Fix ticket delete test issues
This commit is contained in:
Ivan Diaz
parent
11c4401bfc
commit
099dd5a5a0
|
|
@ -42,14 +42,20 @@ class DeleteController extends Controller {
|
|||
public function handler() {
|
||||
$user = Controller::getLoggedUser();
|
||||
$ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
|
||||
$ticketAuthor = $ticket->authorToArray();
|
||||
|
||||
if(Controller::isStaffLogged() && ($user->level < 3 || $ticket->owner)) {
|
||||
if($ticket->owner) {
|
||||
throw new Exception(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
if(!Controller::isStaffLogged() && (($user->email !== $ticket->author->email) || $ticket->owner) ) {
|
||||
|
||||
if(Controller::isStaffLogged() && $user->level < 3) {
|
||||
throw new Exception(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
|
||||
if(!Controller::isStaffLogged() && ($user->email !== $ticketAuthor['email'] || $ticketAuthor['staff'])) {
|
||||
throw new Exception(ERRORS::NO_PERMISSION);
|
||||
}
|
||||
|
||||
$ticket->delete();
|
||||
|
||||
Response::respondSuccess();
|
||||
|
|
|
|||
|
|
@ -35,10 +35,11 @@ class Scripts
|
|||
raise response['message']
|
||||
end
|
||||
end
|
||||
def self.deleteStaff(staffid)
|
||||
|
||||
def self.deleteStaff(staffId)
|
||||
response = request('/staff/delete', {
|
||||
:staffId => staffid
|
||||
staffId: staffId,
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
if response['status'] === 'fail'
|
||||
|
|
|
|||
|
|
@ -31,10 +31,12 @@ describe '/staff/assign-ticket' do
|
|||
(staff_ticket['ticket_id']).should.equal('1')
|
||||
end
|
||||
it 'should assign ticket if a staff choose another to assing a ticket ' do
|
||||
staffId = $database.getRow('staff','ayra2@opensupports.com','email')['id']
|
||||
|
||||
ticket = $database.getRow('ticket', 3 , 'id')
|
||||
result = request('/staff/assign-ticket', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
staffId:4,
|
||||
staffId: staffId,
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
|
@ -42,10 +44,9 @@ describe '/staff/assign-ticket' do
|
|||
|
||||
ticket = $database.getRow('ticket', 3 , 'id')
|
||||
|
||||
(ticket['owner_id']).should.equal('4')
|
||||
(ticket['owner_id']).should.equal(staffId)
|
||||
|
||||
(ticket['unread']).should.equal('1')
|
||||
|
||||
end
|
||||
|
||||
it 'should fail if ticket is already owned' do
|
||||
|
|
|
|||
|
|
@ -1,28 +1,30 @@
|
|||
describe'/staff/delete' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
@staffId = $database.getRow('staff','littlelannister@opensupports.com','email')['id']
|
||||
|
||||
it 'should delete staff member' do
|
||||
result= request('/staff/delete', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
staffId: 3
|
||||
staffId: @staffId
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
row = $database.getRow('staff', 3, 'id')
|
||||
row = $database.getRow('staff', @staffId, 'id')
|
||||
(row).should.equal(nil)
|
||||
|
||||
row = $database.getRow('department', 1, 'id')
|
||||
(row['owners']).should.equal('3')
|
||||
|
||||
end
|
||||
|
||||
it 'should fail delete if staff member is does not exist' do
|
||||
result= request('/staff/delete', {
|
||||
result = request('/staff/delete', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
staffId: 3
|
||||
staffId: @staffId
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
|
|
@ -31,4 +33,4 @@ describe'/staff/delete' do
|
|||
row = $database.getRow('department', 1, 'id')
|
||||
(row['owners']).should.equal('3')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -3,23 +3,24 @@ describe'/staff/edit' do
|
|||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should edit another staff member' do
|
