diff --git a/server/controllers/ticket/search-authors.php b/server/controllers/ticket/search-authors.php index 027a90e2..1d92bdad 100644 --- a/server/controllers/ticket/search-authors.php +++ b/server/controllers/ticket/search-authors.php @@ -5,7 +5,7 @@ DataValidator::with('CustomValidations', true); /** * @api {post} /ticket/search-authors search authors of tickets - * @apiVersion 4.7 + * @apiVersion 4.10.0 * * @apiName Search authors * diff --git a/server/controllers/user/logout.php b/server/controllers/user/logout.php index c798b3f8..5e8fb7d8 100755 --- a/server/controllers/user/logout.php +++ b/server/controllers/user/logout.php @@ -11,6 +11,8 @@ * * @apiPermission any * + * @apiUse NO_PERMISSION + * * @apiSuccess {Object} data Empty object * */ @@ -20,7 +22,7 @@ class LogoutController extends Controller { public function validations() { return [ - 'permission' => 'any', + 'permission' => 'user', 'requestData' => [] ]; } diff --git a/server/controllers/user/send-recover-password.php b/server/controllers/user/send-recover-password.php index 5132f6df..6bdc4913 100755 --- a/server/controllers/user/send-recover-password.php +++ b/server/controllers/user/send-recover-password.php @@ -18,8 +18,6 @@ DataValidator::with('CustomValidations', true); * @apiParam {Boolean} staff Indicates if the user is a staff member. * * @apiUse INVALID_EMAIL - * @apiUse USER_SYSTEM_DISABLED - * @apiUse INVALID_EMAIL * * @apiSuccess {Object} data Empty object. * diff --git a/tests/article/article.rb b/tests/article/article.rb index 2b2e6d40..5eb06bc1 100644 --- a/tests/article/article.rb +++ b/tests/article/article.rb @@ -1,5 +1,5 @@ describe 'Article path' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) topic = request('/article/add-topic', { name: 'Server management', @@ -140,7 +140,7 @@ describe 'Article path' do end it 'should retrieve public departments' do - request('/user/logout') + Scripts.logout() Scripts.login('tyrion@opensupports.com', 'tyrionl') result = request('/article/get-all', { diff --git a/tests/article/topic.rb b/tests/article/topic.rb index 4c588424..3510b99b 100644 --- a/tests/article/topic.rb +++ b/tests/article/topic.rb @@ -1,5 +1,5 @@ describe 'Topic paths' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should add topic correctly' do @@ -60,7 +60,7 @@ describe 'Topic paths' do end it 'should deny permission if it is not logged as staff' do - request('/user/logout') + Scripts.logout() Scripts.login('tyrion@opensupports.com', 'tyrionl') result = request('/article/add-topic', { diff --git a/tests/scripts.rb b/tests/scripts.rb index 9950f108..925e0e47 100644 --- a/tests/scripts.rb +++ b/tests/scripts.rb @@ -72,7 +72,6 @@ class Scripts end def self.login(email = 'steve@jobs.com', password = 'custompassword', staff = false) - request('/user/logout') response = request('/user/login', { :email => email, :password => password, @@ -88,7 +87,10 @@ class Scripts end def self.logout() - request('/user/logout') + request('/user/logout', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token + }) end def self.createTicket(title = 'Winter is coming',content = 'The north remembers', department = 1) diff --git a/tests/staff/assign-ticket.rb b/tests/staff/assign-ticket.rb index 034e54d6..f2d9fc71 100644 --- a/tests/staff/assign-ticket.rb +++ b/tests/staff/assign-ticket.rb @@ -1,5 +1,5 @@ describe '/staff/assign-ticket' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createTicket('ticket_to_assing_1') diff --git a/tests/staff/delete.rb b/tests/staff/delete.rb index e7a4f2a9..80420e6a 100644 --- a/tests/staff/delete.rb +++ b/tests/staff/delete.rb @@ -1,5 +1,5 @@ describe'/staff/delete' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) @staffId = $database.getRow('staff','littlelannister@opensupports.com','email')['id'] diff --git a/tests/staff/edit.rb b/tests/staff/edit.rb index a7ce42aa..a8180d6e 100644 --- a/tests/staff/edit.rb +++ b/tests/staff/edit.rb @@ -1,5 +1,5 @@ describe'/staff/edit' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should edit another staff member' do @@ -93,7 +93,7 @@ describe'/staff/edit' do it 'should fail if is not staff logged' do - request('/user/logout') + Scripts.logout() result = request('/staff/edit', { csrf_userid: $csrf_userid, diff --git a/tests/staff/get-all-tickets.rb b/tests/staff/get-all-tickets.rb index e5a43551..0fd24046 100644 --- a/tests/staff/get-all-tickets.rb +++ b/tests/staff/get-all-tickets.rb @@ -37,7 +37,7 @@ describe 'Retrieve all tickets' do createTicket('placerat id velit') createTicket('Quisque egestas ipsum') - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) response = request('/staff/get-all-tickets', { page: 1, diff --git a/tests/staff/get-all.rb b/tests/staff/get-all.rb index ab9ca0c0..1fdc643d 100644 --- a/tests/staff/get-all.rb +++ b/tests/staff/get-all.rb @@ -1,5 +1,5 @@ describe'/staff/get-all' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should get all staff member' do diff --git a/tests/staff/get-new-tickets.rb b/tests/staff/get-new-tickets.rb index 68fb5ae2..93996ff0 100644 --- a/tests/staff/get-new-tickets.rb +++ b/tests/staff/get-new-tickets.rb @@ -1,5 +1,5 @@ describe '/staff/get-new-tickets' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should get new tickets' do diff --git a/tests/staff/get-tickets.rb b/tests/staff/get-tickets.rb index 1cb69e21..ff223583 100644 --- a/tests/staff/get-tickets.rb +++ b/tests/staff/get-tickets.rb @@ -1,5 +1,5 @@ describe '/staff/get-tickets' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should get ticket list' do diff --git a/tests/staff/get.rb b/tests/staff/get.rb index b4d0cef5..6f10d238 100644 --- a/tests/staff/get.rb +++ b/tests/staff/get.rb @@ -1,5 +1,5 @@ describe '/staff/get/' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should return staff member data' do diff --git a/tests/staff/invite.rb b/tests/staff/invite.rb index 1cfc25ae..914e722e 100644 --- a/tests/staff/invite.rb +++ b/tests/staff/invite.rb @@ -1,5 +1,5 @@ describe'/staff/invite' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should if data is wrong' do diff --git a/tests/staff/last-events.rb b/tests/staff/last-events.rb index 939005bb..80365c32 100644 --- a/tests/staff/last-events.rb +++ b/tests/staff/last-events.rb @@ -1,5 +1,5 @@ describe '/staff/last-events' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should get last events' do diff --git a/tests/staff/resend-invite-staff.rb b/tests/staff/resend-invite-staff.rb index 736f2e7b..8c99961d 100644 --- a/tests/staff/resend-invite-staff.rb +++ b/tests/staff/resend-invite-staff.rb @@ -1,5 +1,5 @@ describe'/staff/resend-invite-staff' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should if data is wrong' do diff --git a/tests/system/add-api-key.rb b/tests/system/add-api-key.rb index d870b46c..04b7f9ae 100644 --- a/tests/system/add-api-key.rb +++ b/tests/system/add-api-key.rb @@ -1,5 +1,5 @@ describe'system/add-api-key' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should add API key' do diff --git a/tests/system/add-department.rb b/tests/system/add-department.rb index 881543ac..411cad5d 100644 --- a/tests/system/add-department.rb +++ b/tests/system/add-department.rb @@ -1,5 +1,5 @@ describe'system/add-department' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should add department with alphanumeric characters' do diff --git a/tests/system/apikey-permissions.rb b/tests/system/apikey-permissions.rb index ececc723..9523aa84 100644 --- a/tests/system/apikey-permissions.rb +++ b/tests/system/apikey-permissions.rb @@ -1,5 +1,5 @@ describe '/system/apikey-permissions' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) @@ -18,7 +18,7 @@ describe '/system/apikey-permissions' do "csrf_token" => $csrf_token, "recaptcha-private" => "THISISVALID" }) - request('/user/logout') + Scripts.logout() it 'should fail ticket create if the apikey does not have create ticket permission' do result = request('/ticket/create', { @@ -148,7 +148,7 @@ describe '/system/apikey-permissions' do it 'should fail signing up user if the apikey permission is wrong' do - request('/user/logout') + Scripts.logout() result = request('/user/signup', { name: 'Petyr Baelish', email: 'littlefinger@got.com', @@ -200,6 +200,6 @@ describe '/system/apikey-permissions' do "csrf_token" => $csrf_token, "recaptcha-private" => "" }) - request('/user/logout') + Scripts.logout() end end diff --git a/tests/system/csv-import.rb b/tests/system/csv-import.rb index 61ac34ba..2ec7c0bc 100644 --- a/tests/system/csv-import.rb +++ b/tests/system/csv-import.rb @@ -1,5 +1,5 @@ describe'system/csv-import' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should create user with csv-import' do diff --git a/tests/system/custom-field-test.rb b/tests/system/custom-field-test.rb index bd32071f..d7393e03 100644 --- a/tests/system/custom-field-test.rb +++ b/tests/system/custom-field-test.rb @@ -1,5 +1,5 @@ describe 'CustomField' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) describe '/system/add-custom field' do diff --git a/tests/system/custom-fields.rb b/tests/system/custom-fields.rb index ed79e5d5..b5598c30 100644 --- a/tests/system/custom-fields.rb +++ b/tests/system/custom-fields.rb @@ -1,5 +1,5 @@ describe 'Custom fields' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) describe '/system/add-custom-field' do diff --git a/tests/system/default-department.rb b/tests/system/default-department.rb index a267cd5d..4af70d88 100644 --- a/tests/system/default-department.rb +++ b/tests/system/default-department.rb @@ -1,9 +1,9 @@ describe '/system/default-department' do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) it 'should fail if try to turn a private department default' do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) privatedepartment = $database.getRow('department', 1, 'private') @@ -32,7 +32,7 @@ describe '/system/default-department' do end it 'should fail if default-department-id does not exist' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result= request('/system/edit-settings', { @@ -46,7 +46,7 @@ describe '/system/default-department' do end it 'should set a new default deparment' do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) publicdepartment = $database.getRow('department', 'Suggestions', 'name') @@ -61,7 +61,7 @@ describe '/system/default-department' do end it 'should fail if try to delete the default department' do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) defaultDepartment = $database.getRow('setting', 'default-department-id', 'name') @@ -79,7 +79,7 @@ describe '/system/default-department' do end it 'should fail if try to edit default department into private' do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) defaultDepartmentId = $database.getRow('setting', 'default-department-id', 'name') department = $database.getRow('department',defaultDepartmentId['value'],'id') @@ -97,7 +97,7 @@ describe '/system/default-department' do end it 'should create ticket in default department if Staff does not give department with locked on' do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) Scripts.updateLockedDepartmentSetting(1) @@ -116,7 +116,7 @@ describe '/system/default-department' do end it 'should create ticket in default department if staff does not give department with locked off'do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) Scripts.updateLockedDepartmentSetting(0) @@ -135,7 +135,7 @@ describe '/system/default-department' do end it 'should create ticket in selected department if staff give department and lockd is off'do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) Scripts.updateLockedDepartmentSetting(0) @@ -154,7 +154,7 @@ describe '/system/default-department' do end it 'should create ticket in selected department if staff give department and locked is on' do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) Scripts.updateLockedDepartmentSetting(1) @@ -174,11 +174,11 @@ describe '/system/default-department' do it 'should create ticket on default department if user does not give department and locked is on' do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) Scripts.updateLockedDepartmentSetting(1) - request('/user/logout') + Scripts.logout() Scripts.login('user@os4.com', 'loginpass') result = request('/ticket/create', { @@ -199,11 +199,11 @@ describe '/system/default-department' do it 'should create ticket on default department if user does not give department and locked is off'do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) Scripts.updateLockedDepartmentSetting(0) - request('/user/logout') + Scripts.logout() Scripts.login('user@os4.com', 'loginpass') result = request('/ticket/create', { @@ -222,11 +222,11 @@ describe '/system/default-department' do it 'should create ticket on selected department if user give department and locked is off'do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) Scripts.updateLockedDepartmentSetting(0) - request('/user/logout') + Scripts.logout() Scripts.login('user@os4.com', 