RubyGems - mno-enterprise-api - Versions diffs - 2.0.0 - Mend

mno-enterprise-api 2.0.0

Files changed (208) hide show

data/spec/controllers/mno_enterprise/jpi/v1/team_controller_spec.rb ADDED Viewed

@@ -0,0 +1,86 @@
+require 'rails_helper'
+module MnoEnterprise
+  describe Jpi::V1::TeamsController, type: :controller do
+    include MnoEnterprise::TestingSupport::JpiV1TestHelper
+    render_views
+    routes { MnoEnterprise::Engine.routes }
+    before { request.env["HTTP_ACCEPT"] = 'application/json' }
+    def users_for_team(team)
+      team.users.map do |user|
+        {
+            'id' => user.id,
+            'name' => user.name,
+            'surname' => user.surname,
+            'email' => user.email,
+            'role' => nil
+        }
+      end
+    end
+    def apps_for_team(team)
+      team.app_instances.map do |app_instance|
+        {
+            'id' => app_instance.id,
+            'name' => app_instance.name,
+            'logo' => app_instance.app.logo
+        }
+      end
+    end
+    def hash_for_team(team)
+      {
+          'team' => {
+              id: team.id,
+              name: team.name,
+              users: users_for_team(team),
+              app_instances: apps_for_team(team)
+          }
+      }
+    end
+    #===============================================
+    # Assignments
+    #===============================================
+    # Stub controller ability
+    let!(:ability) { stub_ability }
+    before { allow(ability).to receive(:can?).with(any_args).and_return(true) }
+    # Stub user and user call
+    let(:user) { build(:user, :with_organizations) }
+    let(:user2) { build(:user, :with_organizations, name: "Joe") }
+    let(:organization) { build(:organization) }
+    let(:team) { build(:team, organization: organization) }
+    let(:app_instance) { build(:app_instance) }
+    before do
+      api_stub_for(get: "/users/#{user.id}", response: from_api(user))
+      api_stub_for(get: "/users/#{user.id}/organizations", response: from_api(organization))
+      api_stub_for(post: "/organizations", response: from_api(organization))
+      api_stub_for(get: "/organizations/#{organization.id}/users", response: from_api([user]))
+      api_stub_for(post: "/organizations/#{organization.id}/users", response: from_api(user))
+      api_stub_for(get: "/organizations/#{organization.id}/teams", response: from_api([team]))
+      api_stub_for(get: "/teams/#{team.id}", response: from_api(team))
+      api_stub_for(get: "/teams/#{team.id}/app_instances", response: from_api([app_instance]))
+      api_stub_for(get: "/teams/#{team.id}/users", response: from_api([user, user2]))
+      sign_in user
+    end
+    #===============================================
+    # Specs
+    #===============================================
+    describe 'PUT #add_users' do
+      subject { put :add_users, id: team.id }
+      context 'success' do
+        before { subject }
+        it 'returns a list of teams' do
+          expect(response).to be_success
+          expect(JSON.parse(response.body)).to eq(JSON.parse(hash_for_team(team).to_json))
+        end
+      end
+    end
+  end
+end

data/spec/controllers/mno_enterprise/org_invites_controller_spec.rb ADDED Viewed

@@ -0,0 +1,29 @@
+require 'rails_helper'
+module MnoEnterprise
+  describe OrgInvitesController, type: :controller do
+    render_views
+    routes { MnoEnterprise::Engine.routes }
+    let(:user) { build(:user) }
+    #before { api_stub_for(get: "/users/#{user.id}", response: from_api(user)) }
+    #before { api_stub_for(put: "/users/#{user.id}", response: from_api(user)) }
+    describe "GET #show" do
+      before { sign_in user }
+      subject { get :show }
+      # it_behaves_like "a navigatable protected user action"
+      #
+      # it "assigns the right meta information" do
+      #   get :myspace
+      #   meta = {}
+      #   meta[:title] = "Dashboard"
+      #   meta[:description] = "Dashboard"
+      #   assigns(:meta).should == meta
+      # end
+    end
+  end
+end

