mirror of https://github.com/docusealco/docuseal
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
62 lines
2.0 KiB
62 lines
2.0 KiB
# frozen_string_literal: true
|
|
|
|
describe 'API Submitters Request Changes' do
|
|
let(:account) { create(:account) }
|
|
let(:user) { create(:user, account:) }
|
|
let(:template) { create(:template, account:, author: user) }
|
|
let(:submission) { create(:submission, template:, account:, created_by_user: user) }
|
|
let(:submitter) do
|
|
create(
|
|
:submitter,
|
|
submission:,
|
|
account:,
|
|
completed_at: 1.hour.ago,
|
|
uuid: template.submitters.first['uuid']
|
|
)
|
|
end
|
|
|
|
describe 'POST /api/submitters/:slug/request_changes' do
|
|
context 'when authenticated with a valid token' do
|
|
it 'clears completed_at and sets changes_requested_at' do
|
|
expect do
|
|
post "/api/submitters/#{submitter.slug}/request_changes",
|
|
headers: { 'x-auth-token': user.access_token.token }
|
|
end.to change { submitter.reload.changes_requested_at }.from(nil)
|
|
.and change { submitter.reload.completed_at }.to(nil)
|
|
|
|
expect(response).to have_http_status(:ok)
|
|
end
|
|
|
|
it 'is idempotent when changes already requested' do
|
|
submitter.update!(changes_requested_at: 1.hour.ago)
|
|
|
|
expect do
|
|
post "/api/submitters/#{submitter.slug}/request_changes",
|
|
headers: { 'x-auth-token': user.access_token.token }
|
|
end.not_to(change { submitter.reload.changes_requested_at })
|
|
|
|
expect(response).to have_http_status(:ok)
|
|
end
|
|
end
|
|
|
|
context 'when authenticated with a different account token' do
|
|
let(:other_user) { create(:user, account: create(:account)) }
|
|
|
|
it 'returns forbidden' do
|
|
post "/api/submitters/#{submitter.slug}/request_changes",
|
|
headers: { 'x-auth-token': other_user.access_token.token }
|
|
|
|
expect(response).to have_http_status(:forbidden)
|
|
end
|
|
end
|
|
|
|
context 'when unauthenticated' do
|
|
it 'returns unauthorized' do
|
|
post "/api/submitters/#{submitter.slug}/request_changes"
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
end
|
|
end
|
|
end
|
|
end
|