[DEV-160] Add user permission into logout path (#1073)
* fix apidoc * add user verification into logout.php and update ruby tests
This commit is contained in:
parent
018863ab3e
commit
9ed4caf202
|
@ -5,7 +5,7 @@ DataValidator::with('CustomValidations', true);
|
|||
|
||||
/**
|
||||
* @api {post} /ticket/search-authors search authors of tickets
|
||||
* @apiVersion 4.7
|
||||
* @apiVersion 4.10.0
|
||||
*
|
||||
* @apiName Search authors
|
||||
*
|
||||
|
|
|
@ -11,6 +11,8 @@
|
|||
*
|
||||
* @apiPermission any
|
||||
*
|
||||
* @apiUse NO_PERMISSION
|
||||
*
|
||||
* @apiSuccess {Object} data Empty object
|
||||
*
|
||||
*/
|
||||
|
@ -20,7 +22,7 @@ class LogoutController extends Controller {
|
|||
|
||||
public function validations() {
|
||||
return [
|
||||
'permission' => 'any',
|
||||
'permission' => 'user',
|
||||
'requestData' => []
|
||||
];
|
||||
}
|
||||
|
|
|
@ -18,8 +18,6 @@ DataValidator::with('CustomValidations', true);
|
|||
* @apiParam {Boolean} staff Indicates if the user is a staff member.
|
||||
*
|
||||
* @apiUse INVALID_EMAIL
|
||||
* @apiUse USER_SYSTEM_DISABLED
|
||||
* @apiUse INVALID_EMAIL
|
||||
*
|
||||
* @apiSuccess {Object} data Empty object.
|
||||
*
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe 'Article path' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
topic = request('/article/add-topic', {
|
||||
name: 'Server management',
|
||||
|
@ -140,7 +140,7 @@ describe 'Article path' do
|
|||
|
||||
end
|
||||
it 'should retrieve public departments' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('tyrion@opensupports.com', 'tyrionl')
|
||||
|
||||
result = request('/article/get-all', {
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe 'Topic paths' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should add topic correctly' do
|
||||
|
@ -60,7 +60,7 @@ describe 'Topic paths' do
|
|||
end
|
||||
|
||||
it 'should deny permission if it is not logged as staff' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('tyrion@opensupports.com', 'tyrionl')
|
||||
|
||||
result = request('/article/add-topic', {
|
||||
|
|
|
@ -72,7 +72,6 @@ class Scripts
|
|||
end
|
||||
|
||||
def self.login(email = 'steve@jobs.com', password = 'custompassword', staff = false)
|
||||
request('/user/logout')
|
||||
response = request('/user/login', {
|
||||
:email => email,
|
||||
:password => password,
|
||||
|
@ -88,7 +87,10 @@ class Scripts
|
|||
end
|
||||
|
||||
def self.logout()
|
||||
request('/user/logout')
|
||||
request('/user/logout', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
end
|
||||
|
||||
def self.createTicket(title = 'Winter is coming',content = 'The north remembers', department = 1)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/staff/assign-ticket' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
Scripts.createTicket('ticket_to_assing_1')
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'/staff/delete' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
@staffId = $database.getRow('staff','littlelannister@opensupports.com','email')['id']
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'/staff/edit' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should edit another staff member' do
|
||||
|
@ -93,7 +93,7 @@ describe'/staff/edit' do
|
|||
|
||||
it 'should fail if is not staff logged' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
result = request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
|
|
|
@ -37,7 +37,7 @@ describe 'Retrieve all tickets' do
|
|||
createTicket('placerat id velit')
|
||||
createTicket('Quisque egestas ipsum')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
response = request('/staff/get-all-tickets', {
|
||||
page: 1,
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'/staff/get-all' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should get all staff member' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/staff/get-new-tickets' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should get new tickets' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/staff/get-tickets' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should get ticket list' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/staff/get/' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should return staff member data' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'/staff/invite' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should if data is wrong' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/staff/last-events' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should get last events' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'/staff/resend-invite-staff' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should if data is wrong' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'system/add-api-key' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should add API key' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'system/add-department' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should add department with alphanumeric characters' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/system/apikey-permissions' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
|
@ -18,7 +18,7 @@ describe '/system/apikey-permissions' do
|
|||
"csrf_token" => $csrf_token,
|
||||
"recaptcha-private" => "THISISVALID"
|
||||
})
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
it 'should fail ticket create if the apikey does not have create ticket permission' do
|
||||
result = request('/ticket/create', {
|
||||
|
@ -148,7 +148,7 @@ describe '/system/apikey-permissions' do
|
|||
|
||||
it 'should fail signing up user if the apikey permission is wrong' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
