Chatwoot/spec/controllers/api/v1/accounts/conversations/labels_controller_spec.rb
Sojan Jose 534acfbf96
chore: Ensure privilege validations for API endpoints (#2224)
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
2021-06-11 11:44:31 +05:30

76 lines
2.6 KiB
Ruby

require 'rails_helper'
RSpec.describe 'Conversation Label API', type: :request do
let(:account) { create(:account) }
describe 'GET /api/v1/accounts/{account.id}/conversations/<id>/labels' do
let(:conversation) { create(:conversation, account: account) }
before do
conversation.update_labels('label1, label2')
end
context 'when it is an unauthenticated user' do
it 'returns unauthorized' do
get api_v1_account_conversation_labels_url(account_id: account.id, conversation_id: conversation.display_id)
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated user with access to the conversation' do
let(:agent) { create(:user, account: account, role: :agent) }
before do
create(:inbox_member, inbox: conversation.inbox, user: agent)
end
it 'returns all the labels for the conversation' do
get api_v1_account_conversation_labels_url(account_id: account.id, conversation_id: conversation.display_id),
headers: agent.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
expect(response.body).to include('label1')
expect(response.body).to include('label2')
end
end
end
describe 'POST /api/v1/accounts/{account.id}/conversations/<id>/labels' do
let(:conversation) { create(:conversation, account: account) }
before do
conversation.update_labels('label1, label2')
end
context 'when it is an unauthenticated user' do
it 'returns unauthorized' do
post api_v1_account_conversation_labels_url(account_id: account.id, conversation_id: conversation.display_id),
params: { labels: %w[label3 label4] },
as: :json
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated user with access to the conversation' do
let(:agent) { create(:user, account: account, role: :agent) }
before do
conversation.update_labels('label1, label2')
create(:inbox_member, inbox: conversation.inbox, user: agent)
end
it 'creates labels for the conversation' do
post api_v1_account_conversation_labels_url(account_id: account.id, conversation_id: conversation.display_id),
params: { labels: %w[label3 label4] },
headers: agent.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
expect(response.body).to include('label3')
expect(response.body).to include('label4')
end
end
end
end