RubyGems - mno-enterprise-api - Versions diffs - 3.3.3 → 3.4.0 - Mend

mno-enterprise-api 3.3.3 → 3.4.0

Files changed (41) hide show

data/spec/controllers/mno_enterprise/jpi/v1/admin/invoices_controller_spec.rb CHANGED

@@ -158,7 +158,7 @@ module MnoEnterprise
         it { expect(response).to be_success }
         it 'returns a valid amount' do
-          expected = {'last_portfolio_amount' => {'amount' => tenant.last_portfolio_amount.amount, 'currency' => tenant.last_portfolio_amount.currency_as_string}}
+          expected = {'last_portfolio_amount' => {'amount' => tenant.last_portfolio_amount.amount, 'currency' => tenant.last_portfolio_amount.currency.to_s}}
           expect(response.body).to eq(expected.to_json)
         end

data/spec/controllers/mno_enterprise/jpi/v1/admin/organizations_controller_spec.rb CHANGED

@@ -70,7 +70,8 @@ module MnoEnterprise
           'name' => organization.name,
           'soa_enabled' => organization.soa_enabled,
           'created_at' => organization.created_at,
-          'account_frozen' => organization.account_frozen
+          'account_frozen' => organization.account_frozen,
+          'financial_year_end_month' => organization.financial_year_end_month
         }],
         'metadata' => {'pagination' => {'count' => 1}}
       }

data/spec/controllers/mno_enterprise/jpi/v1/admin/sub_tenants_controller_spec.rb ADDED

@@ -0,0 +1,172 @@
+require 'rails_helper'
+module MnoEnterprise
+  describe Jpi::V1::Admin::SubTenantsController, type: :controller do
+    include MnoEnterprise::TestingSupport::SharedExamples::JpiV1Admin
+    render_views
+    routes { MnoEnterprise::Engine.routes }
+    before { request.env['HTTP_ACCEPT'] = 'application/json' }
+    def hash_for_sub_tenants(sub_tenants)
+      {
+        'sub_tenants' => sub_tenants.map { |s| partial_hash_for_sub_tenant(s) },
+        'metadata' => {'pagination' => {'count' => sub_tenants.count}}
+      }
+    end
+    def hash_for_sub_tenant(s)
+      hash = partial_hash_for_sub_tenant(s).merge(
+        {
+          'clients' => s.clients.map { |c| hash_for_client(c) },
+          'account_managers' => s.account_managers.map { |c| hash_account_manager(c) },
+        })
+      {'sub_tenant' => hash}
+    end
+    def partial_hash_for_sub_tenant(s)
+      {
+        'id' => s.id,
+        'name' => s.name,
+        'created_at' => s.created_at,
+        'updated_at' => s.updated_at,
+        'client_ids' => s.client_ids,
+        'account_manager_ids' => s.account_manager_ids
+      }
+    end
+    def hash_for_client(client)
+      {
+        'id' => client.id,
+        'uid' => client.uid,
+        'name' => client.name,
+        'created_at' => client.created_at
+      }
+    end
+    def hash_account_manager(user)
+      {
+        'id' => user.id,
+        'uid' => user.uid,
+        'name' => user.name,
+        'surname' => user.surname,
+        'email' => user.email,
+        'created_at' => user.created_at,
+        'admin_role' => user.admin_role
+      }
+    end
+    shared_examples_for 'unauthorized access' do
+      it { expect(subject).to_not be_success }
+      it do
+        subject
+        expect(response.status).to eq(401)
+      end
+    end
+    #===============================================
+    # Specs
+    #===============================================
+    let(:current_user) { build(:user, :admin) }
+    let(:user) { build(:user) }
+    let(:organization) { build(:organization) }
+    let(:sub_tenant) { build(:sub_tenant, account_managers: [user], clients: [organization]) }
+    before do
+      api_stub_for(get: '/sub_tenants', response: from_api([sub_tenant]))
+      api_stub_for(get: "/sub_tenants/#{sub_tenant.id}", response: from_api(sub_tenant))
+      api_stub_for(get: "/users/#{current_user.id}", response: from_api(current_user))
+      api_stub_for(get: "/users/#{current_user.id}/organizations", response: from_api([organization]))
+      sign_in current_user
+    end
+    describe '#index' do
+      subject { get :index }
+      context 'not admin' do
+        let(:current_user) { build(:user) }
+        it_behaves_like 'unauthorized access'
+      end
+      context 'admin' do
+        context 'success' do
+          before { subject }
+          it 'returns a list of sub_tenant' do
+            expect(response).to be_success
+            expect(JSON.parse(response.body)).to eq(JSON.parse(hash_for_sub_tenants([sub_tenant]).to_json))
+          end
+        end
+      end
+    end
+    describe 'GET #show' do
+      subject { get :show, id: sub_tenant.id }
+      before do
+        api_stub_for(get: "/sub_tenants/#{sub_tenant.id}/clients", response: from_api([organization]))
+        api_stub_for(get: "/sub_tenants/#{sub_tenant.id}/account_managers", response: from_api([user]))
+      end
+      context 'not admin' do
+        let(:current_user) { build(:user) }
+        it_behaves_like 'unauthorized access'
+      end
+      context 'admin' do
+        it_behaves_like 'a jpi v1 admin action'
+        context 'success' do
+          before { subject }
+          it 'returns a complete description of the sub_tenant' do
+            expect(response).to be_success
+            expect(JSON.parse(response.body)).to eq(JSON.parse(hash_for_sub_tenant(sub_tenant).to_json))
+          end
+        end
+      end
+    end
+    describe 'PUT #update' do
+      subject { put :update, id: sub_tenant.id, sub_tenant: {name: 'new name'} }
+      before do
+        api_stub_for(get: "/sub_tenants/#{sub_tenant.id}", response: from_api(sub_tenant))
+        api_stub_for(put: "/sub_tenants/#{sub_tenant.id}", response: -> { sub_tenant.name = 'new name'; from_api(sub_tenant) })
+        sign_in current_user
+      end
+      it_behaves_like 'a jpi v1 admin action' do
+        before { api_stub_for(get: "/users/#{user.id}/organizations", response: from_api([organization])) }
+      end
+      context 'not admin' do
+        let(:current_user) { build(:user) }
+        it_behaves_like 'unauthorized access'
+      end
+      context 'admin' do
+        before { subject }
+        context 'success' do
+          it { expect(response).to be_success }
+          # Test that the user is updated by testing the api endpoint was called
+          it { expect(sub_tenant.name).to eq('new name') }
+        end
+      end
+    end
+    describe 'DELETE #destroy' do
+      subject { delete :destroy, id: sub_tenant.id }
+      before do
+        api_stub_for(get: "/sub_tenants/#{sub_tenant.id}", response: from_api(sub_tenant))
+        api_stub_for(delete: "/sub_tenants/#{sub_tenant.id}")
+        sign_in current_user
+      end
+      it_behaves_like 'a jpi v1 admin action'
+      context 'not admin' do
+        let(:current_user) { build(:user) }
+        it_behaves_like 'unauthorized access'
+      end
+      context 'admin' do
+        context 'success' do
+          it { subject }
+        end
+      end
+    end
+  end
+end

