debian-mirror-gitlab/spec/lib/gitlab/auth/request_authenticator_spec.rb

70 lines
2.3 KiB
Ruby
Raw Normal View History

2019-12-16 22:33:55 +05:30
# frozen_string_literal: true
2018-03-17 18:26:18 +05:30
require 'spec_helper'
describe Gitlab::Auth::RequestAuthenticator do
let(:env) do
{
'rack.input' => '',
'REQUEST_METHOD' => 'GET'
}
end
let(:request) { ActionDispatch::Request.new(env) }
subject { described_class.new(request) }
describe '#user' do
let!(:sessionless_user) { build(:user) }
let!(:session_user) { build(:user) }
it 'returns sessionless user first' do
allow_any_instance_of(described_class).to receive(:find_sessionless_user).and_return(sessionless_user)
allow_any_instance_of(described_class).to receive(:find_user_from_warden).and_return(session_user)
2018-11-29 20:51:05 +05:30
expect(subject.user([:api])).to eq sessionless_user
2018-03-17 18:26:18 +05:30
end
it 'returns session user if no sessionless user found' do
allow_any_instance_of(described_class).to receive(:find_user_from_warden).and_return(session_user)
2018-11-29 20:51:05 +05:30
expect(subject.user([:api])).to eq session_user
2018-03-17 18:26:18 +05:30
end
it 'returns nil if no user found' do
2018-11-29 20:51:05 +05:30
expect(subject.user([:api])).to be_blank
2018-03-17 18:26:18 +05:30
end
it 'bubbles up exceptions' do
allow_any_instance_of(described_class).to receive(:find_user_from_warden).and_raise(Gitlab::Auth::UnauthorizedError)
end
end
describe '#find_sessionless_user' do
let!(:access_token_user) { build(:user) }
2018-11-08 19:23:39 +05:30
let!(:feed_token_user) { build(:user) }
2018-03-17 18:26:18 +05:30
it 'returns access_token user first' do
2018-11-29 20:51:05 +05:30
allow_any_instance_of(described_class).to receive(:find_user_from_web_access_token).and_return(access_token_user)
2018-11-08 19:23:39 +05:30
allow_any_instance_of(described_class).to receive(:find_user_from_feed_token).and_return(feed_token_user)
2018-03-17 18:26:18 +05:30
2018-11-29 20:51:05 +05:30
expect(subject.find_sessionless_user([:api])).to eq access_token_user
2018-03-17 18:26:18 +05:30
end
2018-11-08 19:23:39 +05:30
it 'returns feed_token user if no access_token user found' do
allow_any_instance_of(described_class).to receive(:find_user_from_feed_token).and_return(feed_token_user)
2018-03-17 18:26:18 +05:30
2018-11-29 20:51:05 +05:30
expect(subject.find_sessionless_user([:api])).to eq feed_token_user
2018-03-17 18:26:18 +05:30
end
it 'returns nil if no user found' do
2018-11-29 20:51:05 +05:30
expect(subject.find_sessionless_user([:api])).to be_blank
2018-03-17 18:26:18 +05:30
end
it 'rescue Gitlab::Auth::AuthenticationError exceptions' do
2018-11-29 20:51:05 +05:30
allow_any_instance_of(described_class).to receive(:find_user_from_web_access_token).and_raise(Gitlab::Auth::UnauthorizedError)
2018-03-17 18:26:18 +05:30
2018-11-29 20:51:05 +05:30
expect(subject.find_sessionless_user([:api])).to be_blank
2018-03-17 18:26:18 +05:30
end
end
end