Commit graph

14 commits

Author SHA1 Message Date
Yorick Peterse
3fcb70b3cd
Backport EE code for OAuth applications spec
This spec used a different title for a spec in EE, while CE duplicated
the same title. This ensures that CE uses the EE version.
2019-08-09 15:31:03 +02:00
gfyoung
93a44e135b Add some frozen string to spec/**/*.rb
Adds frozen string to the following:

* spec/bin/**/*.rb
* spec/config/**/*.rb
* spec/controllers/**/*.rb

xref https://gitlab.com/gitlab-org/gitlab-ce/issues/59758
2019-04-15 10:17:05 +00:00
blackst0ne
b44a2c801a Update specs to rails5 format
Updates specs to use new rails5 format.

The old format:
`get :show, { some: params }, { some: headers }`

The new format:
`get :show, params: { some: params }, headers: { some: headers }`
2018-12-19 10:04:31 +11:00
Cindy Pallares
5736d6606a
Merge branch 'security-fix-uri-xss-applications' into 'master'
[master] Resolve "Reflected XSS in OAuth Authorize window due to redirect_uri allowing arbitrary protocols"

See merge request gitlab/gitlabhq!2572
2018-11-28 19:14:15 -05:00
Dmitriy Zaporozhets
d304af4bb4
Fix spec message in spec/controllers/oauth/applications_controller_spec.rb
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2018-09-21 11:03:00 +03:00
Dmitriy Zaporozhets
98a319a482
Always allow user to revoke an authorized application
Even if User OAuth applications setting is disabled in admin settings.

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2018-09-20 14:02:59 +03:00
Francisco Javier López
7a0bb214f3 Fix OAuth application authorization screen to appear with every access 2018-06-29 08:15:42 +00:00
Bob Van Landuyt
417e3ba8e3 Specify base controller for Doorkeeper
This will make sure the `ApplicantionController#can?` method is
available for views rendering menus based on the current user's abilities.
2018-02-28 12:05:19 +01:00
Mario de la Ossa
eaada9d706 use Gitlab::UserSettings directly as a singleton instead of including/extending it 2018-02-02 18:39:55 +00:00
Jacopo
2f40dac352 Refactor have_http_status into have_gitlab_http_status in the specs 2017-10-20 10:13:18 +02:00
Oswaldo Ferreira
e561b142fa Backport gitlab-ee!2456 2017-07-27 12:09:46 -04:00
Dmitriy Zaporozhets
c277b2c34d
Add tests for Oauth::AuthorizationsController
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2017-04-28 15:45:18 +03:00
Z.J. van de Weg
abca19da8b Use HTTP matchers if possible 2016-06-27 20:10:42 +02:00
Stan Hu
3b50d96b8a Fix endless redirections when accessing user OAuth applications when they are disabled
Also hides the "Applications" nav button if OAuth applications are disabled by the admin.

Closes #14770
2016-06-08 05:52:04 -07:00