||||
staffId = $database.getRow('staff','tyrion@opensupports.com','email')['id']
|
||||
result= request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
email: 'LittleLannister@opensupports.com',
|
||||
level: 1,
|
||||
departments: '[1, 2]',
|
||||
staffId: 3
|
||||
staffId: staffId
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
row = $database.getRow('staff', 3, 'id')
|
||||
row = $database.getRow('staff', staffId, 'id')
|
||||
|
||||
(row['email']).should.equal('littlelannister@opensupports.com')
|
||||
(row['level']).should.equal('1')
|
||||
|
||||
rows = $database.getRow('department_staff', 3, 'staff_id')
|
||||
rows = $database.getRow('department_staff', staffId, 'staff_id')
|
||||
|
||||
(rows['department_id']).should.equal('1')
|
||||
|
||||
|
|
@ -28,7 +29,6 @@ describe'/staff/edit' do
|
|||
|
||||
row = $database.getRow('department', 2, 'id')
|
||||
(row['owners']).should.equal('2')
|
||||
|
||||
end
|
||||
|
||||
it 'should edit staff member ' do
|
||||
|
|
@ -43,7 +43,7 @@ describe'/staff/edit' do
|
|||
departments: '[1]'
|
||||
})
|
||||
|
||||
row = $database.getRow('staff', 'Arya Stark', 'name')
|
||||
row = $database.getRow('staff', 'arya@opensupports.com', 'email')
|
||||
|
||||
result = request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
|
|
|
|||
|
|
@ -3,14 +3,12 @@ describe '/staff/get-new-tickets' do
|
|||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should get news tickets' do
|
||||
|
||||
result = request('/staff/get-new-tickets', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
(result['data'].size).should.equal(11)
|
||||
|
||||
(result['data'].size).should.equal(9)
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -16,10 +16,11 @@ describe '/staff/get/' do
|
|||
(result['data']['sendEmailOnNewTicket']).should.equal('1')
|
||||
end
|
||||
it 'should return staff member data with staff Id' do
|
||||
staff = $database.getRow('staff','tyrion@opensupports.com','email')
|
||||
result = request('/staff/get', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
staffId: 3
|
||||
staffId: staff['id']
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
|
@ -29,4 +30,4 @@ describe '/staff/get/' do
|
|||
(result['data']['level']).should.equal('2')
|
||||
(result['data']['sendEmailOnNewTicket']).should.equal('0')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ describe'system/disable-user-system' do
|
|||
|
||||
numberOftickets= $database.query("SELECT * FROM ticket WHERE author_id IS NULL AND author_email IS NOT NULL AND author_name IS NOT NULL")
|
||||
|
||||
(numberOftickets.num_rows).should.equal(41)
|
||||
(numberOftickets.num_rows).should.equal(40)
|
||||
|
||||
request('/user/logout')
|
||||
|
||||
|
|
@ -127,7 +127,7 @@ describe'system/disable-user-system' do
|
|||
|
||||
numberOftickets= $database.query("SELECT * FROM ticket WHERE author_email IS NULL AND author_name IS NULL AND author_id IS NOT NULL" )
|
||||
|
||||
(numberOftickets.num_rows).should.equal(42)
|
||||
(numberOftickets.num_rows).should.equal(41)
|
||||
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -1,52 +1,46 @@
|
|||
describe '/ticket/delete' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createTicket('tickettodelete')
|
||||
Scripts.createTicket('tickettodelete4')
|
||||
|
||||
# it 'should delete ticket if it is not assigned and is logged a staff lvl 3 ' do
|
||||
#
|
||||
#
|
||||
# ticket = $database.getRow('ticket', 'tickettodelete', 'title')
|
||||
#
|
||||
# request('/staff/add', {
|
||||
# csrf_userid: $csrf_userid,
|
||||
# csrf_token: $csrf_token,
|
||||
# name: 'Ned Stark',
|
||||
# password: 'headless',
|
||||
