Fix `api_helpers_spec`
This commit is contained in:
parent
90bba2bc46
commit
9d7cda3ddc
|
@ -67,35 +67,35 @@ describe API::Helpers, api: true do
|
||||||
let(:personal_access_token) { create(:personal_access_token, user: user) }
|
let(:personal_access_token) { create(:personal_access_token, user: user) }
|
||||||
|
|
||||||
it "should return nil for an invalid token" do
|
it "should return nil for an invalid token" do
|
||||||
env[API::Helpers::PERSONAL_ACCESS_TOKEN_HEADER] = 'invalid token'
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = 'invalid token'
|
||||||
allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
|
allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
|
||||||
expect(current_user).to be_nil
|
expect(current_user).to be_nil
|
||||||
end
|
end
|
||||||
|
|
||||||
it "should return nil for a user without access" do
|
it "should return nil for a user without access" do
|
||||||
env[API::Helpers::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = personal_access_token.token
|
||||||
allow(Gitlab::UserAccess).to receive(:allowed?).and_return(false)
|
allow(Gitlab::UserAccess).to receive(:allowed?).and_return(false)
|
||||||
expect(current_user).to be_nil
|
expect(current_user).to be_nil
|
||||||
end
|
end
|
||||||
|
|
||||||
it "should leave user as is when sudo not specified" do
|
it "should leave user as is when sudo not specified" do
|
||||||
env[API::Helpers::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = personal_access_token.token
|
||||||
expect(current_user).to eq(user)
|
expect(current_user).to eq(user)
|
||||||
clear_env
|
clear_env
|
||||||
params[API::Helpers::PERSONAL_ACCESS_TOKEN_PARAM] = personal_access_token.token
|
params[API::Helpers::PRIVATE_TOKEN_PARAM] = personal_access_token.token
|
||||||
expect(current_user).to eq(user)
|
expect(current_user).to eq(user)
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'does not allow revoked tokens' do
|
it 'does not allow revoked tokens' do
|
||||||
personal_access_token.revoke!
|
personal_access_token.revoke!
|
||||||
env[API::Helpers::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = personal_access_token.token
|
||||||
allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
|
allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
|
||||||
expect(current_user).to be_nil
|
expect(current_user).to be_nil
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'does not allow expired tokens' do
|
it 'does not allow expired tokens' do
|
||||||
personal_access_token.update_attributes!(expires_at: 1.day.ago)
|
personal_access_token.update_attributes!(expires_at: 1.day.ago)
|
||||||
env[API::Helpers::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = personal_access_token.token
|
||||||
allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
|
allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
|
||||||
expect(current_user).to be_nil
|
expect(current_user).to be_nil
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue