iachat/spec/enterprise/controllers/api/v1/accounts/companies_controller_spec.rb
Vinay Keerthi 005a22fd69
feat: Add sorting by contacts count to companies list (#13012)
## Description

Adds the ability to sort companies by the number of contacts they have
(contacts_count) in ascending or descending order. This is part of the
Chatwoot 5.0 release requirements for the companies feature.

The implementation uses a scope-based approach consistent with other
sorting implementations in the codebase (e.g., contacts sorting by
last_activity_at).

## Type of change

- [x] New feature (non-breaking change which adds functionality)

## Available Sorting Options

After this change, the Companies API supports the following sorting
options:

| Sort Field | Type | Ascending | Descending |
|------------|------|-----------|------------|
| `name` | string | `?sort=name` | `?sort=-name` |
| `domain` | string | `?sort=domain` | `?sort=-domain` |
| `created_at` | datetime | `?sort=created_at` | `?sort=-created_at` |
| `contacts_count` | integer (scope) | `?sort=contacts_count` |
`?sort=-contacts_count` |

**Note:** Prefix with `-` for descending order. Companies with NULL
contacts_count will appear last (NULLS LAST).

## CURL Examples

**Sort by contacts count (ascending):**
```bash
curl -X GET 'https://app.chatwoot.com/api/v1/accounts/{account_id}/companies?sort=contacts_count' \
  -H 'api_access_token: YOUR_API_TOKEN'
```

**Sort by contacts count (descending):**
```bash
curl -X GET 'https://app.chatwoot.com/api/v1/accounts/{account_id}/companies?sort=-contacts_count' \
  -H 'api_access_token: YOUR_API_TOKEN'
```

**Sort by name (ascending):**
```bash
curl -X GET 'https://app.chatwoot.com/api/v1/accounts/{account_id}/companies?sort=name' \
  -H 'api_access_token: YOUR_API_TOKEN'
```

**Sort by created_at (descending):**
```bash
curl -X GET 'https://app.chatwoot.com/api/v1/accounts/{account_id}/companies?sort=-created_at' \
  -H 'api_access_token: YOUR_API_TOKEN'
```

**With pagination:**
```bash
curl -X GET 'https://app.chatwoot.com/api/v1/accounts/{account_id}/companies?sort=-contacts_count&page=2' \
  -H 'api_access_token: YOUR_API_TOKEN'
```

## How Has This Been Tested?

- Added RSpec tests for both ascending and descending sort
- All 24 existing specs pass
- Manually tested the sorting functionality with test data

**Test configuration:**
- Ruby 3.4.4
- Rails 7.1.5.2
- PostgreSQL (test database)

**To reproduce:**
1. Run `bundle exec rspec
spec/enterprise/controllers/api/v1/accounts/companies_controller_spec.rb`
2. All tests should pass (24 examples, 0 failures)

## Checklist:

- [x] My code follows the style guidelines of this project
- [x] I have performed a self-review of my code
- [x] My changes generate no new warnings
- [x] I have added tests that prove my fix is effective or that my
feature works
- [x] New and existing unit tests pass locally with my changes

## Technical Details

**Backend changes:**
- Controller: Added `sort_on :contacts_count` with scope-based sorting
- Model: Added `order_on_contacts_count` scope using
`Arel::Nodes::SqlLiteral` and `sanitize_sql_for_order` with `NULLS LAST`
for consistent NULL handling
- Specs: Added 2 new tests for ascending/descending sort validation

**Files changed:**
- `enterprise/app/controllers/api/v1/accounts/companies_controller.rb`
- `enterprise/app/models/company.rb`
-
`spec/enterprise/controllers/api/v1/accounts/companies_controller_spec.rb`

**Note:** This PR only includes the backend implementation. Frontend
changes (sort menu UI + i18n) will follow in a separate commit.

