LeadMagnet/leadchat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

chore: Ensure privilege validations for API endpoints (#2224)

Browse Source 
Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
This commit is contained in:
Sojan Jose
2021-06-11 11:44:31 +05:30
committed by GitHub
parent 5a95c74bf6
commit 534acfbf96
27 changed files with 335 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
spec/controllers/api/v1/accounts/integrations/apps_controller_spec.rb
View File

@@ -12,7 +12,7 @@ RSpec.describe 'Integration Apps API', type: :request do
end
context 'when it is an authenticated user' do
let(:agent) { create(:user, account: account, role: :agent) }
let(:agent) { create(:user, account: account, role: :administrator) }
it 'returns all active apps' do
first_app = Integrations::App.all.find(&:active?)
@@ -52,7 +52,7 @@ RSpec.describe 'Integration Apps API', type: :request do
end
context 'when it is an authenticated user' do
let(:agent) { create(:user, account: account, role: :agent) }
let(:agent) { create(:user, account: account, role: :administrator) }
it 'returns details of the app' do
get api_v1_account_integrations_app_url(account_id: account.id, id: 'slack'),