debian-mirror-gitlab/spec/controllers/profiles/personal_access_tokens_controller_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

110 lines
3.2 KiB
Ruby
Raw Permalink Normal View History

2019-07-31 22:56:46 +05:30
# frozen_string_literal: true
2017-08-17 22:00:37 +05:30
require 'spec_helper'
2020-06-23 00:09:42 +05:30
RSpec.describe Profiles::PersonalAccessTokensController do
2023-01-13 00:05:48 +05:30
let(:access_token_user) { create(:user) }
2017-08-17 22:00:37 +05:30
let(:token_attributes) { attributes_for(:personal_access_token) }
2017-09-10 17:25:29 +05:30
before do
2023-01-13 00:05:48 +05:30
sign_in(access_token_user)
2017-09-10 17:25:29 +05:30
end
2017-08-17 22:00:37 +05:30
describe '#create' do
def created_token
PersonalAccessToken.order(:created_at).last
end
it "allows creation of a token with scopes" do
name = 'My PAT'
scopes = %w[api read_user]
2019-02-15 15:39:39 +05:30
post :create, params: { personal_access_token: token_attributes.merge(scopes: scopes, name: name) }
2017-08-17 22:00:37 +05:30
expect(created_token).not_to be_nil
expect(created_token.name).to eq(name)
expect(created_token.scopes).to eq(scopes)
expect(PersonalAccessToken.active).to include(created_token)
end
it "allows creation of a token with an expiry date" do
expires_at = 5.days.from_now.to_date
2019-02-15 15:39:39 +05:30
post :create, params: { personal_access_token: token_attributes.merge(expires_at: expires_at) }
2017-08-17 22:00:37 +05:30
expect(created_token).not_to be_nil
expect(created_token.expires_at).to eq(expires_at)
end
2022-11-25 23:54:43 +05:30
2023-03-04 22:38:38 +05:30
it 'does not allow creation when personal access tokens are disabled' do
allow(::Gitlab::CurrentSettings).to receive_messages(personal_access_tokens_disabled?: true)
post :create, params: { personal_access_token: token_attributes }
expect(response).to have_gitlab_http_status(:not_found)
end
2022-11-25 23:54:43 +05:30
it_behaves_like "#create access token" do
let(:url) { :create }
end
2017-08-17 22:00:37 +05:30
end
2023-01-13 00:05:48 +05:30
describe 'GET /-/profile/personal_access_tokens' do
let(:get_access_tokens) do
get :index
response
end
subject(:get_access_tokens_with_page) do
get :index, params: { page: 1 }
response
end
it_behaves_like 'GET access tokens are paginated and ordered'
end
2017-08-17 22:00:37 +05:30
describe '#index' do
2023-01-13 00:05:48 +05:30
let!(:active_personal_access_token) { create(:personal_access_token, user: access_token_user) }
2017-08-17 22:00:37 +05:30
2017-09-10 17:25:29 +05:30
before do
2022-07-23 23:45:48 +05:30
# Impersonation and inactive personal tokens are ignored
2023-01-13 00:05:48 +05:30
create(:personal_access_token, :impersonation, user: access_token_user)
create(:personal_access_token, :revoked, user: access_token_user)
2017-09-10 17:25:29 +05:30
get :index
end
2017-08-17 22:00:37 +05:30
2022-07-23 23:45:48 +05:30
it "only includes details of the active personal access token" do
2022-10-11 01:57:18 +05:30
active_personal_access_tokens_detail =
::PersonalAccessTokenSerializer.new.represent([active_personal_access_token])
2018-12-05 23:21:45 +05:30
2023-01-13 00:05:48 +05:30
expect(assigns(:active_access_tokens).to_json).to eq(active_personal_access_tokens_detail.to_json)
2018-12-05 23:21:45 +05:30
end
2021-09-30 23:02:18 +05:30
it "sets PAT name and scopes" do
name = 'My PAT'
scopes = 'api,read_user'
get :index, params: { name: name, scopes: scopes }
expect(assigns(:personal_access_token)).to have_attributes(
name: eq(name),
scopes: contain_exactly(:api, :read_user)
)
end
2022-08-13 15:12:31 +05:30
2023-03-04 22:38:38 +05:30
it 'returns 404 when personal access tokens are disabled' do
allow(::Gitlab::CurrentSettings).to receive_messages(personal_access_tokens_disabled?: true)
get :index
expect(response).to have_gitlab_http_status(:not_found)
end
2023-01-13 00:05:48 +05:30
it 'returns tokens for json format' do
get :index, params: { format: :json }
2022-08-13 15:12:31 +05:30
2023-01-13 00:05:48 +05:30
expect(json_response.count).to eq(1)
2022-08-13 15:12:31 +05:30
end
end
2017-08-17 22:00:37 +05:30
end