---------

Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
Co-authored-by: iamsivin <iamsivin@gmail.com>
Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>
Co-authored-by: Pranav <pranav@chatwoot.com>
2026-01-09 15:20:08 -08:00

345 lines
14 KiB
Ruby

require 'rails_helper'
RSpec.describe 'Companies API', type: :request do
let(:account) { create(:account) }
describe 'GET /api/v1/accounts/{account.id}/companies' do
context 'when it is an unauthenticated user' do
it 'returns unauthorized' do
get "/api/v1/accounts/#{account.id}/companies"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated user' do
let(:admin) { create(:user, account: account, role: :administrator) }
let!(:company1) { create(:company, name: 'Company 1', account: account) }
let!(:company2) { create(:company, account: account) }
it 'returns all companies' do
get "/api/v1/accounts/#{account.id}/companies",
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload'].size).to eq(2)
expect(response_body['payload'].map { |c| c['name'] }).to contain_exactly(company1.name, company2.name)
end
it 'returns companies with pagination' do
create_list(:company, 30, account: account)
get "/api/v1/accounts/#{account.id}/companies",
params: { page: 1 },
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload'].size).to eq(25)
expect(response_body['meta']['total_count']).to eq(32)
expect(response_body['meta']['page']).to eq(1)
end
it 'returns second page of companies' do
create_list(:company, 30, account: account)
get "/api/v1/accounts/#{account.id}/companies",
params: { page: 2 },
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload'].size).to eq(7)
expect(response_body['meta']['total_count']).to eq(32)
expect(response_body['meta']['page']).to eq(2)
end
it 'returns companies with contacts_count' do
company_with_contacts = create(:company, name: 'Company With Contacts', account: account)
create_list(:contact, 5, company: company_with_contacts, account: account)
get "/api/v1/accounts/#{account.id}/companies",
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
company_data = response_body['payload'].find { |c| c['id'] == company_with_contacts.id }
expect(company_data['contacts_count']).to eq(5)
end
it 'does not return companies from other accounts' do
other_account = create(:account)
create(:company, name: 'Other Account Company', account: other_account)
create(:company, name: 'My Company', account: account)
get "/api/v1/accounts/#{account.id}/companies",
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload'].size).to eq(3)
expect(response_body['payload'].map { |c| c['name'] }).not_to include('Other Account Company')
end
it 'sorts companies by contacts_count in ascending order' do
company_with_5 = create(:company, name: 'Company with 5', account: account)
company_with_2 = create(:company, name: 'Company with 2', account: account)
company_with_10 = create(:company, name: 'Company with 10', account: account)
create_list(:contact, 5, company: company_with_5, account: account)
create_list(:contact, 2, company: company_with_2, account: account)
create_list(:contact, 10, company: company_with_10, account: account)
get "/api/v1/accounts/#{account.id}/companies",
params: { sort: 'contacts_count' },
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
company_ids = response_body['payload'].map { |c| c['id'] }
expect(company_ids.index(company_with_2.id)).to be < company_ids.index(company_with_5.id)
expect(company_ids.index(company_with_5.id)).to be < company_ids.index(company_with_10.id)
end
it 'sorts companies by contacts_count in descending order' do
company_with_5 = create(:company, name: 'Company with 5', account: account)
company_with_2 = create(:company, name: 'Company with 2', account: account)
company_with_10 = create(:company, name: 'Company with 10', account: account)
create_list(:contact, 5, company: company_with_5, account: account)
create_list(:contact, 2, company: company_with_2, account: account)
create_list(:contact, 10, company: company_with_10, account: account)
get "/api/v1/accounts/#{account.id}/companies",
params: { sort: '-contacts_count' },
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
company_ids = response_body['payload'].map { |c| c['id'] }
expect(company_ids.index(company_with_10.id)).to be < company_ids.index(company_with_5.id)
expect(company_ids.index(company_with_5.id)).to be < company_ids.index(company_with_2.id)
end
end
end
describe 'GET /api/v1/accounts/{account.id}/companies/search' do
context 'when it is an unauthenticated user' do
it 'returns unauthorized' do
get "/api/v1/accounts/#{account.id}/companies/search"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated user' do
let(:admin) { create(:user, account: account, role: :administrator) }
it 'returns error when q parameter is missing' do
get "/api/v1/accounts/#{account.id}/companies/search",
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:unprocessable_entity)
expect(response.parsed_body['error']).to eq('Specify search string with parameter q')
end
it 'searches companies by name' do
create(:company, name: 'Acme Corp', domain: 'acme.com', account: account)
create(:company, name: 'Tech Solutions', domain: 'tech.com', account: account)
