debian-mirror-gitlab/spec/features/projects/settings/access_tokens_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

107 lines
2.8 KiB
Ruby
Raw Normal View History

2020-05-24 23:13:21 +05:30
# frozen_string_literal: true
require 'spec_helper'
2023-03-04 22:38:38 +05:30
RSpec.describe 'Project > Settings > Access Tokens', :js, feature_category: :credential_management do
2022-07-23 23:45:48 +05:30
include Spec::Support::Helpers::ModalHelpers
2020-05-24 23:13:21 +05:30
let_it_be(:user) { create(:user) }
let_it_be(:bot_user) { create(:user, :project_bot) }
2021-04-29 21:17:54 +05:30
let_it_be(:group) { create(:group) }
let_it_be(:project) { create(:project, group: group) }
2022-03-02 08:16:31 +05:30
let_it_be(:resource_settings_access_tokens_path) { project_settings_access_tokens_path(project) }
2020-05-24 23:13:21 +05:30
before_all do
project.add_maintainer(user)
end
before do
sign_in(user)
end
2022-03-02 08:16:31 +05:30
def create_resource_access_token
2020-05-24 23:13:21 +05:30
project.add_maintainer(bot_user)
create(:personal_access_token, user: bot_user)
end
2022-07-23 23:45:48 +05:30
def role_dropdown_options
role_dropdown = page.find_by_id('resource_access_token_access_level')
role_dropdown.all('option').map(&:text)
end
2021-04-29 21:17:54 +05:30
context 'when user is not a project maintainer' do
before do
project.add_developer(user)
end
2022-03-02 08:16:31 +05:30
it_behaves_like 'resource access tokens missing access rights'
2021-04-29 21:17:54 +05:30
end
2020-05-24 23:13:21 +05:30
describe 'token creation' do
2022-07-23 23:45:48 +05:30
context 'when user is a project owner' do
before do
project.add_owner(user)
end
2021-04-29 21:17:54 +05:30
2022-07-23 23:45:48 +05:30
it_behaves_like 'resource access tokens creation', 'project'
2021-04-29 21:17:54 +05:30
2022-07-23 23:45:48 +05:30
it 'shows Owner option' do
visit resource_settings_access_tokens_path
2021-04-29 21:17:54 +05:30
2022-07-23 23:45:48 +05:30
expect(role_dropdown_options).to include('Owner')
end
end
2021-04-29 21:17:54 +05:30
2022-07-23 23:45:48 +05:30
context 'when user is a project maintainer' do
before_all do
project.add_maintainer(user)
end
it_behaves_like 'resource access tokens creation', 'project'
it 'does not show Owner option for a maintainer' do
visit resource_settings_access_tokens_path
2021-04-29 21:17:54 +05:30
2022-07-23 23:45:48 +05:30
expect(role_dropdown_options).not_to include('Owner')
2021-04-29 21:17:54 +05:30
end
end
2020-05-24 23:13:21 +05:30
end
2022-07-23 23:45:48 +05:30
context 'when token creation is not allowed' do
it_behaves_like 'resource access tokens creation disallowed', 'Project access token creation is disabled in this group. You can still use and manage existing tokens.'
2020-05-24 23:13:21 +05:30
2022-07-23 23:45:48 +05:30
context 'with a project in a personal namespace' do
let(:personal_project) { create(:project) }
before do
personal_project.add_maintainer(user)
end
it 'shows access token creation form and text' do
visit project_settings_access_tokens_path(personal_project)
expect(page).to have_selector('#js-new-access-token-form')
end
end
2020-05-24 23:13:21 +05:30
end
2022-07-23 23:45:48 +05:30
describe 'viewing tokens' do
before_all do
project.add_maintainer(user)
end
describe 'active tokens' do
let!(:resource_access_token) { create_resource_access_token }
it_behaves_like 'active resource access tokens'
end
2020-05-24 23:13:21 +05:30
2022-07-23 23:45:48 +05:30
describe 'inactive tokens' do
let!(:resource_access_token) { create_resource_access_token }
it_behaves_like 'inactive resource access tokens', 'This project has no active access tokens.'
end
2020-05-24 23:13:21 +05:30
end
end