feat: Add APIs to manage custom roles in Chatwoot (#9995)

Co-authored-by: Pranav <pranavrajs@gmail.com>
2024-08-23 04:48:28 -07:00
parent 41c5e7d3f1
commit b61ad6e41a
24 changed files with 440 additions and 18 deletions
--- a/spec/enterprise/controllers/api/v1/accounts/custom_roles_controller_spec.rb
+++ b/spec/enterprise/controllers/api/v1/accounts/custom_roles_controller_spec.rb
@@ -0,0 +1,174 @@
+require 'rails_helper'
+
+RSpec.describe 'Custom Roles API', type: :request do
+  let!(:account) { create(:account) }
+  let!(:administrator) { create(:user, account: account, role: :administrator) }
+  let!(:agent) { create(:user, account: account, role: :agent) }
+  let!(:custom_role) { create(:custom_role, account: account, name: 'Manager') }
+
+  describe 'GET #index' do
+    context 'when it is an authenticated administrator' do
+      it 'returns all custom roles in the account' do
+        get "/api/v1/accounts/#{account.id}/custom_roles",
+            headers: administrator.create_new_auth_token
+        expect(response).to have_http_status(:success)
+        body = JSON.parse(response.body)
+
+        expect(body[0]).to include('name' => custom_role.name)
+      end
+    end
+
+    context 'when the user is an agent and is authenticated' do
+      it 'returns unauthorized' do
+        get "/api/v1/accounts/#{account.id}/custom_roles",
+            headers: agent.create_new_auth_token
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        get "/api/v1/accounts/#{account.id}/custom_roles"
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+  end
+
+  describe 'GET #show' do
+    context 'when it is an authenticated administrator' do
+      it 'returns the custom role details' do
+        get "/api/v1/accounts/#{account.id}/custom_roles/#{custom_role.id}",
+            headers: administrator.create_new_auth_token
+
+        expect(response).to have_http_status(:success)
+        body = JSON.parse(response.body)
+
+        expect(body).to include('name' => custom_role.name)
+      end
+    end
+
+    context 'when the user is an agent and is authenticated' do
+      it 'returns unauthorized' do
+        get "/api/v1/accounts/#{account.id}/custom_roles/#{custom_role.id}",
+            headers: agent.create_new_auth_token
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        get "/api/v1/accounts/#{account.id}/custom_roles/#{custom_role.id}"
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+  end
+
+  describe 'POST #create' do
+    let(:valid_params) do
+      { custom_role: { name: 'Support', description: 'Support role', permissions: CustomRole::PERMISSIONS.sample(SecureRandom.random_number(4)) } }
+    end
+
+    context 'when it is an authenticated administrator' do
+      it 'creates the custom role' do
+        expect do
+          post "/api/v1/accounts/#{account.id}/custom_roles",
+               params: valid_params,
+               headers: administrator.create_new_auth_token
+        end.to change(CustomRole, :count).by(1)
+
+        expect(response).to have_http_status(:success)
+        body = JSON.parse(response.body)
+
+        expect(body).to include('name' => 'Support')
+      end
+    end
+
+    context 'when the user is an agent and is authenticated' do
+      it 'returns unauthorized' do
+        post "/api/v1/accounts/#{account.id}/custom_roles",
+             params: valid_params,
+             headers: agent.create_new_auth_token
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        post "/api/v1/accounts/#{account.id}/custom_roles",
+             params: valid_params
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+  end
+
+  describe 'PUT #update' do
+    let(:update_params) { { custom_role: { name: 'Updated Role' } } }
+
+    context 'when it is an authenticated administrator' do
+      it 'updates the custom role' do
+        put "/api/v1/accounts/#{account.id}/custom_roles/#{custom_role.id}",
+            params: update_params,
+            headers: administrator.create_new_auth_token
+
+        expect(response).to have_http_status(:success)
+        body = JSON.parse(response.body)
+
+        expect(body).to include('name' => 'Updated Role')
+      end
+    end
+
+    context 'when the user is an agent and is authenticated' do
+      it 'returns unauthorized' do
+        put "/api/v1/accounts/#{account.id}/custom_roles/#{custom_role.id}",
+            params: update_params,
+            headers: agent.create_new_auth_token
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        put "/api/v1/accounts/#{account.id}/custom_roles/#{custom_role.id}",
+            params: update_params
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+  end
+
+  describe 'DELETE #destroy' do
+    context 'when it is an authenticated administrator' do
+      it 'deletes the custom role' do
+        delete "/api/v1/accounts/#{account.id}/custom_roles/#{custom_role.id}",
+               headers: administrator.create_new_auth_token
+
+        expect(response).to have_http_status(:success)
+        expect(CustomRole.count).to eq(0)
+      end
+    end
+
+    context 'when the user is an agent and is authenticated' do
+      it 'returns unauthorized' do
+        delete "/api/v1/accounts/#{account.id}/custom_roles/#{custom_role.id}",
+               headers: agent.create_new_auth_token
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        delete "/api/v1/accounts/#{account.id}/custom_roles/#{custom_role.id}"
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+  end
+end
--- a/spec/enterprise/controllers/enterprise/api/v1/accounts/agents_controller_spec.rb
+++ b/spec/enterprise/controllers/enterprise/api/v1/accounts/agents_controller_spec.rb
@@ -0,0 +1,24 @@
+require 'rails_helper'
+
+RSpec.describe 'Enterprise Agents API', type: :request do
+  let(:account) { create(:account) }
+  let(:admin) { create(:user, account: account, role: :administrator) }
+
+  describe 'PUT /api/v1/accounts/{account.id}/agents/:id' do
+    let(:other_agent) { create(:user, account: account, role: :agent) }
+    let!(:custom_role) { create(:custom_role, account: account) }
+
+    context 'when it is an authenticated administrator' do
+      it 'modified the custom role of the agent' do
+        put "/api/v1/accounts/#{account.id}/agents/#{other_agent.id}",
+            headers: admin.create_new_auth_token,
+            params: { custom_role_id: custom_role.id },
+            as: :json
+
+        expect(response).to have_http_status(:success)
+        expect(other_agent.account_users.first.reload.custom_role_id).to eq(custom_role.id)
+        expect(JSON.parse(response.body)['custom_role_id']).to eq(custom_role.id)
+      end
+    end
+  end
+end
--- a/spec/enterprise/models/account_spec.rb
+++ b/spec/enterprise/models/account_spec.rb
@@ -2,9 +2,15 @@

