Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/controllers/omniauth_callbacks_controller_spec.rb
diff options
context:
space:
mode:
authorPavel Shutsin <pshutsin@gitlab.com>2019-03-18 17:36:34 +0300
committerPavel Shutsin <pshutsin@gitlab.com>2019-03-19 15:38:16 +0300
commit8ee1927db90d43205b4e6f8bd13f209c74b41bd1 (patch)
tree247e5f813947c1bdeb838e2776835208e6a7e2bc /spec/controllers/omniauth_callbacks_controller_spec.rb
parenta4b18040778d7272bd8fbbb3746e199699ffd893 (diff)
Move out link\unlink ability checks to a policy
We can extend the policy in EE for additional behavior
Diffstat (limited to 'spec/controllers/omniauth_callbacks_controller_spec.rb')
-rw-r--r--spec/controllers/omniauth_callbacks_controller_spec.rb27
1 files changed, 27 insertions, 0 deletions
diff --git a/spec/controllers/omniauth_callbacks_controller_spec.rb b/spec/controllers/omniauth_callbacks_controller_spec.rb
index e0da23ca0b8..06c6f49f7cc 100644
--- a/spec/controllers/omniauth_callbacks_controller_spec.rb
+++ b/spec/controllers/omniauth_callbacks_controller_spec.rb
@@ -113,6 +113,33 @@ describe OmniauthCallbacksController, type: :controller do
expect(request.env['warden']).to be_authenticated
end
+ context 'when user has no linked provider' do
+ let(:user) { create(:user) }
+
+ before do
+ sign_in user
+ end
+
+ it 'links identity' do
+ expect do
+ post provider
+ user.reload
+ end.to change { user.identities.count }.by(1)
+ end
+
+ context 'and is not allowed to link the provider' do
+ before do
+ allow_any_instance_of(IdentityProviderPolicy).to receive(:can?).with(:link).and_return(false)
+ end
+
+ it 'returns 403' do
+ post provider
+
+ expect(response).to have_gitlab_http_status(403)
+ end
+ end
+ end
+
shared_context 'sign_up' do
let(:user) { double(email: 'new@example.com') }
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-20 18:42:53 +0300