41 lines
1,014 B
Ruby
41 lines
1,014 B
Ruby
# frozen_string_literal: true
|
|
|
|
RSpec.shared_examples 'disabled when using an external authorization service' do
|
|
include ExternalAuthorizationServiceHelpers
|
|
|
|
it 'works when the feature is not enabled' do
|
|
subject
|
|
|
|
expect(response).to be_successful
|
|
end
|
|
|
|
it 'renders a 404 with a message when the feature is enabled' do
|
|
enable_external_authorization_service_check
|
|
|
|
subject
|
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
|
end
|
|
end
|
|
|
|
RSpec.shared_examples 'unauthorized when external service denies access' do
|
|
include ExternalAuthorizationServiceHelpers
|
|
|
|
it 'allows access when the authorization service allows it' do
|
|
external_service_allow_access(user, project)
|
|
|
|
subject
|
|
|
|
# Account for redirects after updates
|
|
expect(response.status).to be_between(200, 302)
|
|
end
|
|
|
|
it 'allows access when the authorization service denies it' do
|
|
external_service_deny_access(user, project)
|
|
|
|
subject
|
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
|
end
|
|
end
|