diff --git a/Gemfile.lock b/Gemfile.lock index 89c64be64..3ff93bc06 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -574,7 +574,7 @@ DEPENDENCIES will_paginate RUBY VERSION - ruby 3.0.0p0 + ruby 3.0.0p0 BUNDLED WITH 2.1.4 diff --git a/app/assets/stylesheets/api_clients.scss b/app/assets/stylesheets/api_clients.scss deleted file mode 100755 index 1c50136d1..000000000 --- a/app/assets/stylesheets/api_clients.scss +++ /dev/null @@ -1,3 +0,0 @@ -// Place all the styles related to the ApiClients controller here. -// They will automatically be included in application.css. -// You can use Sass (SCSS) here: https://sass-lang.com/ diff --git a/app/controllers/comfy/admin/api_clients_controller.rb b/app/controllers/comfy/admin/api_clients_controller.rb deleted file mode 100755 index 598c7bdb5..000000000 --- a/app/controllers/comfy/admin/api_clients_controller.rb +++ /dev/null @@ -1,76 +0,0 @@ -class Comfy::Admin::ApiClientsController < Comfy::Admin::Cms::BaseController - before_action :set_api_client, only: %i[ show edit update destroy ] - before_action :set_api_namespace - before_action :ensure_authority_for_read_api_clients_only_in_api, only: %i[ show index ] - before_action :ensure_authority_for_full_access_for_api_clients_only_in_api, only: %i[ new edit create update destroy ] - - # GET /api_clients or /api_clients.json - def index - @api_clients = @api_namespace.api_clients - end - - # GET /api_clients/1 or /api_clients/1.json - def show - end - - # GET /api_clients/new - def new - @api_client = ApiClient.new(api_namespace_id: @api_namespace.id) - end - - # GET /api_clients/1/edit - def edit - end - - # POST /api_clients or /api_clients.json - def create - @api_client = ApiClient.new(api_client_params) - respond_to do |format| - if @api_client.save - format.html { redirect_to api_namespace_api_client_path(api_namespace_id: @api_namespace.id, id: @api_client.id), notice: "Api client was successfully created." } - format.json { render :show, status: :created, location: @api_client } - else - format.html { render :new, status: :unprocessable_entity } - format.json { render json: @api_client.errors, status: :unprocessable_entity } - end - end - end - - # PATCH/PUT /api_clients/1 or /api_clients/1.json - def update - respond_to do |format| - if @api_client.update(api_client_params) - format.html { redirect_to api_namespace_api_client_path(api_namespace_id: @api_namespace.id, id: @api_client.id), notice: "Api client was successfully updated." } - format.json { render :show, status: :ok, location: @api_client } - else - format.html { render :edit, status: :unprocessable_entity } - format.json { render json: @api_client.errors, status: :unprocessable_entity } - end - end - end - - # DELETE /api_clients/1 or /api_clients/1.json - def destroy - @api_client.destroy - respond_to do |format| - format.html { redirect_to api_namespace_api_clients_path(api_namespace_id: @api_namespace.id), notice: "Api client was successfully destroyed." } - format.json { head :no_content } - end - end - - private - # Use callbacks to share common setup or constraints between actions. - def set_api_namespace - @api_namespace = ApiNamespace.find_by(id: params[:api_namespace_id]) - end - - - def set_api_client - @api_client = ApiClient.find(params[:id]) - end - - # Only allow a list of trusted parameters through. - def api_client_params - params.require(:api_client).permit(:api_namespace_id, :label, :authentication_strategy).merge({api_namespace_id: @api_namespace.id}) - end -end diff --git a/app/controllers/comfy/admin/external_api_clients_controller.rb b/app/controllers/comfy/admin/external_api_clients_controller.rb index ce10a6c1c..9de21c5e7 100644 --- a/app/controllers/comfy/admin/external_api_clients_controller.rb +++ b/app/controllers/comfy/admin/external_api_clients_controller.rb @@ -30,7 +30,7 @@ def create respond_to do |format| if @external_api_client.save format.html { redirect_to api_namespace_external_api_client_path(api_namespace_id: @api_namespace.id, id: @external_api_client.id), notice: "Api client was successfully created." } - format.json { render :show, status: :created, location: @api_client } + format.json { render :show, status: :created, location: @external_api_client } else format.html { render :new, status: :unprocessable_entity } format.json { render json: @external_api_client.errors, status: :unprocessable_entity } @@ -46,7 +46,7 @@ def update format.json { render :show, status: :ok, location: @external_api_client } else format.html { render :edit, status: :unprocessable_entity } - format.json { render json: @api_client.errors, status: :unprocessable_entity } + format.json { render json: @external_api_client.errors, status: :unprocessable_entity } end end end diff --git a/app/controllers/subdomains/base_controller.rb b/app/controllers/subdomains/base_controller.rb index c573975c6..f0d9eeb2b 100644 --- a/app/controllers/subdomains/base_controller.rb +++ b/app/controllers/subdomains/base_controller.rb @@ -145,20 +145,6 @@ def ensure_authority_for_full_access_for_external_api_connections_only_in_api end end - def ensure_authority_for_read_api_clients_only_in_api - unless user_authorized_for_api_accessibility?