2019-10-12 21:52:04 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2019-07-07 11:18:12 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
shared_examples 'disabled when using an external authorization service' do
|
|
|
|
include ExternalAuthorizationServiceHelpers
|
|
|
|
|
|
|
|
it 'works when the feature is not enabled' do
|
|
|
|
subject
|
|
|
|
|
2019-12-04 20:38:33 +05:30
|
|
|
expect(response).to be_successful
|
2019-07-07 11:18:12 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders a 404 with a message when the feature is enabled' do
|
|
|
|
enable_external_authorization_service_check
|
|
|
|
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(403)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
shared_examples 'unauthorized when external service denies access' do
|
|
|
|
include ExternalAuthorizationServiceHelpers
|
|
|
|
|
|
|
|
it 'allows access when the authorization service allows it' do
|
|
|
|
external_service_allow_access(user, project)
|
|
|
|
|
|
|
|
subject
|
|
|
|
|
|
|
|
# Account for redirects after updates
|
|
|
|
expect(response.status).to be_between(200, 302)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'allows access when the authorization service denies it' do
|
|
|
|
external_service_deny_access(user, project)
|
|
|
|
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(403)
|
|
|
|
end
|
|
|
|
end
|