dsrptlab/clientsflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Restructure omni services and add Chatwoot research snapshot

Browse Source
This commit is contained in:
Ruslan Bakiev
2026-02-21 11:11:27 +07:00
parent edea7a0034
commit b73babbbf6
7732 changed files with 978203 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
research/chatwoot/spec/controllers/platform/api/v1/account_users_controller_spec.rb Normal file
View File

@@ -0,0 +1,93 @@
require 'rails_helper'
RSpec.describe 'Platform Account Users API', type: :request do
let!(:account) { create(:account) }
describe 'GET /platform/api/v1/accounts/{account_id}/account_users' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
get "/platform/api/v1/accounts/#{account.id}/account_users"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
let!(:account_user) { create(:account_user, account: account) }
it 'returns all the account users for the account' do
create(:platform_app_permissible, platform_app: platform_app, permissible: account)
get "/platform/api/v1/accounts/#{account.id}/account_users",
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
expect(response.body).to include(account_user.id.to_s)
end
end
end
describe 'POST /platform/api/v1/accounts/{account_id}/account_users' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
post "/platform/api/v1/accounts/#{account.id}/account_users"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'creates a new account user for the account' do
user = create(:user)
create(:platform_app_permissible, platform_app: platform_app, permissible: account)
post "/platform/api/v1/accounts/#{account.id}/account_users",
params: { user_id: user.id, role: 'administrator' },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data['user_id']).to eq(user.id)
end
it 'updates the new account user for the account' do
create(:platform_app_permissible, platform_app: platform_app, permissible: account)
account_user = create(:account_user, account: account, role: 'agent')
post "/platform/api/v1/accounts/#{account.id}/account_users",
params: { user_id: account_user.user_id, role: 'administrator' },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data['role']).to eq('administrator')
end
end
end
describe 'DELETE /platform/api/v1/accounts/{account_id}/account_users' do
let(:account_user) { create(:account_user, account: account, role: 'agent') }
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
delete "/platform/api/v1/accounts/#{account.id}/account_users", params: { user_id: account_user.user_id }
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns deletes the account user' do
create(:platform_app_permissible, platform_app: platform_app, permissible: account)
delete "/platform/api/v1/accounts/#{account.id}/account_users", params: { user_id: account_user.user_id },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
expect(account.account_users.count).to eq 0
end
end
end
end

235
research/chatwoot/spec/controllers/platform/api/v1/accounts_controller_spec.rb Normal file
View File

