diff --git a/server/libs/validations/validBlackList.php b/server/libs/validations/validBlackList.php index 685a78ed..8dd644d0 100644 --- a/server/libs/validations/validBlackList.php +++ b/server/libs/validations/validBlackList.php @@ -9,8 +9,8 @@ class ValidBlackList extends AbstractRule { public function validate($blackList) { if(is_array(json_decode($blackList))){ foreach (json_decode($blackList) as $item) { - if(!$item->id && !$item->staff) return false; - if($item->staff !== 0 && $item->staff !== 1) return false; + if(!$item->id || !$item->staff) return false; + if($item->staff != 0 && $item->staff != 1) return false; if(!is_numeric($item->id)) return false; } return true; diff --git a/tests/init.rb b/tests/init.rb index bea5c98b..a0d9f4b7 100644 --- a/tests/init.rb +++ b/tests/init.rb @@ -72,6 +72,7 @@ require './ticket/delete-tag.rb' require './ticket/edit-comment.rb' require './ticket/edit-title.rb' require './system/custom-fields.rb' +require './ticket/get-authors.rb' require './system/disable-user-system.rb' require './ticket/search.rb' # require './system/get-stats.rb' diff --git a/tests/ticket/get-authors.rb b/tests/ticket/get-authors.rb new file mode 100644 index 00000000..80c0ef93 --- /dev/null +++ b/tests/ticket/get-authors.rb @@ -0,0 +1,77 @@ +describe '/ticket/get-authors/' do + + it 'should fail if a user is loged' do + request('/user/logout') + Scripts.login('tyrion@opensupports.com', 'tyrionl') + + result = request('/ticket/get-authors', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + query: 'hello world' + }) + + (result['status']).should.equal('fail') + (result['message']).should.equal('NO_PERMISSION') + + + end + + it 'should fail if blackList is invalid' do + request('/user/logout') + Scripts.login($staff[:email], $staff[:password], true) + Scripts.createUser(email = 'eemilia@jobs.com', password = 'custompassword', name = 'eemilia') + + result = request('/ticket/get-authors', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + query: 'hello world', + blackList: [{'staff':2,'id':2}] + }) + + (result['status']).should.equal('fail') + (result['message']).should.equal('INVALID_BLACK_LIST') + + result = request('/ticket/get-authors', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + query: 'hello world', + blackList: [{'staff':'level two','id':2}] + }) + + (result['status']).should.equal('fail') + (result['message']).should.equal('INVALID_BLACK_LIST') + + result = request('/ticket/get-authors', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + query: 'hello world', + blackList: [{'staff':1,'id':'four'}] + }) + + (result['status']).should.equal('fail') + (result['message']).should.equal('INVALID_BLACK_LIST') + end + + it 'should return the correct authors' do + + result = request('/ticket/get-authors', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + query: 'emilia' + }) + (result['status']).should.equal('success') + (result['data']['authors'].size).should.equal(2) + (result['data']['authors'][0]['name']).should.equal('Emilia Clarke') + (result['data']['authors'][1]['name']).should.equal('eemilia') + + result = request('/ticket/get-authors', { + csrf_userid: $csrf_userid, + csrf_token: $csrf_token, + query: 'emilia', + blackList: '[{"staff":1,"id":1}]' + }) + (result['status']).should.equal('success') + (result['data']['authors'].size).should.equal(1) + (result['data']['authors'][0]['name']).should.equal('eemilia') + end +end \ No newline at end of file