(ApiNamespace::API_ACCESSIBILITIES[:read_api_clients_only]) - flash.alert = "You do not have the permission to do that. Only users with full_access or full_read_access or full_access_for_api_clients_only or read_api_clients_only are allowed to perform that action." - redirect_back(fallback_location: root_url) - end - end - - def ensure_authority_for_full_access_for_api_clients_only_in_api - unless user_authorized_for_api_accessibility?(ApiNamespace::API_ACCESSIBILITIES[:full_access_for_api_clients_only]) - flash.alert = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - redirect_back(fallback_location: root_url) - end - end - def ensure_authority_for_full_access_for_api_form_only_in_api unless user_authorized_for_api_accessibility?(ApiNamespace::API_ACCESSIBILITIES[:full_access_for_api_form_only]) flash.alert = "You do not have the permission to do that. Only users with full_access or full_access_for_api_form_only are allowed to perform that action." diff --git a/app/helpers/api_clients_helper.rb b/app/helpers/api_clients_helper.rb deleted file mode 100755 index 2432bfed7..000000000 --- a/app/helpers/api_clients_helper.rb +++ /dev/null @@ -1,2 +0,0 @@ -module ApiClientsHelper -end diff --git a/app/models/api_client.rb b/app/models/api_client.rb deleted file mode 100755 index 6bc6fd4f9..000000000 --- a/app/models/api_client.rb +++ /dev/null @@ -1,21 +0,0 @@ -class ApiClient < ApplicationRecord - extend FriendlyId - friendly_id :label, use: :slugged - belongs_to :api_namespace - - AUTHENTICATION_STRATEGIES = { - bearer_token: 'bearer token' - } - - validates :authentication_strategy, inclusion: { in: ApiClient::AUTHENTICATION_STRATEGIES.keys.map{ |n| n.to_s } } - - before_create :set_bearer_token_if_applicable - - private - - def set_bearer_token_if_applicable - if self.authentication_strategy == AUTHENTICATION_STRATEGIES.keys[0].to_s - self.bearer_token = SecureRandom.uuid - end - end -end diff --git a/app/models/api_namespace.rb b/app/models/api_namespace.rb index 67eb24785..4ba87f61b 100755 --- a/app/models/api_namespace.rb +++ b/app/models/api_namespace.rb @@ -15,9 +15,6 @@ class ApiNamespace < ApplicationRecord has_one :api_form, dependent: :destroy accepts_nested_attributes_for :api_form - has_many :api_clients, dependent: :destroy - accepts_nested_attributes_for :api_clients - has_many :external_api_clients, dependent: :destroy has_many :non_primitive_properties, dependent: :destroy @@ -75,8 +72,6 @@ class ApiNamespace < ApplicationRecord full_access_for_api_actions_only: ['full_access', 'full_access_for_api_actions_only'], read_external_api_connections_only: ['full_access', 'full_read_access', 'full_access_for_external_api_connections_only', 'read_external_api_connections_only'], full_access_for_external_api_connections_only: ['full_access', 'full_access_for_external_api_connections_only'], - read_api_clients_only: ['full_access', 'full_read_access', 'full_access_for_api_clients_only', 'read_api_clients_only'], - full_access_for_api_clients_only: ['full_access', 'full_access_for_api_clients_only'], full_access_for_api_form_only: ['full_access', 'full_access_for_api_form_only'], read_api_keys_only: ['full_access', 'delete_access', 'read_access'], full_access_for_api_keys_only: ['full_access'], diff --git a/app/views/comfy/admin/api_clients/_api_client.json.jbuilder b/app/views/comfy/admin/api_clients/_api_client.json.jbuilder deleted file mode 100755 index 6bf811408..000000000 --- a/app/views/comfy/admin/api_clients/_api_client.json.jbuilder +++ /dev/null @@ -1,2 +0,0 @@ -json.extract! api_client, :id, :api_namespace_id, :label, :authentication_strategy, :bearer_token, :created_at, :updated_at -json.url api_client_url(api_client, format: :json) diff --git a/app/views/comfy/admin/api_clients/_form.html.haml b/app/views/comfy/admin/api_clients/_form.html.haml deleted file mode 100755 index 2a82b1e30..000000000 --- a/app/views/comfy/admin/api_clients/_form.html.haml +++ /dev/null @@ -1,18 +0,0 @@ -- action = @api_client.persisted? ? :put : :post -- path = @api_client.persisted? ? api_namespace_api_client_path(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) : api_namespace_api_clients_path(api_namespace_id: @api_client.api_namespace.id) - -= form_for @api_client, url: path, method: action do |f| - - if @api_client.errors.any? - #error_explanation - %h2= "#{pluralize(@api_client.errors.count, "error")} prohibited this api_client from being saved:" - %ul - - @api_client.errors.full_messages.each do |message| - %li= message - .field - = f.label :label - = f.text_field :label - .field - = f.label :authentication_strategy - = f.select :authentication_strategy, options_for_select(ApiClient::AUTHENTICATION_STRATEGIES.map{|k, v| [v, k]}) - .actions - = f.submit 'Save' diff --git a/app/views/comfy/admin/api_clients/edit.html.haml