{random}",
  805. email: "admin-role#{random}@example.com",
  806. password: 'adminpw',
  807. active: true,
  808. roles: Role.where(name: %w[Admin Agent]),
  809. updated_by_id: 1,
  810. created_by_id: 1,
  811. )
  812. random = SecureRandom.uuid
  813. admin2 = User.create_or_update(
  814. login: "2admin-role#{random}@example.com",
  815. firstname: 'Role',
  816. lastname: "Admin#{random}",
  817. email: "admin-role#{random}@example.com",
  818. password: 'adminpw',
  819. active: true,
  820. roles: Role.where(name: %w[Admin Agent]),
  821. updated_by_id: 1,
  822. created_by_id: 1,
  823. )
  824. random = SecureRandom.uuid
  825. admin3 = User.create_or_update(
  826. login: "2admin-role#{random}@example.com",
  827. firstname: 'Role',
  828. lastname: "Admin#{random}",
  829. email: "admin-role#{random}@example.com",
  830. password: 'adminpw',
  831. active: true,
  832. roles: Role.where(name: %w[Admin Agent]),
  833. updated_by_id: 1,
  834. created_by_id: 1,
  835. )
  836. admin_count_inital = User.with_permissions('admin').count
  837. assert_equal(3, admin_count_inital)
  838. admin1.update!(roles: Role.where(name: %w[Agent]))
  839. admin_count_inital = User.with_permissions('admin').count
  840. assert_equal(2, admin_count_inital)
  841. admin2.update!(roles: Role.where(name: %w[Agent]))
  842. admin_count_inital = User.with_permissions('admin').count
  843. assert_equal(1, admin_count_inital)
  844. assert_raises(Exceptions::UnprocessableEntity) do
  845. admin3.update!(roles: Role.where(name: %w[Agent]))
  846. end
  847. admin_count_inital = User.with_permissions('admin').count
  848. assert_equal(1, admin_count_inital)
  849. assert_raises(Exceptions::UnprocessableEntity) do
  850. admin3.active = false
  851. admin3.save!
  852. end
  853. assert_equal(1, User.with_permissions('admin').count)
  854. admin_role = Role.find_by(name: 'Admin')
  855. assert_raises(Exceptions::UnprocessableEntity) do
  856. admin_role.active = false
  857. admin_role.save!
  858. end
  859. assert_raises(Exceptions::UnprocessableEntity) do
  860. admin_role.permission_revoke('admin')
  861. end
  862. assert_equal(1, User.with_permissions('admin').count)
  863. end
  864. test 'only valid agent in group permission check' do
  865. name = SecureRandom.uuid
  866. group = Group.create!(
  867. name: "ValidAgentGroupPermission-#{name}",
  868. active: true,
  869. updated_by_id: 1,
  870. created_by_id: 1,
  871. )
  872. roles = Role.where(name: 'Agent')
  873. User.create_or_update(
  874. login: "valid_agent_permission-1#{name}@example.com",
  875. firstname: 'valid_agent_group_permission-1',
  876. lastname: "Agent#{name}",
  877. email: "valid_agent_permission-1#{name}@example.com",
  878. password: 'agentpw',
  879. active: true,
  880. roles: roles,
  881. groups: [group],
  882. updated_by_id: 1,
  883. created_by_id: 1,
  884. )
  885. agent2 = User.create_or_update(
  886. login: "valid_agent_permission-2#{name}@example.com",
  887. firstname: 'valid_agent_group_permission-2',
  888. lastname: "Agent#{name}",
  889. email: "valid_agent_permission-2#{name}@example.com",
  890. password: 'agentpw',
  891. active: true,
  892. roles: roles,
  893. groups: [group],
  894. updated_by_id: 1,
  895. created_by_id: 1,
  896. )
  897. assert_equal(2, User.group_access(group.id, 'full').count)
  898. agent2.active = false
  899. agent2.save!
  900. assert_equal(1, User.group_access(group.id, 'full').count)
  901. agent2.active = true
  902. agent2.save!
  903. assert_equal(2, User.group_access(group.id, 'full').count)
  904. roles = Role.where(name: 'Customer')
  905. agent2.roles = roles
  906. agent2.save!
