RubyGems - mno-enterprise-api - Versions diffs - 3.2.1 → 3.3.0 - Mend

mno-enterprise-api 3.2.1 → 3.3.0

Files changed (57) hide show

data/spec/controllers/mno_enterprise/impersonate_controller_spec.rb CHANGED

@@ -26,6 +26,12 @@ module MnoEnterprise
           get :create, user_id: user2.id
           expect(controller.current_user.id).to eq(user2.id)
         end
+        context 'with an organisation id in parameters' do
+          before { get :create, user_id: user.id, dhbRefId: 10 }
+          it { is_expected.to redirect_to('/dashboard/#!?dhbRefId=10') }
+        end
       end
       describe "#destroy" do

data/spec/controllers/mno_enterprise/jpi/v1/admin/audit_events_controller_spec.rb CHANGED

@@ -35,6 +35,15 @@ module MnoEnterprise
           expect(response).to render_template :index
         end
       end
+      context 'csv' do
+        before { request.env["HTTP_ACCEPT"] = 'text/csv' }
+        it 'renders the :index view' do
+          subject
+          expect(response).to render_template :index
+        end
+      end
     end
   end
 end

data/spec/controllers/mno_enterprise/jpi/v1/admin/organizations_controller_spec.rb CHANGED

@@ -67,7 +67,8 @@ module MnoEnterprise
           'name' => organization.name,
           'soa_enabled' => organization.soa_enabled,
           'created_at' => organization.created_at,
-          'credit_card' => {'presence' => organization.credit_card?}
+          'credit_card' => {'presence' => organization.credit_card?},
+          'account_frozen' => organization.account_frozen
         }],
         'metadata' => {'pagination' => {'count' => 1}}
       }
@@ -138,7 +139,7 @@ module MnoEnterprise
       end
       it 'provision the app instances' do
-        params.merge!(app_nids: ['xero', app_instance.app.nid])
+        params[:app_nids] = ['xero', app_instance.app.nid]
         # Track the API call
         create = false

data/spec/controllers/mno_enterprise/jpi/v1/admin/users_controller_spec.rb CHANGED

@@ -13,7 +13,8 @@ module MnoEnterprise
             'id' => org.id,
             'uid' => org.uid,
             'name' => org.name,
-            'created_at' => org.created_at
+            'created_at' => org.created_at,
+            'account_frozen' => org.account_frozen
         }
       end
     end

data/spec/controllers/mno_enterprise/jpi/v1/audit_events_controller_spec.rb ADDED

@@ -0,0 +1,49 @@
+require 'rails_helper'
+module MnoEnterprise
+  describe Jpi::V1::AuditEventsController, type: :controller do
+    include MnoEnterprise::TestingSupport::JpiV1TestHelper
+    render_views
+    routes { MnoEnterprise::Engine.routes }
+    before { request.env["HTTP_ACCEPT"] = 'application/json' }
+    #===============================================
+    # Assignments
+    #===============================================
+    # Stub controller ability
+    let!(:ability) { stub_ability }
+    before { allow(ability).to receive(:can?).with(any_args).and_return(true) }
+    # Stub user and mnoe API calls
+    let(:user) { FactoryGirl.build(:user, :with_organizations) }
+    let(:organization) { user.organizations.first }
+    let(:audit_event) { FactoryGirl.build(:audit_event) }
+    before do
+      api_stub_for(get: "/users/#{user.id}", response: from_api(user))
+      api_stub_for(get: "/users/#{user.id}/organizations", response: from_api([organization]))
+      api_stub_for(get: "/organizations/#{organization.id}", response: from_api(organization))
+      api_stub_for(get: '/audit_events', response: from_api([audit_event]))
+      sign_in user
+    end
+    describe 'GET #index' do
+      subject { get :index, organization_id: organization.id }
+      it_behaves_like "jpi v1 protected action"
+      context 'sucess' do
+        it 'assigns @audit_events' do
+          subject
+          expect(assigns(:audit_events).to_a).to eq([audit_event])
+        end
+        it 'renders the :index view' do
+          subject
+          expect(response).to render_template :index
+        end
+      end
+    end
+  end
+end

data/spec/controllers/mno_enterprise/jpi/v1/current_users_controller_spec.rb CHANGED

@@ -63,9 +63,21 @@ module MnoEnterprise
       hash
     end
+    shared_examples "a user management action" do
+      context 'when Organization management is disabled' do
+        before { Settings.merge!(user_management: {enabled: false}) }
+        before { sign_in user }
+        after { Settings.reload! }
+        it { is_expected.to have_http_status(:forbidden) }
+      end
+    end
     # Stub user retrieval
     let!(:user) { build(:user, :with_deletion_request, :with_organizations, :kpi_enabled) }
     before { api_stub_for(get: "/users/#{user.id}", response: from_api(user)) }
+    before { api_stub_for(get: "/users/#{user.id}/organizations?filter%5Baccount_frozen%5D=false", response: from_api(user.organizations)) }
     describe "GET #show" do
       subject { get :show }
@@ -103,6 +115,8 @@ module MnoEnterprise
       subject { put :update, user: attrs }
+      it_behaves_like 'a user management action'
       describe 'guest' do
         before { subject }
         it { expect(response).to_not be_success }
@@ -132,6 +146,8 @@ module MnoEnterprise
       subject { put :update_password, user: attrs }
+      it_behaves_like 'a user management action'
       describe 'guest' do
         before { subject }
         it { expect(response).to_not be_success }

data/spec/controllers/mno_enterprise/jpi/v1/impac/kpis_controller_spec.rb CHANGED

