Chore: Scope URLs with account_id (#601)

* Chore: Enable Users to create multiple accounts

Addresses: #402
- migrations to split roles and other attributes from users table
- make changes in code to accommodate this change

Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com>

spec/controllers/api/v1/accounts/webhook_controller_spec.rb

@@ -0,0 +1,96 @@
+require 'rails_helper'
+
+RSpec.describe 'Webhooks API', type: :request do
+  let(:account) { create(:account) }
+  let(:inbox) { create(:inbox, account: account) }
+  let(:webhook) { create(:webhook, account: account, inbox: inbox, url: 'https://hello.com') }
+  let(:administrator) { create(:user, account: account, role: :administrator) }
+  let(:agent) { create(:user, account: account, role: :agent) }
+
+  describe 'GET /api/v1/accounts/<account_id>/webhooks' do
+    context 'when it is an authenticated agent' do
+      it 'returns unauthorized' do
+        get "/api/v1/accounts/#{account.id}/webhooks",
+            headers: agent.create_new_auth_token,
+            as: :json
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when it is an authenticated admin user' do
+      it 'gets all webhook' do
+        get "/api/v1/accounts/#{account.id}/webhooks",
+            headers: administrator.create_new_auth_token,
+            as: :json
+        expect(response).to have_http_status(:success)
+        expect(JSON.parse(response.body)['payload']['webhooks'].count).to eql account.webhooks.count
+      end
+    end
+  end
+
+  describe 'POST /api/v1/accounts/<account_id>/webhooks' do
+    context 'when it is an authenticated agent' do
+      it 'returns unauthorized' do
+        post "/api/v1/accounts/#{account.id}/webhooks",
+             headers: agent.create_new_auth_token,
+             as: :json
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when it is an authenticated admin user' do
+      it 'creates webhook' do
+        post "/api/v1/accounts/#{account.id}/webhooks",
+             params: { account_id: account.id, inbox_id: inbox.id, url: 'https://hello.com' },
+             headers: administrator.create_new_auth_token,
+             as: :json
+        expect(response).to have_http_status(:success)
+
+        expect(JSON.parse(response.body)['payload']['webhook']['url']).to eql 'https://hello.com'
+      end
+    end
+  end
+
+  describe 'PUT /api/v1/accounts/<account_id>/webhooks/:id' do
+    context 'when it is an authenticated agent' do
+      it 'returns unauthorized' do
+        put "/api/v1/accounts/#{account.id}/webhooks/#{webhook.id}",
+            headers: agent.create_new_auth_token,
+            as: :json
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when it is an authenticated admin user' do
+      it 'updates webhook' do
+        put "/api/v1/accounts/#{account.id}/webhooks/#{webhook.id}",
+            params: { url: 'https://hello.com' },
+            headers: administrator.create_new_auth_token,
+            as: :json
+        expect(response).to have_http_status(:success)
+        expect(JSON.parse(response.body)['payload']['webhook']['url']).to eql 'https://hello.com'
+      end
+    end
+  end
+
+  describe 'DELETE /api/v1/accounts/<account_id>/webhooks/:id' do
+    context 'when it is an authenticated agent' do
+      it 'returns unauthorized' do
+        delete "/api/v1/accounts/#{account.id}/webhooks/#{webhook.id}",
+               headers: agent.create_new_auth_token,
+               as: :json
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when it is an authenticated admin user' do
+      it 'deletes webhook' do
+        delete "/api/v1/accounts/#{account.id}/webhooks/#{webhook.id}",
+               headers: administrator.create_new_auth_token,
+               as: :json
+        expect(response).to have_http_status(:success)
+        expect(account.webhooks.count).to be 0
+      end
+    end
+  end
+end