  907. assert_equal(1, User.group_access(group.id, 'full').count)
  908. end
  909. test 'preferences[:notification_sound][:enabled] value check' do
  910. name = SecureRandom.uuid
  911. roles = Role.where(name: 'Agent')
  912. agent1 = User.create!(
  913. login: "agent-default-preferences-1#{name}@example.com",
  914. firstname: 'valid_agent_group_permission-1',
  915. lastname: "Agent#{name}",
  916. email: "agent-default-preferences-1#{name}@example.com",
  917. password: 'agentpw',
  918. active: true,
  919. roles: roles,
  920. preferences: {
  921. notification_sound: {
  922. enabled: true,
  923. }
  924. },
  925. updated_by_id: 1,
  926. created_by_id: 1,
  927. )
  928. assert_equal(true, agent1.preferences[:notification_sound][:enabled])
  929. agent2 = User.create!(
  930. login: "agent-default-preferences-2#{name}@example.com",
  931. firstname: 'valid_agent_group_permission-2',
  932. lastname: "Agent#{name}",
  933. email: "agent-default-preferences-2#{name}@example.com",
  934. password: 'agentpw',
  935. active: true,
  936. roles: roles,
  937. preferences: {
  938. notification_sound: {
  939. enabled: false,
  940. }
  941. },
  942. updated_by_id: 1,
  943. created_by_id: 1,
  944. )
  945. assert_equal(false, agent2.preferences[:notification_sound][:enabled])
  946. agent3 = User.create!(
  947. login: "agent-default-preferences-3#{name}@example.com",
  948. firstname: 'valid_agent_group_permission-3',
  949. lastname: "Agent#{name}",
  950. email: "agent-default-preferences-3#{name}@example.com",
  951. password: 'agentpw',
  952. active: true,
  953. roles: roles,
  954. preferences: {
  955. notification_sound: {
  956. enabled: true,
  957. }
  958. },
  959. updated_by_id: 1,
  960. created_by_id: 1,
  961. )
  962. assert_equal(true, agent3.preferences[:notification_sound][:enabled])
  963. agent3.preferences[:notification_sound][:enabled] = 'false'
  964. agent3.save!
  965. agent3.reload
  966. assert_equal(false, agent3.preferences[:notification_sound][:enabled])
  967. agent4 = User.create!(
  968. login: "agent-default-preferences-4#{name}@example.com",
  969. firstname: 'valid_agent_group_permission-4',
  970. lastname: "Agent#{name}",
  971. email: "agent-default-preferences-4#{name}@example.com",
  972. password: 'agentpw',
  973. active: true,
  974. roles: roles,
  975. preferences: {
  976. notification_sound: {
  977. enabled: false,
  978. }
  979. },
  980. updated_by_id: 1,
  981. created_by_id: 1,
  982. )
  983. assert_equal(false, agent4.preferences[:notification_sound][:enabled])
  984. agent4.preferences[:notification_sound][:enabled] = 'true'
  985. agent4.save!
  986. agent4.reload
  987. assert_equal(true, agent4.preferences[:notification_sound][:enabled])
  988. agent4.preferences[:notification_sound][:enabled] = 'invalid'
  989. assert_raises(Exceptions::UnprocessableEntity) do
  990. agent4.save!
  991. end
  992. assert_raises(Exceptions::UnprocessableEntity) do
  993. User.create!(
  994. login: "agent-default-preferences-5#{name}@example.com",
  995. firstname: 'valid_agent_group_permission-5',
  996. lastname: "Agent#{name}",
  997. email: "agent-default-preferences-5#{name}@example.com",
  998. password: 'agentpw',
  999. active: true,
  1000. roles: roles,
  1001. preferences: {
  1002. notification_sound: {
  1003. enabled: 'invalid string',
  1004. }
  1005. },
  1006. updated_by_id: 1,
  1007. created_by_id: 1,
  1008. )
  1009. end
  1010. end
  1011. test 'cleanup references on destroy' do
  1012. agent1 = User.create!(
  1013. login: "agent-cleanup_check-1#{name}@example.com",
  1014. firstname: 'valid_agent_group_permission-1',
  1015. lastname: "Agent#{name}",
  1016. email: "agent-cleanup_check-1#{name}@example.com",
  1017. password: 'agentpw',
  1018. active: true,
  1019. roles: Role.where(name: 'Agent'),
  1020. groups: Group.all,
  1021. updated_by_id: 1,
  1022. created_by_id: 1,
  1023. )
  1024. agent1_id = agent1.id
  1025. assert_equal(1, Avatar.list('User', agent1_id).count)
  1026. UserDevice.add(
