chore: Clean up report & knowledge base policies (#11234)

- Removes the portal_members table and all associated records - Updates policies to use custom roles with knowledge_base_manage permission - Updates controllers, models, and views to work without portal membership - Adds tests for the new permission model
2025-04-03 16:00:32 -07:00
parent 196bdf15af
commit 1a78a9243f
36 changed files with 694 additions and 232 deletions
--- a/spec/controllers/api/v1/accounts/articles_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts/articles_controller_spec.rb
@@ -3,12 +3,11 @@ require 'rails_helper'
 RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
  let(:account) { create(:account) }
  let(:agent) { create(:user, account: account, role: :agent) }
+  let(:admin) { create(:user, account: account, role: :administrator) }
  let!(:portal) { create(:portal, name: 'test_portal', account_id: account.id) }
  let!(:category) { create(:category, name: 'category', portal: portal, account_id: account.id, locale: 'en', slug: 'category_slug') }
  let!(:article) { create(:article, category: category, portal: portal, account_id: account.id, author_id: agent.id) }

-  before { create(:portal_member, user: agent, portal: portal) }
-
  describe 'POST /api/v1/accounts/{account.id}/portals/{portal.slug}/articles' do
    context 'when it is an unauthenticated user' do
      it 'returns unauthorized' do
@@ -33,7 +32,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
        }
        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles",
             params: article_params,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
        expect(json_response['payload']['title']).to eql('MyTitle')
@@ -56,7 +55,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
        }
        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles",
             params: article_params,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
        expect(json_response['payload']['title']).to eql('MyTitle')
@@ -84,7 +83,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
        }
        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles",
             params: article_params,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
        expect(json_response['payload']['title']).to eql('MyTitle')
@@ -110,7 +109,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
        }
        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles",
             params: article_params,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
        expect(json_response['payload']['title']).to eql('MyTitle')
@@ -144,7 +143,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do

        put "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles/#{article.id}",
            params: article_params,
-            headers: agent.create_new_auth_token
+            headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
        expect(json_response['payload']['title']).to eql(article_params[:article][:title])
@@ -165,7 +164,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
    context 'when it is an authenticated user' do
      it 'deletes category' do
        delete "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles/#{article.id}",
-               headers: agent.create_new_auth_token
+               headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)
        deleted_article = Article.find_by(id: article.id)
        expect(deleted_article).to be_nil
@@ -187,7 +186,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
        expect(article2.id).not_to be_nil

        get "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles",
-            headers: agent.create_new_auth_token,
+            headers: admin.create_new_auth_token,
            params: {}
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
@@ -199,7 +198,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
        expect(article2.id).not_to be_nil

        get "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles",
-            headers: agent.create_new_auth_token,
+            headers: admin.create_new_auth_token,
            params: {}
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
@@ -213,7 +212,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
        expect(article2.id).not_to be_nil

        get "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles",
-            headers: agent.create_new_auth_token,
+            headers: admin.create_new_auth_token,
            params: { category_slug: category.slug }
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
@@ -230,14 +229,14 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
        expect(article2.id).not_to be_nil

        get "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles",
-            headers: agent.create_new_auth_token,
+            headers: admin.create_new_auth_token,
            params: { query: 'funny' }
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
        expect(json_response['payload'].count).to be 1
        expect(json_response['meta']['all_articles_count']).to be 2
        expect(json_response['meta']['articles_count']).to be 1
-        expect(json_response['meta']['mine_articles_count']).to be 1
+        expect(json_response['meta']['mine_articles_count']).to be 0
      end
    end

@@ -247,7 +246,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
        expect(article2.id).not_to be_nil

        get "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles/#{article2.id}",
-            headers: agent.create_new_auth_token
+            headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body

@@ -263,7 +262,7 @@ RSpec.describe 'Api::V1::Accounts::Articles', type: :request do
                                           associated_article_id: root_article.id)

        get "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/articles/#{root_article.id}",
-            headers: agent.create_new_auth_token
+            headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body

--- a/spec/controllers/api/v1/accounts/categories_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts/categories_controller_spec.rb
@@ -3,6 +3,7 @@ require 'rails_helper'
 RSpec.describe 'Api::V1::Accounts::Categories', type: :request do
  let(:account) { create(:account) }
  let(:agent) { create(:user, account: account, role: :agent) }
+  let(:admin) { create(:user, account: account, role: :administrator) }
  let!(:portal) { create(:portal, name: 'test_portal', account_id: account.id, config: { allowed_locales: %w[en es] }) }
  let!(:category) { create(:category, name: 'category', portal: portal, account_id: account.id, slug: 'category_slug', position: 1) }
  let!(:category_to_associate) do
@@ -15,8 +16,6 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do
    create(:category, name: 'related category 2', portal: portal, account_id: account.id, slug: 'category_slug_2', position: 4)
  end

-  before { create(:portal_member, user: agent, portal: portal) }
-
  describe 'POST /api/v1/accounts/{account.id}/portals/{portal.slug}/categories' do
    context 'when it is an unauthenticated user' do
      it 'returns unauthorized' do
@@ -59,7 +58,7 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do
      it 'creates category' do
        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories",
             params: category_params,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)

        json_response = response.parsed_body
@@ -75,11 +74,11 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do
      it 'creates multiple sub_categories under one parent_category' do
        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories",
             params: category_params,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token

        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories",
             params: category_params_2,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token

        expect(response).to have_http_status(:success)
        expect(category.reload.sub_category_ids).to eql(Category.last(2).pluck(:id))
@@ -88,11 +87,11 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do
      it 'creates multiple associated_categories with one category' do
        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories",
             params: category_params,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token