result = request('/user/signup', {
|
||||
name: 'Petyr Baelish',
|
||||
email: 'littlefinger@got.com',
|
||||
|
@ -200,6 +200,6 @@ describe '/system/apikey-permissions' do
|
|||
"csrf_token" => $csrf_token,
|
||||
"recaptcha-private" => ""
|
||||
})
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'system/csv-import' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should create user with csv-import' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe 'CustomField' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
describe '/system/add-custom field' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe 'Custom fields' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
describe '/system/add-custom-field' do
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
describe '/system/default-department' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
|
||||
it 'should fail if try to turn a private department default' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
|
||||
privatedepartment = $database.getRow('department', 1, 'private')
|
||||
|
@ -32,7 +32,7 @@ describe '/system/default-department' do
|
|||
end
|
||||
|
||||
it 'should fail if default-department-id does not exist' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result= request('/system/edit-settings', {
|
||||
|
@ -46,7 +46,7 @@ describe '/system/default-department' do
|
|||
end
|
||||
|
||||
it 'should set a new default deparment' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
|
||||
publicdepartment = $database.getRow('department', 'Suggestions', 'name')
|
||||
|
@ -61,7 +61,7 @@ describe '/system/default-department' do
|
|||
end
|
||||
|
||||
it 'should fail if try to delete the default department' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
|
||||
defaultDepartment = $database.getRow('setting', 'default-department-id', 'name')
|
||||
|
@ -79,7 +79,7 @@ describe '/system/default-department' do
|
|||
end
|
||||
|
||||
it 'should fail if try to edit default department into private' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
defaultDepartmentId = $database.getRow('setting', 'default-department-id', 'name')
|
||||
department = $database.getRow('department',defaultDepartmentId['value'],'id')
|
||||
|
@ -97,7 +97,7 @@ describe '/system/default-department' do
|
|||
end
|
||||
|
||||
it 'should create ticket in default department if Staff does not give department with locked on' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
Scripts.updateLockedDepartmentSetting(1)
|
||||
|
||||
|
@ -116,7 +116,7 @@ describe '/system/default-department' do
|
|||
end
|
||||
|
||||
it 'should create ticket in default department if staff does not give department with locked off'do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
Scripts.updateLockedDepartmentSetting(0)
|
||||
|
||||
|
@ -135,7 +135,7 @@ describe '/system/default-department' do
|
|||
end
|
||||
|
||||
it 'should create ticket in selected department if staff give department and lockd is off'do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
Scripts.updateLockedDepartmentSetting(0)
|
||||
|
||||
|
@ -154,7 +154,7 @@ describe '/system/default-department' do
|
|||
end
|
||||
|
||||
it 'should create ticket in selected department if staff give department and locked is on' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
Scripts.updateLockedDepartmentSetting(1)
|
||||
|
||||
|
@ -174,11 +174,11 @@ describe '/system/default-department' do
|
|||
|
||||
it 'should create ticket on default department if user does not give department and locked is on' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
Scripts.updateLockedDepartmentSetting(1)
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('user@os4.com', 'loginpass')
|
||||
|
||||
result = request('/ticket/create', {
|
||||
|
@ -199,11 +199,11 @@ describe '/system/default-department' do
|
|||
|
||||
it 'should create ticket on default department if user does not give department and locked is off'do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
Scripts.updateLockedDepartmentSetting(0)
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('user@os4.com', 'loginpass')
|
||||
|
||||
result = request('/ticket/create', {
|
||||
|
@ -222,11 +222,11 @@ describe '/system/default-department' do
|
|||
|
||||
it 'should create ticket on selected department if user give department and locked is off'do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
Scripts.updateLockedDepartmentSetting(0)
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('user@os4.com', 'loginpass')
|
||||
|
||||
result = request('/ticket/create', {
|
||||
|
@ -246,7 +246,7 @@ describe '/system/default-department' do
|
|||
it 'should create ticket on default language if user does not pass language'do
|
||||
$database.query('update setting set value="ru" where name="language";')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('user@os4.com', 'loginpass')
|
||||
|
||||
result = request('/ticket/create', {
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'system/delete-api-key' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should not delete API key' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe 'system/delete-department' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.createUser('tranferguy@opensupports.com', 'transfer', 'Transfer Guy')
|
||||
Scripts.login('tranferguy@opensupports.com', 'transfer')
|
||||
$apikey = $database.getRow('apikey',1,'id')
|
||||
|
@ -35,7 +35,7 @@ describe 'system/delete-department' do
|
|||
ticket2 = ticket2['data']['ticketNumber']
|
||||
ticket3 = ticket3['data']['ticketNumber']
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
request('/staff/edit', {
|