@@ -24,7 +24,9 @@ module MnoEnterprise
     before { allow_any_instance_of(MnoEnterprise::Impac::Dashboard).to receive(:owner).and_return(user) }
     let(:kpi_targets) { { evolution: [{max: "20"}] } }
-    let(:kpi) { build(:impac_kpi, dashboard: dashboard, targets: kpi_targets) }
+    let(:settings) { {} }
+    let(:extra_params) { [] }
+    let(:kpi) { build(:impac_kpi, dashboard: dashboard, targets: kpi_targets, settings: settings, extra_params: extra_params) }
     let(:kpi_hash) { from_api(kpi)[:data].except(:dashboard) }
     let(:alert) { build(:impac_alert, kpi: kpi) }
@@ -56,7 +58,7 @@ module MnoEnterprise
       before { allow(MnoEnterprise).to receive(:tenant_id).and_return(auth[:username]) }
       before { allow(MnoEnterprise).to receive(:tenant_key).and_return(auth[:password]) }
-      it { subject; expect(response.code).to eq('200') }
+      it { subject; expect(response).to have_http_status(:ok) }
       it "successfully discovers and customises available kpis" do
         expect(MnoEnterprise::ImpacClient).to receive(:send_get)
@@ -75,131 +77,164 @@ module MnoEnterprise
     end
     describe 'POST #create' do
-      subject { post :create, dashboard_id: dashboard.id, kpi: kpi_hash }
-      let (:kpi_targets) { {} }
+      shared_examples "create kpi action" do
-      before do
-        api_stub_for(get: "/dashboards/#{dashboard.id}", response: from_api(dashboard))
-        api_stub_for(post: "/dashboards/#{dashboard.id}/kpis", response: from_api(kpi))
-        api_stub_for(get: "/dashboards/#{dashboard.id}/kpis", response: from_api([]))
-        api_stub_for(get: "/kpis/#{kpi.id}", response: from_api(kpi)) # kpi.reload
-        # TODO: this call should not happen as alerts should be wrapped into the kpi object
-        api_stub_for(get: "/kpis/#{kpi.id}/alerts", response: from_api(alerts_hashes))
-      end
+        it "creates the kpi" do
+          subject
+          expect(assigns(:kpi)).to eq(kpi)
+        end
-      it_behaves_like "jpi v1 authorizable action"
+        context "when there are kpi targets" do
+          let(:kpi_targets) { { evolution: [{max: "20"}] } }
-      it ".dashboard retrieves the correct dashboard" do
-        subject
-        expect(assigns(:dashboard)).to eq(dashboard)
-      end
+          before do
+            api_stub_for(post: "/users/#{user.id}/alerts", response: from_api(alert))
+            api_stub_for(get: "/users/#{user.id}/alerts", response: from_api({}))
+          end
-      it "creates the kpi" do
-        subject
-        expect(assigns(:kpi)).to eq(kpi)
+          it "creates kpi alerts" do
+            subject
+            expect(assigns(:kpi).alerts).to eq([alert])
+            expect(response).to have_http_status(:ok)
+          end
+        end
+        it { subject; expect(response).to have_http_status(:ok) }
       end
-      context "when there are kpi targets" do
-        let(:kpi_targets) { { evolution: [{max: "20"}] } }
+      let (:kpi_targets) { {} }
+      context "a dashboard KPI" do
+        subject { post :create, dashboard_id: dashboard.id, kpi: kpi_hash }
         before do
-          api_stub_for(post: "/users/#{user.id}/alerts", response: from_api(alert))
-          api_stub_for(get: "/users/#{user.id}/alerts", response: from_api({}))
+          api_stub_for(get: "/dashboards/#{dashboard.id}", response: from_api(dashboard))
+          api_stub_for(post: "/dashboards/#{dashboard.id}/kpis", response: from_api(kpi))
+          api_stub_for(get: "/dashboards/#{dashboard.id}/kpis", response: from_api([]))
+          api_stub_for(get: "/kpis/#{kpi.id}", response: from_api(kpi)) # kpi.reload
+          # TODO: this call should not happen as alerts should be wrapped into the kpi object
+          api_stub_for(get: "/kpis/#{kpi.id}/alerts", response: from_api(alerts_hashes))
         end
-        it "creates kpi alerts" do
