users_spec.rb 9.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322
  1. # Copyright (C) 2012-2023 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe 'Manage > Users', type: :system do
  4. describe 'switching to an alternative user', authenticated_as: :authenticate, authentication_type: :form do
  5. let(:original_user) { create(:admin) }
  6. let(:alternative_one_user) { create(:admin) }
  7. let(:alternative_two_user) { create(:admin) }
  8. def authenticate
  9. alternative_one_user
  10. alternative_two_user
  11. original_user
  12. end
  13. it 'starts as original user' do
  14. expect(current_user).to eq original_user
  15. end
  16. it 'switches to alternative user' do
  17. switch_to(alternative_one_user)
  18. expect(current_user).to eq alternative_one_user
  19. end
  20. it 'switches to another alternative user' do
  21. switch_to(alternative_one_user)
  22. switch_to(alternative_two_user)
  23. expect(current_user).to eq alternative_two_user
  24. end
  25. it 'switches back to original user' do
  26. switch_to(alternative_one_user)
  27. switch_to(alternative_two_user)
  28. click '.switchBackToUser-close'
  29. expect(current_user).to eq original_user
  30. end
  31. def switch_to(user)
  32. visit 'manage/users'
  33. within(:active_content) do
  34. row = find("tr[data-id=\"#{user.id}\"]")
  35. row.find('.js-action').click
  36. row.find('.js-switchTo').click
  37. end
  38. expect(page).to have_text("Zammad looks like this for \"#{user.firstname} #{user.lastname}\"")
  39. end
  40. end
  41. # Fixes GitHub Issue #3050 - Newly created users are only shown in the admin interface after reload
  42. describe 'adding a new user', authenticated_as: -> { user } do
  43. let(:user) { create(:admin) }
  44. it 'newly added user is visible in the user list' do
  45. visit '#manage/users'
  46. within(:active_content) do
  47. find('[data-type=new]').click
  48. find('[name=firstname]').fill_in with: 'NewTestUserFirstName'
  49. find('[name=lastname]').fill_in with: 'User'
  50. find('span.label-text', text: 'Customer').first(:xpath, './/..').click
  51. click '.js-submit'
  52. expect(page).to have_css('table.user-list td', text: 'NewTestUserFirstName')
  53. end
  54. end
  55. describe 'select an Organization' do
  56. before do
  57. create(:organization, name: 'Example Inc.', active: true)
  58. create(:organization, name: 'Inactive Inc.', active: false)
  59. end
  60. it 'check for inactive Organizations in Organization selection' do
  61. visit '#manage/users'
  62. within(:active_content) do
  63. find('[data-type=new]').click
  64. find('[name=organization_id] ~ .searchableSelect-main').fill_in with: '**'
  65. expect(page).to have_css('ul.js-optionsList > li.js-option', minimum: 2)
  66. expect(page).to have_css('ul.js-optionsList > li.js-option .is-inactive', count: 1)
  67. end
  68. end
  69. end
  70. describe 'with email with umlauts' do
  71. it 'is valid' do
  72. visit '#manage/users'
  73. within(:active_content) do
  74. find('[data-type=new]').click
  75. find('[name=firstname]').fill_in with: 'NewTestUserFirstName'
  76. find('[name=lastname]').fill_in with: 'User'
  77. find('[name=email]').fill_in with: 'üser@äcme.corp'
  78. find('span.label-text', text: 'Customer').first(:xpath, './/..').click
  79. click '.js-submit'
  80. expect(page).to have_css('table.user-list td', text: 'üser@äcme.corp')
  81. end
  82. end
  83. end
  84. end
  85. describe 'show/unlock a user', authenticated_as: :authenticate do
  86. let(:user) { create(:admin) }
  87. let(:locked_user) { create(:user, login_failed: 6) }
  88. def authenticate
  89. locked_user
  90. user
  91. end
  92. it 'check marked locked user and execute unlock action' do
  93. visit '#manage/users'
  94. within(:active_content) do
  95. row = find("tr[data-id=\"#{locked_user.id}\"]")
  96. expect(row).to have_css('.icon-lock')
  97. row.find('.js-action').click
  98. row.find('li.unlock').click
  99. expect(row).to have_no_css('.icon-lock')
  100. end
  101. end
  102. end
  103. context 'updating a user' do
  104. let(:user) { create(:admin) }
  105. let(:row) { find "table.user-list tbody tr[data-id='#{user.id}']" }
  106. before do
  107. user
  108. visit '#manage/users'
  109. within(:active_content) do
  110. row.click
  111. end
  112. end
  113. it 'handles permission checkboxes correctly' do
  114. in_modal do
  115. scroll_into_view 'table.settings-list'
  116. within 'table.settings-list tbody tr:first-child' do
  117. click 'input[value="full"]', visible: :all
  118. expect(find('input[value="full"]', visible: :all)).to be_checked
  119. click 'input[value="read"]', visible: :all
  120. expect(find('input[value="full"]', visible: :all)).not_to be_checked
  121. expect(find('input[value="read"]', visible: :all)).to be_checked