data/spec/controllers/mno_enterprise/pages_controller_spec.rb ADDED Viewed

@@ -0,0 +1,49 @@
+require 'rails_helper'
+module MnoEnterprise
+  describe PagesController, type: :controller do
+    render_views
+    routes { MnoEnterprise::Engine.routes }
+    let(:user) { build(:user) }
+    let(:app_instance) { build(:app_instance) }
+    before do
+      api_stub_for(get: "/users/#{user.id}", response: from_api(user))
+      api_stub_for(put: "/users/#{user.id}", response: from_api(user))
+      api_stub_for(get: "/app_instances", response: from_api([app_instance]))
+    end
+    describe 'GET #launch' do
+      let(:app_instance) { build(:app_instance) }
+      before { sign_in user }
+      subject { get :launch, id: app_instance.uid }
+      it_behaves_like "a navigatable protected user action"
+      it 'redirect to the mno enterprise launch page with a web token' do
+        subject
+        expect(response).to redirect_to(MnoEnterprise.router.launch_url(app_instance.uid, wtk: MnoEnterprise.jwt({user_id: user.uid})))
+      end
+    end
+    describe 'GET #app_access_unauthorized' do
+      subject { get :app_access_unauthorized }
+      before { subject }
+      it { expect(response).to be_success }
+    end
+    describe 'GET #billing_details_required' do
+      subject { get :billing_details_required }
+      before { subject }
+      it { expect(response).to be_success }
+    end
+    describe 'GET #app_logout' do
+      subject { get :app_logout }
+      before { subject }
+      it { expect(response).to be_success }
+    end
+  end
+end

data/spec/controllers/mno_enterprise/provision_controller_spec.rb ADDED Viewed

@@ -0,0 +1,94 @@
+require 'rails_helper'
+module MnoEnterprise
+  describe ProvisionController, type: :controller do
+    render_views
+    routes { MnoEnterprise::Engine.routes }
+    # Create user and organization + mutual associations
+    let(:organization) { build(:organization) }
+    let(:user) { build(:user, :admin) }
+    let!(:ability) { stub_ability }
+    before do
+      api_stub_for(get: "/users/#{user.id}", response: from_api(user))
+      allow(organization).to receive(:users).and_return([user])
+      allow_any_instance_of(User).to receive(:organizations).and_return([organization])
+    end
+    describe 'GET #new' do
+      let(:params_org_id) { organization.id }
+      let(:params) { {apps: ['vtiger'], organization_id: params_org_id} }
+      subject { get :new, params }
+      describe 'guest' do
+        before { subject }
+        it { expect(response).to redirect_to(new_user_registration_path) }
+      end
+      # TODO: ability to add app instances for an organization
+      describe 'signed in and missing organization with multiple organizations available' do
+        let(:params_org_id) { nil }
+        let(:authorized) { true }
+        before do
+          allow_any_instance_of(User).to receive(:organizations).and_return([organization, organization])
+          sign_in user
+          allow(ability).to receive(:can?).with(any_args).and_return(authorized)
+          subject
+        end
+        it { expect(response).to render_template('mno_enterprise/provision/_select_organization') }
+        describe "unauthorized" do
+          let(:authorized) { false }
+          it { expect(response).to redirect_to(root_path) }
+        end
+      end
+      describe 'signed in and missing organization with one organization available' do
+        let(:params_org_id) { nil }
+        let(:authorized) { true }
+        before do
+          sign_in user
+          allow(ability).to receive(:can?).with(any_args).and_return(authorized)
+          subject
+        end
+        it { expect(response).to render_template('mno_enterprise/provision/_provision_apps') }
+        describe "unauthorized" do
+          let(:authorized) { false }
+          it { expect(response).to redirect_to(root_path) }
+        end
+      end
+    end
+    describe 'POST #create' do
+      let(:params_org_id) { organization.id }
+      let(:app_instance) { build(:app_instance) }
+      let(:params) { {apps: ['vtiger'], organization_id: params_org_id} }
+      subject { post :create, params }
+      before do
+        api_stub_for(get: "/organizations/#{params_org_id}/app_instances", response: from_api([app_instance]))
+        api_stub_for(post: "/organizations/#{params_org_id}/app_instances", response: from_api(app_instance))
+      end
+      describe 'guest' do
+        before { subject }
+        it { expect(response).to_not be_success }
+      end
+      describe 'signed in' do
+        let(:authorized) { true }
+        before do
+          sign_in user
+          allow(ability).to receive(:can?).with(any_args).and_return(authorized)
+          subject
+        end
+        it { expect(response).to be_success }
+      end
+    end
+  end
+end

