2019-04-15 06:17:05 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-12-20 09:15:46 -05:00
|
|
|
require 'spec_helper'
|
|
|
|
|
2020-06-03 23:08:05 -04:00
|
|
|
RSpec.describe Admin::ApplicationsController do
|
2016-12-20 09:15:46 -05:00
|
|
|
let(:admin) { create(:admin) }
|
|
|
|
let(:application) { create(:oauth_application, owner_id: nil, owner_type: nil) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
sign_in(admin)
|
|
|
|
end
|
|
|
|
|
2019-09-09 20:05:55 -04:00
|
|
|
describe 'GET #index' do
|
|
|
|
render_views
|
|
|
|
|
|
|
|
it 'renders the application form' do
|
|
|
|
get :index
|
|
|
|
|
2020-02-06 13:08:54 -05:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2019-09-09 20:05:55 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-12-20 09:15:46 -05:00
|
|
|
describe 'GET #new' do
|
|
|
|
it 'renders the application form' do
|
|
|
|
get :new
|
|
|
|
|
|
|
|
expect(response).to render_template :new
|
|
|
|
expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'GET #edit' do
|
|
|
|
it 'renders the application form' do
|
2018-12-17 17:52:17 -05:00
|
|
|
get :edit, params: { id: application.id }
|
2016-12-20 09:15:46 -05:00
|
|
|
|
|
|
|
expect(response).to render_template :edit
|
|
|
|
expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #create' do
|
2022-09-16 08:11:31 -04:00
|
|
|
context 'with hash_oauth_secrets flag off' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(hash_oauth_secrets: false)
|
|
|
|
end
|
2017-07-24 16:45:12 -04:00
|
|
|
|
2022-09-16 08:11:31 -04:00
|
|
|
it 'creates the application' do
|
|
|
|
create_params = attributes_for(:application, trusted: true, confidential: false, scopes: ['api'])
|
|
|
|
|
|
|
|
expect do
|
|
|
|
post :create, params: { doorkeeper_application: create_params }
|
|
|
|
end.to change { Doorkeeper::Application.count }.by(1)
|
|
|
|
|
|
|
|
application = Doorkeeper::Application.last
|
|
|
|
|
|
|
|
expect(response).to redirect_to(admin_application_path(application))
|
|
|
|
expect(application).to have_attributes(create_params.except(:uid, :owner_type))
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with hash_oauth_secrets flag on' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(hash_oauth_secrets: true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates the application' do
|
|
|
|
create_params = attributes_for(:application, trusted: true, confidential: false, scopes: ['api'])
|
|
|
|
|
|
|
|
expect do
|
|
|
|
post :create, params: { doorkeeper_application: create_params }
|
|
|
|
end.to change { Doorkeeper::Application.count }.by(1)
|
2016-12-20 09:15:46 -05:00
|
|
|
|
2022-09-16 08:11:31 -04:00
|
|
|
application = Doorkeeper::Application.last
|
2016-12-20 09:15:46 -05:00
|
|
|
|
2022-09-16 08:11:31 -04:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
expect(response).to render_template :show
|
|
|
|
expect(application).to have_attributes(create_params.except(:uid, :owner_type))
|
|
|
|
end
|
2016-12-20 09:15:46 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders the application form on errors' do
|
|
|
|
expect do
|
2018-12-17 17:52:17 -05:00
|
|
|
post :create, params: { doorkeeper_application: attributes_for(:application).merge(redirect_uri: nil) }
|
2016-12-20 09:15:46 -05:00
|
|
|
end.not_to change { Doorkeeper::Application.count }
|
|
|
|
|
|
|
|
expect(response).to render_template :new
|
|
|
|
expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
|
|
|
|
end
|
2020-01-22 13:08:47 -05:00
|
|
|
|
|
|
|
context 'when the params are for a confidential application' do
|
2022-09-16 08:11:31 -04:00
|
|
|
context 'with hash_oauth_secrets flag off' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(hash_oauth_secrets: false)
|
|
|
|
end
|
2020-01-22 13:08:47 -05:00
|
|
|
|
2022-09-16 08:11:31 -04:00
|
|
|
it 'creates a confidential application' do
|
|
|
|
create_params = attributes_for(:application, confidential: true, scopes: ['read_user'])
|
2020-01-22 13:08:47 -05:00
|
|
|
|
2022-09-16 08:11:31 -04:00
|
|
|
expect do
|
|
|
|
post :create, params: { doorkeeper_application: create_params }
|
|
|
|
end.to change { Doorkeeper::Application.count }.by(1)
|
2020-01-22 13:08:47 -05:00
|
|
|
|
2022-09-16 08:11:31 -04:00
|
|
|
application = Doorkeeper::Application.last
|
|
|
|
|
|
|
|
expect(response).to redirect_to(admin_application_path(application))
|
|
|
|
expect(application).to have_attributes(create_params.except(:uid, :owner_type))
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with hash_oauth_secrets flag on' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(hash_oauth_secrets: true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates a confidential application' do
|
|
|
|
create_params = attributes_for(:application, confidential: true, scopes: ['read_user'])
|
|
|
|
|
|
|
|
expect do
|
|
|
|
post :create, params: { doorkeeper_application: create_params }
|
|
|
|
end.to change { Doorkeeper::Application.count }.by(1)
|
|
|
|
|
|
|
|
application = Doorkeeper::Application.last
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
expect(response).to render_template :show
|
|
|
|
expect(application).to have_attributes(create_params.except(:uid, :owner_type))
|
|
|
|
end
|
2020-01-22 13:08:47 -05:00
|
|
|
end
|
|
|
|
end
|
2020-09-02 11:10:54 -04:00
|
|
|
|
|
|
|
context 'when scopes are not present' do
|
|
|
|
it 'renders the application form on errors' do
|
|
|
|
create_params = attributes_for(:application, trusted: true, confidential: false)
|
|
|
|
|
|
|
|
expect do
|
|
|
|
post :create, params: { doorkeeper_application: create_params }
|
|
|
|
end.not_to change { Doorkeeper::Application.count }
|
|
|
|
|
|
|
|
expect(response).to render_template :new
|
|
|
|
end
|
|
|
|
end
|
2016-12-20 09:15:46 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
describe 'PATCH #update' do
|
|
|
|
it 'updates the application' do
|
2020-01-22 13:08:47 -05:00
|
|
|
doorkeeper_params = { redirect_uri: 'http://example.com/', trusted: true, confidential: false }
|
|
|
|
|
|
|
|
patch :update, params: { id: application.id, doorkeeper_application: doorkeeper_params }
|
2017-07-24 16:45:12 -04:00
|
|
|
|
|
|
|
application.reload
|
2016-12-20 09:15:46 -05:00
|
|
|
|
|
|
|
expect(response).to redirect_to(admin_application_path(application))
|
2020-01-22 13:08:47 -05:00
|
|
|
expect(application)
|
|
|
|
.to have_attributes(redirect_uri: 'http://example.com/', trusted: true, confidential: false)
|
2016-12-20 09:15:46 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders the application form on errors' do
|
2018-12-17 17:52:17 -05:00
|
|
|
patch :update, params: { id: application.id, doorkeeper_application: { redirect_uri: nil } }
|
2016-12-20 09:15:46 -05:00
|
|
|
|
|
|
|
expect(response).to render_template :edit
|
|
|
|
expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
|
|
|
|
end
|
2020-01-22 13:08:47 -05:00
|
|
|
|
|
|
|
context 'when updating the application to be confidential' do
|
|
|
|
it 'successfully sets the application to confidential' do
|
|
|
|
doorkeeper_params = { confidential: true }
|
|
|
|
|
|
|
|
patch :update, params: { id: application.id, doorkeeper_application: doorkeeper_params }
|
|
|
|
|
|
|
|
expect(response).to redirect_to(admin_application_path(application))
|
|
|
|
expect(application).to be_confidential
|
|
|
|
end
|
|
|
|
end
|
2016-12-20 09:15:46 -05:00
|
|
|
end
|
|
|
|
end
|