        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories",
             params: category_params_2,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token

        expect(response).to have_http_status(:success)
        expect(category_to_associate.reload.associated_category_ids).to eql(Category.last(2).pluck(:id))
@@ -101,11 +100,11 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do
      it 'will throw an error on locale, category_id uniqueness' do
        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories",
             params: category_params,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token

        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories",
             params: category_params,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token
        expect(response).to have_http_status(:unprocessable_entity)
        json_response = response.parsed_body
        expect(json_response['message']).to eql('Locale should be unique in the category and portal')
@@ -123,7 +122,7 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do

        post "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories",
             params: category_params,
-             headers: agent.create_new_auth_token
+             headers: admin.create_new_auth_token
        expect(response).to have_http_status(:unprocessable_entity)
        json_response = response.parsed_body

@@ -158,7 +157,7 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do

        put "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories/#{category.id}",
            params: category_params,
-            headers: agent.create_new_auth_token
+            headers: admin.create_new_auth_token

        json_response = response.parsed_body

@@ -181,7 +180,7 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do

        put "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories/#{category.id}",
            params: category_params,
-            headers: agent.create_new_auth_token
+            headers: admin.create_new_auth_token

        expect(response).to have_http_status(:success)

@@ -209,7 +208,7 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do

        put "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories/#{related_category_2.id}",
            params: category_params,
-            headers: agent.create_new_auth_token
+            headers: admin.create_new_auth_token

        expect(response).to have_http_status(:success)

@@ -230,7 +229,7 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do
    context 'when it is an authenticated user' do
      it 'deletes category' do
        delete "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories/#{category.id}",
-               headers: agent.create_new_auth_token
+               headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)
        deleted_category = Category.find_by(id: category.id)
        expect(deleted_category).to be_nil
@@ -255,7 +254,7 @@ RSpec.describe 'Api::V1::Accounts::Categories', type: :request do
        expect(category2.id).not_to be_nil

        get "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/categories",
-            headers: agent.create_new_auth_token
+            headers: admin.create_new_auth_token
        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
        expect(json_response['payload'].count).to be(category_count + 1)
--- a/spec/controllers/api/v1/accounts/portals_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts/portals_controller_spec.rb
@@ -8,8 +8,6 @@ RSpec.describe 'Api::V1::Accounts::Portals', type: :request do
  let(:agent_2) { create(:user, account: account, role: :agent) }
  let!(:portal) { create(:portal, slug: 'portal-1', name: 'test_portal', account_id: account.id) }

-  before { create(:portal_member, user: agent, portal: portal) }
-
  describe 'GET /api/v1/accounts/{account.id}/portals' do
    context 'when it is an unauthenticated user' do
      it 'returns unauthorized' do
@@ -23,7 +21,7 @@ RSpec.describe 'Api::V1::Accounts::Portals', type: :request do
        portal2 = create(:portal, name: 'test_portal_2', account_id: account.id, slug: 'portal-2')
        expect(portal2.id).not_to be_nil
        get "/api/v1/accounts/#{account.id}/portals",
-            headers: agent.create_new_auth_token
+            headers: admin.create_new_auth_token

        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
@@ -45,7 +43,7 @@ RSpec.describe 'Api::V1::Accounts::Portals', type: :request do
    context 'when it is an authenticated user' do
      it 'get one portals' do
        get "/api/v1/accounts/#{account.id}/portals/#{portal.slug}",
-            headers: agent.create_new_auth_token
+            headers: admin.create_new_auth_token

        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
@@ -62,7 +60,7 @@ RSpec.describe 'Api::V1::Accounts::Portals', type: :request do
        create(:article, category_id: es_cat.id, portal_id: portal.id, author_id: agent.id)

        get "/api/v1/accounts/#{account.id}/portals/#{portal.slug}?locale=en",
-            headers: agent.create_new_auth_token
+            headers: admin.create_new_auth_token

        expect(response).to have_http_status(:success)
        json_response = response.parsed_body
@@ -178,38 +176,7 @@ RSpec.describe 'Api::V1::Accounts::Portals', type: :request do
    end
  end

-  describe 'PUT /api/v1/accounts/{account.id}/portals/{portal.slug}/add_members' do
-    let(:new_account) { create(:account) }
-    let(:new_agent) { create(:user, account: new_account, role: :agent) }
-
-    context 'when it is an unauthenticated user' do
-      it 'returns unauthorized' do
-        put "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/add_members", params: {}
-
-        expect(response).to have_http_status(:unauthorized)
-      end
-    end
-
-    context 'when it is an authenticated user' do
-      it 'add members to the portal' do
-        portal_params = {
-          portal: {
-            member_ids: [agent_1.id, agent_2.id]
-          }
-        }
-        expect(portal.members.count).to be(1)
-
-        put "/api/v1/accounts/#{account.id}/portals/#{portal.slug}/add_members",
-            params: portal_params,
-            headers: admin.create_new_auth_token
-
-        expect(response).to have_http_status(:success)
-        json_response = response.parsed_body
-        expect(portal.reload.member_ids).to include(agent_1.id)
-        expect(json_response['portal_members'].length).to be(3)
-      end
-    end
-  end
+  # Portal members endpoint removed

  describe 'DELETE /api/v1/accounts/{account.id}/portals/{portal.slug}/logo' do
    context 'when it is an unauthenticated user' do