+        it_behaves_like "jpi v1 authorizable action"
+        it_behaves_like "create kpi action"
+        it ".dashboard retrieves the correct dashboard" do
           subject
-          expect(assigns(:kpi).alerts).to eq([alert])
-          expect(response.code).to eq('200')
+          expect(assigns(:dashboard)).to eq(dashboard)
         end
       end
-      it { subject; expect(response.code).to eq('200') }
-    end
+      context "a widget KPI" do
+        let(:widget) { build(:impac_widget) }
+        subject { post :create, dashboard_id: dashboard.id, kpi: kpi_hash.merge(widget_id: widget.id) }
-    describe 'PUT #update' do
-      let(:kpi_hash) { from_api(kpi)[:data].except(:dashboard).merge(element_watched: 'New Watchable') }
-      let(:params) { {} }
+        before do
+          api_stub_for(get: "/widgets/#{widget.id}", response: from_api(widget))
+          api_stub_for(post: "/widgets/#{widget.id}/kpis", response: from_api(kpi))
+          api_stub_for(get: "/widgets/#{widget.id}/kpis", response: from_api([]))
+          api_stub_for(get: "/kpis/#{kpi.id}", response: from_api(kpi)) # kpi.reload
+          # TODO: this call should not happen as alerts should be wrapped into the kpi object
+          api_stub_for(get: "/kpis/#{kpi.id}/alerts", response: from_api(alerts_hashes))
+        end
-      subject { put :update, id: kpi.id, kpi: kpi_hash.merge(params) }
+        it_behaves_like "jpi v1 authorizable action"
-      before do
-        api_stub_for(get: "/kpis/#{kpi.id}", response: from_api(kpi))
-        api_stub_for(put: "/kpis/#{kpi.id}", response: kpi_hash)
-        api_stub_for(get: "/kpis/#{kpi.id}/alerts", response: from_api(alerts_hashes))
-      end
+        it_behaves_like "create kpi action"
-      before { kpi.save }
+        it ".widget retrieves the correct widget" do
+          subject
+          expect(assigns(:widget)).to eq(widget)
+        end
+      end
+    end
-      it_behaves_like "jpi v1 authorizable action"
+    describe 'PUT #update' do
+      RSpec.shared_examples 'a kpi update action' do
+        it "updates the kpi" do
+          subject
+          expect(assigns(:kpi).element_watched).to eq('New Watchable')
+          expect(response).to have_http_status(:ok)
+        end
-      it "updates the kpi" do
-        subject
-        expect(assigns(:kpi).element_watched).to eq('New Watchable')
-        expect(response.code).to eq('200')
-      end
+        context "target set for the first time" do
+          let(:kpi_targets) { nil }
+          let(:params) { { targets: {evolution: [{max:'20'}]} } }
-      context "target set for the first time" do
-        let(:kpi_targets) { nil }
-        let(:params) { { targets: {evolution: [{max:'20'}]} } }
+          before do
+            api_stub_for(post: "/users/#{user.id}/alerts", response: from_api(alert))
+            api_stub_for(get: "/users/#{user.id}/alerts", response: from_api({}))
+          end
-        before do
-          api_stub_for(post: "/users/#{user.id}/alerts", response: from_api(alert))
-          api_stub_for(get: "/users/#{user.id}/alerts", response: from_api({}))
+          it "creates an alert" do
+            subject
+            expect(assigns(:kpi).alerts).to eq([alert])
+            expect(response).to have_http_status(:ok)
+          end
         end
-        it "creates an alert" do
-          subject
-          expect(assigns(:kpi).alerts).to eq([alert])
-          expect(response.code).to eq('200')
+        context "when targets have changed" do
+          let(:alert) { build(:impac_alert, kpi: kpi, sent: true) }
+          let(:params) { { targets: {evolution: [{max:'30'}]} } }
+          before { api_stub_for(put: "/alerts/#{alert.id}", response: from_api({})) }
+          it "updates the sent status of all the kpi's alerts" do
+            subject
+            expect(assigns(:kpi).alerts).to eq([alert])