data/spec/controllers/mno_enterprise/jpi/v1/admin/users_controller_spec.rb CHANGED

@@ -7,15 +7,25 @@ module MnoEnterprise
     routes { MnoEnterprise::Engine.routes }
     before { request.env["HTTP_ACCEPT"] = 'application/json' }
-    def partial_hash_for_organization(user)
+    def partial_hash_for_organizations(user)
       user.organizations.map do |org|
-        {
-            'id' => org.id,
-            'uid' => org.uid,
-            'name' => org.name,
-            'created_at' => org.created_at,
-            'account_frozen' => org.account_frozen
-        }
+        hash_for_organization(org)
+      end
+    end
+    def hash_for_organization(org)
+      {
+        'id' => org.id,
+        'uid' => org.uid,
+        'name' => org.name,
+        'account_frozen' => org.account_frozen,
+        'created_at' => org.created_at
+      }
+    end
+    def partial_hash_for_clients(user)
+      user.clients.map do |org|
+        hash_for_organization(org)
       end
     end
@@ -29,9 +39,12 @@ module MnoEnterprise
           'surname' => user.surname,
           'admin_role' => user.admin_role,
           'created_at' => user.created_at,
+          'updated_at' => user.updated_at,
           'last_sign_in_at' => user.last_sign_in_at,
           'confirmed_at' => user.confirmed_at,
-          'sign_in_count' => user.sign_in_count
+          'sign_in_count' => user.sign_in_count,
+          'mnoe_sub_tenant_id' => user.mnoe_sub_tenant_id,
+          'client_ids' => user.client_ids
       }
     end
@@ -44,7 +57,7 @@ module MnoEnterprise
     def hash_for_user(user)
       hash = {
-          'user' => partial_hash_for_user(user).merge('organizations' => partial_hash_for_organization(user))
+          'user' => partial_hash_for_user(user).merge('organizations' => partial_hash_for_organizations(user), 'clients' => partial_hash_for_clients(user))
       }
       return hash
@@ -55,11 +68,15 @@ module MnoEnterprise
     # Assignments
     #===============================================
     # Stub user and user call
-    let(:user) { build(:user, :admin, :with_organizations) }
+    let(:user) { build(:user, :admin, :with_organizations, :with_clients) }
+    let(:organization) { build(:organization) }
     before do
       api_stub_for(get: "/users", response: from_api([user]))
       api_stub_for(get: "/users/#{user.id}", response: from_api(user))
-      api_stub_for(get: "/users/#{user.id}/organizations", response: from_api(user))
+      api_stub_for(get: "/users/#{user.id}/organizations", response: from_api([organization]))
+      api_stub_for(get: "/users/#{user.id}/clients", response: from_api([organization]))
       sign_in user
     end

data/spec/controllers/mno_enterprise/jpi/v1/current_users_controller_spec.rb CHANGED

