debian-mirror-gitlab/spec/requests/api/integrations/jira_connect/subscriptions_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

74 lines
2.3 KiB
Ruby
Raw Permalink Normal View History

2022-07-16 23:28:13 +05:30
# frozen_string_literal: true
require 'spec_helper'
2023-03-04 22:38:38 +05:30
RSpec.describe API::Integrations::JiraConnect::Subscriptions, feature_category: :integrations do
2022-07-16 23:28:13 +05:30
describe 'POST /integrations/jira_connect/subscriptions' do
subject(:post_subscriptions) { post api('/integrations/jira_connect/subscriptions') }
it 'returns 401' do
post_subscriptions
expect(response).to have_gitlab_http_status(:unauthorized)
end
context 'with user token' do
let(:group) { create(:group) }
let(:user) { create(:user) }
subject(:post_subscriptions) do
post api('/integrations/jira_connect/subscriptions', user), params: { jwt: jwt, namespace_path: group.path }
end
context 'with invalid JWT' do
let(:jwt) { '123' }
it 'returns 401' do
post_subscriptions
expect(response).to have_gitlab_http_status(:unauthorized)
2022-07-23 23:45:48 +05:30
expect(json_response).to eq('message' => '401 Unauthorized - JWT authentication failed')
2022-07-16 23:28:13 +05:30
end
end
context 'with valid JWT' do
let_it_be(:installation) { create(:jira_connect_installation) }
let_it_be(:user) { create(:user) }
let(:claims) { { iss: installation.client_key, qsh: 'context-qsh', sub: 1234 } }
let(:jwt) { Atlassian::Jwt.encode(claims, installation.shared_secret) }
let(:jira_user) { { 'groups' => { 'items' => [{ 'name' => jira_group_name }] } } }
let(:jira_group_name) { 'site-admins' }
before do
WebMock
.stub_request(:get, "#{installation.base_url}/rest/api/3/user?accountId=1234&expand=groups")
.to_return(body: jira_user.to_json, status: 200, headers: { 'Content-Type' => 'application/json' })
end
it 'returns 401 if the user does not have access to the group' do
post_subscriptions
expect(response).to have_gitlab_http_status(:unauthorized)
end
context 'user has access to the group' do
before do
group.add_maintainer(user)
end
it 'creates a subscription' do
expect { post_subscriptions }.to change { installation.subscriptions.count }.from(0).to(1)
end
it 'returns 201' do
post_subscriptions
expect(response).to have_gitlab_http_status(:created)
end
end
end
end
end
end