# email: 'ned@opensupports.com',
|
||||
# level: 3,
|
||||
# profilePic: '',
|
||||
# departments: '[1]'
|
||||
# })
|
||||
#
|
||||
# request('/user/logout')
|
||||
#
|
||||
# Scripts.login('ned@opensupports.com', 'headless', true)
|
||||
#
|
||||
# result = request('/ticket/delete', {
|
||||
# ticketNumber: ticket['ticket_number'],
|
||||
# csrf_userid: $csrf_userid,
|
||||
# csrf_token: $csrf_token
|
||||
# })
|
||||
#
|
||||
# (result['status']).should.equal('success')
|
||||
# end
|
||||
it 'should delete ticket if it is not assigned and is logged a staff lvl 3 ' do
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createTicket('ticket_to_delete')
|
||||
ticket = $database.getRow('ticket', 'ticket_to_delete', 'title')
|
||||
|
||||
request('/staff/add', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token,
|
||||
name: 'Ned Stark',
|
||||
password: 'headless',
|
||||
email: 'ned@opensupports.com',
|
||||
level: 3,
|
||||
profilePic: '',
|
||||
departments: '[1]'
|
||||
})
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.login('ned@opensupports.com', 'headless', true)
|
||||
|
||||
result = request('/ticket/delete', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
end
|
||||
|
||||
it 'should delete ticket if it is yours and it is not assigned' do
|
||||
request('/user/logout')
|
||||
Scripts.createUser('deleter@opensupports.com', 'deleterpassword', 'Delter')
|
||||
Scripts.login('deleter@opensupports.com', 'deleterpassword')
|
||||
|
||||
Scripts.createTicket('tickettodelete2')
|
||||
ticket = $database.getRow('ticket', 'tickettodelete2', 'title');
|
||||
|
||||
Scripts.createTicket('ticket_to_delete_2')
|
||||
ticket = $database.getRow('ticket', 'ticket_to_delete_2', 'title');
|
||||
result = request('/ticket/delete', {
|
||||
ticketNumber: ticket['ticket_number'],
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
puts result
|
||||
(result['status']).should.equal('success')
|
||||
end
|
||||
|
||||
|
|
@ -54,8 +48,8 @@ describe '/ticket/delete' do
|
|||
request('/user/logout')
|
||||
Scripts.login('deleter@opensupports.com', 'deleterpassword')
|
||||
|
||||
Scripts.createTicket('tickettodelete3')
|
||||
ticket = $database.getRow('ticket', 'tickettodelete3', 'title');
|
||||
Scripts.createTicket('ticket_to_delete_3')
|
||||
ticket = $database.getRow('ticket', 'ticket_to_delete_3', 'title');
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
|
@ -76,14 +70,15 @@ describe '/ticket/delete' do
|
|||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
end
|
||||
|
||||
it 'should not delete ticket if the staff logged is not lvl 3' do
|
||||
request('/user/logout')
|
||||
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createTicket('ticket_to_delete_4')
|
||||
|
||||
ticket = $database.getRow('ticket', 'tickettodelete4', 'title');
|
||||
ticket = $database.getRow('ticket', 'ticket_to_delete_4', 'title');
|
||||
|
||||
request('/staff/add', {
|
||||
csrf_userid: $csrf_userid,
|
||||
|
|
@ -106,15 +101,14 @@ describe '/ticket/delete' do
|
|||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
staff = $database.getRow('staff', 'ned@opensupports.com', 'email')
|
||||
Scripts.deleteStaff(staff['id'])
|
||||
|
||||
staff = $database.getRow('staff', 'uselessstaff@opensupports.com', 'email')
|
||||
Scripts.deleteStaff(staff['id'])
|
||||
end
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
staff = $database.getRow('staff', 'headless', 'password')
|
||||
Scripts.deleteStaff(staff['id'])
|
||||
|
||||
staff = $database.getRow('staff', 'theyaregonnafireme', 'password')
|
||||
Scripts.deleteStaff(staff['id'])
|
||||
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue