2019-07-31 22:56:46 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-06-16 23:09:34 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
2020-06-23 00:09:42 +05:30
|
|
|
RSpec.describe Oauth::ApplicationsController do
|
2016-06-16 23:09:34 +05:30
|
|
|
let(:user) { create(:user) }
|
2020-03-13 15:44:24 +05:30
|
|
|
let(:application) { create(:oauth_application, owner: user) }
|
2016-06-16 23:09:34 +05:30
|
|
|
|
|
|
|
context 'project members' do
|
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
shared_examples 'redirects to login page when the user is not signed in' do
|
|
|
|
before do
|
|
|
|
sign_out(user)
|
2016-06-16 23:09:34 +05:30
|
|
|
end
|
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
it { is_expected.to redirect_to(new_user_session_path) }
|
|
|
|
end
|
|
|
|
|
2020-08-18 19:51:02 +05:30
|
|
|
shared_examples 'redirects to 2fa setup page when the user requires it' do
|
|
|
|
context 'when 2fa is set up on application level' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(require_two_factor_authentication: true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it { is_expected.to redirect_to(profile_two_factor_auth_path) }
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when 2fa is set up on group level' do
|
|
|
|
let(:user) { create(:user, require_two_factor_authentication_from_group: true) }
|
|
|
|
|
|
|
|
it { is_expected.to redirect_to(profile_two_factor_auth_path) }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
describe 'GET #new' do
|
|
|
|
subject { get :new }
|
|
|
|
|
|
|
|
it { is_expected.to have_gitlab_http_status(:ok) }
|
|
|
|
|
|
|
|
it_behaves_like 'redirects to login page when the user is not signed in'
|
2020-08-18 19:51:02 +05:30
|
|
|
it_behaves_like 'redirects to 2fa setup page when the user requires it'
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
describe 'DELETE #destroy' do
|
|
|
|
subject { delete :destroy, params: { id: application.id } }
|
|
|
|
|
|
|
|
it { is_expected.to redirect_to(oauth_applications_url) }
|
|
|
|
|
|
|
|
it_behaves_like 'redirects to login page when the user is not signed in'
|
2020-08-18 19:51:02 +05:30
|
|
|
it_behaves_like 'redirects to 2fa setup page when the user requires it'
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
describe 'GET #edit' do
|
|
|
|
subject { get :edit, params: { id: application.id } }
|
|
|
|
|
|
|
|
it { is_expected.to have_gitlab_http_status(:ok) }
|
|
|
|
|
|
|
|
it_behaves_like 'redirects to login page when the user is not signed in'
|
2020-08-18 19:51:02 +05:30
|
|
|
it_behaves_like 'redirects to 2fa setup page when the user requires it'
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
describe 'PUT #update' do
|
|
|
|
subject { put :update, params: { id: application.id, doorkeeper_application: { name: 'application' } } }
|
|
|
|
|
|
|
|
it { is_expected.to redirect_to(oauth_application_url(application)) }
|
|
|
|
|
|
|
|
it_behaves_like 'redirects to login page when the user is not signed in'
|
2020-08-18 19:51:02 +05:30
|
|
|
it_behaves_like 'redirects to 2fa setup page when the user requires it'
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
describe 'GET #show' do
|
|
|
|
subject { get :show, params: { id: application.id } }
|
|
|
|
|
|
|
|
it { is_expected.to have_gitlab_http_status(:ok) }
|
|
|
|
|
|
|
|
it_behaves_like 'redirects to login page when the user is not signed in'
|
2020-08-18 19:51:02 +05:30
|
|
|
it_behaves_like 'redirects to 2fa setup page when the user requires it'
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
describe 'GET #index' do
|
|
|
|
subject { get :index }
|
|
|
|
|
|
|
|
it { is_expected.to have_gitlab_http_status(:ok) }
|
2016-06-16 23:09:34 +05:30
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
context 'when OAuth applications are disabled' do
|
|
|
|
before do
|
|
|
|
disable_user_oauth
|
|
|
|
end
|
2016-06-16 23:09:34 +05:30
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
it { is_expected.to have_gitlab_http_status(:ok) }
|
2018-12-05 23:21:45 +05:30
|
|
|
end
|
2020-03-13 15:44:24 +05:30
|
|
|
|
|
|
|
it_behaves_like 'redirects to login page when the user is not signed in'
|
2020-08-18 19:51:02 +05:30
|
|
|
it_behaves_like 'redirects to 2fa setup page when the user requires it'
|
2018-12-05 23:21:45 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #create' do
|
2021-09-30 23:02:18 +05:30
|
|
|
let(:oauth_params) do
|
|
|
|
{
|
|
|
|
doorkeeper_application: {
|
|
|
|
name: 'foo',
|
|
|
|