@@ -0,0 +1,235 @@
require 'rails_helper'
RSpec.describe 'Platform Accounts API', type: :request do
let!(:account) { create(:account) }
describe 'POST /platform/api/v1/accounts' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
post '/platform/api/v1/accounts'
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
post '/platform/api/v1/accounts', params: { name: 'Test Account' },
headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'creates an account when and its permissible relationship' do
post '/platform/api/v1/accounts', params: { name: 'Test Account' },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
expect(response.body).to include('Test Account')
expect(platform_app.platform_app_permissibles.first.permissible.name).to eq('Test Account')
end
it 'creates an account with locale' do
InstallationConfig.where(name: 'ACCOUNT_LEVEL_FEATURE_DEFAULTS').first_or_create!(value: [{ 'name' => 'agent_management',
'enabled' => true }])
post '/platform/api/v1/accounts', params: { name: 'Test Account', locale: 'es' },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
json_response = response.parsed_body
expect(json_response['name']).to eq('Test Account')
expect(json_response['locale']).to eq('es')
expect(json_response['features']['agent_management']).to be(true)
end
it 'creates an account with feature flags' do
InstallationConfig.where(name: 'ACCOUNT_LEVEL_FEATURE_DEFAULTS').first_or_create!(value: [{ 'name' => 'inbox_management',
'enabled' => true },
{ 'name' => 'disable_branding',
'enabled' => true },
{ 'name' => 'help_center',
'enabled' => false }])
post '/platform/api/v1/accounts', params: { name: 'Test Account', features: {
ip_lookup: true,
help_center: true,
disable_branding: false
} }, headers: { api_access_token: platform_app.access_token.token }, as: :json
json_response = response.parsed_body
created_account = Account.find(json_response['id'])
expect(created_account.enabled_features.keys).to match_array(%w[inbox_management ip_lookup help_center])
expect(json_response['name']).to include('Test Account')
expect(json_response['features'].keys).to match_array(%w[inbox_management ip_lookup help_center])
end
it 'creates an account with limits settings' do
post '/platform/api/v1/accounts', params: { name: 'Test Account', limits: { agents: 5, inboxes: 10 } },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
expect(response.body).to include('Test Account')
expect(response.body).to include('5')
expect(response.body).to include('10')
end
end
end
describe 'GET /platform/api/v1/accounts' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
get '/platform/api/v1/accounts'
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
get '/platform/api/v1/accounts', headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
let!(:account1) { create(:account, name: 'Account A') }
let!(:account2) { create(:account, name: 'Account B') }
before do
create(:platform_app_permissible, platform_app: platform_app, permissible: account1)
create(:platform_app_permissible, platform_app: platform_app, permissible: account2)
end
it 'returns all permissible accounts' do
get '/platform/api/v1/accounts', headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
json_response = response.parsed_body
expect(json_response.size).to eq(2)
expect(json_response.map { |acc| acc['name'] }).to include('Account A', 'Account B')
end
end
end
describe 'GET /platform/api/v1/accounts/{account_id}' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
get "/platform/api/v1/accounts/#{account.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
get "/platform/api/v1/accounts/#{account.id}", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
get "/platform/api/v1/accounts/#{account.id}", headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'shows an account when its permissible object' do
create(:platform_app_permissible, platform_app: platform_app, permissible: account)
get "/platform/api/v1/accounts/#{account.id}",
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
expect(response.body).to include(account.name)
end
end
end
describe 'PATCH /platform/api/v1/accounts/{account_id}' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
patch "/platform/api/v1/accounts/#{account.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
patch "/platform/api/v1/accounts/#{account.id}", params: { name: 'Test Account' },
headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
patch "/platform/api/v1/accounts/#{account.id}", params: { name: 'Test Account' },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'updates an account when its permissible object' do
create(:platform_app_permissible, platform_app: platform_app, permissible: account)
account.enable_features!('inbox_management', 'channel_facebook')
patch "/platform/api/v1/accounts/#{account.id}", params: {
name: 'Test Account',
features: {
ip_lookup: true,
help_center: true,
channel_facebook: false
},
limits: { agents: 5, inboxes: 10 }
}, headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
account.reload
expect(account.name).to eq('Test Account')
expect(account.enabled_features.keys).to match_array(%w[inbox_management ip_lookup help_center])
expect(account.enabled_features['channel_facebook']).to be_nil
expect(account.limits['agents']).to eq(5)
expect(account.limits['inboxes']).to eq(10)
end
end
end
describe 'DELETE /platform/api/v1/accounts/{account_id}' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
delete "/platform/api/v1/accounts/#{account.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
delete "/platform/api/v1/accounts/#{account.id}", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
delete "/platform/api/v1/accounts/#{account.id}", headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'destroys the object' do
create(:platform_app_permissible, platform_app: platform_app, permissible: account)
expect(DeleteObjectJob).to receive(:perform_later).with(account).once
delete "/platform/api/v1/accounts/#{account.id}",
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
end
end
end
end

220
research/chatwoot/spec/controllers/platform/api/v1/agent_bots_controller_spec.rb Normal file
View File

