2020-02-17 11:38:29 +00:00
|
|
|
require 'rails_helper'
|
|
|
|
|
|
|
|
RSpec.describe 'Contacts API', type: :request do
|
|
|
|
let(:account) { create(:account) }
|
|
|
|
|
2020-03-09 17:57:10 +00:00
|
|
|
describe 'GET /api/v1/accounts/{account.id}/contacts' do
|
2020-02-17 11:38:29 +00:00
|
|
|
context 'when it is an unauthenticated user' do
|
|
|
|
it 'returns unauthorized' do
|
2020-03-09 17:57:10 +00:00
|
|
|
get "/api/v1/accounts/#{account.id}/contacts"
|
2020-02-17 11:38:29 +00:00
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when it is an authenticated user' do
|
|
|
|
let(:admin) { create(:user, account: account, role: :administrator) }
|
|
|
|
let!(:contact) { create(:contact, account: account) }
|
|
|
|
|
|
|
|
it 'returns all contacts' do
|
2020-03-09 17:57:10 +00:00
|
|
|
get "/api/v1/accounts/#{account.id}/contacts",
|
2020-02-17 11:38:29 +00:00
|
|
|
headers: admin.create_new_auth_token,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
expect(response.body).to include(contact.email)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-03-09 17:57:10 +00:00
|
|
|
describe 'GET /api/v1/accounts/{account.id}/contacts/:id' do
|
2020-02-17 11:38:29 +00:00
|
|
|
let!(:contact) { create(:contact, account: account) }
|
|
|
|
|
|
|
|
context 'when it is an unauthenticated user' do
|
|
|
|
it 'returns unauthorized' do
|
2020-03-09 17:57:10 +00:00
|
|
|
get "/api/v1/accounts/#{account.id}/contacts/#{contact.id}"
|
2020-02-17 11:38:29 +00:00
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when it is an authenticated user' do
|
|
|
|
let(:admin) { create(:user, account: account, role: :administrator) }
|
|
|
|
|
|
|
|
it 'shows the contact' do
|
2020-03-09 17:57:10 +00:00
|
|
|
get "/api/v1/accounts/#{account.id}/contacts/#{contact.id}",
|
2020-02-17 11:38:29 +00:00
|
|
|
headers: admin.create_new_auth_token,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
expect(response.body).to include(contact.email)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-03-09 17:57:10 +00:00
|
|
|
describe 'POST /api/v1/accounts/{account.id}/contacts' do
|
2020-02-17 11:38:29 +00:00
|
|
|
let(:valid_params) { { contact: { account_id: account.id } } }
|
|
|
|
|
|
|
|
context 'when it is an unauthenticated user' do
|
2020-05-01 09:23:43 +00:00
|
|
|
it 'returns unauthorized' do
|
|
|
|
expect { post "/api/v1/accounts/#{account.id}/contacts", params: valid_params }.to change(Contact, :count).by(0)
|
2020-02-17 11:38:29 +00:00
|
|
|
|
2020-05-01 09:23:43 +00:00
|
|
|
expect(response).to have_http_status(:unauthorized)
|
2020-02-17 11:38:29 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when it is an authenticated user' do
|
|
|
|
let(:admin) { create(:user, account: account, role: :administrator) }
|
|
|
|
|
|
|
|
it 'creates the contact' do
|
2020-03-09 17:57:10 +00:00
|
|
|
expect do
|
|
|
|
post "/api/v1/accounts/#{account.id}/contacts", headers: admin.create_new_auth_token,
|
|
|
|
params: valid_params
|
2020-05-05 18:40:56 +00:00
|
|
|
end.to change(Contact, :count).by(1)
|
2020-02-17 11:38:29 +00:00
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-03-09 17:57:10 +00:00
|
|
|
describe 'PATCH /api/v1/accounts/{account.id}/contacts/:id' do
|
2020-02-17 11:38:29 +00:00
|
|
|
let!(:contact) { create(:contact, account: account) }
|
|
|
|
let(:valid_params) { { contact: { name: 'Test Blub' } } }
|
|
|
|
|
|
|
|
context 'when it is an unauthenticated user' do
|
|
|
|
it 'returns unauthorized' do
|
2020-03-09 17:57:10 +00:00
|
|
|
put "/api/v1/accounts/#{account.id}/contacts/#{contact.id}",
|
2020-02-17 11:38:29 +00:00
|
|
|
params: valid_params
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when it is an authenticated user' do
|
|
|
|
let(:admin) { create(:user, account: account, role: :administrator) }
|
|
|
|
|
|
|
|
it 'updates the contact' do
|
2020-03-09 17:57:10 +00:00
|
|
|
patch "/api/v1/accounts/#{account.id}/contacts/#{contact.id}",
|
2020-02-17 11:38:29 +00:00
|
|
|
headers: admin.create_new_auth_token,
|
|
|
|
params: valid_params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
expect(Contact.last.name).to eq('Test Blub')
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'prevents the update of contact of another account' do
|
|
|
|
other_account = create(:account)
|
|
|
|
other_contact = create(:contact, account: other_account)
|
|
|
|
|
2020-03-09 17:57:10 +00:00
|
|
|
patch "/api/v1/accounts/#{account.id}/contacts/#{other_contact.id}",
|
2020-02-17 11:38:29 +00:00
|
|
|
headers: admin.create_new_auth_token,
|
|
|
|
params: valid_params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:not_found)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|