feat: allow bulk invite create via email (#8853)

* feat: add agent builder

* feat: use new agent builder

* refactor: validate limit

* test: agent limits

* feat: allow bulk create

* feat: allow bulk create

* refactor: rename current_user to inviter in AgentBuilder

* refactor: move limits tests to enterprise

* test: send correct params

* refactor: account builder returns both user and account_user

* chore: Revert "refactor: account builder returns both user and account_user"

This reverts commit 1419789871e8a3b8ff57af27fe53925b1486a839.

* feat: return user as is

* Update agent_builder.rb

- minor update

---------

Co-authored-by: Sojan Jose <sojan@pepalo.com>

spec/controllers/api/v1/accounts/agents_controller_spec.rb

@@ -4,8 +4,8 @@ RSpec.describe 'Agents API', type: :request do
   include ActiveJob::TestHelper
 
   let(:account) { create(:account) }
-  let(:admin) { create(:user, custom_attributes: { test: 'test' }, account: account, role: :administrator) }
-  let(:agent) { create(:user, account: account, role: :agent) }
+  let!(:admin) { create(:user, custom_attributes: { test: 'test' }, account: account, role: :administrator) }
+  let!(:agent) { create(:user, account: account, role: :agent) }
 
   describe 'GET /api/v1/accounts/{account.id}/agents' do
     context 'when it is an unauthenticated user' do
@@ -63,6 +63,8 @@ RSpec.describe 'Agents API', type: :request do
       end
 
       it 'deletes the agent and user object if associated with only one account' do
+        expect(account.users).to include(other_agent)
+
         perform_enqueued_jobs(only: DeleteObjectJob) do
           delete "/api/v1/accounts/#{account.id}/agents/#{other_agent.id}",
                  headers: admin.create_new_auth_token,
@@ -70,8 +72,7 @@ RSpec.describe 'Agents API', type: :request do
         end
 
         expect(response).to have_http_status(:success)
-        expect(account.reload.users.size).to eq(1)
-        expect(User.count).to eq(account.reload.users.size)
+        expect(account.reload.users).not_to include(other_agent)
       end
 
       it 'deletes only the agent object when user is associated with multiple accounts' do
@@ -85,8 +86,8 @@ RSpec.describe 'Agents API', type: :request do
         end
 
         expect(response).to have_http_status(:success)
-        expect(account.users.size).to eq(1)
-        expect(User.count).to eq(account.reload.users.size + 1)
+        expect(account.reload.users).not_to include(other_agent)
+        expect(other_agent.account_users.count).to eq(1) # Should only be associated with other_account now
       end
     end
   end
@@ -174,4 +175,27 @@ RSpec.describe 'Agents API', type: :request do
       end
     end
   end
+
+  describe 'POST /api/v1/accounts/{account.id}/agents/bulk_create' do
+    let(:emails) { ['test1@example.com', 'test2@example.com', 'test3@example.com'] }
+    let(:bulk_create_params) { { emails: emails } }
+
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        post "/api/v1/accounts/#{account.id}/agents/bulk_create", params: bulk_create_params
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when authenticated as admin' do
+      it 'creates multiple agents successfully' do
+        expect do
+          post "/api/v1/accounts/#{account.id}/agents/bulk_create", params: bulk_create_params, headers: admin.create_new_auth_token
+        end.to change(User, :count).by(3)
+
+        expect(response).to have_http_status(:ok)
+      end
+    end
+  end
 end