From e5bc372a29d65be10ba041c5f444411aa77b921d Mon Sep 17 00:00:00 2001 From: Tim Lange Date: Wed, 26 Feb 2020 13:52:08 +0100 Subject: [PATCH] Chore: Added tests for callbacks_controller (#531) * Chore: Added tests for callbacks_controller --- .../api/v1/callbacks_controller.rb | 39 +++--- .../api/v1/callbacks_controller_spec.rb | 132 ++++++++++++++++++ 2 files changed, 149 insertions(+), 22 deletions(-) create mode 100644 spec/controllers/api/v1/callbacks_controller_spec.rb diff --git a/app/controllers/api/v1/callbacks_controller.rb b/app/controllers/api/v1/callbacks_controller.rb index cc6b00958..5c770f826 100644 --- a/app/controllers/api/v1/callbacks_controller.rb +++ b/app/controllers/api/v1/callbacks_controller.rb @@ -1,8 +1,7 @@ require 'rest-client' require 'telegram/bot' -class Api::V1::CallbacksController < ApplicationController - skip_before_action :verify_authenticity_token, only: [:register_facebook_page] - skip_before_action :authenticate_user!, only: [:register_facebook_page], raise: false +class Api::V1::CallbacksController < Api::BaseController + before_action :inbox, only: [:reauthorize_page] def register_facebook_page user_access_token = params[:user_access_token] @@ -25,15 +24,13 @@ class Api::V1::CallbacksController < ApplicationController # get params[:inbox_id], current_account, params[:omniauth_token] def reauthorize_page - if @inbox&.first&.facebook? + if @inbox&.facebook? fb_page_id = @inbox.channel.page_id page_details = fb_object.get_connections('me', 'accounts') - (page_details || []).each do |page_detail| - if fb_page_id == page_detail['id'] # found the page which has to be reauthorised - update_fb_page(fb_page_id, page_detail['access_token']) - head :ok - end + if (page_detail = (page_details || []).detect { |page| fb_page_id == page['id'] }) + update_fb_page(fb_page_id, page_detail['access_token']) + return head :ok end end @@ -46,18 +43,13 @@ class Api::V1::CallbacksController < ApplicationController @inbox = current_account.inboxes.find_by(id: params[:inbox_id]) end - def update_fb_page - if fb_page(fb_page_id) - fb_page.update_attributes!( - user_access_token: @user_access_token, page_access_token: access_token - ) - head :ok - else - head :unprocessable_entity - end + def update_fb_page(fb_page_id, access_token) + get_fb_page(fb_page_id)&.update_attributes!( + user_access_token: @user_access_token, page_access_token: access_token + ) end - def fb_page(fb_page_id) + def get_fb_page(fb_page_id) current_account.facebook_pages.find_by(page_id: fb_page_id) end @@ -68,7 +60,7 @@ class Api::V1::CallbacksController < ApplicationController def long_lived_token(omniauth_token) koala = Koala::Facebook::OAuth.new(ENV['FB_APP_ID'], ENV['FB_APP_SECRET']) - long_lived_token = koala.exchange_access_token_info(omniauth_token)['access_token'] + koala.exchange_access_token_info(omniauth_token)['access_token'] end def mark_already_existing_facebook_pages(data) @@ -81,7 +73,11 @@ class Api::V1::CallbacksController < ApplicationController end def set_avatar(facebook_channel, page_id) - avatar_resource = LocalResource.new(get_avatar_url(page_id)) + uri = get_avatar_url(page_id) + + return unless uri + + avatar_resource = LocalResource.new(uri) facebook_channel.avatar.attach(io: avatar_resource.file, filename: avatar_resource.tmp_filename, content_type: avatar_resource.encoding) end @@ -98,7 +94,6 @@ class Api::V1::CallbacksController < ApplicationController raise end pic_url = response.base_uri.to_s - Rails.logger.info(pic_url) rescue StandardError => e pic_url = nil end diff --git a/spec/controllers/api/v1/callbacks_controller_spec.rb b/spec/controllers/api/v1/callbacks_controller_spec.rb new file mode 100644 index 000000000..2cf6226cf --- /dev/null +++ b/spec/controllers/api/v1/callbacks_controller_spec.rb @@ -0,0 +1,132 @@ +require 'rails_helper' + +RSpec.describe 'Callbacks API', type: :request do + let(:account) { create(:account) } + let(:valid_params) { attributes_for(:channel_facebook_page).merge(page_name: 'Test', inbox_name: 'Test Inbox') } + let(:inbox) { create(:inbox, account: account) } + let!