141 lines
3.0 KiB
Ruby
141 lines
3.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'rails_helper'
|
|
|
|
RSpec.describe 'POST /staff/x509_certificates' do
|
|
let(:current_account) { create :superuser_account }
|
|
|
|
let :x509_certificate_form_attributes do
|
|
{
|
|
distinguished_name: distinguished_name,
|
|
not_before: not_before,
|
|
not_after: not_after,
|
|
}
|
|
end
|
|
|
|
let :x509_certificate_attributes do
|
|
{
|
|
subject: distinguished_name,
|
|
issuer: distinguished_name,
|
|
not_before: not_before,
|
|
not_after: not_after,
|
|
}
|
|
end
|
|
|
|
let(:distinguished_name) { "/CN=#{Faker::Internet.domain_name}" }
|
|
let(:not_before) { Faker::Time.backward.utc }
|
|
let(:not_after) { Faker::Time.forward.utc }
|
|
|
|
def make_request
|
|
post '/staff/x509_certificates',
|
|
params: { x509_certificate: x509_certificate_form_attributes }
|
|
end
|
|
|
|
before do
|
|
sign_in current_account.user if current_account&.user
|
|
end
|
|
|
|
for_account_types nil, :usual do
|
|
specify do
|
|
expect { make_request }.not_to change(X509Certificate, :count)
|
|
end
|
|
|
|
context 'after request' do
|
|
before { make_request }
|
|
|
|
specify do
|
|
expect(response).to have_http_status :forbidden
|
|
end
|
|
end
|
|
end
|
|
|
|
for_account_types :superuser do
|
|
specify do
|
|
expect { make_request }.to change(X509Certificate, :count).by(1)
|
|
end
|
|
|
|
context 'after request' do
|
|
before { make_request }
|
|
|
|
specify do
|
|
expect(response).to \
|
|
redirect_to(/\A#{staff_x509_certificate_url(X509Certificate.last)}\?/)
|
|
end
|
|
|
|
specify do
|
|
expect(X509Certificate.last).to \
|
|
have_attributes x509_certificate_attributes
|
|
end
|
|
|
|
specify do
|
|
expect(X509Certificate.last.asymmetric_key.account).to \
|
|
eq current_account
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when distinguished name is missing' do
|
|
let(:distinguished_name) { nil }
|
|
|
|
specify do
|
|
expect { make_request }.not_to change(X509Certificate, :count)
|
|
end
|
|
|
|
context 'after request' do
|
|
before { make_request }
|
|
|
|
specify do
|
|
expect(response).to have_http_status :ok
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when activation time is missing' do
|
|
let(:not_before) { nil }
|
|
|
|
specify do
|
|
expect { make_request }.not_to change(X509Certificate, :count)
|
|
end
|
|
|
|
context 'after request' do
|
|
before { make_request }
|
|
|
|
specify do
|
|
expect(response).to have_http_status :ok
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when expiration time is missing' do
|
|
let(:not_after) { nil }
|
|
|
|
specify do
|
|
expect { make_request }.not_to change(X509Certificate, :count)
|
|
end
|
|
|
|
context 'after request' do
|
|
before { make_request }
|
|
|
|
specify do
|
|
expect(response).to have_http_status :ok
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when distinguished name is invalid' do
|
|
let(:distinguished_name) { 'Hello!' }
|
|
|
|
specify do
|
|
expect { make_request }.not_to change(X509Certificate, :count)
|
|
end
|
|
|
|
context 'after request' do
|
|
before { make_request }
|
|
|
|
specify do
|
|
expect(response).to have_http_status :ok
|
|
end
|
|
end
|
|
end
|
|
end
|