GUILLERMO - all test staff [skip ci]

server/controllers/staff/add.php

@@ -48,15 +48,16 @@ class AddStaffController extends Controller {
             $staff->setProperties([
                 'name'=> $this->name,
                 'email' => $this->email,
-                'password'=> $this->password,
+                'password'=> Hashing::hashPassword($this->password),
                 'profilePic' => $this->profilePic,
                 'level' => $this->level,
                 'sharedDepartmentList'=> $this->getDepartmentList(),
             ]);
 
-            $staff->store();
             
-            Response::respondSuccess();
+            Response::respondSuccess([
+                'id' => $staff->store()
+            ]);
             return;
         }
 

server/controllers/staff/delete.php

@@ -9,7 +9,10 @@ class DeleteStaffController extends Controller {
         return [
             'permission' => 'staff_3',
             'requestData' => [
-
+                'staffId' =>[
+                    'validation' => DataValidator::dataStoreId('staff'),
+                    'error' => ERRORS::INVALID_STAFF
+                ]
             ]
         ];
     }

server/controllers/staff/edit.php

@@ -9,13 +9,8 @@ class EditStaffController extends Controller {
 
     public function validations() {
         return [
-            'permission' => 'staff_3',
+            'permission' => 'staff_1',
-            'requestData' => [
+            'requestData' => []
-                'staffId' =>[
-                    'validation' => DataValidator::dataStoreId('staff'),
-                    'error' => ERRORS::INVALID_STAFF
-                ]
-            ]
         ];
     }
 
@@ -24,8 +19,16 @@ class EditStaffController extends Controller {
 
         if(!$this->staffId) {
             $this->staffRow = Controller::getLoggedUser();
+        } else if(Controller::isStaffLogged(3)) {
+            $this->staffRow = Staff::getDataStore($this->staffId, 'id');
+
+            if($this->staffRow->isNull()) {
+                Response::respondError(ERRORS::INVALID_STAFF);
+                return;
+            }
         } else {
-            $this->staffRow = Staff::getDataStore($this->staffId,'id');
+            Response::respondError(ERRORS::NO_PERMISSION);
+            return;
         }
 
         $this->editInformation();
@@ -39,12 +42,14 @@ class EditStaffController extends Controller {
         }
 
         if(Controller::request('password')) {
-            $this->staffRow->password = Controller::request('password');
+            $this->staffRow->password = Hashing::hashPassword(Controller::request('password'));
         }
-        if(Controller::request('level')) {
+        
+        if(Controller::request('level') && Controller::isStaffLogged(3)) {
             $this->staffRow->level = Controller::request('level');
         }
-        if(Controller::request('departments')) {
+        
+        if(Controller::request('departments') && Controller::isStaffLogged(3)) {
             $this->staffRow->sharedDepartmentList = $this->getDepartmentList();
         }
 

server/controllers/staff/get-all.php

@@ -18,7 +18,23 @@ class GetAllStaffController extends Controller {
         $staffArray = [];
 
         foreach($staffs as $staff) {
-            $staffArray[] = $staff->toArray();
+            $assignedTickets = 0;
+            $closedTickets = 0;
+
+            foreach ($staff->sharedTicketList as $ticket) {
+                if($ticket->closed) $closedTickets++;
+                else $assignedTickets++;
+            }
+
+            $staffArray[] = [
+                'name' => $staff->name,
+                'email' => $staff->email,
+                'profilePic' => $staff->profilePic,
+                'level' => $staff->level,
+                'departments' => $staff->sharedDepartmentList->toArray(),
+                'assignedTickets' => $assignedTickets,
+                'closedTickets' => $closedTickets,
+            ];
         }
 
         Response::respondSuccess($staffArray);

server/controllers/staff/get.php

@@ -15,17 +15,11 @@ class GetStaffController extends Controller {
     public function handler() {
         $user = Controller::getLoggedUser();
 
-        $userId = Controller::request('userId');
+        $userId = Controller::request('staffId');
-        $userRow = Staff::getDataStore($userId,'id');
+        $userRow = Staff::getDataStore($userId);
 
         if($user->level == 3 && !$userRow->isNull()) {
-            Response::respondSuccess([
+            $user = $userRow;
-                'id' => $userRow->id,
-                'name' => $userRow->name,
-                'email' => $userRow->email,
-                'password' => $userRow->password
-            ]);
-            return;
         }
 