(:facebook_page) { create(:channel_facebook_page, inbox: inbox, account: account) } + + # Doubles + let(:koala_api) { instance_double(Koala::Facebook::API) } + let(:koala_oauth) { instance_double(Koala::Facebook::OAuth) } + + before do + # Mock new and return instance doubles defined above + allow(Koala::Facebook::OAuth).to receive(:new).and_return(koala_oauth) + allow(Koala::Facebook::API).to receive(:new).and_return(koala_api) + + allow(Facebook::Messenger::Subscriptions).to receive(:subscribe).and_return(true) + allow(koala_api).to receive(:get_connections).and_return( + [{ 'id' => facebook_page.page_id, 'access_token' => SecureRandom.hex(10) }] + ) + allow(koala_oauth).to receive(:exchange_access_token_info).and_return('access_token' => SecureRandom.hex(10)) + end + + describe 'POST /api/v1/callbacks/register_facebook_page' do + context 'when it is an unauthenticated user' do + it 'returns unauthorized' do + post '/api/v1/callbacks/register_facebook_page' + + expect(response).to have_http_status(:unauthorized) + end + end + + context 'when it is an authenticated user' do + let(:admin) { create(:user, account: account, role: :administrator) } + + it 'registers a new facebook page with no avatar' do + post '/api/v1/callbacks/register_facebook_page', + headers: admin.create_new_auth_token, + params: valid_params, + as: :json + + expect(response).to have_http_status(:success) + end + + it 'registers a new facebook page with avatar' do + buf = OpenURI::Buffer.new + io = buf.io + io.base_uri = URI.parse('https://example.org') + allow_any_instance_of(URI::HTTP).to receive(:open).and_return(io) # rubocop:disable RSpec/AnyInstance + + post '/api/v1/callbacks/register_facebook_page', + headers: admin.create_new_auth_token, + params: valid_params, + as: :json + + expect(response).to have_http_status(:success) + end + + it 'registers a new facebook page with avatar on redirect' do + allow_any_instance_of(URI::HTTP).to receive(:open).and_raise(OpenURI::HTTPRedirect.new(nil, nil, URI.parse('https://example.org'))) # rubocop:disable RSpec/AnyInstance + + post '/api/v1/callbacks/register_facebook_page', + headers: admin.create_new_auth_token, + params: valid_params, + as: :json + + expect(response).to have_http_status(:success) + end + end + end + + describe 'POST /api/v1/callbacks/get_facebook_pages' do + context 'when it is an unauthenticated user' do + it 'returns unauthorized' do + post '/api/v1/callbacks/get_facebook_pages' + + expect(response).to have_http_status(:unauthorized) + end + end + + context 'when it is an authenticated user' do + let(:admin) { create(:user, account: account, role: :administrator) } + + it 'returns facebook pages of account' do + post '/api/v1/callbacks/get_facebook_pages', + headers: admin.create_new_auth_token, + as: :json + + expect(response).to have_http_status(:success) + expect(response.body).to include(facebook_page.page_id.to_s) + end + end + end + + describe 'POST /api/v1/callbacks/reauthorize_page' do + context 'when it is an unauthenticated user' do + it 'returns unauthorized' do + post '/api/v1/callbacks/reauthorize_page' + + expect(response).to have_http_status(:unauthorized) + end + end + + context 'when it is an authenticated user' do + let(:admin) { create(:user, account: account, role: :administrator) } + + it 'reauthorizes the page' do + params = { inbox_id: inbox.id } + + post '/api/v1/callbacks/reauthorize_page', + headers: admin.create_new_auth_token, + params: params, + as: :json + + expect(response).to have_http_status(:success) + end + + it 'returns unprocessable_entity if no page found' do + allow(koala_api).to receive(:get_connections).and_return([]) + params = { inbox_id: inbox.id } + + post '/api/v1/callbacks/reauthorize_page', + headers: admin.create_new_auth_token, + params: params, + as: :json + + expect(response).to have_http_status(:unprocessable_entity) + end + end + end +end