@@ -0,0 +1,220 @@
require 'rails_helper'
RSpec.describe 'Platform Agent Bot API', type: :request do
let!(:agent_bot) { create(:agent_bot) }
describe 'GET /platform/api/v1/agent_bots' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
get '/platform/api/v1/agent_bots'
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
get '/platform/api/v1/agent_bots', headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
get '/platform/api/v1/agent_bots', headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data.length).to eq(0)
end
it 'shows a agent_bot when its permissible object' do
create(:platform_app_permissible, platform_app: platform_app, permissible: agent_bot)
get '/platform/api/v1/agent_bots',
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data.length).to eq(1)
end
end
end
describe 'GET /platform/api/v1/agent_bots/{agent_bot_id}' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
get "/platform/api/v1/agent_bots/#{agent_bot.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
get "/platform/api/v1/agent_bots/#{agent_bot.id}", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
get "/platform/api/v1/agent_bots/#{agent_bot.id}", headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'shows a agent_bot when its permissible object' do
create(:platform_app_permissible, platform_app: platform_app, permissible: agent_bot)
get "/platform/api/v1/agent_bots/#{agent_bot.id}",
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data['name']).to eq(agent_bot.name)
end
end
end
describe 'POST /platform/api/v1/agent_bots/' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
post '/platform/api/v1/agent_bots'
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
post '/platform/api/v1/agent_bots/', headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'creates a new agent bot' do
post '/platform/api/v1/agent_bots/', params: { name: 'test' },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data['name']).to eq('test')
expect(platform_app.platform_app_permissibles.first.permissible_id).to eq data['id']
end
end
end
describe 'PATCH /platform/api/v1/agent_bots/{agent_bot_id}' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
patch "/platform/api/v1/agent_bots/#{agent_bot.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
patch "/platform/api/v1/agent_bots/#{agent_bot.id}", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
patch "/platform/api/v1/agent_bots/#{agent_bot.id}", params: { name: 'test' },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'updates the agent_bot' do
create(:platform_app_permissible, platform_app: platform_app, permissible: agent_bot)
patch "/platform/api/v1/agent_bots/#{agent_bot.id}", params: { name: 'test123' },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data['name']).to eq('test123')
end
it 'updates avatar' do
# no avatar before upload
create(:platform_app_permissible, platform_app: platform_app, permissible: agent_bot)
expect(agent_bot.avatar.attached?).to be(false)
file = fixture_file_upload(Rails.root.join('spec/assets/avatar.png'), 'image/png')
patch "/platform/api/v1/agent_bots/#{agent_bot.id}", params: { name: 'test123' }.merge(avatar: file),
headers: { api_access_token: platform_app.access_token.token }
expect(response).to have_http_status(:success)
agent_bot.reload
expect(agent_bot.avatar.attached?).to be(true)
end
it 'updated avatar with avatar_url' do
create(:platform_app_permissible, platform_app: platform_app, permissible: agent_bot)
patch "/platform/api/v1/agent_bots/#{agent_bot.id}", params: { name: 'test123' }.merge(avatar_url: 'http://example.com/avatar.png'),
headers: { api_access_token: platform_app.access_token.token }
expect(response).to have_http_status(:success)
expect(Avatar::AvatarFromUrlJob).to have_been_enqueued.with(agent_bot, 'http://example.com/avatar.png')
end
end
end
describe 'DELETE /platform/api/v1/agent_bots/{agent_bot_id}' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
delete "/platform/api/v1/agent_bots/#{agent_bot.id}", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
delete "/platform/api/v1/agent_bots/#{agent_bot.id}", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'returns deletes the account user' do
create(:platform_app_permissible, platform_app: platform_app, permissible: agent_bot)
delete "/platform/api/v1/agent_bots/#{agent_bot.id}", headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
expect(AgentBot.count).to eq 0
end
end
end
describe 'DELETE /platform/api/v1/agent_bots/{agent_bot_id}/avatar' do
context 'when it is an unauthenticated user' do
it 'returns unauthorized' do
delete "/platform/api/v1/agent_bots/#{agent_bot.id}/avatar"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated user' do
let(:platform_app) { create(:platform_app) }
before do
agent_bot.avatar.attach(io: Rails.root.join('spec/assets/avatar.png').open, filename: 'avatar.png', content_type: 'image/png')
create(:platform_app_permissible, platform_app: platform_app, permissible: agent_bot)
end
it 'delete agent_bot avatar' do
delete "/platform/api/v1/agent_bots/#{agent_bot.id}/avatar",
headers: { api_access_token: platform_app.access_token.token },
as: :json
expect { agent_bot.avatar.attachment.reload }.to raise_error(ActiveRecord::RecordNotFound)
expect(response).to have_http_status(:success)
end
end
end
end

268
research/chatwoot/spec/controllers/platform/api/v1/users_controller_spec.rb Normal file
View File

