From 895fbf011f82bae82ae9df7d546e6b5eb05fdd63 Mon Sep 17 00:00:00 2001 From: ivan Date: Thu, 8 Dec 2016 03:21:37 -0300 Subject: [PATCH] GUILLERMO - all test staff [skip ci] --- server/controllers/staff/add.php | 9 ++-- server/controllers/staff/delete.php | 5 ++- server/controllers/staff/edit.php | 27 +++++++----- server/controllers/staff/get-all.php | 18 +++++++- server/controllers/staff/get.php | 12 ++---- server/libs/validations/dataStoreId.php | 4 ++ server/models/Department.php | 6 +++ server/models/Staff.php | 3 +- tests/init.rb | 4 ++ tests/staff/add.rb | 41 +++++++++++++++++- tests/staff/delete.rb | 29 +++++++++++++ tests/staff/edit.rb | 56 +++++++++++++++++++++++++ tests/staff/get-all.rb | 35 ++++++++++++++++ tests/staff/get.rb | 15 +++++++ 14 files changed, 234 insertions(+), 30 deletions(-) create mode 100644 tests/staff/edit.rb create mode 100644 tests/staff/get-all.rb diff --git a/server/controllers/staff/add.php b/server/controllers/staff/add.php index dbcaeccf..e3b13390 100644 --- a/server/controllers/staff/add.php +++ b/server/controllers/staff/add.php @@ -48,15 +48,16 @@ class AddStaffController extends Controller { $staff->setProperties([ 'name'=> $this->name, 'email' => $this->email, - 'password'=> $this->password, + 'password'=> Hashing::hashPassword($this->password), 'profilePic' => $this->profilePic, 'level' => $this->level, 'sharedDepartmentList'=> $this->getDepartmentList(), ]); - $staff->store(); - - Response::respondSuccess(); + + Response::respondSuccess([ + 'id' => $staff->store() + ]); return; } diff --git a/server/controllers/staff/delete.php b/server/controllers/staff/delete.php index 78df1c6b..d9332267 100644 --- a/server/controllers/staff/delete.php +++ b/server/controllers/staff/delete.php @@ -9,7 +9,10 @@ class DeleteStaffController extends Controller { return [ 'permission' => 'staff_3', 'requestData' => [ - + 'staffId' =>[ + 'validation' => DataValidator::dataStoreId('staff'), + 'error' => ERRORS::INVALID_STAFF + ] ] ]; } diff --git a/server/controllers/staff/edit.php b/server/controllers/staff/edit.php index 4d675b99..66500cc0 100644 --- a/server/controllers/staff/edit.php +++ b/server/controllers/staff/edit.php @@ -9,13 +9,8 @@ class EditStaffController extends Controller { public function validations() { return [ - 'permission' => 'staff_3', - 'requestData' => [ - 'staffId' =>[ - 'validation' => DataValidator::dataStoreId('staff'), - 'error' => ERRORS::INVALID_STAFF - ] - ] + 'permission' => 'staff_1', + 'requestData' => [] ]; } @@ -24,8 +19,16 @@ class EditStaffController extends Controller { if(!$this->staffId) { $this->staffRow = Controller::getLoggedUser(); + } else if(Controller::isStaffLogged(3)) { + $this->staffRow = Staff::getDataStore($this->staffId, 'id'); + + if($this->staffRow->isNull()) { + Response::respondError(ERRORS::INVALID_STAFF); + return; + } } else { - $this->staffRow = Staff::getDataStore($this->staffId,'id'); + Response::respondError(ERRORS::NO_PERMISSION); + return; } $this->editInformation(); @@ -39,12 +42,14 @@ class EditStaffController extends Controller { } if(Controller::request('password')) { - $this->staffRow->password = Controller::request('password'); + $this->staffRow->password = Hashing::hashPassword(Controller::request('password')); } - if(Controller::request('level')) { + + if(Controller::request('level') && Controller::isStaffLogged(3)) { $this->staffRow->level = Controller::request('level'); } - if(Controller::request('departments')) { + + if(Controller::request('departments') && Controller::isStaffLogged(3)) { $this->staffRow->sharedDepartmentList = $this->getDepartmentList(); } diff --git a/server/controllers/staff/get-all.php b/server/controllers/staff/get-all.php index afec9d07..12f027c6 100644 --- a/server/controllers/staff/get-all.php +++ b/server/controllers/staff/get-all.php @@ -18,7 +18,23 @@ class GetAllStaffController extends Controller { $staffArray = []; foreach($staffs as $staff) { - $staffArray[] = $staff->toArray(); + $assignedTickets = 0; + $closedTickets = 0; + + foreach ($staff->sharedTicketList as $ticket) { + if($ticket->closed) $closedTickets++; + else $assignedTickets++; + } + + $staffArray[] = [ + 'name' => $staff->name, + 'email' => $staff->email, + 'profilePic' => $staff->profilePic, + 'level' => $staff->level, + 'departments' => $staff->sharedDepartmentList->toArray(), + 'assignedTickets' => $assignedTickets, + 'closedTickets' => $closedTickets, + ]; } Response::respondSuccess($staffArray); diff --git a/server/controllers/staff/get.php b/server/controllers/staff/get.php index dfbf5ce1..1cd6a491 100644 --- a/server/controllers/staff/get.php +++ b/server/controllers/staff/get.php @@ -15,17 +15,11 @@ class GetStaffController extends Controller { public function handler() { $user = Controller::getLoggedUser(); - $userId = Controller::request('userId'); - $userRow = Staff::getDataStore($userId,'id'); + $userId = Controller::request('staffId'); + $userRow = Staff::getDataStore($userId); if($user->level == 3 && !