2020-04-03 07:34:58 +00:00
|
|
|
require 'rails_helper'
|
|
|
|
|
|
|
|
RSpec.describe '/api/v1/widget/contacts', type: :request do
|
|
|
|
let(:account) { create(:account) }
|
|
|
|
let(:web_widget) { create(:channel_widget, account: account) }
|
2022-04-25 06:55:38 +00:00
|
|
|
let(:contact) { create(:contact, account: account, email: 'test@test.com', phone_number: '+745623239') }
|
2020-04-03 07:34:58 +00:00
|
|
|
let(:contact_inbox) { create(:contact_inbox, contact: contact, inbox: web_widget.inbox) }
|
|
|
|
let(:payload) { { source_id: contact_inbox.source_id, inbox_id: web_widget.inbox.id } }
|
|
|
|
let(:token) { ::Widget::TokenService.new(payload: payload).generate_token }
|
|
|
|
|
|
|
|
describe 'PATCH /api/v1/widget/contact' do
|
|
|
|
let(:params) { { website_token: web_widget.website_token, identifier: 'test' } }
|
|
|
|
|
|
|
|
context 'with invalid website token' do
|
|
|
|
it 'returns unauthorized' do
|
|
|
|
patch '/api/v1/widget/contact', params: { website_token: '' }
|
|
|
|
expect(response).to have_http_status(:not_found)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with correct website token' do
|
|
|
|
let(:identify_action) { double }
|
|
|
|
|
|
|
|
before do
|
|
|
|
allow(ContactIdentifyAction).to receive(:new).and_return(identify_action)
|
2021-12-09 06:20:28 +00:00
|
|
|
allow(identify_action).to receive(:perform).and_return(contact)
|
2020-04-03 07:34:58 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'calls contact identify' do
|
|
|
|
patch '/api/v1/widget/contact',
|
|
|
|
params: params,
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
expected_params = { contact: contact, params: params }
|
|
|
|
expect(ContactIdentifyAction).to have_received(:new).with(expected_params)
|
|
|
|
expect(identify_action).to have_received(:perform)
|
|
|
|
end
|
|
|
|
end
|
2021-11-11 04:18:38 +00:00
|
|
|
|
2022-04-25 06:55:38 +00:00
|
|
|
context 'with update contact' do
|
|
|
|
let(:params) { { website_token: web_widget.website_token } }
|
|
|
|
|
|
|
|
it 'dont update phone number if invalid phone number passed' do
|
|
|
|
patch '/api/v1/widget/contact',
|
|
|
|
params: params.merge({ phone_number: '45623239' }),
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
body = JSON.parse(response.body)
|
|
|
|
expect(body['phone_number']).to eq('+745623239')
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'update phone number if valid phone number passed' do
|
|
|
|
patch '/api/v1/widget/contact',
|
|
|
|
params: params.merge({ phone_number: '+245623239' }),
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
body = JSON.parse(response.body)
|
|
|
|
expect(body['phone_number']).to eq('+245623239')
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'dont update email if invalid email passed' do
|
|
|
|
patch '/api/v1/widget/contact',
|
|
|
|
params: params.merge({ email: 'test@' }),
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
body = JSON.parse(response.body)
|
|
|
|
expect(body['email']).to eq('test@test.com')
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'update email if valid email passed' do
|
|
|
|
patch '/api/v1/widget/contact',
|
|
|
|
params: params.merge({ email: 'test-1@test.com' }),
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
body = JSON.parse(response.body)
|
|
|
|
expect(body['email']).to eq('test-1@test.com')
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
end
|
|
|
|
end
|
2022-06-23 10:18:56 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
describe 'PATCH /api/v1/widget/contact/set_user' do
|
|
|
|
let(:params) { { website_token: web_widget.website_token, identifier: 'test' } }
|
|
|
|
let(:web_widget) { create(:channel_widget, account: account, hmac_mandatory: true) }
|
|
|
|
let(:correct_identifier_hash) { OpenSSL::HMAC.hexdigest('sha256', web_widget.hmac_token, params[:identifier].to_s) }
|
|
|
|
let(:incorrect_identifier_hash) { 'test' }
|
|
|
|
|
|
|
|
context 'when the current contact identifier is different from param identifier' do
|
|
|
|
before do
|
|
|
|
contact.update(identifier: 'random')
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'return a new contact for the provided identifier' do
|
|
|
|
patch '/api/v1/widget/contact/set_user',
|
|
|
|
params: params.merge(identifier_hash: correct_identifier_hash),
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
body = JSON.parse(response.body)
|
|
|
|
expect(body['id']).not_to eq(contact.id)
|
|
|
|
expect(body['widget_auth_token']).not_to eq(nil)
|
|
|
|
expect(Contact.find(body['id']).contact_inboxes.first.hmac_verified?).to eq(true)
|
|
|
|
end
|
|
|
|
end
|
2022-04-25 06:55:38 +00:00
|
|
|
|
2021-11-11 04:18:38 +00:00
|
|
|
context 'with mandatory hmac' do
|
|
|
|
let(:identify_action) { double }
|
|
|
|
|
|
|
|
before do
|
|
|
|
allow(ContactIdentifyAction).to receive(:new).and_return(identify_action)
|
2021-12-09 06:20:28 +00:00
|
|
|
allow(identify_action).to receive(:perform).and_return(contact)
|
2021-11-11 04:18:38 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns success when correct identifier hash is provided' do
|
2022-06-23 10:18:56 +00:00
|
|
|
patch '/api/v1/widget/contact/set_user',
|
2021-11-11 04:18:38 +00:00
|
|
|
params: params.merge(identifier_hash: correct_identifier_hash),
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns error when incorrect identifier hash is provided' do
|
2022-06-23 10:18:56 +00:00
|
|
|
patch '/api/v1/widget/contact/set_user',
|
2021-11-11 04:18:38 +00:00
|
|
|
params: params.merge(identifier_hash: incorrect_identifier_hash),
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns error when identifier hash is blank' do
|
2022-06-23 10:18:56 +00:00
|
|
|
patch '/api/v1/widget/contact/set_user',
|
2021-11-11 04:18:38 +00:00
|
|
|
params: params.merge(identifier_hash: ''),
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns error when identifier hash is not provided' do
|
2022-06-23 10:18:56 +00:00
|
|
|
patch '/api/v1/widget/contact/set_user',
|
2021-11-11 04:18:38 +00:00
|
|
|
params: params,
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
2020-04-03 07:34:58 +00:00
|
|
|
end
|
2021-11-15 09:26:35 +00:00
|
|
|
|
|
|
|
describe 'POST /api/v1/widget/destroy_custom_attributes' do
|
|
|
|
let(:params) { { website_token: web_widget.website_token, identifier: 'test', custom_attributes: ['test'] } }
|
|
|
|
|
|
|
|
context 'with invalid website token' do
|
|
|
|
it 'returns unauthorized' do
|
|
|
|
post '/api/v1/widget/destroy_custom_attributes', params: { website_token: '' }
|
|
|
|
expect(response).to have_http_status(:not_found)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with correct website token' do
|
|
|
|
it 'calls destroy custom attributes' do
|
|
|
|
post '/api/v1/widget/destroy_custom_attributes',
|
|
|
|
params: params,
|
|
|
|
headers: { 'X-Auth-Token' => token },
|
|
|
|
as: :json
|
|
|
|
expect(contact.reload.custom_attributes).to eq({})
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2020-04-03 07:34:58 +00:00
|
|
|
end
|