b/app/views/comfy/admin/api_clients/edit.html.haml deleted file mode 100755 index d25d48499..000000000 --- a/app/views/comfy/admin/api_clients/edit.html.haml +++ /dev/null @@ -1,7 +0,0 @@ -%h1 Editing api_client - -= render 'form' - -= link_to 'Show', api_namespace_api_client_path(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) -\| -= link_to 'Back', api_namespace_api_clients_path(api_namespace_id: @api_namespace.id) diff --git a/app/views/comfy/admin/api_clients/index.html.haml b/app/views/comfy/admin/api_clients/index.html.haml deleted file mode 100755 index 736566787..000000000 --- a/app/views/comfy/admin/api_clients/index.html.haml +++ /dev/null @@ -1,25 +0,0 @@ -%h1 Listing api_clients - -%table - %thead - %tr - %th Api namespace - %th Label - %th Authentication strategy - %th - %th - %th - - %tbody - - @api_clients.each do |api_client| - %tr - %td= api_client.api_namespace.name - %td= api_client.label - %td= api_client.authentication_strategy - %td= link_to 'Show', api_namespace_api_client_path(api_namespace_id: api_client.api_namespace.id, id: api_client.id) - %td= link_to 'Edit', edit_api_namespace_api_client_path(api_namespace_id: api_client.api_namespace.id, id: api_client.id) - %td= link_to 'Destroy', api_namespace_api_client_path(api_namespace_id: api_client.api_namespace.id, id: api_client.id), method: :delete, data: { confirm: 'Are you sure?' } - -%br - -= link_to 'New Api client', new_api_namespace_api_client_path diff --git a/app/views/comfy/admin/api_clients/index.json.jbuilder b/app/views/comfy/admin/api_clients/index.json.jbuilder deleted file mode 100755 index 7811dfc83..000000000 --- a/app/views/comfy/admin/api_clients/index.json.jbuilder +++ /dev/null @@ -1 +0,0 @@ -json.array! @api_clients, partial: "api_clients/api_client", as: :api_client diff --git a/app/views/comfy/admin/api_clients/new.html.haml b/app/views/comfy/admin/api_clients/new.html.haml deleted file mode 100755 index e58cebefb..000000000 --- a/app/views/comfy/admin/api_clients/new.html.haml +++ /dev/null @@ -1,5 +0,0 @@ -%h1 New api_client - -= render 'form' - -= link_to 'Back', api_namespace_api_clients_path diff --git a/app/views/comfy/admin/api_clients/show.html.haml b/app/views/comfy/admin/api_clients/show.html.haml deleted file mode 100755 index 37dd59216..000000000 --- a/app/views/comfy/admin/api_clients/show.html.haml +++ /dev/null @@ -1,18 +0,0 @@ -%p#notice= notice - -%p - %b Api namespace: - = @api_client.api_namespace.name -%p - %b Label: - = @api_client.label -%p - %b Authentication strategy: - = @api_client.authentication_strategy -%p - %b Bearer token: - = @api_client.bearer_token - -= link_to 'Edit', edit_api_namespace_api_client_path(api_namespace_id: @api_namespace.id, id: @api_client.id) -\| -= link_to 'Back', api_namespace_api_clients_path(api_namespace_id: @api_namespace.id) diff --git a/app/views/comfy/admin/api_clients/show.json.jbuilder b/app/views/comfy/admin/api_clients/show.json.jbuilder deleted file mode 100755 index 3fdffe28c..000000000 --- a/app/views/comfy/admin/api_clients/show.json.jbuilder +++ /dev/null @@ -1 +0,0 @@ -json.partial! "api_clients/api_client", api_client: @api_client diff --git a/app/views/comfy/admin/api_forms/_form.html.haml b/app/views/comfy/admin/api_forms/_form.html.haml index aefdb85f5..ce3726675 100644 --- a/app/views/comfy/admin/api_forms/_form.html.haml +++ b/app/views/comfy/admin/api_forms/_form.html.haml @@ -1,5 +1,5 @@ - action = @api_form.persisted? ? :put : :post -- path = @api_form.persisted? ? api_namespace_api_form_path(api_namespace_id: @api_form.api_namespace.id, id: @api_form.id) : api_namespace_api_forms_path(api_namespace_id: @api_client.api_namespace.id) +- path = @api_form.persisted? ? api_namespace_api_form_path(api_namespace_id: @api_form.api_namespace.id, id: @api_form.id) : api_namespace_api_forms_path(api_namespace_id: @api_form.api_namespace.id) - properties = @api_form.properties = form_for @api_form, url: path, method: action do |f| diff --git a/config/routes.rb b/config/routes.rb index de422f2e6..451fb2803 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -66,7 +66,6 @@ def self.matches?(request) end resources :resources, except: [:index], controller: 'comfy/admin/api_resources' - resources :api_clients, controller: 'comfy/admin/api_clients' resources :external_api_clients, controller: 'comfy/admin/external_api_clients' do member do get 'start' diff --git a/db/migrate/20221222155625_drop_api_clients.rb b/db/migrate/20221222155625_drop_api_clients.rb new file mode 100644 index 000000000..884960d4f --- /dev/null +++ b/db/migrate/20221222155625_drop_api_clients.rb @@ -0,0 +1,9 @@ +class DropApiClients < ActiveRecord::Migration[6.1] + def up + drop_table :api_clients + end + + def down + fail ActiveRecord::IrreversibleMigration + end +end diff --git a/db/schema.rb b/db/schema.rb index e45b75b11..7a3fff806 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2022_12_21_073259) do +ActiveRecord::Schema.define(version: 2022_12_22_155625) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -131,18 +131,6 @@ t.index ["api_resource_id"], name: "index_api_actions_on_api_resource_id" end - create_table "api_clients", force: :cascade do |t| - t.bigint "api_namespace_id", null: false - t.string "slug", null: false - t.string "label", default: "customer_identifier_here", null: false - t.string "authentication_strategy", default: "bearer_token", null: false - t.string "bearer_token" - t.datetime "created_at", precision: 6, null: false - t.datetime "updated_at", precision: 6, null: false - t.index ["api_namespace_id"], name: "index_api_clients_on_api_namespace_id" - t.index ["bearer_token"], name: "index_api_clients_on_bearer_token" - end - create_table "api_forms", force: :cascade do |t| t.jsonb "properties" t.bigint "api_namespace_id", null: false @@ -581,7 +569,6 @@ add_foreign_key "active_storage_variant_records", "active_storage_blobs", column: "blob_id" add_foreign_key "api_actions", "api_namespaces" add_foreign_key "api_actions", "api_resources" - add_foreign_key "api_clients", "api_namespaces" add_foreign_key "api_forms", "api_namespaces" add_foreign_key "api_namespace_keys", "api_keys" add_foreign_key "api_namespace_keys", "api_namespaces" diff --git a/test/controllers/admin/comfy/api_clients_controller_test.rb b/test/controllers/admin/comfy/api_clients_controller_test.rb deleted file mode 100755 index 72909850a..000000000 --- a/test/controllers/admin/comfy/api_clients_controller_test.rb +++ /dev/null @@ -1,722 +0,0 @@ -require "test_helper" - -class Comfy::Admin::ApiClientsControllerTest < ActionDispatch::IntegrationTest - setup do - @user = users(:public) - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access: 'true'}}}) - @api_client = api_clients(:one) - @api_namespace = api_namespaces(:one) - end - - test "should not get index if not authenticated" do - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_redirected_to new_user_session_url - end - - test "should not get #index, #new if signed in but not allowed to manage web" do - sign_in(@user) - @user.update(api_accessibility: {}) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :redirect - get new_api_namespace_api_client_url(api_namespace_id: @api_namespace.id) - assert_response :redirect - end - - test "should only show api_clients of specified api_namespace" do - # Creating new api_clients of @api_namespace - @api_client.dup.save! - @api_client.dup.save! - - # Creating another api_namespace and its api_clients - new_api_namespace = api_namespaces(:two) - new_api_client = api_clients(:two) - new_api_client.dup.save! - new_api_client.dup.save! - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - - @controller.view_assigns['api_clients'].each do |api_client| - assert_equal api_client.api_namespace_id, @api_namespace.id - end - - assert_not_includes @controller.view_assigns['api_clients'].pluck(:api_namespace_id), new_api_namespace.id - end - - test "should get index" do - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test "should get new" do - sign_in(@user) - get new_api_namespace_api_client_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test "should create api_client" do - sign_in(@user) - assert_difference('ApiClient.count') do - post api_namespace_api_clients_url(api_namespace_id: @api_namespace.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, label: "foobar" } } - end - api_client = ApiClient.last - assert_redirected_to api_namespace_api_client_path(api_namespace_id: api_client.api_namespace.id, id: api_client.id) - end - - test "should show api_client" do - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :show - end - - test "should get edit" do - sign_in(@user) - get edit_api_namespace_api_client_path(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :edit - end - - test "should update api_client" do - sign_in(@user) - patch api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, bearer_token: @api_client.bearer_token, label: @api_client.label } } - assert_redirected_to api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - test "should destroy api_client" do - sign_in(@user) - assert_difference('ApiClient.count', -1) do - delete api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - assert_redirected_to api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - end - - # SHOW - # API access for all namespaces - test 'should get show if user has full_access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access: 'true'}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :show - end - - test 'should get show if user has full_read_access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_read_access: 'true'}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :show - end - - test 'should get show if user has full_access_for_api_clients_only for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access_for_api_clients_only: 'true'}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :show - end - - test 'should get show if user has read_api_clients_only