2016-11-28 02:43:53 -05:00
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
describe Profiles::PersonalAccessTokensController do
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
|
2016-12-28 11:19:08 -05:00
|
|
|
before { sign_in(user) }
|
|
|
|
|
2016-11-28 02:43:53 -05:00
|
|
|
describe '#create' do
|
|
|
|
def created_token
|
|
|
|
PersonalAccessToken.order(:created_at).last
|
|
|
|
end
|
|
|
|
|
|
|
|
it "allows creation of a token" do
|
|
|
|
name = FFaker::Product.brand
|
|
|
|
|
|
|
|
post :create, personal_access_token: { name: name }
|
|
|
|
|
|
|
|
expect(created_token).not_to be_nil
|
|
|
|
expect(created_token.name).to eq(name)
|
|
|
|
expect(created_token.expires_at).to be_nil
|
|
|
|
expect(PersonalAccessToken.active).to include(created_token)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "allows creation of a token with an expiry date" do
|
2016-12-27 11:26:57 -05:00
|
|
|
expires_at = 5.days.from_now.to_date
|
2016-11-28 02:43:53 -05:00
|
|
|
|
|
|
|
post :create, personal_access_token: { name: FFaker::Product.brand, expires_at: expires_at }
|
|
|
|
|
|
|
|
expect(created_token).not_to be_nil
|
2016-12-27 11:26:57 -05:00
|
|
|
expect(created_token.expires_at).to eq(expires_at)
|
2016-11-28 02:43:53 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
context "scopes" do
|
|
|
|
it "allows creation of a token with scopes" do
|
2017-02-22 12:46:57 -05:00
|
|
|
post :create, personal_access_token: { name: FFaker::Product.brand, scopes: %w(api read_user) }
|
2016-11-28 02:43:53 -05:00
|
|
|
|
|
|
|
expect(created_token).not_to be_nil
|
2017-02-22 12:46:57 -05:00
|
|
|
expect(created_token.scopes).to eq(%w(api read_user))
|
2016-11-28 02:43:53 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it "allows creation of a token with no scopes" do
|
|
|
|
post :create, personal_access_token: { name: FFaker::Product.brand, scopes: [] }
|
|
|
|
|
|
|
|
expect(created_token).not_to be_nil
|
|
|
|
expect(created_token.scopes).to eq([])
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-12-28 11:19:08 -05:00
|
|
|
|
|
|
|
describe '#index' do
|
|
|
|
let!(:active_personal_access_token) { create(:personal_access_token, user: user) }
|
|
|
|
let!(:inactive_personal_access_token) { create(:revoked_personal_access_token, user: user) }
|
|
|
|
let!(:impersonation_personal_access_token) { create(:impersonation_personal_access_token, user: user) }
|
|
|
|
|
|
|
|
it "retrieves active personal access tokens" do
|
|
|
|
get :index
|
|
|
|
|
|
|
|
expect(assigns(:active_personal_access_tokens)).to include(active_personal_access_token)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "retrieves inactive personal access tokens" do
|
|
|
|
get :index
|
|
|
|
|
|
|
|
expect(assigns(:inactive_personal_access_tokens)).to include(inactive_personal_access_token)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "does not retrieve impersonation personal access tokens" do
|
|
|
|
get :index
|
|
|
|
|
|
|
|
expect(assigns(:active_personal_access_tokens)).not_to include(impersonation_personal_access_token)
|
|
|
|
expect(assigns(:inactive_personal_access_tokens)).not_to include(impersonation_personal_access_token)
|
|
|
|
end
|
|
|
|
end
|
2016-11-28 02:43:53 -05:00
|
|
|
end
|