data/spec/controllers/mno_enterprise/status_controller_spec.rb ADDED Viewed

@@ -0,0 +1,34 @@
+require 'rails_helper'
+module MnoEnterprise
+  describe StatusController, type: :controller do
+    routes { MnoEnterprise::Engine.routes }
+    describe 'GET #ping' do
+      before { get :ping }
+      it { is_expected.to respond_with(200) }
+      it { expect(response.body).to eq({status: 'Ok'}.to_json) }
+    end
+    describe 'GET #version' do
+      before { get :version }
+      let(:data) { JSON.parse(response.body) }
+      it { is_expected.to respond_with(200) }
+      it 'returns the main app version' do
+        puts MnoEnterprise::APP_VERSION
+        expect(data['app-version']).to eq(MnoEnterprise::APP_VERSION)
+      end
+      it 'returns the mnoe-version' do
+        expect(data['mno-enteprise-version']).to eq(MnoEnterprise::VERSION)
+      end
+      it 'returns the environment' do
+        expect(data['env']).to eq('test')
+      end
+    end
+  end
+end

data/spec/controllers/mno_enterprise/webhook/o_auth_controller_spec.rb ADDED Viewed

@@ -0,0 +1,104 @@
+require 'rails_helper'
+def main_app
+  Rails.application.class.routes.url_helpers
+end
+module MnoEnterprise
+  describe Webhook::OAuthController, type: :controller do
+    render_views
+    routes { MnoEnterprise::Engine.routes }
+    # Stub controller ability
+    let!(:ability) { stub_ability }
+    let(:extra_params) { {some: 'param'} }
+    before { allow(ability).to receive(:can?).with(any_args).and_return(true) }
+    # Stub model calls
+    let(:user) { build(:user) }
+    let(:organization) { build(:organization) }
+    let(:app) { build(:app) }
+    let(:app_instance) { build(:app_instance) }
+    before { api_stub_for(get: "/users/#{user.id}", response: from_api(user)) }
+    before { api_stub_for(get: "/app_instances", response: from_api([app_instance])) }
+    before { allow_any_instance_of(MnoEnterprise::AppInstance).to receive(:app).and_return(app) }
+    describe 'GET #authorize' do
+      let(:redir_params) { extra_params.reject { |k, v| k.to_sym == :perform } }
+      let(:redirect_url) { MnoEnterprise.router.authorize_oauth_url(app_instance.uid, redir_params.merge(wtk: MnoEnterprise.jwt(user_id: user.uid))) }
+      subject { get :authorize, extra_params.merge(id: app_instance.uid) }
+      before { sign_in user }
+      it_behaves_like 'a navigatable protected user action'
+      it_behaves_like 'a user protected resource'
+      it { subject; expect(response).to be_success }
+      it { subject; expect(assigns(:redirect_to)).to eq(redirect_url) }
+      Webhook::OAuthController::PROVIDERS_WITH_OPTIONS.each do |provider|
+        describe "#{provider.capitalize} provider" do
+          let(:app) { build(:app, nid: provider.parameterize) }
+          it { subject; expect(response).to render_template("providers/#{provider.parameterize}") }
+          context 'with perform=true' do
+            let(:extra_params) { {perform: true} }
+            it { subject; expect(assigns(:redirect_to)).to eq(redirect_url) }
+          end
+        end
+      end
+    end
+    describe 'GET #callback' do
+      subject { get :callback, id: app_instance.uid }
+      context 'when session has redirect_path' do
+        before { session[:redirect_path] = 'http://www.example.com/redirect' }
+        it { subject; expect(response).to redirect_to('http://www.example.com/redirect') }
+      end
+      context 'when there is on oauth error' do
+        subject { get :callback, id: app_instance.uid, oauth: {error: :unauthorized} }
+        let(:fragment) { "#?#{URI.encode_www_form([['flash', {msg: 'We could not validate your credentials, please try again', type: :error}.to_json]])}" }
+        it { subject; expect(response).to redirect_to(main_app.root_path + fragment) }
+      end
+      it { subject; expect(response).to redirect_to(main_app.root_path) }
+    end
+    describe 'GET #disconnect' do
+      let(:redirect_url) { MnoEnterprise.router.disconnect_oauth_url(app_instance.uid, extra_params.merge(wtk: MnoEnterprise.jwt(user_id: user.uid))) }
+      subject { get :disconnect, extra_params.merge(id: app_instance.uid) }
+      before { sign_in user }
+      it_behaves_like 'a navigatable protected user action'
+      it_behaves_like 'a user protected resource'
+      it { subject; expect(response).to redirect_to(redirect_url) }
+    end
+    describe 'GET #sync' do
+      let(:redirect_url) { MnoEnterprise.router.sync_oauth_url(app_instance.uid, extra_params.merge(wtk: MnoEnterprise.jwt(user_id: user.uid))) }
+      before { sign_in user }
+      subject { get :sync, extra_params.merge(id: app_instance.uid) }
+      it_behaves_like 'a navigatable protected user action'
+      it_behaves_like 'a user protected resource'
+      it { subject; expect(response).to redirect_to(redirect_url) }
+    end
+    describe '#add_param_to_fragment' do
+      let(:controller) { described_class.new }
+      it { expect(subject.send(:add_param_to_fragment, '/#/platform/accounts', 'foo', 'bar')).to eq('/#/platform/accounts?foo=bar') }
+      it { expect(subject.send(:add_param_to_fragment, '/', 'foo', 'bar')).to eq('/#?foo=bar') }
+      it { expect(subject.send(:add_param_to_fragment, '/#/platform/dashboard/he/43?en=690', 'foo', 'bar')).to eq('/#/platform/dashboard/he/43?en=690&foo=bar') }
+      it { expect(subject.send(:add_param_to_fragment, '/#/platform/dashboard/he/43?en=690', 'foo', [{msg: 'yolo'}])).to eq('/#/platform/dashboard/he/43?en=690&foo=%7B%3Amsg%3D%3E%22yolo%22%7D') }
+    end
+  end
+end

