opensupports/tests/system/add-api-key.rb

119 lines
3.7 KiB
Ruby

describe'system/add-api-key' do
request('/user/logout')
Scripts.login($staff[:email], $staff[:password], true)
it 'should add API key' do
result= request('/system/add-api-key', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token,
name: 'new API',
canCreateUser: 1
})
(result['status']).should.equal('success')
row = $database.getRow('apikey', 2, 'id')
(row['name']).should.equal('new API')
(result['data']).should.equal(row['token'])
end
it 'should not add API key if name already used' do
result= request('/system/add-api-key', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token,
name: 'new API',
canCreateUser: 1
})
(result['status']).should.equal('fail')
(result['message']).should.equal('NAME_ALREADY_USED')
end
it 'should fail if API key size is wrong' do
result= request('/system/add-api-key', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token,
name: 'A',
})
(result['status']).should.equal('fail')
(result['message']).should.equal('INVALID_NAME')
result= request('/system/add-api-key', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token,
name: 'APIKEYNAMEAPIKEYNAMEAPIKEYNAMEAPIKEYNAMEAPIKEYNAMEAPIKEYNAMEAPIKEYNAME',
})
(result['status']).should.equal('fail')
(result['message']).should.equal('INVALID_NAME')
end
it 'should succes with the required permissions API key' do
result= request('/system/add-api-key', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token,
name: 'APIkey ticketnumber return',
shouldReturnTicketNumber: 'true'
})
(result['status']).should.equal('success')
row = $database.getRow('apikey', 3, 'id')
(row['can_create_users']).should.equal(0)
(row['can_create_tickets']).should.equal(0)
(row['should_return_ticket_number']).should.equal(1)
(row['can_check_tickets']).should.equal(0)
result= request('/system/add-api-key', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token,
name: 'APIkey check tickets',
canCheckTickets: 'true'
})
(result['status']).should.equal('success')
row = $database.getRow('apikey', 4, 'id')
(row['can_create_users']).should.equal(0)
(row['can_create_tickets']).should.equal(0)
(row['should_return_ticket_number']).should.equal(0)
(row['can_check_tickets']).should.equal(1)
result= request('/system/add-api-key', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token,
name: 'APIkey user create',
canCreateUsers: 'true'
})
(result['status']).should.equal('success')
row = $database.getRow('apikey', 5, 'id')
(row['can_create_users']).should.equal(1)
(row['can_create_tickets']).should.equal(0)
(row['should_return_ticket_number']).should.equal(0)
(row['can_check_tickets']).should.equal(0)
result= request('/system/add-api-key', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token,
name: 'APIkey create tickets',
canCreateTickets: 'true'
})
(result['status']).should.equal('success')
row = $database.getRow('apikey', 6, 'id')
(row['can_create_users']).should.equal(0)
(row['can_create_tickets']).should.equal(1)
(row['should_return_ticket_number']).should.equal(0)
(row['can_check_tickets']).should.equal(0)
end
end