'loginpass') result = request('/ticket/create', { @@ -246,7 +246,7 @@ describe '/system/default-department' do it 'should create ticket on default language if user does not pass language'do $database.query('update setting set value="ru" where name="language";') - request('/user/logout') + Scripts.logout() Scripts.login('user@os4.com', 'loginpass') result = request('/ticket/create', { diff --git a/tests/system/delete-api-key.rb b/tests/system/delete-api-key.rb index d038bb13..edf699cc 100644 --- a/tests/system/delete-api-key.rb +++ b/tests/system/delete-api-key.rb @@ -1,5 +1,5 @@ describe'system/delete-api-key' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should not delete API key' do diff --git a/tests/system/delete-department.rb b/tests/system/delete-department.rb index 3b24b6a2..aab4bd2f 100644 --- a/tests/system/delete-department.rb +++ b/tests/system/delete-department.rb @@ -1,5 +1,5 @@ describe 'system/delete-department' do - request('/user/logout') + Scripts.logout() Scripts.createUser('tranferguy@opensupports.com', 'transfer', 'Transfer Guy') Scripts.login('tranferguy@opensupports.com', 'transfer') $apikey = $database.getRow('apikey',1,'id') @@ -35,7 +35,7 @@ describe 'system/delete-department' do ticket2 = ticket2['data']['ticketNumber'] ticket3 = ticket3['data']['ticketNumber'] - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) request('/staff/edit', { csrf_userid: $csrf_userid, diff --git a/tests/system/disable-registration.rb b/tests/system/disable-registration.rb index 7abc6489..b5391527 100644 --- a/tests/system/disable-registration.rb +++ b/tests/system/disable-registration.rb @@ -1,5 +1,5 @@ describe'/system/disable-registration' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) api_key = Scripts.createAPIKey('registrationKey', canCreateUsers = 1)['data'] diff --git a/tests/system/edit-department.rb b/tests/system/edit-department.rb index 0f09ecb2..1fb1254e 100644 --- a/tests/system/edit-department.rb +++ b/tests/system/edit-department.rb @@ -1,5 +1,5 @@ describe'system/edit-department' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should edit department' do diff --git a/tests/system/edit-settings.rb b/tests/system/edit-settings.rb index b2bd70c2..204e4b74 100755 --- a/tests/system/edit-settings.rb +++ b/tests/system/edit-settings.rb @@ -1,5 +1,5 @@ describe'system/edit-settings' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should edit settings' do @@ -33,10 +33,10 @@ describe'system/edit-settings' do (row['value']).should.equal('testemail@hotmail.com') row = $database.getRow('setting', 'default-is-locked', 'name') (row['value']).should.equal('1') - request('/user/logout') + Scripts.logout() end it 'should fail if supported languages are invalid' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result= request('/system/edit-settings', { @@ -50,7 +50,7 @@ describe'system/edit-settings' do (result['message']).should.equal('INVALID_SUPPORTED_LANGUAGES') end it 'should change allowed and supported languages' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result= request('/system/edit-settings', { @@ -94,11 +94,11 @@ describe'system/edit-settings' do Scripts.updateLockedDepartmentSetting(0); - request('/user/logout') + Scripts.logout() end it 'should delete ticket when user table is not created' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createTicket('TicketToDeleteWithoutUsersCreated') diff --git a/tests/system/enable-registration.rb b/tests/system/enable-registration.rb index 6c87768f..bf662102 100644 --- a/tests/system/enable-registration.rb +++ b/tests/system/enable-registration.rb @@ -1,5 +1,5 @@ describe'/system/enable-registration' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should not enable registration if password is not correct' do diff --git a/tests/system/file-upload-download.rb b/tests/system/file-upload-download.rb index 6ce530d6..ac52e7f3 100644 --- a/tests/system/file-upload-download.rb +++ b/tests/system/file-upload-download.rb @@ -1,5 +1,5 @@ describe 'File Upload and Download' do - request('/user/logout') + Scripts.logout() Scripts.login('creator@os4.com', 'creator') it 'should upload file when creating ticket' do @@ -39,7 +39,7 @@ describe 'File Upload and Download' do end it 'should download if department owner is logged' do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) ticket = $database.getLastRow('ticket') @@ -79,7 +79,7 @@ describe 'File Upload and Download' do end it 'should add images to ticket content when creating a new ticket' do - request('/user/logout') + Scripts.logout() Scripts.login('creator@os4.com', 'creator') file = File.open( "../server/files/profile.jpg") diff --git a/tests/system/get-api-keys.rb b/tests/system/get-api-keys.rb index 579158f7..09da653a 100644 --- a/tests/system/get-api-keys.rb +++ b/tests/system/get-api-keys.rb @@ -1,5 +1,5 @@ describe'system/get-api-keys' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should get all API keys' do diff --git a/tests/system/get-stats.rb b/tests/system/get-stats.rb index 31cf08dc..13139ab1 100644 --- a/tests/system/get-stats.rb +++ b/tests/system/get-stats.rb @@ -2,12 +2,12 @@ describe '/system/get-stats/' do Scripts.createUser('statsuser@os4.com', 'StatsUser', 'StatsUser') def asUser() - request('/user/logout') + Scripts.logout() Scripts.login('statsuser@os4.com', 'StatsUser') end def asStaff() - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) end diff --git a/tests/system/mail-templates.rb b/tests/system/mail-templates.rb index 5de33b1a..7313baac 100644 --- a/tests/system/mail-templates.rb +++ b/tests/system/mail-templates.rb @@ -1,5 +1,5 @@ describe 'Mail templates' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) describe 'system/get-mail-template' do diff --git a/tests/system/mandatory-login.rb b/tests/system/mandatory-login.rb index 81f36ee4..087bcba5 100644 --- a/tests/system/mandatory-login.rb +++ b/tests/system/mandatory-login.rb @@ -14,7 +14,7 @@ describe'system/mandatory-login' do (result['message']).should.equal('NO_PERMISSION') end - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should fail trying to disable mandatory login when registration is off' do @@ -98,7 +98,7 @@ describe'system/mandatory-login' do end it 'should allow a creator creates a ticket and create him a user' do - request('/user/logout') + Scripts.logout() result = request('/ticket/create', { email: 'nonuser@os4.com', language: 'en', @@ -283,7 +283,7 @@ describe'system/mandatory-login' do (result['status']).should.equal('fail') (result['message']).should.equal('INVALID_CREDENTIALS') - request('/user/logout') + Scripts.logout() result = request('/user/login', { email: 'nonuser@os4.com' @@ -294,7 +294,7 @@ describe'system/mandatory-login' do end it 'should allow the creator sign up' do - request('/user/logout') + Scripts.logout() Scripts.createUser('nonuser@os4.com', 'customPassword', 'nonuser') $userRow = $database.getRow('user','nonuser@os4.com','email') ($userRow['never_logged']).should.equal(nil) @@ -302,7 +302,7 @@ describe'system/mandatory-login' do end it 'should allow the creator login and get more than 1 own ticket' do - request('/user/logout') + Scripts.logout() result = request('/user/login', { email: 'nonuser@os4.com', password: 'customPassword' @@ -338,7 +338,7 @@ describe'system/mandatory-login' do (result['status']).should.equal('success') end - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should allow staff enable the mandatory login' do diff --git a/tests/ticket/add-tag.rb b/tests/ticket/add-tag.rb index eff4237b..a1aeb7c1 100644 --- a/tests/ticket/add-tag.rb +++ b/tests/ticket/add-tag.rb @@ -1,5 +1,5 @@ describe '/ticket/add-tag' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createTag('test tag', 'orange') @@ -72,12 +72,12 @@ describe '/ticket/add-tag' do end it 'should fail if staff member does not serve to the department of the ticket and he is not the author' do - request('/user/logout') + Scripts.logout() Scripts.createUser('pepito@pepito.com', 'pepito12345','pepito') Scripts.login('pepito@pepito.com', 'pepito12345') Scripts.createTicket('title70','contentoftheticket70',3) - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) ticket = $database.getRow('ticket','title70', 'title') diff --git a/tests/ticket/change-department.rb b/tests/ticket/change-department.rb index a397194d..adaa1664 100644 --- a/tests/ticket/change-department.rb +++ b/tests/ticket/change-department.rb @@ -1,11 +1,11 @@ describe '/ticket/change-department' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createTicket('Stafftitle','This ticket was made by an staff',1) - request('/user/logout') + Scripts.logout() - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) request('/system/add-department', { @@ -32,7 +32,7 @@ describe '/ticket/change-department' do it 'should change department if staff has same department as ticket' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) ticket = $database.getRow('ticket', 'Should we pay?', 'title') @@ -104,7 +104,7 @@ describe '/ticket/change-department' do }) end it 'should not unassing ticket if owner has the new ticket department and staff does not have it' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/staff/edit', { @@ -184,7 +184,7 @@ describe '/ticket/change-department' do Scripts.deleteStaff(staff['id']) end it 'should unassing ticket if owner has not the new ticket department' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/staff/edit', { diff --git a/tests/ticket/close.rb b/tests/ticket/close.rb index 441a681a..02de0d79 100644 --- a/tests/ticket/close.rb +++ b/tests/ticket/close.rb @@ -1,14 +1,14 @@ describe '/ticket/close' do it 'should close ticket if staff member has the same department as ticket' do - request('/user/logout') + Scripts.logout() Scripts.createUser('closer@os4.com','closer','Closer') Scripts.login('closer@os4.com','closer') Scripts.createTicket('tickettoclose','thecontentoftickettoclose',1) Scripts.createTicket('tickettoclose2','thecontentoftickettoclose2',3) Scripts.createTicket('tickettoclose3','thecontentoftickettoclose3',3) - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) ticket = $database.getRow('ticket', 'tickettoclose', 'title') @@ -81,7 +81,7 @@ describe '/ticket/close' do }) end it 'should close ticket if User is the author' do - request('/user/logout') + Scripts.logout() Scripts.login('closer@os4.com','closer') ticket = $database.getRow('ticket', 'tickettoclose3', 'title') @@ -100,6 +100,6 @@ describe '/ticket/close' do lastLog = $database.getLastRow('log') (lastLog['type']).should.equal('CLOSE') - request('/user/logout') + Scripts.logout() end end diff --git a/tests/ticket/comment.rb b/tests/ticket/comment.rb index 2dcce71c..cf34cfff 100644 --- a/tests/ticket/comment.rb +++ b/tests/ticket/comment.rb @@ -52,7 +52,7 @@ describe '/ticket/comment/' do end it 'should add comment if staff member serves to the same department as the ticket' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/ticket/comment', { content: 'some comment content', @@ -73,10 +73,10 @@ describe '/ticket/comment/' do lastLog = $database.getLastRow('log') (lastLog['type']).should.equal('COMMENT') - request('/user/logout') + Scripts.logout() end it 'should comment the ticket if staff member does not serve the deparment of the ticket and he is author' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createTicket('ticketttobecommented', 'tickettobecommentedbytheauthor', 2) request('/staff/edit', { @@ -114,10 +114,10 @@ describe '/ticket/comment/' do staffId: 1 }) - request('/user/logout') + Scripts.logout() Scripts.login('commenter@os4.com', 'commenter') Scripts.createTicket('title138','commentofthetitkect138', 1) - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) ticket = $database.getRow('ticket', 'title138' , 'title') @@ -153,7 +153,7 @@ describe '/ticket/comment/' do (result['status']).should.equal('fail') (result['message']).should.equal('NO_PERMISSION') - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/staff/invite', { @@ -168,7 +168,7 @@ describe '/ticket/comment/' do (result['status'].should.equal('success')) - request('/user/logout') + Scripts.logout() recoverpassword = $database.getRow('recoverpassword', 'jorah@opensupports.com', 'email') request('/user/recover-password', { @@ -202,12 +202,12 @@ describe '/ticket/comment/' do (result['status']).should.equal('success') comment = $database.getRow('ticketevent', 'this is not a private comment', 'content') (comment['private']).should.equal(0) - request('/user/logout') + Scripts.logout() end it 'should change private to 1 if a staff creates a private comment' do - request('/user/logout') + Scripts.logout() Scripts.login('jorah@opensupports.com', 'testpassword', true) diff --git a/tests/ticket/create-tag.rb b/tests/ticket/create-tag.rb index 49880e41..d5a736c7 100644 --- a/tests/ticket/create-tag.rb +++ b/tests/ticket/create-tag.rb @@ -1,5 +1,5 @@ describe '/ticket/create-tag' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should add a tag' do diff --git a/tests/ticket/create.rb b/tests/ticket/create.rb index 9e5a6030..16e03ed2 100644 --- a/tests/ticket/create.rb +++ b/tests/ticket/create.rb @@ -1,5 +1,5 @@ describe '/ticket/create' do - request('/user/logout') + Scripts.logout() Scripts.createUser('creator@os4.com','creator','Creator') Scripts.login('creator@os4.com','creator') @@ -78,7 +78,7 @@ describe '/ticket/create' do end it 'should fail if an user tries to create a ticket with a private department' do - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) result = request('/system/add-department', { @@ -90,7 +90,7 @@ describe '/ticket/create' do row = $database.getRow('department', 'useless private deapartment', 'name') - request('/user/logout') + Scripts.logout() Scripts.createUser('user@os4.com', 'loginpass') Scripts.login('user@os4.com', 'loginpass') @@ -106,7 +106,7 @@ describe '/ticket/create' do (result['status']).should.equal('fail') (result['message']).should.equal('INVALID_DEPARTMENT') - request('/user/logout') + Scripts.logout() end it 'should create ticket if pass data is valid' do @@ -177,7 +177,7 @@ describe '/ticket/create' do end it 'should be able to create a ticket while being staff' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/ticket/create', { title: 'created by staff', @@ -194,6 +194,6 @@ describe '/ticket/create' do (ticket['author_staff_id']).should.equal(1) $ticketNumberByStaff = ticket['ticket_number'] - request('/user/logout') + Scripts.logout() end end diff --git a/tests/ticket/delete.rb b/tests/ticket/delete.rb index c2add08c..c9ba7776 100644 --- a/tests/ticket/delete.rb +++ b/tests/ticket/delete.rb @@ -1,7 +1,7 @@ describe '/ticket/delete' do it 'should delete ticket if it is not assigned and is logged a staff lvl 3 ' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createTicket('ticket_to_delete') ticket = $database.getRow('ticket', 'ticket_to_delete', 'title') @@ -24,7 +24,7 @@ describe '/ticket/delete' do token: recoverpassword['token'] }) - request('/user/logout') + Scripts.logout() Scripts.login('ned@opensupports.com', 'headless', true) result = request('/ticket/delete', { @@ -37,7 +37,7 @@ describe '/ticket/delete' do end it 'should delete ticket if it is yours and it is not assigned' do - request('/user/logout') + Scripts.logout() Scripts.createUser('deleter@opensupports.com', 'deleterpassword', 'Delter') Scripts.login('deleter@opensupports.com', 'deleterpassword') @@ -52,13 +52,13 @@ describe '/ticket/delete' do end it 'should not delete ticket if it is assigned' do - request('/user/logout') + Scripts.logout() Scripts.login('deleter@opensupports.com', 'deleterpassword') Scripts.createTicket('ticket_to_delete_3') ticket = $database.getRow('ticket', 'ticket_to_delete_3', 'title'); - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/staff/assign-ticket', { @@ -67,7 +67,7 @@ describe '/ticket/delete' do csrf_token: $csrf_token }) - request('/user/logout') + Scripts.logout() Scripts.login('deleter@opensupports.com', 'deleterpassword') result = request('/ticket/delete', { @@ -81,7 +81,7 @@ describe '/ticket/delete' do end it 'should not delete ticket if the staff logged is not lvl 3' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createTicket('ticket_to_delete_4') @@ -105,7 +105,7 @@ describe '/ticket/delete' do token: recoverpassword['token'] }) - request('/user/logout') + Scripts.logout() Scripts.login('uselessstaff@opensupports.com', 'theyaregonnafireme',true) @@ -118,7 +118,7 @@ describe '/ticket/delete' do (result['status']).should.equal('fail') (result['message']).should.equal('NO_PERMISSION') - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) staff = $database.getRow('staff', 'ned@opensupports.com', 'email') Scripts.deleteStaff(staff['id']) diff --git a/tests/ticket/edit-comment.rb b/tests/ticket/edit-comment.rb index ae1093b9..28ef56fa 100644 --- a/tests/ticket/edit-comment.rb +++ b/tests/ticket/edit-comment.rb @@ -1,6 +1,6 @@ describe '/ticket/edit-comment' do - request('/user/logout') + Scripts.logout() Scripts.login(); Scripts.createTicket('ticket made by an user','content of the ticket made by an user') ticket = $database.getRow('ticket', 'ticket made by an user', 'title') @@ -38,7 +38,7 @@ describe '/ticket/edit-comment' do end it 'should change the content of a comment and the content of the ticket if the admin is logged' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) ticketevent = $database.getRow('ticketevent', 'comment edited by the user', 'content') @@ -66,11 +66,11 @@ describe '/ticket/edit-comment' do (result['status']).should.equal('success') (ticket['content']).should.equal('content edited by a staff') - request('/user/logout') + Scripts.logout() end it 'should not change the content of a comment if the user is not the author' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) ticket = $database.getRow('ticket', 'ticket made by an user', 'title') @@ -80,7 +80,7 @@ describe '/ticket/edit-comment' do ticketevent = $database.getRow('ticketevent', 'this is a new comment of a staff member', 'content') - request('/user/logout') + Scripts.logout() Scripts.login(); result = request('/ticket/edit-comment', { diff --git a/tests/ticket/edit-tag.rb b/tests/ticket/edit-tag.rb index 34ca9153..ca41e784 100644 --- a/tests/ticket/edit-tag.rb +++ b/tests/ticket/edit-tag.rb @@ -1,5 +1,5 @@ describe '/ticket/edit-tag' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should edit a tag' do diff --git a/tests/ticket/edit-title.rb b/tests/ticket/edit-title.rb index 26ca6642..9cb024ff 100644 --- a/tests/ticket/edit-title.rb +++ b/tests/ticket/edit-title.rb @@ -1,6 +1,6 @@ describe '/ticket/edit-title' do - request('/user/logout') + Scripts.logout() Scripts.login(); Scripts.createTicket('Valar Morghulis','content of the ticket made by an user') ticket = $database.getRow('ticket', 'Valar Morghulis', 'title') @@ -36,7 +36,7 @@ describe '/ticket/edit-title' do end it 'should change the title of the ticket if staff is logged' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/ticket/edit-title', { @@ -54,12 +54,12 @@ describe '/ticket/edit-title' do end it 'should not change the title if the user is not the author' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createTicket('Winterfell') ticket = $database.getRow('ticket', 