diff options
author | Imre Farkas <ifarkas@gitlab.com> | 2018-11-24 15:39:16 +0300 |
---|---|---|
committer | Imre Farkas <ifarkas@gitlab.com> | 2018-11-29 11:37:16 +0300 |
commit | bd3a4840329160a64c0cac25ed6c1d3b22f5bdb4 (patch) | |
tree | 66749539b5aa0544c156374de84671f54dcaa080 /spec/lib/gitlab/auth | |
parent | c07183f0d3ce24e8cfcb93e71ae950d7067a8ce1 (diff) |
Add config to disable impersonation
Adds gitlab.impersonation_enabled config option defaulting to true to
keep the current default behaviour.
Only the act of impersonation is modified, impersonation token
management is not affected.
Diffstat (limited to 'spec/lib/gitlab/auth')
-rw-r--r-- | spec/lib/gitlab/auth/user_auth_finders_spec.rb | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/spec/lib/gitlab/auth/user_auth_finders_spec.rb b/spec/lib/gitlab/auth/user_auth_finders_spec.rb index 5d3fbba264f..4e4c8b215c2 100644 --- a/spec/lib/gitlab/auth/user_auth_finders_spec.rb +++ b/spec/lib/gitlab/auth/user_auth_finders_spec.rb @@ -279,5 +279,20 @@ describe Gitlab::Auth::UserAuthFinders do expect { validate_access_token!(scopes: [:sudo]) }.to raise_error(Gitlab::Auth::InsufficientScopeError) end end + + context 'with impersonation token' do + let(:personal_access_token) { create(:personal_access_token, :impersonation, user: user) } + + context 'when impersonation is disabled' do + before do + stub_config_setting(impersonation_enabled: false) + allow_any_instance_of(described_class).to receive(:access_token).and_return(personal_access_token) + end + + it 'returns Gitlab::Auth::ImpersonationDisabled' do + expect { validate_access_token! }.to raise_error(Gitlab::Auth::ImpersonationDisabled) + end + end + end end end |