||||
csrf_userid: $csrf_userid,
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'/system/disable-registration' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
api_key = Scripts.createAPIKey('registrationKey', canCreateUsers = 1)['data']
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'system/edit-department' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should edit department' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'system/edit-settings' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should edit settings' do
|
||||
|
@ -33,10 +33,10 @@ describe'system/edit-settings' do
|
|||
(row['value']).should.equal('testemail@hotmail.com')
|
||||
row = $database.getRow('setting', 'default-is-locked', 'name')
|
||||
(row['value']).should.equal('1')
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
end
|
||||
it 'should fail if supported languages are invalid' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result= request('/system/edit-settings', {
|
||||
|
@ -50,7 +50,7 @@ describe'system/edit-settings' do
|
|||
(result['message']).should.equal('INVALID_SUPPORTED_LANGUAGES')
|
||||
end
|
||||
it 'should change allowed and supported languages' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result= request('/system/edit-settings', {
|
||||
|
@ -94,11 +94,11 @@ describe'system/edit-settings' do
|
|||
|
||||
|
||||
Scripts.updateLockedDepartmentSetting(0);
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
end
|
||||
|
||||
it 'should delete ticket when user table is not created' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
Scripts.createTicket('TicketToDeleteWithoutUsersCreated')
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'/system/enable-registration' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should not enable registration if password is not correct' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe 'File Upload and Download' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('creator@os4.com', 'creator')
|
||||
|
||||
it 'should upload file when creating ticket' do
|
||||
|
@ -39,7 +39,7 @@ describe 'File Upload and Download' do
|
|||
end
|
||||
|
||||
it 'should download if department owner is logged' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
|
||||
ticket = $database.getLastRow('ticket')
|
||||
|
@ -79,7 +79,7 @@ describe 'File Upload and Download' do
|
|||
end
|
||||
|
||||
it 'should add images to ticket content when creating a new ticket' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('creator@os4.com', 'creator')
|
||||
|
||||
file = File.open( "../server/files/profile.jpg")
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'system/get-api-keys' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should get all API keys' do
|
||||
|
|
|
@ -2,12 +2,12 @@ describe '/system/get-stats/' do
|
|||
Scripts.createUser('statsuser@os4.com', 'StatsUser', 'StatsUser')
|
||||
|
||||
def asUser()
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('statsuser@os4.com', 'StatsUser')
|
||||
end
|
||||
|
||||
def asStaff()
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
end
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe 'Mail templates' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
describe 'system/get-mail-template' do
|
||||
|
|
|
@ -14,7 +14,7 @@ describe'system/mandatory-login' do
|
|||
(result['message']).should.equal('NO_PERMISSION')
|
||||
end
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should fail trying to disable mandatory login when registration is off' do
|
||||
|
@ -98,7 +98,7 @@ describe'system/mandatory-login' do
|
|||
end
|
||||
|
||||
it 'should allow a creator creates a ticket and create him a user' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
result = request('/ticket/create', {
|
||||
email: 'nonuser@os4.com',
|
||||
language: 'en',
|
||||
|
@ -283,7 +283,7 @@ describe'system/mandatory-login' do
|
|||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('INVALID_CREDENTIALS')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
result = request('/user/login', {
|
||||
email: 'nonuser@os4.com'
|
||||
|
@ -294,7 +294,7 @@ describe'system/mandatory-login' do
|
|||
end
|
||||
|
||||
it 'should allow the creator sign up' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.createUser('nonuser@os4.com', 'customPassword', 'nonuser')
|
||||
$userRow = $database.getRow('user','nonuser@os4.com','email')
|
||||
($userRow['never_logged']).should.equal(nil)
|
||||
|
@ -302,7 +302,7 @@ describe'system/mandatory-login' do
|
|||
end
|
||||
|
||||
it 'should allow the creator login and get more than 1 own ticket' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
result = request('/user/login', {
|
||||
email: 'nonuser@os4.com',
|
||||
password: 'customPassword'
|
||||
|
@ -338,7 +338,7 @@ describe'system/mandatory-login' do
|
|||
(result['status']).should.equal('success')
|
||||
end
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should allow staff enable the mandatory login' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/ticket/add-tag' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
Scripts.createTag('test tag', 'orange')
|
||||
|
@ -72,12 +72,12 @@ describe '/ticket/add-tag' do
|
|||
end
|
||||
|
||||
it 'should fail if staff member does not serve to the department of the ticket and he is not the author' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.createUser('pepito@pepito.com', 'pepito12345','pepito')
|
||||
Scripts.login('pepito@pepito.com', 'pepito12345')
|
||||
Scripts.createTicket('title70','contentoftheticket70',3)
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
ticket = $database.getRow('ticket','title70', 'title')
|
||||
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