'Winterfell', 'title') - request('/user/logout') + Scripts.logout() Scripts.login() result = request('/ticket/edit-title', { diff --git a/tests/ticket/events.rb b/tests/ticket/events.rb index 82752f06..3e81b617 100644 --- a/tests/ticket/events.rb +++ b/tests/ticket/events.rb @@ -1,5 +1,5 @@ describe 'Ticket Events' do - request('/user/logout') + Scripts.logout() Scripts.createUser('tyrion@opensupports.com', 'tyrionl', 'Tyrion Lannister') it 'should add events correctly' do @@ -16,7 +16,7 @@ describe 'Ticket Events' do ticketNumber = ticket['ticket_number'] - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) request('/staff/assign-ticket', { ticketNumber: ticketNumber, @@ -51,7 +51,7 @@ describe 'Ticket Events' do csrf_token: $csrf_token }) - request('/user/logout') + Scripts.logout() Scripts.login('tyrion@opensupports.com', 'tyrionl') request('/ticket/re-open', { ticketNumber: ticketNumber, diff --git a/tests/ticket/get-authors.rb b/tests/ticket/get-authors.rb index 64129a7d..b8671a2e 100644 --- a/tests/ticket/get-authors.rb +++ b/tests/ticket/get-authors.rb @@ -1,5 +1,5 @@ describe '/ticket/get-authors/' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createUser('userauthor@os4.com', 'passwordofuserauthor', 'userauthorname') diff --git a/tests/ticket/get.rb b/tests/ticket/get.rb index 0ef02eb7..54363450 100644 --- a/tests/ticket/get.rb +++ b/tests/ticket/get.rb @@ -1,5 +1,5 @@ describe '/ticket/get/' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result= request('/system/add-api-key', { @@ -12,7 +12,7 @@ describe '/ticket/get/' do (result['status']).should.equal('success') $token = result['data']; - request('/user/logout') + Scripts.logout() Scripts.createUser('cersei@os4.com', 'cersei','Cersei Lannister') Scripts.createUser('not_ticket_getter@os4.com', 'not_ticket_getter','No Author') @@ -51,7 +51,7 @@ describe '/ticket/get/' do end it 'should fail if ticket does not belong to user' do - request('/user/logout') + Scripts.logout() result = Scripts.login('not_ticket_getter@os4.com', 'not_ticket_getter') $csrf_userid = result['userId'] @@ -97,11 +97,11 @@ describe '/ticket/get/' do (result['data']['events'][0]['content']).should.equal('some valid comment made') end it 'should successfully return the ticket information if staff member serves to the department of the ticket' do - request('/user/logout') + Scripts.logout() Scripts.login('cersei@os4.com', 'cersei') Scripts.createTicket('titleofticket87','contentoftheticket87',1) Scripts.createTicket('2titleofticket87','2contentoftheticket87',1) - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) ticket = $database.getRow('ticket','titleofticket87', 'title') @@ -119,7 +119,7 @@ describe '/ticket/get/' do end it 'should successfully return the ticket information if staff member does not serve to the deparment of the ticket but is author' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createTicket('titleoftheticket107','contentoftheticket107',1) @@ -145,7 +145,7 @@ describe '/ticket/get/' do it 'should fail if staff member does not serve to the department of the ticket and is not the author' do ticket = $database.getRow('ticket','2titleofticket87', 'title') - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/ticket/get', { diff --git a/tests/ticket/re-open.rb b/tests/ticket/re-open.rb index 11b56ae1..81cd402e 100644 --- a/tests/ticket/re-open.rb +++ b/tests/ticket/re-open.rb @@ -1,5 +1,5 @@ describe '/ticket/re-open' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should re open a ticket if staff member has the deparment of the ticket' do @@ -20,7 +20,7 @@ describe '/ticket/re-open' do lastLog = $database.getLastRow('log') (lastLog['type']).should.equal('RE_OPEN') - request('/user/logout') + Scripts.logout() end it 'Should re-open if staff member does not serve to the department of the ticket and its the author'do Scripts.login($staff[:email], $staff[:password], true) @@ -81,7 +81,7 @@ describe '/ticket/re-open' do lastLog = $database.getLastRow('log') (lastLog['type']).should.equal('RE_OPEN') - request('/user/logout') + Scripts.logout() end it 'Should fail re-open the ticket if the staff does not serve to the department and he is not the author' do diff --git a/tests/ticket/remove-tag.rb b/tests/ticket/remove-tag.rb index d8de48c9..b0e52c91 100644 --- a/tests/ticket/remove-tag.rb +++ b/tests/ticket/remove-tag.rb @@ -1,5 +1,5 @@ describe '/ticket/remove-tag' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = $database.getRow('ticket', 'test ticket' , 'title') @@ -75,10 +75,10 @@ describe '/ticket/remove-tag' do }) end it 'should fail if staff does not serve to department of the ticket and is not the author' do - request('/user/logout') + Scripts.logout() Scripts.login('pepito@pepito.com', 'pepito12345') Scripts.createTicket('title73','contentoftheticket73',3) - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) ticket = $database.getRow('ticket','title73', 'title') diff --git a/tests/ticket/search-authors.rb b/tests/ticket/search-authors.rb index e18bc075..92cdb3c0 100644 --- a/tests/ticket/search-authors.rb +++ b/tests/ticket/search-authors.rb @@ -1,7 +1,7 @@ describe '/ticket/search-authors/' do it 'should fail if a user is loged' do - request('/user/logout') + Scripts.logout() Scripts.login('tyrion@opensupports.com', 'tyrionl') result = request('/ticket/search-authors', { @@ -17,7 +17,7 @@ describe '/ticket/search-authors/' do end it 'should fail if blackList is invalid' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createUser(email = 'eemilia@jobs.com', password = 'custompassword', name = 'eemilia') diff --git a/tests/ticket/search.rb b/tests/ticket/search.rb index c4de5dfa..6782c564 100644 --- a/tests/ticket/search.rb +++ b/tests/ticket/search.rb @@ -1,5 +1,5 @@ describe '/ticket/search' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createTicket('test ticket1') diff --git a/tests/ticket/seen.rb b/tests/ticket/seen.rb index 1e33c5ed..e3a90018 100644 --- a/tests/ticket/seen.rb +++ b/tests/ticket/seen.rb @@ -1,7 +1,7 @@ describe '/ticket/seen' do describe 'when a staff is logged' do - request('/user/logout') + Scripts.logout() ticket = $database.getRow('ticket', 'Should we pay?', 'title') Scripts.login($staff[:email], $staff[:password], true) @@ -22,7 +22,7 @@ describe '/ticket/seen' do describe 'when an user is logged' do - request('/user/logout') + Scripts.logout() Scripts.login() it 'should fail if user is not author' do ticket = $database.getRow('ticket', 'Should we pay?', 'title') @@ -36,7 +36,7 @@ describe '/ticket/seen' do (result['message']).should.equal('NO_PERMISSION') end - request('/user/logout') + Scripts.logout() Scripts.login('user_get@os4.com', 'user_get') it 'should change unread if everything is okey ' do ticket = $database.getRow('ticket', 'Should we pay?', 'title') diff --git a/tests/user/ban.rb b/tests/user/ban.rb index e5114ab4..65fb9726 100644 --- a/tests/user/ban.rb +++ b/tests/user/ban.rb @@ -1,6 +1,6 @@ describe '/user/ban' do - request('/user/logout') + Scripts.logout() result = request('/user/login', { email: 'staff@opensupports.com', password: 'staff', diff --git a/tests/user/delete.rb b/tests/user/delete.rb index 8b2ab837..a7aacbb2 100644 --- a/tests/user/delete.rb +++ b/tests/user/delete.rb @@ -1,12 +1,12 @@ describe '/user/delete' do - request('/user/logout') + Scripts.logout() it 'should delete user' do Scripts.createUser('deletable@opensupports.com', 'deletable') Scripts.login('deletable@opensupports.com', 'deletable') Scripts.createTicket('Ticket that will be deleted') - request('/user/logout') + Scripts.logout() Scripts.login('staff@opensupports.com', 'staff', true) ticket = $database.getLastRow('ticket') deletable_user = $database.getLastRow('user') diff --git a/tests/user/edit-email.rb b/tests/user/edit-email.rb index ce873f9b..02912283 100644 --- a/tests/user/edit-email.rb +++ b/tests/user/edit-email.rb @@ -1,6 +1,6 @@ describe '/user/edit-email' do - request('/user/logout') + Scripts.logout() result = request('/user/login', { email: 'steve@jobs.com', password: 'custompassword' diff --git a/tests/user/edit-password.rb b/tests/user/edit-password.rb index 3fa4764b..b36f76ad 100644 --- a/tests/user/edit-password.rb +++ b/tests/user/edit-password.rb @@ -1,6 +1,6 @@ describe '/user/edit-password' do - request('/user/logout') + Scripts.logout() result = request('/user/login', { email: 'steve@jobs.com', password: 'custompassword' @@ -53,7 +53,7 @@ describe '/user/edit-password' do }) (result['status']).should.equal('success') - request('/user/logout') + Scripts.logout() Scripts.login('steve@jobs.com','newpassword') diff --git a/tests/user/edit-supervised-list.rb b/tests/user/edit-supervised-list.rb index 313ca544..381deee1 100644 --- a/tests/user/edit-supervised-list.rb +++ b/tests/user/edit-supervised-list.rb @@ -1,5 +1,5 @@ describe '/staff/supervisor-user-list' do - request('/user/logout') + Scripts.logout() Scripts.createUser('supervisor@opensupports.com', 'passwordOfSupervisor', 'Supervisor Guy') Scripts.createUser('usersupervised1@opensupports.com', 'usersupervised1', 'supervised Guy1') @@ -32,7 +32,7 @@ describe '/staff/supervisor-user-list' do ticketuser2 = $database.getRow('ticket', 'titlecreateadbyusersupervised2', 'title') ticketuser3 = $database.getRow('ticket', 'titlecreateadbyusersupervised3', 'title') it'should fail if a no-staff tryes to make the request'do - request('/user/logout') + Scripts.logout() Scripts.login('supervisor@opensupports.com', 'passwordOfSupervisor') result = request('/user/edit-supervised-list', { @@ -48,7 +48,7 @@ describe '/staff/supervisor-user-list' do end it 'should fail if userIdList is wrong' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/user/edit-supervised-list', { @@ -83,7 +83,7 @@ describe '/staff/supervisor-user-list' do end it'should fail if userId is wrong'do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/user/edit-supervised-list', { @@ -98,7 +98,7 @@ describe '/staff/supervisor-user-list' do end it'should fail if supervisor is included in user-id-List'do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/user/edit-supervised-list', { @@ -113,7 +113,7 @@ describe '/staff/supervisor-user-list' do end it'should create supervisor user'do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/user/edit-supervised-list', { @@ -128,7 +128,7 @@ describe '/staff/supervisor-user-list' do end it 'should allow supervisor to access tickets from supervisated users' do - request('/user/logout') + Scripts.logout() Scripts.login('supervisor@opensupports.com', 'passwordOfSupervisor') result = request('/ticket/get', { ticketNumber: ticketsupervisor['ticket_number'], @@ -160,7 +160,7 @@ describe '/staff/supervisor-user-list' do end it 'should allow supervisor see only the new user list' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) request('/user/edit-supervised-list', { @@ -171,7 +171,7 @@ describe '/staff/supervisor-user-list' do }) - request('/user/logout') + Scripts.logout() Scripts.login('supervisor@opensupports.com', 'passwordOfSupervisor') result = request('/ticket/get', { diff --git a/tests/user/enable-disable.rb b/tests/user/enable-disable.rb index 3b289362..74eb36e9 100644 --- a/tests/user/enable-disable.rb +++ b/tests/user/enable-disable.rb @@ -2,7 +2,7 @@ describe 'Enable/disable user' do user = $database.getRow('user', 'login@os4.com', 'email'); describe '/user/disable' do - request('/user/logout'); + Scripts.logout(); Scripts.login('staff@opensupports.com', 'staff', true); it 'should disable user' do @@ -27,7 +27,7 @@ describe 'Enable/disable user' do end it 'should reject login' do - request('/user/logout'); + Scripts.logout(); result = request('/user/login', { email: 'login@os4.com', password: 'loginpass' @@ -39,7 +39,7 @@ describe 'Enable/disable user' do end describe '/user/enable' do - request('/user/logout'); + Scripts.logout(); Scripts.login('staff@opensupports.com', 'staff', true); it 'should enable user' do diff --git a/tests/user/get-supervised-tickets.rb b/tests/user/get-supervised-tickets.rb index 081cc7ac..228a7dd9 100644 --- a/tests/user/get-supervised-tickets.rb +++ b/tests/user/get-supervised-tickets.rb @@ -1,5 +1,5 @@ describe '/user/get-supervised-tickets' do - request('/user/logout') + Scripts.logout() supervisor = $database.getRow('user', 'supervisor@opensupports.com', 'email') user1 = $database.getRow('user', 'usersupervised1@opensupports.com', 'email') @@ -12,7 +12,7 @@ describe '/user/get-supervised-tickets' do it 'should fail if supervised users are not valid' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) result = request('/user/edit-supervised-list', { @@ -24,7 +24,7 @@ describe '/user/get-supervised-tickets' do (result['status']).should.equal('success') - request('/user/logout') + Scripts.logout() Scripts.login('supervisor@opensupports.com', 'passwordOfSupervisor') result = request('/user/get-supervised-tickets', { @@ -141,7 +141,7 @@ describe '/user/get-supervised-tickets' do (result['data']).should.equal([]) end it 'should works propertly if 2 supervisors has the same users' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) Scripts.createUser('supervisor2@opensupports.com', 'usersupervised2', 'supervisor Guy2') supervisor2 = $database.getRow('user', 'supervisor2@opensupports.com', 'email') @@ -188,7 +188,7 @@ describe '/user/get-supervised-tickets' do end it 'should if supervised Users tryes to handle supervisor-ticket' do - request('/user/logout') + Scripts.logout() Scripts.login('usersupervised1@opensupports.com', 'usersupervised1') result = request('/user/get-supervised-tickets', { @@ -201,7 +201,7 @@ describe '/user/get-supervised-tickets' do (result['status']).should.equal('fail') (result['message']).should.equal('INVALID_SUPERVISED_USERS') - request('/user/logout') + Scripts.logout() Scripts.login('usersupervised2@opensupports.com', 'usersupervised2') result = request('/user/get-supervised-tickets', { @@ -214,7 +214,7 @@ describe '/user/get-supervised-tickets' do (result['status']).should.equal('fail') (result['message']).should.equal('INVALID_SUPERVISED_USERS') - request('/user/logout') + Scripts.logout() Scripts.login('usersupervised3@opensupports.com', 'usersupervised3') result = request('/user/get-supervised-tickets', { diff --git a/tests/user/get-user.rb b/tests/user/get-user.rb index dec83dcb..252b04a6 100644 --- a/tests/user/get-user.rb +++ b/tests/user/get-user.rb @@ -1,6 +1,6 @@ describe '/user/get-user' do - request('/user/logout') + Scripts.logout() result = request('/user/login', { email: 'staff@opensupports.com', password: 'staff', diff --git a/tests/user/get-users-test.rb b/tests/user/get-users-test.rb index cf195cd8..ba84b932 100644 --- a/tests/user/get-users-test.rb +++ b/tests/user/get-users-test.rb @@ -1,6 +1,6 @@ describe '/user/get-users' do - request('/user/logout') + Scripts.logout() Scripts.createUser('tests@hotmail.com','passdasdasdas','laasdasd') Scripts.createUser('tests2@hotmail.com','passfasfasfsa','laeaefae') Scripts.createUser('tests3@hotmail.com','passfasfasfws','laeczvwaf') diff --git a/tests/user/get.rb b/tests/user/get.rb index ad798779..38e18727 100644 --- a/tests/user/get.rb +++ b/tests/user/get.rb @@ -1,5 +1,5 @@ describe '/user/get' do - request('/user/logout') + Scripts.logout() Scripts.createUser('user_get@os4.com', 'user_get','User Get') Scripts.login('user_get@os4.com', 'user_get') @@ -17,7 +17,7 @@ describe '/user/get' do @ticketNumber = ticket['ticket_number'] it 'should fail if not logged' do - request('/user/logout') + Scripts.logout() result = request('/user/get', { csrf_userid: $csrf_userid, csrf_token: $csrf_token diff --git a/tests/user/invite.rb b/tests/user/invite.rb index 8552404d..4726d69c 100644 --- a/tests/user/invite.rb +++ b/tests/user/invite.rb @@ -1,5 +1,5 @@ describe'/user/invite' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should if data is wrong' do diff --git a/tests/user/login.rb b/tests/user/login.rb index 6dd3c492..5c00652f 100644 --- a/tests/user/login.rb +++ b/tests/user/login.rb @@ -29,7 +29,7 @@ describe '/user/login' do end it 'should login staff member' do - request('/user/logout', {}) + Scripts.logout() result = request('/user/login', { email: $staff[:email], password: $staff[:password], @@ -40,7 +40,7 @@ describe '/user/login' do end it 'should work autologin user with remember token' do - request('/user/logout', {}) + Scripts.logout() result = request('/user/login', { email: @loginEmail, password: @loginPass, @@ -52,7 +52,7 @@ describe '/user/login' do @rememberToken = result['data']['rememberToken'] @userId = result['data']['userId'] - request('/user/logout', {}) + Scripts.logout() result = request('/user/login', { userId: @userId, rememberToken: '12abc', @@ -79,7 +79,7 @@ describe '/user/login' do end it 'should work autologin staff with remember token' do - request('/user/logout', {}) + Scripts.logout() result = request('/user/login', { email: $staff[:email], password: $staff[:password], @@ -91,7 +91,7 @@ describe '/user/login' do @rememberToken = result['data']['rememberToken'] @staffId = result['data']['userId'] - request('/user/logout', {}) + Scripts.logout() result = request('/user/login', { userId: @staffId, rememberToken: '12abc', @@ -115,6 +115,26 @@ describe '/user/login' do remember: 1 }) (result['status']).should.equal('success') + + $csrf_userid = result['data']['userId'] + $csrf_token = result['data']['token'] end + it 'should logout if user is logged in'do + result = request('/user/logout', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token + }) + (result['status']).should.equal('success') + end + + it 'should fail logout if user is not logged in' do + result = request('/user/logout', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token + }) + + (result['status']).should.equal('fail') + (result['message']).should.equal('NO_PERMISSION') + end end diff --git a/tests/user/resend-email-token.rb b/tests/user/resend-email-token.rb index e7de9af3..935b41ed 100644 --- a/tests/user/resend-email-token.rb +++ b/tests/user/resend-email-token.rb @@ -1,6 +1,6 @@ describe '/user/resend-email-token' do - request('/user/logout') + Scripts.logout() it 'should fail is data is wrong' do result = request('/user/resend-email-token', { diff --git a/tests/user/resend-invite-user.rb b/tests/user/resend-invite-user.rb index 8b9e4942..f1649c9c 100644 --- a/tests/user/resend-invite-user.rb +++ b/tests/user/resend-invite-user.rb @@ -1,5 +1,5 @@ describe'/user/resend-invite-user' do - request('/user/logout') + Scripts.logout() Scripts.login($staff[:email], $staff[:password], true) it 'should if data is wrong' do diff --git a/version_upgrades/4.3.2/models/MailTemplate.php b/version_upgrades/4.3.2/models/MailTemplate.php index 46c288cb..acac36d8 100644 --- a/version_upgrades/4.3.2/models/MailTemplate.php +++ b/version_upgrades/4.3.2/models/MailTemplate.php @@ -3,7 +3,7 @@ use RedBeanPHP\Facade as RedBean; /** * @api {OBJECT} MailTemplate MailTemplate - * @apiVersion 4.7 + * @apiVersion 4.10.0 * @apiGroup Data Structures * @apiParam {String} type The type of the mail template. * @apiParam {String} subject The subject of the mail template. diff --git a/version_upgrades/4.7.0/models/Ticket.php b/version_upgrades/4.7.0/models/Ticket.php index b0abd046..027d1903 100755 --- a/version_upgrades/4.7.0/models/Ticket.php +++ b/version_upgrades/4.7.0/models/Ticket.php @@ -1,7 +1,7 @@