         $parsedDepartmentList = [];

server/libs/validations/dataStoreId.php

@@ -22,6 +22,9 @@ class DataStoreId extends AbstractRule {
             case 'user':
                 $dataStore = \User::getUser($dataStoreId);
                 break;
+            case 'staff':
+                $dataStore = \Staff::getUser($dataStoreId);
+                break;
             case 'ticket':
                 $dataStore = \Ticket::getTicket($dataStoreId);
                 break;
@@ -45,6 +48,7 @@ class DataStoreId extends AbstractRule {
     private function isDataStoreNameValid($dataStoreName) {
         return in_array($dataStoreName, [
             'user',
+            'staff',
             'ticket',
             'department',
             'customresponse',

server/models/Department.php

@@ -24,4 +24,10 @@ class Department extends DataStore {
         
         return $departmentsNameList;
     }
+    public function toArray() {
+        return [
+            'id' => $this->id,
+            'name' => $this->name
+        ];
+    }
 }

server/models/Staff.php

@@ -34,11 +34,10 @@ class Staff extends DataStore {
         return [
             'name'=> $this->name,
             'email' => $this->email,
-            'password' => $this->password,
             'profilePic' => $this->profilePic,
             'level' => $this->level,
             'departments' => $this->sharedDepartmentList->toArray(),
-            'tickets' => $this->sharedTicketList->toArray(),
+            'tickets' => $this->sharedTicketList->toArray()
         ];
     }
 }

tests/init.rb

@@ -25,7 +25,10 @@ require './ticket/custom-response.rb'
 require './ticket/change-department.rb'
 require './ticket/close.rb'
 require './ticket/re-open.rb'
+require './staff/add.rb'
 require './staff/get.rb'
+require './staff/edit.rb'
+require './staff/delete.rb'
 require './staff/assign-ticket.rb'
 require './staff/un-assign-ticket.rb'
 require './staff/get-tickets.rb'
@@ -39,5 +42,6 @@ require './user/get-user.rb'
 require './user/ban.rb'
 require './user/get-users-test.rb'
 require './user/delete.rb'
+require './staff/get-all.rb'
 
 

tests/staff/add.rb

@@ -1,5 +1,42 @@
 describe'/staff/add' do
-    request()
+    request('/user/logout')
+    Scripts.login($staff[:email], $staff[:password], true)
 
-    it 'should '
+    it 'should add staff member' do
+        result= request('/staff/add', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            name: 'Tyrion Lannister',
+            email: 'tyrion@opensupports.com',
+            password: 'testpassword',
+            level: 2,
+            profilePic: 'http://www.opensupports.com/profilepic.jpg',
+            departments: '[1]'
+        })
+
+        (result['status']).should.equal('success')
+
+        row = $database.getRow('staff', result['data']['id'], 'id')
+
+        (row['name']).should.equal('Tyrion Lannister')
+        (row['email']).should.equal('tyrion@opensupports.com')
+        (row['profile_pic']).should.equal('http://www.opensupports.com/profilepic.jpg')
+        (row['level']).should.equal('2')
+    end
+    it 'should fail if staff member is alrady a staff' do
+        result= request('/staff/add', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            name: 'Tyrion Lannister',
+            email: 'tyrion@opensupports.com',
+            password: 'testpassword',
+            level: 2,
+            profilePic: 'http://www.opensupports.com/profilepic.jpg',
+            departments: '[1]'
+        })
+
+        (result['status']).should.equal('fail')
+        (result['message']).should.equal('ALREADY_A_STAFF')
+
+    end
 end

tests/staff/delete.rb

@@ -0,0 +1,29 @@
+describe'/staff/delete' do
+    request('/user/logout')
+    Scripts.login($staff[:email], $staff[:password], true)
+
+    it 'should delete staff member' do
+        result= request('/staff/delete', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            staffId:2
+        })
+
+        (result['status']).should.equal('success')
+
+        row = $database.getRow('staff', 2, 'id')
+        (row).should.equal(nil)
+
+    end
+    it 'should fail delete if staff member is does not exist' do
+        result= request('/staff/delete', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            staffId:2
+        })
+
+        (result['status']).should.equal('fail')
+        (result['message']).should.equal('INVALID_STAFF')
+
+    end
+end