for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {read_api_clients_only: 'true'}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :show - end - - test 'should not get show if user has other access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {allow_duplication: 'true'}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_read_access or full_access_for_api_clients_only or read_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # API access by category wise - test 'should get show if user has full_access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :show - end - - test 'should get show if user has full_read_access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_read_access: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :show - end - - test 'should get show if user has full_access_for_api_clients_only for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :show - end - - test 'should get show if user has read_api_clients_only for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {read_api_clients_only: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :show - end - - test 'should get show if user has read_api_clients_only for the uncategorized namespace' do - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {uncategorized: {read_api_clients_only: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :show - end - - test 'should not get show if user has other access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {allow_duplication: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_read_access or full_access_for_api_clients_only or read_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # INDEX - # API access for all namespaces - test 'should get index if user has full_access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access: 'true'}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should get index if user has full_read_access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_read_access: 'true'}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should get index if user has full_access_for_api_clients_only for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access_for_api_clients_only: 'true'}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should get index if user has read_api_clients_only for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {read_api_clients_only: 'true'}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should not get index if user has other access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {allow_duplication: 'true'}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_read_access or full_access_for_api_clients_only or read_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # API access by category wise - test 'should get index if user has full_access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should get index if user has full_read_access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_read_access: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should get index if user has full_access_for_api_clients_only for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should get index if user has read_api_clients_only for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {read_api_clients_only: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should get index if user has read_api_clients_only for the uncategorized namespace' do - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {uncategorized: {read_api_clients_only: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should not get index if user has other access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {allow_duplication: 'true'}}}}) - - sign_in(@user) - get api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_read_access or full_access_for_api_clients_only or read_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # NEW - # API access for all_namespaces - test 'should get new if user has full_access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access: 'true'}}}) - - sign_in(@user) - get new_api_namespace_api_client_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should get new if user has full_access_for_api_clients_only for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access_for_api_clients_only: 'true'}}}) - - sign_in(@user) - get new_api_namespace_api_client_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should not get new if user has other access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {read_api_clients_only: 'true'}}}) - - sign_in(@user) - get new_api_namespace_api_client_url(api_namespace_id: @api_namespace.id) - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # API access by category wise - test 'should get new if user has full_access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access: 'true'}}}}) - - sign_in(@user) - get new_api_namespace_api_client_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should get new if user has full_access_for_api_clients_only