|
1793 | 1793 | created_by_id: 1, |
1794 | 1794 | ) |
1795 | 1795 |
|
| 1796 | + authenticated_as(customer_user) |
| 1797 | + get "/api/v1/ticket_split?ticket_id=#{ticket.id}&article_id=#{article.id}&form_id=new_form_id123", params: {}, as: :json |
| 1798 | + expect(response).to have_http_status(:unauthorized) |
| 1799 | + |
1796 | 1800 | authenticated_as(agent_user) |
1797 | 1801 | get "/api/v1/ticket_split?ticket_id=#{ticket.id}&article_id=#{article.id}&form_id=new_form_id123", params: {}, as: :json |
1798 | 1802 | expect(response).to have_http_status(:ok) |
|
1918 | 1922 | customer_id: customer_user.id, |
1919 | 1923 | ) |
1920 | 1924 |
|
| 1925 | + authenticated_as(customer_user) |
| 1926 | + get "/api/v1/ticket_merge/#{ticket2.id}/#{ticket1.id}", params: {}, as: :json |
| 1927 | + expect(response).to have_http_status(:unauthorized) |
| 1928 | + |
1921 | 1929 | authenticated_as(agent_user) |
1922 | 1930 | get "/api/v1/ticket_merge/#{ticket2.id}/#{ticket1.id}", params: {}, as: :json |
1923 | 1931 | expect(response).to have_http_status(:ok) |
|
2068 | 2076 | expect(json_response['assets'].class).to eq(Hash) |
2069 | 2077 | expect(json_response['assets']['User'][customer_user.id.to_s]).not_to be_nil |
2070 | 2078 | expect(json_response['assets']['Ticket'][ticket1.id.to_s]).not_to be_nil |
| 2079 | + |
| 2080 | + authenticated_as(customer_user) |
| 2081 | + get "/api/v1/ticket_history/#{ticket1.id}", params: {}, as: :json |
| 2082 | + expect(response).to have_http_status(:unauthorized) |
| 2083 | + end |
| 2084 | + |
| 2085 | + it 'does ticket related' do |
| 2086 | + ticket1 = create( |
| 2087 | + :ticket, |
| 2088 | + title: 'some title', |
| 2089 | + group: ticket_group, |
| 2090 | + customer_id: customer_user.id, |
| 2091 | + ) |
| 2092 | + |
| 2093 | + authenticated_as(agent_user) |
| 2094 | + get "/api/v1/ticket_related/#{ticket1.id}", params: {}, as: :json |
| 2095 | + expect(response).to have_http_status(:ok) |
| 2096 | + |
| 2097 | + authenticated_as(customer_user) |
| 2098 | + get "/api/v1/ticket_related/#{ticket1.id}", params: {}, as: :json |
| 2099 | + expect(response).to have_http_status(:unauthorized) |
| 2100 | + end |
| 2101 | + |
| 2102 | + it 'does ticket recent' do |
| 2103 | + authenticated_as(agent_user) |
| 2104 | + get '/api/v1/ticket_recent', params: {}, as: :json |
| 2105 | + expect(response).to have_http_status(:ok) |
| 2106 | + |
| 2107 | + authenticated_as(customer_user) |
| 2108 | + get '/api/v1/ticket_recent', params: {}, as: :json |
| 2109 | + expect(response).to have_http_status(:unauthorized) |
2071 | 2110 | end |
| 2111 | + |
2072 | 2112 | end |
2073 | 2113 |
|
2074 | 2114 | describe 'stats' do |
|
2213 | 2253 | end |
2214 | 2254 |
|
2215 | 2255 | context 'as authorized customer', authenticated_as: -> { customer_authorized } do |
2216 | | - include_examples 'has access' |
| 2256 | + include_examples 'has no access' |
2217 | 2257 | end |
2218 | 2258 |
|
2219 | 2259 | context 'as unauthorized customer', authenticated_as: -> { customer_unauthorized } do |
|
0 commit comments