Removed extra LDAP tests and added tests for the external groups feature

author: Patricio Cano <suprnova32@gmail.com> 2016-04-06 03:22:58 +0300
committer: Patricio Cano <suprnova32@gmail.com> 2016-04-06 03:22:58 +0300
commit: 7efaf22bccb16b381f7e76054d084e741006fc5f (patch)
tree: d949e9c33761969ce7c8e4503bb947a7be77066d /spec/lib/gitlab/saml
parent: 518ec6b2660c55beba2833ce71b93774ed0a6c2a (diff)
1 files changed, 46 insertions, 22 deletions
diff --git a/spec/lib/gitlab/saml/user_spec.rb b/spec/lib/gitlab/saml/user_spec.rb
index 6f5cf3a1cf5..84a26af940b 100644
--- a/spec/lib/gitlab/saml/user_spec.rb
+++ b/spec/lib/gitlab/saml/user_spec.rb
@@ -5,7 +5,7 @@ describe Gitlab::Saml::User, lib: true do
   let(:gl_user) { saml_user.gl_user }
   let(:uid) { 'my-uid' }
   let(:provider) { 'saml' }
-  let(:auth_hash) { OmniAuth::AuthHash.new(uid: uid, provider: provider, info: info_hash) }
+  let(:auth_hash) { OmniAuth::AuthHash.new(uid: uid, provider: provider, info: info_hash, extra: { raw_info: { groups: %w(Developers Freelancers Designers) } }) }
   let(:info_hash) do
     {
       name: 'John',
@@ -31,8 +31,8 @@ describe Gitlab::Saml::User, lib: true do
 
     describe 'account exists on server' do
       before { stub_omniauth_config({ allow_single_sign_on: ['saml'], auto_link_saml_user: true }) }
+      let!(:existing_user) { create(:user, email: 'john@mail.com', username: 'john') }
       context 'and should bind with SAML' do
-        let!(:existing_user) { create(:user, email: 'john@mail.com', username: 'john') }
         it 'adds the SAML identity to the existing user' do
           saml_user.save
           expect(gl_user).to be_valid
@@ -42,6 +42,32 @@ describe Gitlab::Saml::User, lib: true do
           expect(identity.provider).to eql 'saml'
         end
       end
+
+      context 'external groups' do
+        context 'are defined' do
+          before { stub_saml_config({ options: { name: 'saml', groups_attribute: 'groups', external_groups: %w(Freelancers), args: {} } }) }
+          it 'marks the user as external' do
+            saml_user.save
+            expect(gl_user.external).to be_truthy
+          end
+        end
+
+        before { stub_saml_config({ options: { name: 'saml', groups_attribute: 'groups', external_groups: %w(Interns), args: {} } }) }
+        context 'are defined but the user does not belong there' do
+          it 'does not mark the user as external' do
+            saml_user.save
+            expect(gl_user.external).to be_falsey
+          end
+        end
+
+        context 'user was external, now should not be' do
+          it 'should make user internal' do
+            existing_user.update_attribute('external', true)
+            saml_user.save
+            expect(gl_user.external).to be_falsey
+          end
+        end
+      end
     end
 
     describe 'no account exists on server' do
@@ -74,6 +100,24 @@ describe Gitlab::Saml::User, lib: true do
         end
       end
 
+      context 'external groups' do
+        context 'are defined' do
+          before { stub_saml_config({ options: { name: 'saml', groups_attribute: 'groups', external_groups: %w(Freelancers), args: {} } }) }
+          it 'marks the user as external' do
+            saml_user.save
+            expect(gl_user.external).to be_truthy
+          end
+        end
+
+        before { stub_saml_config({ options: { name: 'saml', groups_attribute: 'groups', external_groups: %w(Interns), args: {} } }) }
+        context 'are defined but the user does not belong there' do
+          it 'does not mark the user as external' do
+            saml_user.save
+            expect(gl_user.external).to be_falsey
+          end
+        end
+      end
+
       context 'with auto_link_ldap_user disabled (default)' do
         before { stub_omniauth_config({ auto_link_ldap_user: false, auto_link_saml_user: false, allow_single_sign_on: ['saml'] }) }
         include_examples 'to verify compliance with allow_single_sign_on'
@@ -193,26 +237,6 @@ describe Gitlab::Saml::User, lib: true do
             expect(gl_user).not_to be_blocked
           end
         end
-
-        context 'dont block on create (LDAP)' do
-          before { allow_any_instance_of(Gitlab::LDAP::Config).to receive_messages(block_auto_created_users: false) }
-
-          it do
-            saml_user.save
-            expect(gl_user).to be_valid
-            expect(gl_user).not_to be_blocked
-          end
-        end
-
-        context 'block on create (LDAP)' do
-          before { allow_any_instance_of(Gitlab::LDAP::Config).to receive_messages(block_auto_created_users: true) }
-
-          it do
-            saml_user.save
-            expect(gl_user).to be_valid
-            expect(gl_user).not_to be_blocked
-          end
-        end
       end
     end
   end
author	Patricio Cano <suprnova32@gmail.com>	2016-04-06 03:22:58 +0300
committer	Patricio Cano <suprnova32@gmail.com>	2016-04-06 03:22:58 +0300
commit	7efaf22bccb16b381f7e76054d084e741006fc5f (patch)
tree	d949e9c33761969ce7c8e4503bb947a7be77066d /spec/lib/gitlab/saml
parent	518ec6b2660c55beba2833ce71b93774ed0a6c2a (diff)