$userRow->isNull()) { - Response::respondSuccess([ - 'id' => $userRow->id, - 'name' => $userRow->name, - 'email' => $userRow->email, - 'password' => $userRow->password - ]); - return; + $user = $userRow; } $parsedDepartmentList = []; diff --git a/server/libs/validations/dataStoreId.php b/server/libs/validations/dataStoreId.php index a510cb55..029ee33c 100644 --- a/server/libs/validations/dataStoreId.php +++ b/server/libs/validations/dataStoreId.php @@ -22,6 +22,9 @@ class DataStoreId extends AbstractRule { case 'user': $dataStore = \User::getUser($dataStoreId); break; + case 'staff': + $dataStore = \Staff::getUser($dataStoreId); + break; case 'ticket': $dataStore = \Ticket::getTicket($dataStoreId); break; @@ -45,6 +48,7 @@ class DataStoreId extends AbstractRule { private function isDataStoreNameValid($dataStoreName) { return in_array($dataStoreName, [ 'user', + 'staff', 'ticket', 'department', 'customresponse', diff --git a/server/models/Department.php b/server/models/Department.php index ac499081..f2abbaa0 100644 --- a/server/models/Department.php +++ b/server/models/Department.php @@ -24,4 +24,10 @@ class Department extends DataStore { return $departmentsNameList; } + public function toArray() { + return [ + 'id' => $this->id, + 'name' => $this->name + ]; + } } \ No newline at end of file diff --git a/server/models/Staff.php b/server/models/Staff.php index 67cf9e8a..02e72cf3 100644 --- a/server/models/Staff.php +++ b/server/models/Staff.php @@ -34,11 +34,10 @@ class Staff extends DataStore { return [ 'name'=> $this->name, 'email' => $this->email, - 'password' => $this->password, 'profilePic' => $this->profilePic, 'level' => $this->level, 'departments' => $this->sharedDepartmentList->toArray(), - 'tickets' => $this->sharedTicketList->toArray(), + 'tickets' => $this->sharedTicketList->toArray() ]; } } diff --git a/tests/init.rb b/tests/init.rb index 45791f55..0af3e81a 100644 --- a/tests/init.rb +++ b/tests/init.rb @@ -25,7 +25,10 @@ require './ticket/custom-response.rb' require './ticket/change-department.rb' require './ticket/close.rb' require './ticket/re-open.rb' +require './staff/add.rb' require './staff/get.rb' +require './staff/edit.rb' +require './staff/delete.rb' require './staff/assign-ticket.rb' require './staff/un-assign-ticket.rb' require './staff/get-tickets.rb' @@ -39,5 +42,6 @@ require './user/get-user.rb' require './user/ban.rb' require './user/get-users-test.rb' require './user/delete.rb' +require './staff/get-all.rb' diff --git a/tests/staff/add.rb b/tests/staff/add.rb index 5f9c6e75..5b189cc3 100644 --- a/tests/staff/add.rb +++ b/tests/staff/add.rb @@ -1,5 +1,42 @@ describe'/staff/add' do - request() + request('/user/logout') + Scripts.login($staff[:email], $staff[:password], true) - it 'should ' + it 'should add staff member' do + result= request('/staff/add', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + name: 'Tyrion Lannister', + email: 'tyrion@opensupports.com', + password: 'testpassword', + level: 2, + profilePic: 'http://www.opensupports.com/profilepic.jpg', + departments: '[1]' + }) + + (result['status']).should.equal('success') + + row = $database.getRow('staff', result['data']['id'], 'id') + + (row['name']).should.equal('Tyrion Lannister') + (row['email']).should.equal('tyrion@opensupports.com') + (row['profile_pic']).should.equal('http://www.opensupports.com/profilepic.jpg') + (row['level']).should.equal('2') + end + it 'should fail if staff member is alrady a staff' do + result= request('/staff/add', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + name: 'Tyrion Lannister', + email: 'tyrion@opensupports.com', + password: 'testpassword', + level: 2, + profilePic: 'http://www.opensupports.com/profilepic.jpg', + departments: '[1]' + }) + + (result['status']).should.equal('fail') + (result['message']).should.equal('ALREADY_A_STAFF') + + end end \ No newline at end of file diff --git a/tests/staff/delete.rb b/tests/staff/delete.rb index e69de29b..af55dcc5 100644 --- a/tests/staff/delete.rb +++ b/tests/staff/delete.rb @@ -0,0 +1,29 @@ +describe'/staff/delete' do + request('/user/logout') + Scripts.login($staff[:email], $staff[:password], true) + + it 'should delete staff member' do + result= request('/staff/delete', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + staffId:2 + }) + + (result['status']).should.equal('success') + + row = $database.getRow('staff', 