debian-mirror-gitlab/spec/features/profiles/oauth_applications_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

107 lines
3.5 KiB
Ruby
Raw Permalink Normal View History

2019-10-12 21:52:04 +05:30
# frozen_string_literal: true
2016-06-02 11:05:42 +05:30
require 'spec_helper'
2023-04-23 21:23:45 +05:30
RSpec.describe 'Profile > Applications', feature_category: :user_profile do
2022-07-23 23:45:48 +05:30
include Spec::Support::Helpers::ModalHelpers
2016-06-02 11:05:42 +05:30
let(:user) { create(:user) }
2018-03-17 18:26:18 +05:30
let(:application) { create(:oauth_application, owner: user) }
2016-06-02 11:05:42 +05:30
before do
2017-09-10 17:25:29 +05:30
sign_in(user)
2016-06-02 11:05:42 +05:30
end
2018-03-17 18:26:18 +05:30
describe 'User manages applications', :js do
it 'views an application' do
visit oauth_application_path(application)
expect(page).to have_content("Application: #{application.name}")
2022-07-16 23:28:13 +05:30
expect(find('[data-testid="breadcrumb-current-link"]')).to have_link(application.name)
2018-03-17 18:26:18 +05:30
end
2016-06-02 11:05:42 +05:30
it 'deletes an application' do
create(:oauth_application, owner: user)
visit oauth_applications_path
page.within('.oauth-applications') do
expect(page).to have_content('Your applications (1)')
2022-07-23 23:45:48 +05:30
click_button 'Destroy'
2016-06-02 11:05:42 +05:30
end
2022-07-23 23:45:48 +05:30
accept_gl_confirm(button_text: 'Destroy')
2016-06-02 11:05:42 +05:30
expect(page).to have_content('The application was deleted successfully')
expect(page).to have_content('Your applications (0)')
expect(page).to have_content('Authorized applications (0)')
end
2022-08-13 15:12:31 +05:30
end
describe 'Authorized applications', :js do
let(:other_user) { create(:user) }
let(:application) { create(:oauth_application, owner: user) }
let(:created_at) { 2.days.ago }
let(:token) { create(:oauth_access_token, application: application, resource_owner: user) }
let(:anonymous_token) { create(:oauth_access_token, resource_owner: user) }
context 'with multiple access token types and multiple owners' do
let!(:token2) { create(:oauth_access_token, application: application, resource_owner: user) }
let!(:other_user_token) { create(:oauth_access_token, application: application, resource_owner: other_user) }
before do
token.update_column(:created_at, created_at)
token2.update_column(:created_at, created_at - 1.day)
anonymous_token.update_columns(application_id: nil, created_at: 1.day.ago)
end
it 'displays the correct authorized applications' do
visit oauth_applications_path
expect(page).to have_content('Authorized applications (2)')
page.within('div.oauth-authorized-applications') do
# Ensure the correct user's token details are displayed
# when the application has more than one token
page.within("tr#application_#{application.id}") do
expect(page).to have_content(created_at)
end
expect(page).to have_content('Anonymous')
expect(page).not_to have_content(other_user_token.created_at)
end
end
end
2016-06-02 11:05:42 +05:30
it 'deletes an authorized application' do
2022-08-13 15:12:31 +05:30
token
visit oauth_applications_path
page.within('div.oauth-authorized-applications') do
page.within("tr#application_#{application.id}") do
click_button 'Revoke'
end
end
accept_gl_confirm(button_text: 'Revoke application')
expect(page).to have_content('The application was revoked access.')
expect(page).to have_content('Authorized applications (0)')
end
it 'deletes an anonymous authorized application' do
anonymous_token
2016-06-02 11:05:42 +05:30
visit oauth_applications_path
page.within('.oauth-authorized-applications') do
expect(page).to have_content('Authorized applications (1)')
2022-07-23 23:45:48 +05:30
click_button 'Revoke'
2016-06-02 11:05:42 +05:30
end
2022-07-23 23:45:48 +05:30
accept_gl_confirm(button_text: 'Revoke application')
2016-06-02 11:05:42 +05:30
expect(page).to have_content('The application was revoked access.')
expect(page).to have_content('Authorized applications (0)')
end
end
end