data/spec/lib/mno_enterprise/event_logger_spec.rb ADDED Viewed

@@ -0,0 +1,28 @@
+require 'rails_helper'
+module MnoEnterprise
+  RSpec.describe EventLogger do
+    def info_data(user)
+      {
+          data: {
+              key: 'user_update_password',
+              user_id: user.id,
+              description: 'User password change',
+              metadata: user.email,
+              subject_type: user.class.name,
+              subject_id: user.id
+          }
+      }
+    end
+    let(:user) { build(:user) }
+    describe "#info" do
+      subject { MnoEnterprise::EventLogger.info('user_update_password', user.id, "User password change", user.email, user) }
+      it { expect(subject.code).to eq(200) }
+      it { expect(subject.request.options[:body]).to eq(info_data(user)) }
+    end
+  end
+end

data/spec/mailer/mno_enterprise/system_notification_mailer_spec.rb ADDED Viewed

@@ -0,0 +1,132 @@
+require 'rails_helper'
+module MnoEnterprise
+  RSpec.describe SystemNotificationMailer do
+    subject { SystemNotificationMailer }
+    before { MnoEnterprise::Engine.routes.default_url_options = {host: 'http://localhost:3000'} }
+    let(:routes) { MnoEnterprise::Engine.routes.url_helpers }
+    let(:user) { build(:user) }
+    let(:token) { "1sd5f323S1D5AS" }
+    let(:deletion_request) { build(:deletion_request) }
+    # Commonly used mandrill variables
+    def user_vars(user)
+      { first_name: user.name, last_name: user.surname, full_name: "#{user.name} #{user.surname}".strip }
+    end
+    def invite_vars(org_invite)
+      new_user = !org_invite.user.confirmed?
+      {
+        organization: org_invite.organization.name,
+        team: org_invite.team ? org_invite.team.name : nil,
+        ref_first_name: org_invite.referrer.name,
+        ref_last_name: org_invite.referrer.surname,
+        ref_full_name: "#{org_invite.referrer.name} #{org_invite.referrer.surname}".strip,
+        ref_email: org_invite.referrer.email,
+        invitee_first_name: new_user ? nil : org_invite.user.name,
+        invitee_last_name: new_user ? nil : org_invite.user.surname,
+        invitee_full_name: new_user ? nil : "#{org_invite.user.name} #{org_invite.user.surname}".strip,
+        invitee_email: org_invite.user.email,
+      }
+    end
+    describe 'confirmation_instructions' do
+      describe 'new user' do
+        it 'sends the right email' do
+          expect(MandrillClient).to receive(:deliver).with('confirmation-instructions',
+            SystemNotificationMailer::DEFAULT_SENDER,
+            { name: "#{user.name} #{user.surname}".strip, email: user.email },
+            user_vars(user).merge(confirmation_link: routes.user_confirmation_url(confirmation_token: token))
+          )
+          subject.confirmation_instructions(user,token).deliver_now
+        end
+      end
+      describe 'existing user with new email address' do
+        before { allow_any_instance_of(MnoEnterprise::User).to receive(:confirmed?).and_return(true) }
+        before { allow_any_instance_of(MnoEnterprise::User).to receive(:unconfirmed_email?).and_return(true) }
+        it 'sends the right email' do
+          expect(MandrillClient).to receive(:deliver).with('reconfirmation-instructions',