describe '/ticket/change-department' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
Scripts.createTicket('Stafftitle','This ticket was made by an staff',1)
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
request('/system/add-department', {
|
||||
|
@ -32,7 +32,7 @@ describe '/ticket/change-department' do
|
|||
|
||||
it 'should change department if staff has same department as ticket' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
ticket = $database.getRow('ticket', 'Should we pay?', 'title')
|
||||
|
||||
|
@ -104,7 +104,7 @@ describe '/ticket/change-department' do
|
|||
})
|
||||
end
|
||||
it 'should not unassing ticket if owner has the new ticket department and staff does not have it' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/staff/edit', {
|
||||
|
@ -184,7 +184,7 @@ describe '/ticket/change-department' do
|
|||
Scripts.deleteStaff(staff['id'])
|
||||
end
|
||||
it 'should unassing ticket if owner has not the new ticket department' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/staff/edit', {
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
describe '/ticket/close' do
|
||||
|
||||
it 'should close ticket if staff member has the same department as ticket' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.createUser('closer@os4.com','closer','Closer')
|
||||
Scripts.login('closer@os4.com','closer')
|
||||
Scripts.createTicket('tickettoclose','thecontentoftickettoclose',1)
|
||||
Scripts.createTicket('tickettoclose2','thecontentoftickettoclose2',3)
|
||||
Scripts.createTicket('tickettoclose3','thecontentoftickettoclose3',3)
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
ticket = $database.getRow('ticket', 'tickettoclose', 'title')
|
||||
|
@ -81,7 +81,7 @@ describe '/ticket/close' do
|
|||
})
|
||||
end
|
||||
it 'should close ticket if User is the author' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('closer@os4.com','closer')
|
||||
|
||||
ticket = $database.getRow('ticket', 'tickettoclose3', 'title')
|
||||
|
@ -100,6 +100,6 @@ describe '/ticket/close' do
|
|||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('CLOSE')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
end
|
||||
end
|
||||
|
|
|
@ -52,7 +52,7 @@ describe '/ticket/comment/' do
|
|||
end
|
||||
|
||||
it 'should add comment if staff member serves to the same department as the ticket' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
result = request('/ticket/comment', {
|
||||
content: 'some comment content',
|
||||
|
@ -73,10 +73,10 @@ describe '/ticket/comment/' do
|
|||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('COMMENT')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
end
|
||||
it 'should comment the ticket if staff member does not serve the deparment of the ticket and he is author' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createTicket('ticketttobecommented', 'tickettobecommentedbytheauthor', 2)
|
||||
request('/staff/edit', {
|
||||
|
@ -114,10 +114,10 @@ describe '/ticket/comment/' do
|
|||
staffId: 1
|
||||
})
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('commenter@os4.com', 'commenter')
|
||||
Scripts.createTicket('title138','commentofthetitkect138', 1)
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
ticket = $database.getRow('ticket', 'title138' , 'title')
|
||||
|
||||
|
@ -153,7 +153,7 @@ describe '/ticket/comment/' do
|
|||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/staff/invite', {
|
||||
|
@ -168,7 +168,7 @@ describe '/ticket/comment/' do
|
|||
|
||||
(result['status'].should.equal('success'))
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
recoverpassword = $database.getRow('recoverpassword', 'jorah@opensupports.com', 'email')
|
||||
request('/user/recover-password', {
|
||||
|
@ -202,12 +202,12 @@ describe '/ticket/comment/' do
|
|||
(result['status']).should.equal('success')
|
||||
comment = $database.getRow('ticketevent', 'this is not a private comment', 'content')
|
||||
(comment['private']).should.equal(0)
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
end
|
||||
|
||||
it 'should change private to 1 if a staff creates a private comment' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
Scripts.login('jorah@opensupports.com', 'testpassword', true)
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/ticket/create-tag' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should add a tag' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/ticket/create' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.createUser('creator@os4.com','creator','Creator')
|
||||
Scripts.login('creator@os4.com','creator')
|
||||
|
||||
|
@ -78,7 +78,7 @@ describe '/ticket/create' do
|
|||
|
||||
end
|
||||
it 'should fail if an user tries to create a ticket with a private department' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
|
||||
result = request('/system/add-department', {
|
||||
|
@ -90,7 +90,7 @@ describe '/ticket/create' do
|
|||
|
||||
row = $database.getRow('department', 'useless private deapartment', 'name')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.createUser('user@os4.com', 'loginpass')
|
||||
Scripts.login('user@os4.com', 'loginpass')
|
||||
|
||||
|
@ -106,7 +106,7 @@ describe '/ticket/create' do
|
|||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('INVALID_DEPARTMENT')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
end
|
||||
|
||||
it 'should create ticket if pass data is valid' do
|
||||
|
@ -177,7 +177,7 @@ describe '/ticket/create' do
|
|||
end
|
||||
|
||||
it 'should be able to create a ticket while being staff' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
result = request('/ticket/create', {
|
||||
title: 'created by staff',
|
||||
|