for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - get new_api_namespace_api_client_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should get new if user has read_api_clients_only for the uncategorized namespace' do - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {uncategorized: {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - get new_api_namespace_api_client_url(api_namespace_id: @api_namespace.id) - assert_response :success - end - - test 'should not get new if user has other access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {read_api_clients_only: 'true'}}}}) - - sign_in(@user) - get new_api_namespace_api_client_url(api_namespace_id: @api_namespace.id) - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # EDIT - # API access for all_namespaces - test 'should get edit if user has full_access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access: 'true'}}}) - - sign_in(@user) - get edit_api_namespace_api_client_path(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :edit - end - - test 'should get edit if user has full_access_for_api_clients_only for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access_for_api_clients_only: 'true'}}}) - - sign_in(@user) - get edit_api_namespace_api_client_path(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :edit - end - - test 'should not get edit if user has other access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {read_api_clients_only: 'true'}}}) - - sign_in(@user) - get edit_api_namespace_api_client_path(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # API access by category wise - test 'should get edit if user has full_access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access: 'true'}}}}) - - sign_in(@user) - get edit_api_namespace_api_client_path(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :edit - end - - test 'should get edit if user has full_access_for_api_clients_only for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - get edit_api_namespace_api_client_path(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :edit - end - - test 'should get edit if user has read_api_clients_only for the uncategorized namespace' do - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {uncategorized: {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - get edit_api_namespace_api_client_path(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :success - assert_template :edit - end - - test 'should not get edit if user has other access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {read_api_clients_only: 'true'}}}}) - - sign_in(@user) - get edit_api_namespace_api_client_path(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # CREATE - # API access for all_namespaces - test 'should get create if user has full_access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access: 'true'}}}) - - sign_in(@user) - assert_difference('ApiClient.count') do - post api_namespace_api_clients_url(api_namespace_id: @api_namespace.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, label: "foobar" } } - end - api_client = ApiClient.last - assert_redirected_to api_namespace_api_client_path(api_namespace_id: api_client.api_namespace.id, id: api_client.id) - end - - test 'should get create if user has full_access_for_api_clients_only for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access_for_api_clients_only: 'true'}}}) - - sign_in(@user) - assert_difference('ApiClient.count') do - post api_namespace_api_clients_url(api_namespace_id: @api_namespace.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, label: "foobar" } } - end - api_client = ApiClient.last - assert_redirected_to api_namespace_api_client_path(api_namespace_id: api_client.api_namespace.id, id: api_client.id) - end - - test 'should not get create if user has other access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {read_api_clients_only: 'true'}}}) - - sign_in(@user) - assert_no_difference('ApiClient.count') do - post api_namespace_api_clients_url(api_namespace_id: @api_namespace.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, label: "foobar" } } - end - api_client = ApiClient.last - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # API access by category wise - test 'should get create if user has full_access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access: 'true'}}}}) - - sign_in(@user) - assert_difference('ApiClient.count') do - post api_namespace_api_clients_url(api_namespace_id: @api_namespace.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, label: "foobar" } } - end - api_client = ApiClient.last - assert_redirected_to api_namespace_api_client_path(api_namespace_id: api_client.api_namespace.id, id: api_client.id) - end - - test 'should get create if user has full_access_for_api_clients_only for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - assert_difference('ApiClient.count') do - post api_namespace_api_clients_url(api_namespace_id: @api_namespace.