  122. click 'input[value="full"]', visible: :all
  123. expect(find('input[value="full"]', visible: :all)).to be_checked
  124. expect(find('input[value="read"]', visible: :all)).not_to be_checked
  125. end
  126. end
  127. end
  128. it 'allows to update a user with no email/first/last/phone if login is present' do
  129. in_modal do
  130. fill_in 'firstname', with: ''
  131. fill_in 'lastname', with: ''
  132. fill_in 'Email', with: ''
  133. fill_in 'Phone', with: ''
  134. click_on 'Submit'
  135. end
  136. within :active_content do
  137. expect(page).to have_no_text(user.firstname)
  138. end
  139. end
  140. context 'when user has auto login' do
  141. let(:user) { create(:admin, login: "auto-#{SecureRandom.uuid}") }
  142. it 'does not allow to update a user with no email/first/last/phone' do
  143. in_modal do
  144. fill_in 'firstname', with: ''
  145. fill_in 'lastname', with: ''
  146. fill_in 'Email', with: ''
  147. fill_in 'Phone', with: ''
  148. click_on 'Submit'
  149. expect(page).to have_text('At least one identifier')
  150. end
  151. end
  152. end
  153. context 'when user has email with umlauts' do
  154. let(:user) { create(:admin, login: 'üser@äcme.corp', email: 'üser@äcme.corp') }
  155. it 'does allow to update' do
  156. in_modal do
  157. fill_in 'firstname', with: 'Üser'
  158. click_on 'Submit'
  159. end
  160. expect(page).to have_no_text('Invalid email')
  161. end
  162. end
  163. end
  164. describe 'check user edit permissions', authenticated_as: -> { user } do
  165. shared_examples 'user permission' do |allow|
  166. it(allow ? 'allows editing' : 'forbids editing') do
  167. visit "#user/profile/#{record.id}"
  168. find('.js-action .icon-arrow-down').click
  169. selector = '.js-action [data-type="edit"]'
  170. expect(page).to(allow ? have_css(selector) : have_no_css(selector))
  171. end
  172. end
  173. context 'when admin tries to change admin' do
  174. let(:user) { create(:admin) }
  175. let(:record) { create(:admin) }
  176. include_examples 'user permission', true
  177. end
  178. context 'when admin tries to change agent' do
  179. let(:user) { create(:admin) }
  180. let(:record) { create(:agent) }
  181. include_examples 'user permission', true
  182. end
  183. context 'when admin tries to change customer' do
  184. let(:user) { create(:admin) }
  185. let(:record) { create(:customer) }
  186. include_examples 'user permission', true
  187. end
  188. context 'when agent tries to change admin' do
  189. let(:user) { create(:agent) }
  190. let(:record) { create(:admin) }
  191. include_examples 'user permission', false
  192. end
  193. context 'when agent tries to change agent' do
  194. let(:user) { create(:agent) }
  195. let(:record) { create(:agent) }
  196. include_examples 'user permission', false
  197. end
  198. context 'when agent tries to change customer' do
  199. let(:user) { create(:agent) }
  200. let(:record) { create(:customer) }
  201. include_examples 'user permission', true
  202. end
  203. context 'when agent tries to change customer who is also admin' do
  204. let(:user) { create(:agent) }
  205. let(:record) { create(:customer, role_ids: Role.signup_role_ids.push(Role.find_by(name: 'Admin').id)) }
  206. include_examples 'user permission', false
  207. end
  208. context 'when agent tries to change customer who is also agent' do
  209. let(:user) { create(:agent) }
  210. let(:record) { create(:customer, role_ids: Role.signup_role_ids.push(Role.find_by(name: 'Agent').id)) }
  211. include_examples 'user permission', false
  212. end
  213. end
  214. describe 'UI is not updated right after importing users csv file #3919' do
  215. before do
  216. visit '#manage/users'
  217. ensure_websocket
  218. User.csv_import(
  219. string: Rails.root.join('spec/fixtures/files/csv_import/user/simple.csv').read,
  220. parse_params: {
  221. col_sep: ';',
  222. },
  223. try: false,
  224. delete: false,
  225. )
  226. end
  227. it 'does update the user list after import of new users' do
  228. expect(page).to have_text('firstname-simple-import1')
  229. end
  230. end
  231. describe 'Missing secondary organizations in user profile after refreshing with many secondary organizations. #4331' do
  232. let(:organizations) { create_list(:organization, 20) }
  233. let(:customer) { create(:customer, organization: organizations[0], organizations: organizations[1..]) }
  234. before do
  235. customer
  236. visit '#manage/users'
  237. click "tr[data-id='#{customer.id}']"
  238. end
  239. it 'does show all secondary organizations on edit' do
  240. tokens = page.all('div[data-attribute-name="organization_ids"] .token')
  241. expect(tokens.count).to eq(19)
  242. end
  243. end
  244. end