@@ -0,0 +1,268 @@
require 'rails_helper'
RSpec.describe 'Platform Users API', type: :request do
let!(:user) { create(:user, email: 'dev+testing@chatwoot.com', custom_attributes: { test: 'test' }) }
describe 'GET /platform/api/v1/users/{user_id}' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
get "/platform/api/v1/users/#{user.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
get "/platform/api/v1/users/#{user.id}", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
get "/platform/api/v1/users/#{user.id}", headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'shows a user when its permissible object' do
create(:platform_app_permissible, platform_app: platform_app, permissible: user)
get "/platform/api/v1/users/#{user.id}",
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data['email']).to eq(user.email)
expect(data['custom_attributes']['test']).to eq('test')
end
end
end
describe 'GET /platform/api/v1/users/{user_id}/login' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
get "/platform/api/v1/users/#{user.id}/login"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
get "/platform/api/v1/users/#{user.id}/login", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
get "/platform/api/v1/users/#{user.id}/login", headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'return login link for user' do
create(:platform_app_permissible, platform_app: platform_app, permissible: user)
get "/platform/api/v1/users/#{user.id}/login",
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data['url']).to include('email=dev%2Btesting%40chatwoot.com&sso_auth_token=')
end
end
end
describe 'POST /platform/api/v1/users/{user_id}/token' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
post "/platform/api/v1/users/#{user.id}/token"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
post "/platform/api/v1/users/#{user.id}/token", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
post "/platform/api/v1/users/#{user.id}/token", headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'returns access token for the user with expiry and user info' do
create(:platform_app_permissible, platform_app: platform_app, permissible: user)
post "/platform/api/v1/users/#{user.id}/token",
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
# Check access token and expiry
expect(data['access_token']).to eq(user.access_token.token)
expect(data['expiry']).to be_nil
# Check user info
expect(data['user']).to include(
'id' => user.id,
'name' => user.name,
'display_name' => user.display_name,
'email' => user.email,
'pubsub_token' => user.pubsub_token
)
end
end
end
describe 'POST /platform/api/v1/users/' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
post '/platform/api/v1/users'
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
post '/platform/api/v1/users/', headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'creates a new user and permissible for the user without sending an email' do
# TODO: enqueued mail check failes because of : https://github.com/rspec/rspec-rails/pull/2793
# revert to this block when the issue is fixed
# expect do
# post '/platform/api/v1/users/', params: { name: 'test', display_name: 'displaytest',
# email: 'test@test.com', password: 'Password1!',
# custom_attributes: { test: 'test_create' } },
# headers: { api_access_token: platform_app.access_token.token }, as: :json
# byebug
# end.not_to have_enqueued_mail
##------ revert this block when the issue is fixed
post '/platform/api/v1/users/', params: { name: 'test', display_name: 'displaytest',
email: 'test@test.com', password: 'Password1!',
custom_attributes: { test: 'test_create' } },
headers: { api_access_token: platform_app.access_token.token }, as: :json
mail_jobs = ActiveJob::Base.queue_adapter.enqueued_jobs.select do |job|
job[:job] == 'ActionMailer::MailDeliveryJob'
end
expect(mail_jobs.count).to eq(0)
##------ revert this block when the issue is fixed
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data).to match(
hash_including(
'name' => 'test',
'display_name' => 'displaytest',
'email' => 'test@test.com',
'custom_attributes' => {
'test' => 'test_create'
}
)
)
expect(platform_app.platform_app_permissibles.first.permissible_id).to eq data['id']
end
it 'fetch existing user and creates permissible for the user' do
create(:user, name: 'old test', email: 'test@test.com')
post '/platform/api/v1/users/', params: { name: 'test', email: 'test@test.com', password: 'Password1!' },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data['name']).to eq('old test')
expect(platform_app.platform_app_permissibles.first.permissible_id).to eq data['id']
end
end
end
describe 'PATCH /platform/api/v1/users/{user_id}' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
patch "/platform/api/v1/users/#{user.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
patch "/platform/api/v1/users/#{user.id}", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
patch "/platform/api/v1/users/#{user.id}", params: { name: 'test' },
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'updates the user attributes' do
create(:platform_app_permissible, platform_app: platform_app, permissible: user)
patch "/platform/api/v1/users/#{user.id}", params: {
name: 'test123', email: 'newtestemail@test.com', custom_attributes: { test: 'test_update' }
},
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
data = response.parsed_body
expect(data['name']).to eq('test123')
expect(data['email']).to eq('newtestemail@test.com')
expect(data['custom_attributes']['test']).to eq('test_update')
end
end
end
describe 'DELETE /platform/api/v1/users/{user_id}' do
context 'when it is an unauthenticated platform app' do
it 'returns unauthorized' do
delete "/platform/api/v1/users/#{user.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an invalid platform app token' do
it 'returns unauthorized' do
delete "/platform/api/v1/users/#{user.id}", headers: { api_access_token: 'invalid' }, as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated platform app' do
let(:platform_app) { create(:platform_app) }
it 'returns unauthorized when its not a permissible object' do
delete "/platform/api/v1/users/#{user.id}", headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:unauthorized)
end
it 'deletes the user' do
create(:platform_app_permissible, platform_app: platform_app, permissible: user)
expect(DeleteObjectJob).to receive(:perform_later).with(user).once
delete "/platform/api/v1/users/#{user.id}",
headers: { api_access_token: platform_app.access_token.token }, as: :json
expect(response).to have_http_status(:success)
end
end
end
end