@ -194,6 +194,6 @@ describe '/ticket/create' do
|
|||
(ticket['author_staff_id']).should.equal(1)
|
||||
|
||||
$ticketNumberByStaff = ticket['ticket_number']
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
describe '/ticket/delete' do
|
||||
|
||||
it 'should delete ticket if it is not assigned and is logged a staff lvl 3 ' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createTicket('ticket_to_delete')
|
||||
ticket = $database.getRow('ticket', 'ticket_to_delete', 'title')
|
||||
|
@ -24,7 +24,7 @@ describe '/ticket/delete' do
|
|||
token: recoverpassword['token']
|
||||
})
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('ned@opensupports.com', 'headless', true)
|
||||
|
||||
result = request('/ticket/delete', {
|
||||
|
@ -37,7 +37,7 @@ describe '/ticket/delete' do
|
|||
end
|
||||
|
||||
it 'should delete ticket if it is yours and it is not assigned' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.createUser('deleter@opensupports.com', 'deleterpassword', 'Delter')
|
||||
Scripts.login('deleter@opensupports.com', 'deleterpassword')
|
||||
|
||||
|
@ -52,13 +52,13 @@ describe '/ticket/delete' do
|
|||
end
|
||||
|
||||
it 'should not delete ticket if it is assigned' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('deleter@opensupports.com', 'deleterpassword')
|
||||
|
||||
Scripts.createTicket('ticket_to_delete_3')
|
||||
ticket = $database.getRow('ticket', 'ticket_to_delete_3', 'title');
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/staff/assign-ticket', {
|
||||
|
@ -67,7 +67,7 @@ describe '/ticket/delete' do
|
|||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('deleter@opensupports.com', 'deleterpassword')
|
||||
|
||||
result = request('/ticket/delete', {
|
||||
|
@ -81,7 +81,7 @@ describe '/ticket/delete' do
|
|||
end
|
||||
|
||||
it 'should not delete ticket if the staff logged is not lvl 3' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createTicket('ticket_to_delete_4')
|
||||
|
||||
|
@ -105,7 +105,7 @@ describe '/ticket/delete' do
|
|||
token: recoverpassword['token']
|
||||
})
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
Scripts.login('uselessstaff@opensupports.com', 'theyaregonnafireme',true)
|
||||
|
||||
|
@ -118,7 +118,7 @@ describe '/ticket/delete' do
|
|||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
staff = $database.getRow('staff', 'ned@opensupports.com', 'email')
|
||||
Scripts.deleteStaff(staff['id'])
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
describe '/ticket/edit-comment' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login();
|
||||
Scripts.createTicket('ticket made by an user','content of the ticket made by an user')
|
||||
ticket = $database.getRow('ticket', 'ticket made by an user', 'title')
|
||||
|
@ -38,7 +38,7 @@ describe '/ticket/edit-comment' do
|
|||
end
|
||||
|
||||
it 'should change the content of a comment and the content of the ticket if the admin is logged' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
ticketevent = $database.getRow('ticketevent', 'comment edited by the user', 'content')
|
||||
|
||||
|
@ -66,11 +66,11 @@ describe '/ticket/edit-comment' do
|
|||
(result['status']).should.equal('success')
|
||||
(ticket['content']).should.equal('content edited by a staff')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
end
|
||||
|
||||
it 'should not change the content of a comment if the user is not the author' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
ticket = $database.getRow('ticket', 'ticket made by an user', 'title')
|
||||
|
@ -80,7 +80,7 @@ describe '/ticket/edit-comment' do
|
|||
|
||||
ticketevent = $database.getRow('ticketevent', 'this is a new comment of a staff member', 'content')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login();
|
||||
|
||||
result = request('/ticket/edit-comment', {
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/ticket/edit-tag' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should edit a tag' do
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
describe '/ticket/edit-title' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login();
|
||||
Scripts.createTicket('Valar Morghulis','content of the ticket made by an user')
|
||||
ticket = $database.getRow('ticket', 'Valar Morghulis', 'title')
|
||||
|
@ -36,7 +36,7 @@ describe '/ticket/edit-title' do
|
|||
end
|
||||
|
||||
it 'should change the title of the ticket if staff is logged' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/ticket/edit-title', {
|
||||
|
@ -54,12 +54,12 @@ describe '/ticket/edit-title' do
|
|||
end
|
||||
|
||||
it 'should not change the title if the user is not the author' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createTicket('Winterfell')
|
||||
ticket = $database.getRow('ticket', 'Winterfell', 'title')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login()
|
||||
|
||||
result = request('/ticket/edit-title', {
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe 'Ticket Events' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.createUser('tyrion@opensupports.com', 'tyrionl', 'Tyrion Lannister')
|
||||
|
||||
it 'should add events correctly' do
|
||||
|
@ -16,7 +16,7 @@ describe 'Ticket Events' do
|
|||
|
||||
ticketNumber = ticket['ticket_number']
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
request('/staff/assign-ticket', {
|
||||
ticketNumber: ticketNumber,
|
||||
|
@ -51,7 +51,7 @@ describe 'Ticket Events' do
|
|||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('tyrion@opensupports.com', 'tyrionl')
|
||||
request('/ticket/re-open', {
|
||||
ticketNumber: ticketNumber,
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/ticket/get-authors/' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createUser('userauthor@os4.com', 'passwordofuserauthor', 'userauthorname')
