From 3d416f82bdb68fe51febecdb47ea3447e8de3d49 Mon Sep 17 00:00:00 2001
From: Guillermo <guillermo@opensupports.com>
Date: Fri, 12 Jan 2018 23:08:07 -0300
Subject: [PATCH] fix bug 83

---
 server/controllers/system/add-department.php | 14 ++++----------
 tests/system/add-department.rb               | 19 ++++++++++++++++++-
 2 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/server/controllers/system/add-department.php b/server/controllers/system/add-department.php
index 2307b2fc..0d42846b 100755
--- a/server/controllers/system/add-department.php
+++ b/server/controllers/system/add-department.php
@@ -16,7 +16,6 @@ use Respect\Validation\Validator as DataValidator;
  * @apiParam {String} name Name of the new department.
  *
  * @apiUse NO_PERMISSION
- * @apiUse INVALID_NAME
  *
  * @apiSuccess {Object} data Empty object
  *
@@ -29,20 +28,15 @@ class AddDepartmentController extends Controller {
     public function validations() {
         return [
             'permission' => 'staff_3',
-            'requestData' => [
-                'name' => [
-                    'validation' => DataValidator::alnum(),
-                    'error' => ERRORS::INVALID_NAME
-                ]
-            ]
+            'requestData' => []
         ];
     }
 
     public function handler() {
         $name = Controller::request('name');
-        
+
         $departmentInstance = new Department();
-        
+
         $departmentInstance->setProperties([
             'name' => $name,
         ]);
@@ -53,4 +47,4 @@ class AddDepartmentController extends Controller {
         Response::respondSuccess();
 
     }
-}
\ No newline at end of file
+}
diff --git a/tests/system/add-department.rb b/tests/system/add-department.rb
index af45e221..a4613026 100644
--- a/tests/system/add-department.rb
+++ b/tests/system/add-department.rb
@@ -2,7 +2,7 @@ describe'system/add-department' do
         request('/user/logout')
         Scripts.login($staff[:email], $staff[:password], true)
 
-        it 'should add department' do
+        it 'should add department with alphanumeric characters' do
             result = request('/system/add-department', {
                 csrf_userid: $csrf_userid,
                 csrf_token: $csrf_token,
@@ -18,4 +18,21 @@ describe'system/add-department' do
             lastLog = $database.getLastRow('log')
             (lastLog['type']).should.equal('ADD_DEPARTMENT')
         end
+
+        it 'should add department with html tag' do
+            result = request('/system/add-department', {
+                csrf_userid: $csrf_userid,
+                csrf_token: $csrf_token,
+                name: '<b>new department</b>'
+            })
+
+            (result['status']).should.equal('success')
+
+            row = $database.getRow('department', 5, 'id')
+
+            (row['name']).should.equal('<b>new department</b>')
+
+            lastLog = $database.getLastRow('log')
+            (lastLog['type']).should.equal('ADD_DEPARTMENT')
+        end
 end