Elgato_dark/ToolJet
1
0
Fork 0
mirror of https://github.com/ToolJet/ToolJet synced 2026-05-04 05:48:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
ToolJet/test/controllers/organization_users_controller_test.rb
navaneeth 95858d1736 Setup Rubocop
2021-04-29 12:11:23 +05:30

79 lines
3.6 KiB
Ruby
Raw Blame History

require 'test_helper'
class OrganizationUsersControllerTest < ActionDispatch::IntegrationTest
def setup
@org = Organization.create({ name: 'ToolJet Test' })
@admin = User.create({ first_name: 'Admin', email: 'admin@example.com', password: 'password',
organization: @org })
@developer = User.create({ first_name: 'Dev', email: 'dev@example.com', password: 'password',
organization: @org })
@viewer = User.create({ first_name: 'Viewer', email: 'viewer@example.com', password: 'password',
organization: @org })
@org_user_admin = OrganizationUser.create(organization: @org, user: @admin, role: 'admin')
@org_user_developer = OrganizationUser.create(organization: @org, user: @developer, role: 'developer')
@org_user_viewer = OrganizationUser.create(organization: @org, user: @viewer, role: 'viewer')
@another_org = Organization.create({ name: 'Another ToolJet Test' })
@another_org_admin = User.create({ first_name: 'Admin', email: 'admin@domain.com', password: 'password',
organization: @another_org })
@org_another_org_admin = OrganizationUser.create(organization: @another_org, user: @another_org_admin,
role: 'admin')
end
test 'org admins can create org users' do
assert_difference 'OrganizationUser.count', 1 do
post '/organization_users', params: org_user_params, as: :json, headers: auth_header(@admin)
end
end
test 'cannot create org users if not admin' do
assert_no_difference 'OrganizationUser.count' do
post '/organization_users', params: org_user_params, as: :json, headers: auth_header(@developer)
end
assert_no_difference 'OrganizationUser.count' do
post '/organization_users', params: org_user_params, as: :json, headers: auth_header(@viewer)
end
end
test 'org admins can change role of org users' do
assert_equal 'developer', @org_user_developer.role
post organization_user_change_role_url(@org_user_developer.id), params: { role: 'viewer' }, as: :json,
headers: auth_header(@admin)
assert_response 204
assert_equal 'viewer', @org_user_developer.reload.role
end
test 'cannot change role of org users if not org admin' do
assert_equal 'developer', @org_user_developer.role
post organization_user_change_role_url(@org_user_developer.id), params: { role: 'viewer' }, as: :json,
headers: auth_header(@viewer)
assert_response 403
assert_equal 'developer', @org_user_developer.reload.role
assert_equal 'viewer', @org_user_viewer.role
post organization_user_change_role_url(@org_user_viewer.id), params: { role: 'viewer' }, as: :json,
headers: auth_header(@developer)
assert_response 403
assert_equal 'viewer', @org_user_viewer.reload.role
end
test 'org users of one org cannot change role of users of another org' do
assert_equal 'admin', @org_another_org_admin.role
post organization_user_change_role_url(@org_another_org_admin.id), params: { role: 'viewer' }, as: :json,
headers: auth_header(@admin)
assert_response 403
assert_equal 'admin', @org_another_org_admin.reload.role
end
private
def org_user_params
{
first_name: 'test',
last_name: 'user',
email: 'user@example.com',
role: 'admin'
}
end
end
Reference in a new issue View git blame Copy permalink