@@ -34,7 +34,8 @@ module MnoEnterprise
           'sso_session' => res.sso_session,
           'admin_role' => res.admin_role,
           'avatar_url' => avatar_url(res),
-          'tos_accepted_at' => res.meta_data[:tos_accepted_at] || false
+          'tos_accepted_at' => res.meta_data[:tos_accepted_at] || false,
+          'mnoe_sub_tenant_id' => res.mnoe_sub_tenant_id
       }
       if res.id
@@ -47,7 +48,8 @@ module MnoEnterprise
               'currency' => 'AUD',
               'current_user_role' => o.role,
               'has_myob_essentials_only' => o.has_myob_essentials_only?,
-              'financial_year_end_month' => o.financial_year_end_month
+              'financial_year_end_month' => o.financial_year_end_month,
+              'acl' => o.acl
           }
         end

data/spec/controllers/mno_enterprise/jpi/v1/impac/dashboards_controller_spec.rb CHANGED

@@ -37,6 +37,7 @@ module MnoEnterprise
       end
     end
+    let!(:ability) { stub_ability }
     let(:user) { build(:user, :with_organizations) }
     let(:org) { build(:organization, users: [user]) }
     let(:metadata) { { hist_parameters: { from: '2015-01-01', to: '2015-03-31', period: 'MONTHLY' } } }
@@ -130,6 +131,10 @@ module MnoEnterprise
     end
     describe 'POST #create' do
+      subject { post :create, user_id: user.id, dashboard: dashboard_params }
+      include_context "#{described_class}: dashboard dependencies stubs"
       before do
         api_stub_for(
           post: "users/#{user.id}/dashboards",
@@ -140,20 +145,24 @@ module MnoEnterprise
           get: "users/#{user.id}/dashboards",
           response: from_api([dashboard])
         )
+        allow(ability).to receive(:can?).with(:create_impac_dashboards, any_args).and_return(true)
       end
-      include_context "#{described_class}: dashboard dependencies stubs"
-      subject { post :create, user_id: user.id, dashboard: dashboard_params }
       it_behaves_like "jpi v1 protected action"
-      it 'returns a dashboard' do
-        subject
-        expect(JSON.parse(response.body)).to eq(hash_for_dashboard)
+      context 'when authorized' do
+        it 'returns a dashboard' do
+          subject
+          expect(JSON.parse(response.body)).to eq(hash_for_dashboard)
+        end
       end
     end
     describe 'PUT #update' do
+      subject { put :update, id: dashboard.id, dashboard: dashboard_params }
+      include_context "#{described_class}: dashboard dependencies stubs"
       before do
         api_stub_for(
           get: "users/#{user.id}/dashboards/#{dashboard.id}",
@@ -163,10 +172,8 @@ module MnoEnterprise
           put: "dashboards/#{dashboard.id}",
           response: from_api(dashboard)
         )
+        allow(ability).to receive(:can?).with(:update_impac_dashboards, any_args).and_return(true)
       end
-      include_context "#{described_class}: dashboard dependencies stubs"
-      subject { put :update, id: dashboard.id, dashboard: dashboard_params }
       it_behaves_like "jpi v1 protected action"
@@ -177,6 +184,10 @@ module MnoEnterprise
     end
     describe "DELETE destroy" do
+      subject { delete :destroy, id: dashboard.id }
+      include_context "#{described_class}: dashboard dependencies stubs"
       before do
         api_stub_for(
           get: "users/#{user.id}/dashboards/#{dashboard.id}",
@@ -186,15 +197,17 @@ module MnoEnterprise
           delete: "dashboards/#{dashboard.id}",
           response: from_api(dashboard)
         )
+        allow(ability).to receive(:can?).with(:destroy_impac_dashboards, any_args).and_return(true)
       end
-      include_context "#{described_class}: dashboard dependencies stubs"
-      subject { delete :destroy, id: dashboard.id }
       it_behaves_like "jpi v1 protected action"
     end
     describe 'POST copy' do
+      subject { post :copy, id: template.id, dashboard: dashboard_params }
+      include_context "#{described_class}: dashboard dependencies stubs"
       let(:template) { build(:impac_dashboard, dashboard_type: 'template') }
       before do
@@ -207,10 +220,8 @@ module MnoEnterprise
           post: "/dashboards/#{template.id}/copy",
           response: from_api(dashboard)
         )
+        allow(ability).to receive(:can?).with(:create_impac_dashboards, any_args).and_return(true)
       end
-      include_context "#{described_class}: dashboard dependencies stubs"
-      subject { post :copy, id: template.id, dashboard: dashboard_params }
       it_behaves_like "jpi v1 protected action"

data/spec/controllers/mno_enterprise/jpi/v1/impac/kpis_controller_spec.rb CHANGED