  1027. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
  1028. '91.115.248.231',
  1029. agent1_id,
  1030. 'fingerprint1234',
  1031. 'session',
  1032. )
  1033. assert_equal(1, UserDevice.where(user_id: agent1_id).count)
  1034. Karma::User.sync(agent1)
  1035. assert_equal(1, Karma::User.where(user_id: agent1_id).count)
  1036. OnlineNotification.add(
  1037. type: 'Assigned to you',
  1038. object: 'Ticket',
  1039. o_id: 1,
  1040. seen: false,
  1041. user_id: agent1_id,
  1042. created_by_id: 1,
  1043. updated_by_id: 1,
  1044. created_at: Time.zone.now,
  1045. updated_at: Time.zone.now,
  1046. )
  1047. assert_equal(1, OnlineNotification.where(user_id: agent1_id).count)
  1048. Authorization.create!(
  1049. user: agent1,
  1050. uid: '123',
  1051. username: '123',
  1052. provider: 'some',
  1053. token: 'token',
  1054. secret: 'secret',
  1055. )
  1056. assert_equal(1, Authorization.where(user_id: agent1_id).count)
  1057. Cti::CallerId.maybe_add(
  1058. caller_id: '49123456789',
  1059. comment: 'Hairdresser Bob Smith, San Francisco', # optional
  1060. level: 'maybe', # known|maybe
  1061. user_id: agent1_id, # optional
  1062. object: 'Ticket',
  1063. o_id: 1,
  1064. )
  1065. assert_equal(1, Cti::CallerId.where(user_id: agent1_id).count)
  1066. Taskbar.create!(
  1067. client_id: 123,
  1068. key: 'Ticket-1',
  1069. callback: 'TicketZoom',
  1070. params: {
  1071. id: 1,
  1072. },
  1073. state: {},
  1074. user_id: agent1_id,
  1075. prio: 1,
  1076. notify: false,
  1077. )
  1078. assert_equal(1, Taskbar.where(user_id: agent1_id).count)
  1079. ticket1 = Ticket.create!(
  1080. title: 'test 1234-1',
  1081. group: Group.lookup(name: 'Users'),
  1082. customer_id: 2,
  1083. owner_id: 2,
  1084. updated_by_id: 1,
  1085. created_by_id: 1,
  1086. )
  1087. RecentView.log(ticket1.class.to_s, ticket1.id, agent1)
  1088. assert_equal(1, RecentView.where(created_by_id: agent1_id).count)
  1089. Token.create!(action: 'api', user_id: agent1_id)
  1090. StatsStore.create(
  1091. stats_storable: agent1,
  1092. key: 'some_key',
  1093. data: { A: 1, B: 2 },
  1094. created_at: Time.zone.now,
  1095. created_by_id: 1,
  1096. )
  1097. item = StatsStore.find_by(
  1098. stats_storable: agent1,
  1099. key: 'some_key',
  1100. )
  1101. assert(item)
  1102. agent1.destroy!
  1103. assert_equal(0, UserDevice.where(user_id: agent1_id).count)
  1104. assert_equal(0, Avatar.list('User', agent1_id, false).count)
  1105. assert_equal(0, Karma::User.where(user_id: agent1_id).count)
  1106. assert_equal(0, OnlineNotification.where(user_id: agent1_id).count)
  1107. assert_equal(0, Authorization.where(user_id: agent1_id).count)
  1108. assert_equal(0, Cti::CallerId.where(user_id: agent1_id).count)
  1109. assert_equal(0, Taskbar.where(user_id: agent1_id).count)
  1110. assert_equal(0, RecentView.where(created_by_id: agent1_id).count)
  1111. assert_equal(0, Token.where(user_id: agent1_id).count)
  1112. assert_equal(0, Token.where(user_id: agent1_id).count)
  1113. item = StatsStore.find_by(
  1114. stats_storable: agent1,
  1115. key: 'some_key',
  1116. )
  1117. assert_nil(item)
  1118. end
  1119. test 'adding group drops cache' do
  1120. agent1 = User.create!(
  1121. login: "agent-cleanup_check-1#{name}@example.com",
  1122. firstname: 'valid_agent_group_permission-1',
  1123. lastname: "Agent#{name}",
  1124. email: "agent-cleanup_check-1#{name}@example.com",
  1125. password: 'agentpw',
  1126. active: true,
  1127. roles: Role.where(name: 'Agent'),
  1128. groups: Group.all,
  1129. updated_by_id: 1,
  1130. created_by_id: 1,
  1131. )
  1132. group1 = Group.create_or_update(
  1133. name: "GroupWithoutPermission-#{SecureRandom.uuid}",
  1134. active: true,
  1135. updated_by_id: 1,
  1136. created_by_id: 1,
  1137. )
  1138. differences = %w[
  1139. group1.attributes_with_association_ids['user_ids'].count
  1140. agent1.attributes_with_association_ids['group_ids'].keys.count
  1141. ]
  1142. assert_difference differences, 1 do
  1143. agent1.groups << group1
  1144. end
  1145. end
  1146. end