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/ticket/get/' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result= request('/system/add-api-key', {
|
||||
|
@ -12,7 +12,7 @@ describe '/ticket/get/' do
|
|||
(result['status']).should.equal('success')
|
||||
$token = result['data'];
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
Scripts.createUser('cersei@os4.com', 'cersei','Cersei Lannister')
|
||||
Scripts.createUser('not_ticket_getter@os4.com', 'not_ticket_getter','No Author')
|
||||
|
@ -51,7 +51,7 @@ describe '/ticket/get/' do
|
|||
end
|
||||
|
||||
it 'should fail if ticket does not belong to user' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
result = Scripts.login('not_ticket_getter@os4.com', 'not_ticket_getter')
|
||||
|
||||
$csrf_userid = result['userId']
|
||||
|
@ -97,11 +97,11 @@ describe '/ticket/get/' do
|
|||
(result['data']['events'][0]['content']).should.equal('some valid comment made')
|
||||
end
|
||||
it 'should successfully return the ticket information if staff member serves to the department of the ticket' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('cersei@os4.com', 'cersei')
|
||||
Scripts.createTicket('titleofticket87','contentoftheticket87',1)
|
||||
Scripts.createTicket('2titleofticket87','2contentoftheticket87',1)
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
ticket = $database.getRow('ticket','titleofticket87', 'title')
|
||||
|
@ -119,7 +119,7 @@ describe '/ticket/get/' do
|
|||
|
||||
end
|
||||
it 'should successfully return the ticket information if staff member does not serve to the deparment of the ticket but is author' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
Scripts.createTicket('titleoftheticket107','contentoftheticket107',1)
|
||||
|
@ -145,7 +145,7 @@ describe '/ticket/get/' do
|
|||
|
||||
it 'should fail if staff member does not serve to the department of the ticket and is not the author' do
|
||||
ticket = $database.getRow('ticket','2titleofticket87', 'title')
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/ticket/get', {
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/ticket/re-open' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should re open a ticket if staff member has the deparment of the ticket' do
|
||||
|
@ -20,7 +20,7 @@ describe '/ticket/re-open' do
|
|||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('RE_OPEN')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
end
|
||||
it 'Should re-open if staff member does not serve to the department of the ticket and its the author'do
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
@ -81,7 +81,7 @@ describe '/ticket/re-open' do
|
|||
lastLog = $database.getLastRow('log')
|
||||
(lastLog['type']).should.equal('RE_OPEN')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
end
|
||||
|
||||
it 'Should fail re-open the ticket if the staff does not serve to the department and he is not the author' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/ticket/remove-tag' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = $database.getRow('ticket', 'test ticket' , 'title')
|
||||
|
@ -75,10 +75,10 @@ describe '/ticket/remove-tag' do
|
|||
})
|
||||
end
|
||||
it 'should fail if staff does not serve to department of the ticket and is not the author' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('pepito@pepito.com', 'pepito12345')
|
||||
Scripts.createTicket('title73','contentoftheticket73',3)
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
ticket = $database.getRow('ticket','title73', 'title')
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
describe '/ticket/search-authors/' do
|
||||
|
||||
it 'should fail if a user is loged' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('tyrion@opensupports.com', 'tyrionl')
|
||||
|
||||
result = request('/ticket/search-authors', {
|
||||
|
@ -17,7 +17,7 @@ describe '/ticket/search-authors/' do
|
|||
end
|
||||
|
||||
it 'should fail if blackList is invalid' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createUser(email = 'eemilia@jobs.com', password = 'custompassword', name = 'eemilia')
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/ticket/search' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
Scripts.createTicket('test ticket1')
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
describe '/ticket/seen' do
|
||||
|
||||
describe 'when a staff is logged' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
ticket = $database.getRow('ticket', 'Should we pay?', 'title')
|
||||
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
@ -22,7 +22,7 @@ describe '/ticket/seen' do
|
|||
|
||||
describe 'when an user is logged' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login()
|
||||
it 'should fail if user is not author' do
|
||||
ticket = $database.getRow('ticket', 'Should we pay?', 'title')
|
||||
|
@ -36,7 +36,7 @@ describe '/ticket/seen' do
|
|||
(result['message']).should.equal('NO_PERMISSION')
|
||||
end
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('user_get@os4.com', 'user_get')
|
||||
it 'should change unread if everything is okey ' do
|
||||
ticket = $database.getRow('ticket', 'Should we pay?', 'title')
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
describe '/user/ban' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
result = request('/user/login', {
|
||||
email: 'staff@opensupports.com',
|
||||
password: 'staff',
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
describe '/user/delete' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
it 'should delete user' do
|
||||
Scripts.createUser('deletable@opensupports.com', 'deletable')
|
||||
Scripts.login('deletable@opensupports.com', 'deletable')