2, 'id') + (row).should.equal(nil) + + end + it 'should fail delete if staff member is does not exist' do + result= request('/staff/delete', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + staffId:2 + }) + + (result['status']).should.equal('fail') + (result['message']).should.equal('INVALID_STAFF') + + end +end \ No newline at end of file diff --git a/tests/staff/edit.rb b/tests/staff/edit.rb new file mode 100644 index 00000000..3167359f --- /dev/null +++ b/tests/staff/edit.rb @@ -0,0 +1,56 @@ +describe'/staff/edit' do + request('/user/logout') + Scripts.login($staff[:email], $staff[:password], true) + + it 'should edit another staff member' do + result= request('/staff/edit', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + email: 'LittleLannister@opensupports.com', + level: 1, + departments: '[1, 2]', + staffId: 2 + }) + + (result['status']).should.equal('success') + + row = $database.getRow('staff', 2, 'id') + + (row['email']).should.equal('LittleLannister@opensupports.com') + (row['level']).should.equal('1') + + rows = $database.getRow('department_staff', 2, 'staff_id') + + (rows['department_id']).should.equal('1') + + end + + it 'should edit staff member ' do + request('/staff/add', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + name: 'Arya Stark', + password: 'starkpassword', + email: 'arya@opensupports.com', + level: 2, + profilePic: 'http://www.opensupports.com/profilepic.jpg', + departments: '[1]' + }) + request('/user/logout') + Scripts.login('arya@opensupports.com', 'starkpassword', true) + + result = request('/staff/edit', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + email: 'newwstaff@opensupports.com', + }) + + (result['status']).should.equal('success') + + row = $database.getRow('staff', $csrf_userid, 'id') + + (row['email']).should.equal('newwstaff@opensupports.com') + (row['level']).should.equal('2') + + end +end \ No newline at end of file diff --git a/tests/staff/get-all.rb b/tests/staff/get-all.rb new file mode 100644 index 00000000..ba5544f5 --- /dev/null +++ b/tests/staff/get-all.rb @@ -0,0 +1,35 @@ +describe'/staff/get-all' do + request('/user/logout') + Scripts.login($staff[:email], $staff[:password], true) + + it 'should get all staff member' do + result= request('/staff/get-all', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token + }) + + (result['status']).should.equal('success') + + (result['data'][0]['name']).should.equal('Emilia Clarke') + (result['data'][0]['email']).should.equal('staff@opensupports.com') + (result['data'][0]['profilePic']).should.equal('http://www.opensupports.com/profilepic.jpg') + (result['data'][0]['level']).should.equal('3') + (result['data'][0]['departments'][0]['id']).should.equal('1') + (result['data'][0]['departments'][0]['name']).should.equal('Tech Support') + (result['data'][0]['departments'][1]['id']).should.equal('2') + (result['data'][0]['departments'][1]['name']).should.equal('Suggestions') + (result['data'][0]['departments'][2]['id']).should.equal('3') + (result['data'][0]['departments'][2]['name']).should.equal('Sales and Subscriptions') + (result['data'][0]['assignedTickets']).should.equal(3) + (result['data'][0]['closedTickets']).should.equal(0) + + (result['data'][1]['name']).should.equal('Arya Stark') + (result['data'][1]['email']).should.equal('newwstaff@opensupports.com') + (result['data'][1]['profilePic']).should.equal('http://www.opensupports.com/profilepic.jpg') + (result['data'][1]['level']).should.equal('2') + (result['data'][1]['departments'][0]['id']).should.equal('1') + (result['data'][1]['departments'][0]['name']).should.equal('Tech Support') + (result['data'][1]['assignedTickets']).should.equal(0) + (result['data'][1]['closedTickets']).should.equal(0) + end +end \ No newline at end of file diff --git a/tests/staff/get.rb b/tests/staff/get.rb index a0abd11b..86f1870b 100644 --- a/tests/staff/get.rb +++ b/tests/staff/get.rb @@ -11,5 +11,20 @@ describe '/staff/get/' do (result['status']).should.equal('success') (result['data']['name']).should.equal('Emilia Clarke') (result['data']['staff']).should.equal(true) + (result['data']['email']).should.equal('staff@opensupports.com') + (result['data']['level']).should.equal('3') + end + it 'should return staff member data with staff Id' do + result = request('/staff/get', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + staffId:2 + }) + + (result['status']).should.equal('success') + (result['data']['name']).should.equal('Tyrion Lannister') + (result['data']['staff']).should.equal(true) + (result['data']['email']).should.equal('tyrion@opensupports.com') + (result['data']['level']).should.equal('2') end end \ No newline at end of file