debian-mirror-gitlab/spec/controllers/profiles/personal_access_tokens_controller_spec.rb

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe Profiles::PersonalAccessTokensController do
  let(:access_token_user) { create(:user) }
  let(:token_attributes) { attributes_for(:personal_access_token) }

  before do
    sign_in(access_token_user)
  end

  describe '#create' do
    def created_token
      PersonalAccessToken.order(:created_at).last
    end

    it "allows creation of a token with scopes" do
      name = 'My PAT'
      scopes = %w[api read_user]

      post :create, params: { personal_access_token: token_attributes.merge(scopes: scopes, name: name) }

      expect(created_token).not_to be_nil
      expect(created_token.name).to eq(name)
      expect(created_token.scopes).to eq(scopes)
      expect(PersonalAccessToken.active).to include(created_token)
    end

    it "allows creation of a token with an expiry date" do
      expires_at = 5.days.from_now.to_date

      post :create, params: { personal_access_token: token_attributes.merge(expires_at: expires_at) }

      expect(created_token).not_to be_nil
      expect(created_token.expires_at).to eq(expires_at)
    end

    it_behaves_like "#create access token" do
      let(:url) { :create }
    end
  end

  describe 'GET /-/profile/personal_access_tokens' do
    let(:get_access_tokens) do
      get :index
      response
    end

    subject(:get_access_tokens_with_page) do
      get :index, params: { page: 1 }
      response
    end

    it_behaves_like 'GET access tokens are paginated and ordered'
  end

  describe '#index' do
    let!(:active_personal_access_token) { create(:personal_access_token, user: access_token_user) }

    before do
      # Impersonation and inactive personal tokens are ignored
      create(:personal_access_token, :impersonation, user: access_token_user)
      create(:personal_access_token, :revoked, user: access_token_user)
      get :index
    end

    it "only includes details of the active personal access token" do
      active_personal_access_tokens_detail =
        ::PersonalAccessTokenSerializer.new.represent([active_personal_access_token])

      expect(assigns(:active_access_tokens).to_json).to eq(active_personal_access_tokens_detail.to_json)
    end

    it "sets PAT name and scopes" do
      name = 'My PAT'
      scopes = 'api,read_user'

      get :index, params: { name: name, scopes: scopes }

      expect(assigns(:personal_access_token)).to have_attributes(
        name: eq(name),
        scopes: contain_exactly(:api, :read_user)
      )
    end

    it 'returns tokens for json format' do
      get :index, params: { format: :json }

      expect(json_response.count).to eq(1)
    end
  end
end
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`# frozen_string_literal: true`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`require 'spec_helper'`

New upstream version 13.1.0 2020-06-23 00:09:42 +05:30			`RSpec.describe Profiles::PersonalAccessTokensController do`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`let(:access_token_user) { create(:user) }`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`let(:token_attributes) { attributes_for(:personal_access_token) }`

New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`before do`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`sign_in(access_token_user)`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
			`describe '#create' do`
			`def created_token`
			`PersonalAccessToken.order(:created_at).last`
			`end`

			`it "allows creation of a token with scopes" do`
			`name = 'My PAT'`
			`scopes = %w[api read_user]`

New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`post :create, params: { personal_access_token: token_attributes.merge(scopes: scopes, name: name) }`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
			`expect(created_token).not_to be_nil`
			`expect(created_token.name).to eq(name)`
			`expect(created_token.scopes).to eq(scopes)`
			`expect(PersonalAccessToken.active).to include(created_token)`
			`end`

			`it "allows creation of a token with an expiry date" do`
			`expires_at = 5.days.from_now.to_date`

New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`post :create, params: { personal_access_token: token_attributes.merge(expires_at: expires_at) }`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
			`expect(created_token).not_to be_nil`
			`expect(created_token.expires_at).to eq(expires_at)`
			`end`
New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30
			`it_behaves_like "#create access token" do`
			`let(:url) { :create }`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`

New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`describe 'GET /-/profile/personal_access_tokens' do`
			`let(:get_access_tokens) do`
			`get :index`
			`response`
			`end`

			`subject(:get_access_tokens_with_page) do`
			`get :index, params: { page: 1 }`
			`response`
			`end`

			`it_behaves_like 'GET access tokens are paginated and ordered'`
			`end`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`describe '#index' do`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`let!(:active_personal_access_token) { create(:personal_access_token, user: access_token_user) }`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`before do`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`# Impersonation and inactive personal tokens are ignored`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`create(:personal_access_token, :impersonation, user: access_token_user)`
			`create(:personal_access_token, :revoked, user: access_token_user)`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`get :index`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30			`it "only includes details of the active personal access token" do`
New upstream version 15.4.2+ds1 2022-10-11 01:57:18 +05:30			`active_personal_access_tokens_detail =`
			`::PersonalAccessTokenSerializer.new.represent([active_personal_access_token])`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`expect(assigns(:active_access_tokens).to_json).to eq(active_personal_access_tokens_detail.to_json)`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`end`
New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30
			`it "sets PAT name and scopes" do`
			`name = 'My PAT'`
			`scopes = 'api,read_user'`

			`get :index, params: { name: name, scopes: scopes }`

			`expect(assigns(:personal_access_token)).to have_attributes(`
			`name: eq(name),`
			`scopes: contain_exactly(:api, :read_user)`
			`)`
			`end`
New upstream version 15.2.2+ds1 2022-08-13 15:12:31 +05:30
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`it 'returns tokens for json format' do`
			`get :index, params: { format: :json }`
New upstream version 15.2.2+ds1 2022-08-13 15:12:31 +05:30
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`expect(json_response.count).to eq(1)`
New upstream version 15.2.2+ds1 2022-08-13 15:12:31 +05:30			`end`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`