|
||||
Scripts.createTicket('Ticket that will be deleted')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('staff@opensupports.com', 'staff', true)
|
||||
ticket = $database.getLastRow('ticket')
|
||||
deletable_user = $database.getLastRow('user')
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
describe '/user/edit-email' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
result = request('/user/login', {
|
||||
email: 'steve@jobs.com',
|
||||
password: 'custompassword'
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
describe '/user/edit-password' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
result = request('/user/login', {
|
||||
email: 'steve@jobs.com',
|
||||
password: 'custompassword'
|
||||
|
@ -53,7 +53,7 @@ describe '/user/edit-password' do
|
|||
})
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
Scripts.login('steve@jobs.com','newpassword')
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/staff/supervisor-user-list' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
Scripts.createUser('supervisor@opensupports.com', 'passwordOfSupervisor', 'Supervisor Guy')
|
||||
Scripts.createUser('usersupervised1@opensupports.com', 'usersupervised1', 'supervised Guy1')
|
||||
|
@ -32,7 +32,7 @@ describe '/staff/supervisor-user-list' do
|
|||
ticketuser2 = $database.getRow('ticket', 'titlecreateadbyusersupervised2', 'title')
|
||||
ticketuser3 = $database.getRow('ticket', 'titlecreateadbyusersupervised3', 'title')
|
||||
it'should fail if a no-staff tryes to make the request'do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('supervisor@opensupports.com', 'passwordOfSupervisor')
|
||||
|
||||
result = request('/user/edit-supervised-list', {
|
||||
|
@ -48,7 +48,7 @@ describe '/staff/supervisor-user-list' do
|
|||
end
|
||||
|
||||
it 'should fail if userIdList is wrong' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/user/edit-supervised-list', {
|
||||
|
@ -83,7 +83,7 @@ describe '/staff/supervisor-user-list' do
|
|||
end
|
||||
|
||||
it'should fail if userId is wrong'do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/user/edit-supervised-list', {
|
||||
|
@ -98,7 +98,7 @@ describe '/staff/supervisor-user-list' do
|
|||
end
|
||||
|
||||
it'should fail if supervisor is included in user-id-List'do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/user/edit-supervised-list', {
|
||||
|
@ -113,7 +113,7 @@ describe '/staff/supervisor-user-list' do
|
|||
end
|
||||
|
||||
it'should create supervisor user'do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/user/edit-supervised-list', {
|
||||
|
@ -128,7 +128,7 @@ describe '/staff/supervisor-user-list' do
|
|||
end
|
||||
|
||||
it 'should allow supervisor to access tickets from supervisated users' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('supervisor@opensupports.com', 'passwordOfSupervisor')
|
||||
result = request('/ticket/get', {
|
||||
ticketNumber: ticketsupervisor['ticket_number'],
|
||||
|
@ -160,7 +160,7 @@ describe '/staff/supervisor-user-list' do
|
|||
|
||||
end
|
||||
it 'should allow supervisor see only the new user list' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
request('/user/edit-supervised-list', {
|
||||
|
@ -171,7 +171,7 @@ describe '/staff/supervisor-user-list' do
|
|||
})
|
||||
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('supervisor@opensupports.com', 'passwordOfSupervisor')
|
||||
|
||||
result = request('/ticket/get', {
|
||||
|
|
|
@ -2,7 +2,7 @@ describe 'Enable/disable user' do
|
|||
user = $database.getRow('user', 'login@os4.com', 'email');
|
||||
|
||||
describe '/user/disable' do
|
||||
request('/user/logout');
|
||||
Scripts.logout();
|
||||
Scripts.login('staff@opensupports.com', 'staff', true);
|
||||
|
||||
it 'should disable user' do
|
||||
|
@ -27,7 +27,7 @@ describe 'Enable/disable user' do
|
|||
end
|
||||
|
||||
it 'should reject login' do
|
||||
request('/user/logout');
|
||||
Scripts.logout();
|
||||
result = request('/user/login', {
|
||||
email: 'login@os4.com',
|
||||
password: 'loginpass'
|
||||
|
@ -39,7 +39,7 @@ describe 'Enable/disable user' do
|
|||
end
|
||||
|
||||
describe '/user/enable' do
|
||||
request('/user/logout');
|
||||
Scripts.logout();
|
||||
Scripts.login('staff@opensupports.com', 'staff', true);
|
||||
|
||||
it 'should enable user' do
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/user/get-supervised-tickets' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
supervisor = $database.getRow('user', 'supervisor@opensupports.com', 'email')
|
||||
user1 = $database.getRow('user', 'usersupervised1@opensupports.com', 'email')
|
||||
|
@ -12,7 +12,7 @@ describe '/user/get-supervised-tickets' do
|
|||
|
||||
|
||||
it 'should fail if supervised users are not valid' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
result = request('/user/edit-supervised-list', {
|
||||
|
@ -24,7 +24,7 @@ describe '/user/get-supervised-tickets' do
|
|||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('supervisor@opensupports.com', 'passwordOfSupervisor')
|
||||
|
||||
result = request('/user/get-supervised-tickets', {
|
||||
|
@ -141,7 +141,7 @@ describe '/user/get-supervised-tickets' do
|
|||
(result['data']).should.equal([])
|
||||
end
|
||||
it 'should works propertly if 2 supervisors has the same users' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
Scripts.createUser('supervisor2@opensupports.com', 'usersupervised2', 'supervisor Guy2')
|
||||
supervisor2 = $database.getRow('user', 'supervisor2@opensupports.com', 'email')
|
||||
|
@ -188,7 +188,7 @@ describe '/user/get-supervised-tickets' do
|
|||
end
|
||||
|
||||
it 'should if supervised Users tryes to handle supervisor-ticket' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('usersupervised1@opensupports.com', 'usersupervised1')