+            expect(response).to have_http_status(:ok)
+          end
         end
-      end
-      context "when targets have changed" do
-        let(:alert) { build(:impac_alert, kpi: kpi, sent: true) }
-        let(:params) { { targets: {evolution: [{max:'30'}]} } }
+        context "when no targets are given / targets are nil" do
+          let(:settings) { { currency: 'GBP' } }
+          let(:params) { { targets: nil } }
-        before { api_stub_for(put: "/alerts/#{alert.id}", response: from_api({})) }
+          it "does not remove the kpi targets" do
+            subject
+            expect(assigns(:kpi).targets).to eq(kpi_targets.deep_stringify_keys)
+            expect(response).to have_http_status(:ok)
+          end
+        end
-        it "updates the sent status of all the kpi's alerts" do
-          subject
-          expect(assigns(:kpi).alerts).to eq([alert])
-          expect(response.code).to eq('200')
+        context "when no extra_params are given / extra_params are nil" do
+          let(:settings) { { currency: 'GBP' } }
+          let(:extra_params) { ['some-param'] }
+          let(:params) { { extra_params: nil } }
+          it "does not remove the kpi extra_params" do
+            subject
+            expect(assigns(:kpi).extra_params).to eq(['some-param'])
+            expect(response).to have_http_status(:ok)
+          end
         end
       end
-      context "when a kpi has no targets, nor is being updated with any" do
-        let(:kpi_targets) { nil }
-        let(:params) { { targets: {} } }
+      let(:kpi_hash) { from_api(kpi)[:data].except(:dashboard).merge(element_watched: 'New Watchable') }
+      let(:params) { {} }
-        before { api_stub_for(delete: "/alerts/#{alert.id}", response: from_api({})) }
+      subject { put :update, id: kpi.id, kpi: kpi_hash.merge(params) }
-        it "destroys the kpi's alerts" do
-          subject
-          expect(response.code).to eq('200')
-        end
+      before do
+        api_stub_for(get: "/kpis/#{kpi.id}", response: from_api(kpi))
+        api_stub_for(put: "/kpis/#{kpi.id}", response: kpi_hash)
+        api_stub_for(get: "/kpis/#{kpi.id}/alerts", response: from_api(alerts_hashes))
       end
-      context "when no targets are given / targets are nil" do
-        let(:kpi) { build(:impac_kpi, dashboard: dashboard, targets: kpi_targets, settings: { currency: 'GBP' }) }
-        let(:params) { { targets: nil } }
+      before { kpi.save }
-        it "does not remove the kpi targets" do
-          subject
-          expect(assigns(:kpi).targets).to eq(kpi_targets.deep_stringify_keys)
-          expect(response.code).to eq('200')
-        end
+      context "a dashboard KPI" do
+        it_behaves_like "jpi v1 authorizable action"
+        it_behaves_like "a kpi update action"
       end
-      context "when no extra_params are given / extra_params are nil" do
-        let(:kpi) { build(:impac_kpi, dashboard: dashboard, targets: kpi_targets, extra_params: ['some-param'], settings: { currency: 'GBP' }) }
-        let(:params) { { extra_params: nil } }
+      context "a widget KPI" do
+        let(:widget) { build(:impac_widget) }
+        let(:kpi) { build(:impac_kpi, widget: widget, targets: kpi_targets, settings: settings, extra_params: extra_params) }
-        it "does not remove the kpi extra_params" do
-          subject
-          expect(assigns(:kpi).extra_params).to eq(['some-param'])
-          expect(response.code).to eq('200')
-        end
+        it_behaves_like "jpi v1 authorizable action"
+        it_behaves_like "a kpi update action"
       end
     end
@@ -211,7 +246,7 @@ module MnoEnterprise
       it_behaves_like "jpi v1 authorizable action"
-      it { expect(response.code).to eq('200') }
+      it { expect(response).to have_http_status(:ok) }
     end
   end
 end