 require 'rails_helper'

-RSpec.describe Account do
+RSpec.describe Account, type: :model do
  include ActiveJob::TestHelper

+  describe 'associations' do
+    it { is_expected.to have_many(:sla_policies).dependent(:destroy_async) }
+    it { is_expected.to have_many(:applied_slas).dependent(:destroy_async) }
+    it { is_expected.to have_many(:custom_roles).dependent(:destroy_async) }
+  end
+
  describe 'sla_policies' do
    let!(:account) { create(:account) }
    let!(:sla_policy) { create(:sla_policy, account: account) }
--- a/spec/enterprise/models/account_user_spec.rb
+++ b/spec/enterprise/models/account_user_spec.rb
@@ -2,7 +2,33 @@

 require 'rails_helper'

-RSpec.describe AccountUser do
+RSpec.describe AccountUser, type: :model do
+  describe 'associations' do
+    # option and dependant nullify
+    it { is_expected.to belong_to(:custom_role).optional }
+  end
+
+  describe 'permissions' do
+    context 'when custom role is assigned' do
+      it 'returns permissions of the custom role along with `custom_role` permission' do
+        account = create(:account)
+        custom_role = create(:custom_role, account: account)
+        account_user = create(:account_user, account: account, custom_role: custom_role)
+
+        expect(account_user.permissions).to eq(custom_role.permissions + ['custom_role'])
+      end
+    end
+
+    context 'when custom role is not assigned' do
+      it 'returns permissions of the default role' do
+        account = create(:account)
+        account_user = create(:account_user, account: account)
+
+        expect(account_user.permissions).to eq([account_user.role])
+      end
+    end
+  end
+
  describe 'audit log' do
    context 'when account user is created' do
      it 'has associated audit log created' do
--- a/spec/enterprise/models/custom_role_spec.rb
+++ b/spec/enterprise/models/custom_role_spec.rb
@@ -0,0 +1,12 @@
+require 'rails_helper'
+
+RSpec.describe CustomRole, type: :model do
+  describe 'associations' do
+    it { is_expected.to belong_to(:account) }
+    it { is_expected.to have_many(:account_users).dependent(:nullify) }
+  end
+
+  describe 'validations' do
+    it { is_expected.to validate_presence_of(:name) }
+  end
+end