|
||||
|
||||
result = request('/user/get-supervised-tickets', {
|
||||
|
@ -201,7 +201,7 @@ describe '/user/get-supervised-tickets' do
|
|||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('INVALID_SUPERVISED_USERS')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('usersupervised2@opensupports.com', 'usersupervised2')
|
||||
|
||||
result = request('/user/get-supervised-tickets', {
|
||||
|
@ -214,7 +214,7 @@ describe '/user/get-supervised-tickets' do
|
|||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('INVALID_SUPERVISED_USERS')
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login('usersupervised3@opensupports.com', 'usersupervised3')
|
||||
|
||||
result = request('/user/get-supervised-tickets', {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
describe '/user/get-user' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
result = request('/user/login', {
|
||||
email: 'staff@opensupports.com',
|
||||
password: 'staff',
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
describe '/user/get-users' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.createUser('tests@hotmail.com','passdasdasdas','laasdasd')
|
||||
Scripts.createUser('tests2@hotmail.com','passfasfasfsa','laeaefae')
|
||||
Scripts.createUser('tests3@hotmail.com','passfasfasfws','laeczvwaf')
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe '/user/get' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.createUser('user_get@os4.com', 'user_get','User Get')
|
||||
|
||||
Scripts.login('user_get@os4.com', 'user_get')
|
||||
|
@ -17,7 +17,7 @@ describe '/user/get' do
|
|||
@ticketNumber = ticket['ticket_number']
|
||||
|
||||
it 'should fail if not logged' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
result = request('/user/get', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'/user/invite' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should if data is wrong' do
|
||||
|
|
|
@ -29,7 +29,7 @@ describe '/user/login' do
|
|||
end
|
||||
|
||||
it 'should login staff member' do
|
||||
request('/user/logout', {})
|
||||
Scripts.logout()
|
||||
result = request('/user/login', {
|
||||
email: $staff[:email],
|
||||
password: $staff[:password],
|
||||
|
@ -40,7 +40,7 @@ describe '/user/login' do
|
|||
end
|
||||
|
||||
it 'should work autologin user with remember token' do
|
||||
request('/user/logout', {})
|
||||
Scripts.logout()
|
||||
result = request('/user/login', {
|
||||
email: @loginEmail,
|
||||
password: @loginPass,
|
||||
|
@ -52,7 +52,7 @@ describe '/user/login' do
|
|||
@rememberToken = result['data']['rememberToken']
|
||||
@userId = result['data']['userId']
|
||||
|
||||
request('/user/logout', {})
|
||||
Scripts.logout()
|
||||
result = request('/user/login', {
|
||||
userId: @userId,
|
||||
rememberToken: '12abc',
|
||||
|
@ -79,7 +79,7 @@ describe '/user/login' do
|
|||
end
|
||||
|
||||
it 'should work autologin staff with remember token' do
|
||||
request('/user/logout', {})
|
||||
Scripts.logout()
|
||||
result = request('/user/login', {
|
||||
email: $staff[:email],
|
||||
password: $staff[:password],
|
||||
|
@ -91,7 +91,7 @@ describe '/user/login' do
|
|||
@rememberToken = result['data']['rememberToken']
|
||||
@staffId = result['data']['userId']
|
||||
|
||||
request('/user/logout', {})
|
||||
Scripts.logout()
|
||||
result = request('/user/login', {
|
||||
userId: @staffId,
|
||||
rememberToken: '12abc',
|
||||
|
@ -115,6 +115,26 @@ describe '/user/login' do
|
|||
remember: 1
|
||||
})
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
$csrf_userid = result['data']['userId']
|
||||
$csrf_token = result['data']['token']
|
||||
end
|
||||
|
||||
it 'should logout if user is logged in'do
|
||||
result = request('/user/logout', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
(result['status']).should.equal('success')
|
||||
end
|
||||
|
||||
it 'should fail logout if user is not logged in' do
|
||||
result = request('/user/logout', {
|
||||
csrf_userid: $csrf_userid,
|
||||
csrf_token: $csrf_token
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
(result['message']).should.equal('NO_PERMISSION')
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
describe '/user/resend-email-token' do
|
||||
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
|
||||
it 'should fail is data is wrong' do
|
||||
result = request('/user/resend-email-token', {
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
describe'/user/resend-invite-user' do
|
||||
request('/user/logout')
|
||||
Scripts.logout()
|
||||
Scripts.login($staff[:email], $staff[:password], true)
|
||||
|
||||
it 'should if data is wrong' do
|
||||
|
|
|
@ -3,7 +3,7 @@ use RedBeanPHP\Facade as RedBean;
|
|||
|
||||
/**
|
||||
* @api {OBJECT} MailTemplate MailTemplate
|
||||
* @apiVersion 4.7
|
||||
* @apiVersion 4.10.0
|
||||
* @apiGroup Data Structures
|
||||
* @apiParam {String} type The type of the mail template.
|
||||
* @apiParam {String} subject The subject of the mail template.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?php
|
||||
/**
|
||||
* @api {OBJECT} Ticket Ticket
|
||||
* @apiVersion 4.7.0
|
||||
* @apiVersion 4.10.0
|
||||
* @apiGroup Data Structures
|
||||
* @apiParam {Number} ticketNumber The number of the ticket.
|
||||
* @apiParam {String} title The title of the ticket.
|
||||
|
|
|
@ -3,7 +3,7 @@ use RedBeanPHP\Facade as RedBean;
|
|||
|
||||
/**
|
||||
* @api {OBJECT} User User
|
||||
* @apiVersion 4.7.0
|
||||
* @apiVersion 4.10.0
|
||||
* @apiGroup Data Structures
|
||||
* @apiParam {String} email The email of the user.
|
||||
* @apiParam {Number} id The id of the user.
|
||||
|
|
Loading…
Reference in New Issue