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, label: "foobar" } } - end - api_client = ApiClient.last - assert_redirected_to api_namespace_api_client_path(api_namespace_id: api_client.api_namespace.id, id: api_client.id) - end - - test 'should get create if user has read_api_clients_only for the uncategorized namespace' do - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {uncategorized: {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - assert_difference('ApiClient.count') do - post api_namespace_api_clients_url(api_namespace_id: @api_namespace.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, label: "foobar" } } - end - api_client = ApiClient.last - assert_redirected_to api_namespace_api_client_path(api_namespace_id: api_client.api_namespace.id, id: api_client.id) - end - - test 'should not get create if user has other access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {read_api_clients_only: 'true'}}}}) - - sign_in(@user) - assert_no_difference('ApiClient.count') do - post api_namespace_api_clients_url(api_namespace_id: @api_namespace.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, label: "foobar" } } - end - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # UPDATE - # API access for all_namespaces - test 'should get update if user has full_access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access: 'true'}}}) - - sign_in(@user) - patch api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, bearer_token: @api_client.bearer_token, label: @api_client.label } } - assert_redirected_to api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - test 'should get update if user has full_access_for_api_clients_only for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access_for_api_clients_only: 'true'}}}) - - sign_in(@user) - patch api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, bearer_token: @api_client.bearer_token, label: @api_client.label } } - assert_redirected_to api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - test 'should not get update if user has other access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {read_api_clients_only: 'true'}}}) - - sign_in(@user) - patch api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, bearer_token: @api_client.bearer_token, label: @api_client.label } } - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # API access by category wise - test 'should get update if user has full_access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access: 'true'}}}}) - - sign_in(@user) - patch api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, bearer_token: @api_client.bearer_token, label: @api_client.label } } - assert_redirected_to api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - test 'should get update if user has full_access_for_api_clients_only for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - patch api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, bearer_token: @api_client.bearer_token, label: @api_client.label } } - assert_redirected_to api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - test 'should get update if user has read_api_clients_only for the uncategorized namespace' do - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {uncategorized: {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - patch api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, bearer_token: @api_client.bearer_token, label: @api_client.label } } - assert_redirected_to api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - test 'should not get update if user has other access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {read_api_clients_only: 'true'}}}}) - - sign_in(@user) - patch api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id), params: { api_client: { authentication_strategy: @api_client.authentication_strategy, bearer_token: @api_client.bearer_token, label: @api_client.label } } - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # DESTROY - # API access for all_namespaces - test 'should destroy if user has full_access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access: 'true'}}}) - - sign_in(@user) - assert_difference('ApiClient.count', -1) do - delete api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - assert_redirected_to api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - end - - test 'should destroy if user has full_access_for_api_clients_only for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access_for_api_clients_only: 'true'}}}) - - sign_in(@user) - assert_difference('ApiClient.count', -1) do - delete api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - assert_redirected_to api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - end - - test 'should not destroy if user has other access for all namespace' do - @user.update(api_accessibility: {api_namespaces: {all_namespaces: {read_api_clients_only: 'true'}}}) - - sign_in(@user) - assert_no_difference('ApiClient.count') do - delete api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - # API access by category wise - test 'should destroy if user has full_access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access: 'true'}}}}) - - sign_in(@user) - assert_difference('ApiClient.count', -1) do - delete api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - assert_redirected_to api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - end - - test 'should destroy if user has full_access_for_api_clients_only for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - assert_difference('ApiClient.count', -1) do - delete api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - assert_redirected_to api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - end - - test 'should destroy if user has read_api_clients_only for the uncategorized namespace' do - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {uncategorized: {full_access_for_api_clients_only: 'true'}}}}) - - sign_in(@user) - assert_difference('ApiClient.count', -1) do - delete api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - assert_redirected_to api_namespace_api_clients_url(api_namespace_id: @api_namespace.id) - end - - test 'should not destroy if user has other access for the namespace' do - category = comfy_cms_categories(:api_namespace_1) - @api_namespace.update(category_ids: [category.id]) - @user.update(api_accessibility: {api_namespaces: {namespaces_by_category: {"#{category.label}": {read_api_clients_only: 'true'}}}}) - - sign_in(@user) - assert_no_difference('ApiClient.count') do - delete api_namespace_api_client_url(api_namespace_id: @api_client.api_namespace.id, id: @api_client.id) - end - - assert_response :redirect - - expected_message = "You do not have the permission to do that. Only users with full_access or full_access_for_api_clients_only are allowed to perform that action." - assert_equal expected_message, flash[:alert] - end - - -end diff --git a/test/controllers/admin/comfy/external_api_clients_controller_test.rb b/test/controllers/admin/comfy/external_api_clients_controller_test.rb index d6592c219..60117574e 100644 --- a/test/controllers/admin/comfy/external_api_clients_controller_test.rb +++ b/test/controllers/admin/comfy/external_api_clients_controller_test.rb @@ -5,7 +5,6 @@ class Comfy::Admin::ExternalApiClientsControllerTest < ActionDispatch::Integrati setup do @user = users(:public) @user.update(api_accessibility: {api_namespaces: {all_namespaces: {full_access: 'true'}}}) - @api_client = api_clients(:one) @api_namespace = api_namespaces(:one) @external_api_client = external_api_clients(:test) diff --git a/test/fixtures/api_clients.yml b/test/fixtures/api_clients.yml deleted file mode 100755 index bb8be9a56..000000000 --- a/test/fixtures/api_clients.yml +++ /dev/null @@ -1,22 +0,0 @@ -# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html - -one: - api_namespace: one - label: MyString - slug: MyString - authentication_strategy: bearer_token - bearer_token: MyString - -two: - api_namespace: two - label: MyString11 - slug: MyString11 - authentication_strategy: bearer_token - bearer_token: MyString1 - -for_users: - api_namespace: users - label: MyString111 - slug: MyString111 - authentication_strategy: bearer_token - bearer_token: MyString11 diff --git a/test/models/api_client_test.rb b/test/models/api_client_test.rb deleted file mode 100755 index a2c7629bc..000000000 --- a/test/models/api_client_test.rb +++ /dev/null @@ -1,7 +0,0 @@ -require "test_helper" - -class ApiClientTest < ActiveSupport::TestCase - # test "the truth" do - # assert true - # end -end diff --git a/test/system/api_clients_test.rb b/test/system/api_clients_test.rb deleted file mode 100755 index 24f8b010e..000000000 --- a/test/system/api_clients_test.rb +++ /dev/null @@ -1,49 +0,0 @@ -require "application_system_test_case" - -class ApiClientsTest < ApplicationSystemTestCase - setup do - @api_client = api_clients(:one) - end - - test "visiting the index" do - visit api_clients_url - assert_selector "h1", text: "Api Clients" - end - - test "creating a Api client" do - visit api_clients_url - click_on "New Api Client" - - fill_in "Api namespace", with: @api_client.api_namespace_id - fill_in "Authentication strategy", with: @api_client.authentication_strategy - fill_in "Bearer token", with: @api_client.bearer_token - fill_in "Label", with: @api_client.label - click_on "Create Api client" - - assert_text "Api client was successfully created" - click_on "Back" - end - - test "updating a Api client" do - visit api_clients_url - click_on "Edit", match: :first - - fill_in "Api namespace", with: @api_client.api_namespace_id - fill_in "Authentication strategy", with: @api_client.authentication_strategy - fill_in "Bearer token", with: @api_client.bearer_token - fill_in "Label", with: @api_client.label - click_on "Update Api client" - - assert_text "Api client was successfully updated" - click_on "Back" - end - - test "destroying a Api client" do - visit api_clients_url - page.accept_confirm do - click_on "Destroy", match: :first - end - - assert_text "Api client was successfully destroyed" - end -end