data/spec/controllers/mno_enterprise/jpi/v1/marketplace_controller_spec.rb CHANGED

@@ -31,13 +31,19 @@ module MnoEnterprise
         'single_billing' => app.single_billing?,
         'tiny_description' => app.tiny_description,
         'description' => markdown(app.sanitized_description),
+        'known_limitations' => markdown(app.known_limitations),
+        'getting_started' => markdown(app.getting_started),
         'testimonials' => app.testimonials,
         'pictures' => app.pictures,
         'pricing_plans' => app.pricing_plans,
         'rank' => app.rank,
+        'support_url' => app.support_url,
+        'key_workflows'  => app.key_workflows,
+        'key_features' => app.key_features,
         'multi_instantiable' => app.multi_instantiable,
         'subcategories' => app.subcategories,
         'average_rating' => app.average_rating,
+        'add_on' => app.add_on?,
         'running_instances_count' => app.running_instances_count
       }
     end
@@ -72,6 +78,8 @@ module MnoEnterprise
             params: { filter: { 'nid.in' => MnoEnterprise.marketplace_listing } },
             response: from_api([app])
           )
+          # TODO: Shouldn't need to stub this
+          api_stub_for(get: "/apps/#{app.id}/shared_entities", response: from_api([]))
         end
         it { is_expected.to be_success }
@@ -86,6 +94,8 @@ module MnoEnterprise
         before do
           MnoEnterprise.marketplace_listing = nil
           api_stub_for(get: '/apps', response: from_api([app]))
+          # TODO: Shouldn't need to stub this
+          api_stub_for(get: "/apps/#{app.id}/shared_entities", response: from_api([]))
         end
         it { is_expected.to be_success }
@@ -94,55 +104,92 @@ module MnoEnterprise
           subject
           expect(JSON.parse(response.body)).to eq(JSON.parse(hash_for_apps([app]).to_json))
         end
-      end
-    end
-    describe 'GET #show' do
-      before { api_stub_for(get: "/apps/#{app.id}", response: from_api(app)) }
-      subject { get :show, id: app.id }
+        context 'with multiple apps' do
+          let(:app1) { build(:app, rank: 5 ) }
+          let(:app2) { build(:app, rank: 0 ) }
+          before do
+            api_stub_for(get: '/apps', response: from_api([app1, app2]))
+            # TODO: Shouldn't need to stub this
+            api_stub_for(get: "/apps/#{app1.id}/shared_entities", response: from_api([]))
+            api_stub_for(get: "/apps/#{app2.id}/shared_entities", response: from_api([]))
+          end
+          it 'returns the apps in the correct order' do
+            subject
+            expect(assigns(:apps)).to eq([app2, app1])
+          end
+        end
-      it { is_expected.to be_success }
+        context 'when multiples apps and a nil rank' do
+          let(:app1) { build(:app, rank: 5 ) }
+          let(:app2) { build(:app, rank: 0 ) }
+          let(:app3) { build(:app, rank: nil ) }
+          before do
+            api_stub_for(get: '/apps', response: from_api([app1, app3, app2]))
+            # TODO: Shouldn't need to stub this
+            api_stub_for(get: "/apps/#{app1.id}/shared_entities", response: from_api([]))
+            api_stub_for(get: "/apps/#{app2.id}/shared_entities", response: from_api([]))
+            api_stub_for(get: "/apps/#{app3.id}/shared_entities", response: from_api([]))
+          end
+          it 'returns the apps in the correct order' do
+            subject
+            expect(assigns(:apps)).to eq([app2, app1, app3])
+          end
+        end
-      it 'returns the right response' do
-        subject
-        expect(JSON.parse(response.body)).to eq(JSON.parse(hash_for_app(app).to_json))
-      end
-    end
+        describe 'caching' do
+          context 'on the first request' do
+            it { is_expected.to have_http_status(:ok) }
-    describe 'GET #index' do
-      subject { get :index }
+            it 'sets the correct cache headers' do
+              subject
+              header = response.headers['Last-Modified']
-      context 'when multiples apps' do
-        let(:app1) { build(:app, rank: 5 ) }
-        let(:app2) { build(:app, rank: 0 ) }
+              expect(header).to be_present
-        before do
-          MnoEnterprise.marketplace_listing = nil
-          api_stub_for(get: '/apps', response: from_api([app1,app2]))
-        end
+              # Parse and serialise to get correct format and avoid ms difference
+              expect(Time.rfc822(header).in_time_zone.to_s).to eq(app.updated_at.to_s)
+            end
+          end
-        it { is_expected.to be_success }
+          context 'on a subsequent request'  do
-        it 'returns the right response' do
-          subject
-          expect(JSON.parse(response.body)).to eq(JSON.parse(hash_for_apps([app2, app1]).to_json))
+            before do
+              request.env['HTTP_IF_MODIFIED_SINCE'] = last_modified.rfc2822
+            end
+            context 'if it is not stale' do
+              # Can't be based on the previous request due to parsing and rounding issues with ms
+              let(:last_modified) { app.updated_at + 10.minutes }
+              it { is_expected.to have_http_status(:not_modified) }
+            end
+            context 'if it is stale' do
+              let(:last_modified) { app.updated_at - 10.minutes }
+              it { is_expected.to have_http_status(:ok) }
+            end
+          end
         end
       end
+    end
-      context 'when multiples apps and attributes nil' do
-        let(:app1) { build(:app, rank: 5 ) }
-        let(:app2) { build(:app, rank: 0 ) }
-        let(:app3) { build(:app, rank: nil ) }
+    describe 'GET #show' do
+      before do
+        api_stub_for(get: "/apps/#{app.id}", response: from_api(app))
+        # TODO: Shouldn't need to stub this
+        api_stub_for(get: "/apps/#{app.id}/shared_entities", response: from_api([]))
+      end
+      subject { get :show, id: app.id }
-        before do
-          MnoEnterprise.marketplace_listing = nil
-          api_stub_for(get: '/apps', response: from_api([app1,app3,app2]))
-        end
+      it { is_expected.to be_success }
-        it 'returns the right response' do
-          subject
-          expect(JSON.parse(response.body)).to eq(JSON.parse(hash_for_apps([app2, app1, app3]).to_json))
-        end
+      it 'returns the right response' do
+        subject
+        expect(JSON.parse(response.body)).to eq(JSON.parse(hash_for_app(app).to_json))
       end
     end
   end