redirect_uri: redirect_uri,
|
|
|
|
scopes: scopes
|
|
|
|
}
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
let(:redirect_uri) { 'http://example.org' }
|
|
|
|
let(:scopes) { ['api'] }
|
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
subject { post :create, params: oauth_params }
|
|
|
|
|
2022-10-11 01:57:18 +05:30
|
|
|
context 'when hash_oauth_tokens flag set' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(hash_oauth_secrets: true)
|
|
|
|
end
|
2018-12-05 23:21:45 +05:30
|
|
|
|
2022-10-11 01:57:18 +05:30
|
|
|
it 'creates an application' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
expect(response).to render_template :show
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when hash_oauth_tokens flag not set' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(hash_oauth_secrets: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates an application' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:found)
|
|
|
|
expect(response).to redirect_to(oauth_application_path(Doorkeeper::Application.last))
|
|
|
|
end
|
2018-12-05 23:21:45 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'redirects back to profile page if OAuth applications are disabled' do
|
|
|
|
disable_user_oauth
|
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
subject
|
2018-12-05 23:21:45 +05:30
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
expect(response).to have_gitlab_http_status(:found)
|
2016-06-16 23:09:34 +05:30
|
|
|
expect(response).to redirect_to(profile_path)
|
|
|
|
end
|
2018-11-29 20:51:05 +05:30
|
|
|
|
2021-09-30 23:02:18 +05:30
|
|
|
context 'when redirect_uri is invalid' do
|
|
|
|
let(:redirect_uri) { 'javascript://alert()' }
|
|
|
|
|
2018-11-29 20:51:05 +05:30
|
|
|
render_views
|
|
|
|
|
|
|
|
it 'shows an error for a forbidden URI' do
|
2021-09-30 23:02:18 +05:30
|
|
|
subject
|
2018-11-29 20:51:05 +05:30
|
|
|
|
|
|
|
expect(response.body).to include 'Redirect URI is forbidden by the server'
|
2021-09-30 23:02:18 +05:30
|
|
|
expect(response).to render_template('doorkeeper/applications/index')
|
2018-11-29 20:51:05 +05:30
|
|
|
end
|
|
|
|
end
|
2020-03-13 15:44:24 +05:30
|
|
|
|
2020-09-03 11:15:55 +05:30
|
|
|
context 'when scopes are not present' do
|
2021-09-30 23:02:18 +05:30
|
|
|
let(:scopes) { [] }
|
|
|
|
|
2020-09-03 11:15:55 +05:30
|
|
|
render_views
|
|
|
|
|
|
|
|
it 'shows an error for blank scopes' do
|
2021-09-30 23:02:18 +05:30
|
|
|
subject
|
2020-09-03 11:15:55 +05:30
|
|
|
|
|
|
|
expect(response.body).to include 'Scopes can't be blank'
|
2021-09-30 23:02:18 +05:30
|
|
|
expect(response).to render_template('doorkeeper/applications/index')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when scopes are invalid' do
|
|
|
|
let(:scopes) { %w(api foo) }
|
|
|
|
|
|
|
|
render_views
|
|
|
|
|
|
|
|
it 'shows an error for invalid scopes' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response.body).to include 'Scopes doesn't match configured on the server.'
|
|
|
|
expect(response).to render_template('doorkeeper/applications/index')
|
2020-09-03 11:15:55 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
it_behaves_like 'redirects to login page when the user is not signed in'
|
2020-08-18 19:51:02 +05:30
|
|
|
it_behaves_like 'redirects to 2fa setup page when the user requires it'
|
2016-06-16 23:09:34 +05:30
|
|
|
end
|
|
|
|
end
|
2018-12-05 23:21:45 +05:30
|
|
|
|
2020-01-01 13:55:28 +05:30
|
|
|
context 'Helpers' do
|
|
|
|
it 'current_user_mode available' do
|
|
|
|
expect(subject.current_user_mode).not_to be_nil
|
|
|
|
end
|
2020-08-18 19:51:02 +05:30
|
|
|
|
|
|
|
it 'includes Two-factor enforcement concern' do
|
|
|
|
expect(described_class.included_modules.include?(EnforcesTwoFactorAuthentication)).to eq(true)
|
|
|
|
end
|
2020-01-01 13:55:28 +05:30
|
|
|
end
|
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
describe 'locale' do
|
|
|
|
let(:user) { create(:user, preferred_language: 'uk') }
|
|
|
|
|
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
|
|
|
|
allow(Gitlab::I18n).to receive(:with_locale).and_call_original
|
|
|
|
end
|
|
|
|
|
|
|
|
it "sets user's locale" do
|
|
|
|
expect(Gitlab::I18n).to receive(:with_locale).with('uk')
|
|
|
|
|
|
|
|
get :new
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-12-05 23:21:45 +05:30
|
|
|
def disable_user_oauth
|
|
|
|
allow(Gitlab::CurrentSettings.current_application_settings).to receive(:user_oauth_applications?).and_return(false)
|
|
|
|
end
|
2016-06-16 23:09:34 +05:30
|
|
|
end
|