create(:company, name: 'Global Inc', domain: 'global.com', account: account)
get "/api/v1/accounts/#{account.id}/companies/search",
params: { q: 'tech' },
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload'].size).to eq(1)
expect(response_body['payload'].first['name']).to eq('Tech Solutions')
end
it 'searches companies by domain' do
create(:company, name: 'Acme Corp', domain: 'acme.com', account: account)
create(:company, name: 'Tech Solutions', domain: 'tech.com', account: account)
create(:company, name: 'Global Inc', domain: 'global.com', account: account)
get "/api/v1/accounts/#{account.id}/companies/search",
params: { q: 'acme.com' },
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload'].size).to eq(1)
expect(response_body['payload'].first['domain']).to eq('acme.com')
end
it 'search is case insensitive' do
create(:company, name: 'Acme Corp', domain: 'acme.com', account: account)
get "/api/v1/accounts/#{account.id}/companies/search",
params: { q: 'ACME' },
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload'].size).to eq(1)
end
it 'returns empty array when no companies match search' do
create(:company, name: 'Acme Corp', domain: 'acme.com', account: account)
get "/api/v1/accounts/#{account.id}/companies/search",
params: { q: 'nonexistent' },
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload'].size).to eq(0)
expect(response_body['meta']['total_count']).to eq(0)
end
end
end
describe 'GET /api/v1/accounts/{account.id}/companies/{id}' do
context 'when it is an unauthenticated user' do
it 'returns unauthorized' do
company = create(:company, account: account)
get "/api/v1/accounts/#{account.id}/companies/#{company.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated user' do
let(:admin) { create(:user, account: account, role: :administrator) }
let(:company) { create(:company, account: account) }
it 'returns the company' do
get "/api/v1/accounts/#{account.id}/companies/#{company.id}",
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload']['name']).to eq(company.name)
expect(response_body['payload']['id']).to eq(company.id)
end
end
end
describe 'POST /api/v1/accounts/{account.id}/companies' do
context 'when it is an unauthenticated user' do
it 'returns unauthorized' do
post "/api/v1/accounts/#{account.id}/companies"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated user' do
let(:admin) { create(:user, account: account, role: :administrator) }
let(:valid_params) do
{
company: {
name: 'New Company',
domain: 'newcompany.com',
description: 'A new company'
}
}
end
it 'creates a new company' do
expect do
post "/api/v1/accounts/#{account.id}/companies",
params: valid_params,
headers: admin.create_new_auth_token,
as: :json
end.to change(Company, :count).by(1)
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload']['name']).to eq('New Company')
expect(response_body['payload']['domain']).to eq('newcompany.com')
end
it 'returns error for invalid params' do
invalid_params = { company: { name: '' } }
post "/api/v1/accounts/#{account.id}/companies",
params: invalid_params,
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:unprocessable_entity)
end
end
end
describe 'PATCH /api/v1/accounts/{account.id}/companies/{id}' do
context 'when it is an unauthenticated user' do
it 'returns unauthorized' do
company = create(:company, account: account)
patch "/api/v1/accounts/#{account.id}/companies/#{company.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated user' do
let(:admin) { create(:user, account: account, role: :administrator) }
let(:company) { create(:company, account: account) }
let(:update_params) do
{
company: {
name: 'Updated Company Name',
domain: 'updated.com'
}
}
end
it 'updates the company' do
patch "/api/v1/accounts/#{account.id}/companies/#{company.id}",
params: update_params,
headers: admin.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
response_body = response.parsed_body
expect(response_body['payload']['name']).to eq('Updated Company Name')
expect(response_body['payload']['domain']).to eq('updated.com')
end
end
end
describe 'DELETE /api/v1/accounts/{account.id}/companies/{id}' do
context 'when it is an unauthenticated user' do
it 'returns unauthorized' do
company = create(:company, account: account)
delete "/api/v1/accounts/#{account.id}/companies/#{company.id}"
expect(response).to have_http_status(:unauthorized)
end
end
context 'when it is an authenticated administrator' do
let(:admin) { create(:user, account: account, role: :administrator) }
let(:company) { create(:company, account: account) }
it 'deletes the company' do
company
expect do
delete "/api/v1/accounts/#{account.id}/companies/#{company.id}",
headers: admin.create_new_auth_token,
as: :json
end.to change(Company, :count).by(-1)
expect(response).to have_http_status(:ok)
end
end
context 'when it is a regular agent' do
let(:agent) { create(:user, account: account, role: :agent) }
let(:company) { create(:company, account: account) }
it 'returns unauthorized' do
delete "/api/v1/accounts/#{account.id}/companies/#{company.id}",
headers: agent.create_new_auth_token,
as: :json
expect(response).to have_http_status(:unauthorized)
end
end
end
end