tests/staff/edit.rb

@@ -0,0 +1,56 @@
+describe'/staff/edit' do
+    request('/user/logout')
+    Scripts.login($staff[:email], $staff[:password], true)
+
+    it 'should edit another staff member' do
+        result= request('/staff/edit', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            email: 'LittleLannister@opensupports.com',
+            level: 1,
+            departments: '[1, 2]',
+            staffId: 2
+        })
+
+        (result['status']).should.equal('success')
+
+        row = $database.getRow('staff', 2, 'id')
+
+        (row['email']).should.equal('LittleLannister@opensupports.com')
+        (row['level']).should.equal('1')
+
+        rows = $database.getRow('department_staff', 2, 'staff_id')
+
+        (rows['department_id']).should.equal('1')
+
+    end
+
+    it 'should edit staff member ' do
+        request('/staff/add', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            name: 'Arya Stark',
+            password: 'starkpassword',
+            email: 'arya@opensupports.com',
+            level: 2,
+            profilePic: 'http://www.opensupports.com/profilepic.jpg',
+            departments: '[1]'
+        })
+        request('/user/logout')
+        Scripts.login('arya@opensupports.com', 'starkpassword', true)
+
+        result = request('/staff/edit', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            email: 'newwstaff@opensupports.com',
+        })
+
+        (result['status']).should.equal('success')
+
+        row = $database.getRow('staff', $csrf_userid, 'id')
+
+        (row['email']).should.equal('newwstaff@opensupports.com')
+        (row['level']).should.equal('2')
+
+    end
+end

tests/staff/get-all.rb

@@ -0,0 +1,35 @@
+describe'/staff/get-all' do
+    request('/user/logout')
+    Scripts.login($staff[:email], $staff[:password], true)
+
+    it 'should get all staff member' do
+        result= request('/staff/get-all', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token
+        })
+
+        (result['status']).should.equal('success')
+
+        (result['data'][0]['name']).should.equal('Emilia Clarke')
+        (result['data'][0]['email']).should.equal('staff@opensupports.com')
+        (result['data'][0]['profilePic']).should.equal('http://www.opensupports.com/profilepic.jpg')
+        (result['data'][0]['level']).should.equal('3')
+        (result['data'][0]['departments'][0]['id']).should.equal('1')
+        (result['data'][0]['departments'][0]['name']).should.equal('Tech Support')
+        (result['data'][0]['departments'][1]['id']).should.equal('2')
+        (result['data'][0]['departments'][1]['name']).should.equal('Suggestions')
+        (result['data'][0]['departments'][2]['id']).should.equal('3')
+        (result['data'][0]['departments'][2]['name']).should.equal('Sales and Subscriptions')
+        (result['data'][0]['assignedTickets']).should.equal(3)
+        (result['data'][0]['closedTickets']).should.equal(0)
+
+        (result['data'][1]['name']).should.equal('Arya Stark')
+        (result['data'][1]['email']).should.equal('newwstaff@opensupports.com')
+        (result['data'][1]['profilePic']).should.equal('http://www.opensupports.com/profilepic.jpg')
+        (result['data'][1]['level']).should.equal('2')
+        (result['data'][1]['departments'][0]['id']).should.equal('1')
+        (result['data'][1]['departments'][0]['name']).should.equal('Tech Support')
+        (result['data'][1]['assignedTickets']).should.equal(0)
+        (result['data'][1]['closedTickets']).should.equal(0)
+    end
+end

tests/staff/get.rb

@@ -11,5 +11,20 @@ describe '/staff/get/' do
         (result['status']).should.equal('success')
         (result['data']['name']).should.equal('Emilia Clarke')
         (result['data']['staff']).should.equal(true)
+        (result['data']['email']).should.equal('staff@opensupports.com')
+        (result['data']['level']).should.equal('3')
+    end
+    it 'should return staff member data with staff Id' do
+        result = request('/staff/get', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            staffId:2
+        })
+
+        (result['status']).should.equal('success')
+        (result['data']['name']).should.equal('Tyrion Lannister')
+        (result['data']['staff']).should.equal(true)
+        (result['data']['email']).should.equal('tyrion@opensupports.com')
+        (result['data']['level']).should.equal('2')
     end
 end