2021-06-08 01:23:25 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
RSpec.describe DeployTokens::TokensFinder do
|
|
|
|
include AdminModeHelper
|
|
|
|
|
|
|
|
let_it_be(:admin) { create(:admin) }
|
|
|
|
let_it_be(:user) { create(:user) }
|
|
|
|
let_it_be(:other_user) { create(:user) }
|
|
|
|
let_it_be(:project) { create(:project, creator_id: user.id) }
|
|
|
|
let_it_be(:group) { create(:group) }
|
|
|
|
|
|
|
|
let!(:project_deploy_token) { create(:deploy_token, projects: [project]) }
|
|
|
|
let!(:revoked_project_deploy_token) { create(:deploy_token, projects: [project], revoked: true) }
|
|
|
|
let!(:expired_project_deploy_token) { create(:deploy_token, projects: [project], expires_at: '1988-01-11T04:33:04-0600') }
|
|
|
|
let!(:group_deploy_token) { create(:deploy_token, :group, groups: [group]) }
|
|
|
|
let!(:revoked_group_deploy_token) { create(:deploy_token, :group, groups: [group], revoked: true) }
|
|
|
|
let!(:expired_group_deploy_token) { create(:deploy_token, :group, groups: [group], expires_at: '1988-01-11T04:33:04-0600') }
|
|
|
|
|
|
|
|
describe "#execute" do
|
|
|
|
let(:params) { {} }
|
|
|
|
|
|
|
|
context 'when scope is :all' do
|
|
|
|
subject { described_class.new(admin, :all, params).execute }
|
|
|
|
|
|
|
|
before do
|
|
|
|
enable_admin_mode!(admin)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns all deploy tokens' do
|
|
|
|
expect(subject.size).to eq(6)
|
2022-10-11 01:57:18 +05:30
|
|
|
is_expected.to match_array(
|
|
|
|
[
|
|
|
|
project_deploy_token,
|
|
|
|
revoked_project_deploy_token,
|
|
|
|
expired_project_deploy_token,
|
|
|
|
group_deploy_token,
|
|
|
|
revoked_group_deploy_token,
|
|
|
|
expired_group_deploy_token
|
|
|
|
])
|
2021-06-08 01:23:25 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'and active filter is applied' do
|
|
|
|
let(:params) { { active: true } }
|
|
|
|
|
|
|
|
it 'returns only active tokens' do
|
2022-10-11 01:57:18 +05:30
|
|
|
is_expected.to match_array(
|
|
|
|
[
|
|
|
|
project_deploy_token,
|
|
|
|
group_deploy_token
|
|
|
|
])
|
2021-06-08 01:23:25 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'but user is not an admin' do
|
|
|
|
subject { described_class.new(user, :all, params).execute }
|
|
|
|
|
|
|
|
it 'raises Gitlab::Access::AccessDeniedError' do
|
|
|
|
expect { subject }.to raise_error(Gitlab::Access::AccessDeniedError)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when scope is a Project' do
|
|
|
|
subject { described_class.new(user, project, params).execute }
|
|
|
|
|
|
|
|
before do
|
|
|
|
project.add_maintainer(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns all deploy tokens for the project' do
|
2022-10-11 01:57:18 +05:30
|
|
|
is_expected.to match_array(
|
|
|
|
[
|
|
|
|
project_deploy_token,
|
|
|
|
revoked_project_deploy_token,
|
|
|
|
expired_project_deploy_token
|
|
|
|
])
|
2021-06-08 01:23:25 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'and active filter is applied' do
|
|
|
|
let(:params) { { active: true } }
|
|
|
|
|
|
|
|
it 'returns only active tokens for the project' do
|
|
|
|
is_expected.to match_array([project_deploy_token])
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'but user is not a member' do
|
|
|
|
subject { described_class.new(other_user, :all, params).execute }
|
|
|
|
|
|
|
|
it 'raises Gitlab::Access::AccessDeniedError' do
|
|
|
|
expect { subject }.to raise_error(Gitlab::Access::AccessDeniedError)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when scope is a Group' do
|
|
|
|
subject { described_class.new(user, group, params).execute }
|
|
|
|
|
|
|
|
before do
|
|
|
|
group.add_maintainer(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns all deploy tokens for the group' do
|
2022-10-11 01:57:18 +05:30
|
|
|
is_expected.to match_array(
|
|
|
|
[
|
|
|
|
group_deploy_token,
|
|
|
|
revoked_group_deploy_token,
|
|
|
|
expired_group_deploy_token
|
|
|
|
])
|
2021-06-08 01:23:25 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'and active filter is applied' do
|
|
|
|
let(:params) { { active: true } }
|
|
|
|
|
|
|
|
it 'returns only active tokens for the group' do
|
|
|
|
is_expected.to match_array([group_deploy_token])
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'but user is not a member' do
|
|
|
|
subject { described_class.new(other_user, :all, params).execute }
|
|
|
|
|
|
|
|
it 'raises Gitlab::Access::AccessDeniedError' do
|
|
|
|
expect { subject }.to raise_error(Gitlab::Access::AccessDeniedError)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when scope is nil' do
|
|
|
|
subject { described_class.new(user, nil, params).execute }
|
|
|
|
|
|
|
|
it 'raises ArgumentError' do
|
|
|
|
expect { subject }.to raise_error(ArgumentError)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|