@@ -78,7 +78,6 @@ module MnoEnterprise
     describe 'POST #create' do
       shared_examples "create kpi action" do
         it "creates the kpi" do
           subject
           expect(assigns(:kpi)).to eq(kpi)
@@ -89,6 +88,8 @@ module MnoEnterprise
       let (:kpi_targets) { {} }
+      before { allow(ability).to receive(:can?).with(:create_impac_kpis, any_args).and_return(true) }
       context "a dashboard KPI" do
         subject { post :create, dashboard_id: dashboard.id, kpi: kpi_hash }
@@ -170,6 +171,8 @@ module MnoEnterprise
     end
     describe 'PUT #update' do
+      subject { put :update, id: kpi.id, kpi: kpi_hash.merge(params) }
       RSpec.shared_examples 'a kpi update action' do
         it "updates the kpi" do
           subject
@@ -233,16 +236,14 @@ module MnoEnterprise
       let(:kpi_hash) { from_api(kpi)[:data].except(:dashboard).merge(element_watched: 'New Watchable') }
       let(:params) { {} }
-      subject { put :update, id: kpi.id, kpi: kpi_hash.merge(params) }
       before do
         api_stub_for(get: "/kpis/#{kpi.id}", response: from_api(kpi))
         api_stub_for(put: "/kpis/#{kpi.id}", response: kpi_hash)
         api_stub_for(get: "/kpis/#{kpi.id}/alerts", response: from_api(alerts_hashes))
+        allow(ability).to receive(:can?).with(:update_impac_kpis, any_args).and_return(true)
+        kpi.save
       end
-      before { kpi.save }
       context "a dashboard KPI" do
         it_behaves_like "jpi v1 authorizable action"
         it_behaves_like "a kpi update action"
@@ -260,8 +261,11 @@ module MnoEnterprise
     describe 'DELETE #destroy' do
       subject { delete :destroy, id: kpi.id }
-      before { api_stub_for(get: "/kpis/#{kpi.id}", response: from_api(kpi)) }
-      before { api_stub_for(delete: "/kpis/#{kpi.id}", response: {message: 'ok', code: 200}) }
+      before do
+        api_stub_for(get: "/kpis/#{kpi.id}", response: from_api(kpi))
+        api_stub_for(delete: "/kpis/#{kpi.id}", response: {message: 'ok', code: 200})
+        allow(ability).to receive(:can?).with(:destroy_impac_kpis, any_args).and_return(true)
+      end
       it_behaves_like "jpi v1 authorizable action"

data/spec/routing/mno_enterprise/jpi/v1/admin/impac/dashboards_controller_routing_spec.rb ADDED

@@ -0,0 +1,28 @@
+require 'rails_helper'
+module MnoEnterprise
+  RSpec.describe Jpi::V1::Admin::Impac::DashboardsController, type: :routing do
+    routes { MnoEnterprise::Engine.routes }
+    it 'routes to #index' do
+      expect(get('/jpi/v1/admin/impac/dashboards')).to route_to('mno_enterprise/jpi/v1/admin/impac/dashboards#index', format: 'json')
+    end
+    it 'routes to #create' do
+      expect(post('/jpi/v1/admin/impac/dashboards')).to route_to('mno_enterprise/jpi/v1/admin/impac/dashboards#create', format: 'json')
+    end
+    it 'routes to #update' do
+      expect(put('/jpi/v1/admin/impac/dashboards/2')).to route_to('mno_enterprise/jpi/v1/admin/impac/dashboards#update', id: '2', format: 'json')
+      expect(patch('/jpi/v1/admin/impac/dashboards/2')).to route_to('mno_enterprise/jpi/v1/admin/impac/dashboards#update', id: '2', format: 'json')
+    end
+    it 'routes to #destroy' do
+      expect(delete('/jpi/v1/admin/impac/dashboards/2')).to route_to('mno_enterprise/jpi/v1/admin/impac/dashboards#destroy', id: '2', format: 'json')
+    end
+    it 'routes to #copy' do
+      expect(post('/jpi/v1/admin/impac/dashboards/2/copy')).to route_to('mno_enterprise/jpi/v1/admin/impac/dashboards#copy', id: '2', format: 'json')
+    end
+  end
+end