+            SystemNotificationMailer::DEFAULT_SENDER,
+            { name: "#{user.name} #{user.surname}".strip, email: user.email },
+            user_vars(user).merge(confirmation_link: routes.user_confirmation_url(confirmation_token: token))
+          )
+          subject.confirmation_instructions(user,token).deliver_now
+        end
+      end
+    end
+    describe 'reset_password_instructions' do
+      it 'sends the right email' do
+        expect(MandrillClient).to receive(:deliver).with('reset-password-instructions',
+          SystemNotificationMailer::DEFAULT_SENDER,
+          { name: "#{user.name} #{user.surname}".strip, email: user.email },
+          user_vars(user).merge(reset_password_link: routes.edit_user_password_url(reset_password_token: token))
+        )
+        subject.reset_password_instructions(user,token).deliver_now
+      end
+    end
+    describe 'unlock_instructions' do
+      it 'sends the right email' do
+        expect(MandrillClient).to receive(:deliver).with('unlock-instructions',
+          SystemNotificationMailer::DEFAULT_SENDER,
+          { name: "#{user.name} #{user.surname}".strip, email: user.email },
+          user_vars(user).merge(unlock_link: routes.user_unlock_url(unlock_token: token))
+        )
+        subject.unlock_instructions(user,token).deliver_now
+      end
+    end
+    describe 'organization_invite' do
+      let(:invitee) { build(:user) }
+      let(:org_invite) { build(:org_invite, user: invitee, referrer: user) }
+      context 'when invitee is a confirmed user' do
+        it 'sends the right email' do
+          expect(MandrillClient).to receive(:deliver).with('organization-invite-existing-user',
+            SystemNotificationMailer::DEFAULT_SENDER,
+            { name: "#{invitee.name} #{invitee.surname}".strip, email: invitee.email },
+            invite_vars(org_invite).merge(confirmation_link: routes.org_invite_url(id: org_invite.id, token: org_invite.token))
+          )
+          subject.organization_invite(org_invite).deliver_now
+        end
+      end
+      context 'when inviteee is an unconfirmed user' do
+        let(:invitee) { build(:user, :unconfirmed) }
+        it 'sends the right email' do
+          expect(MandrillClient).to receive(:deliver).with('organization-invite-new-user',
+            SystemNotificationMailer::DEFAULT_SENDER,
+            { email: invitee.email },
+            invite_vars(org_invite).merge(confirmation_link: routes.user_confirmation_url(confirmation_token: invitee.confirmation_token))
+          )
+          subject.organization_invite(org_invite).deliver_now
+        end
+      end
+    end
+    describe 'deletion_request_instructions' do
+      it 'sends the correct email' do
+        expect(MandrillClient).to receive(:deliver).with('deletion-request-instructions',
+          SystemNotificationMailer::DEFAULT_SENDER,
+          { name: "#{user.name} #{user.surname}".strip, email: user.email },
+          user_vars(user).merge(terminate_account_link: routes.deletion_request_url(deletion_request))
+        )
+        subject.deletion_request_instructions(user,deletion_request).deliver_now
+      end
+    end
+  end
+end