diff options
author | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-05 20:22:34 +0300 |
---|---|---|
committer | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-07 05:20:16 +0300 |
commit | 8315861c9a50675b4f4f4ca536f0da90f27994f3 (patch) | |
tree | b5f25e5dbd74621ef77d480ba69f4f21d5c00d7d /spec/lib/gitlab | |
parent | 72220a99d1cdbcf8a914f9e765c43e63eaee2548 (diff) |
Include ProjectDeployTokens
Also:
- Changes scopes from serializer to use boolean columns
- Fixes broken specs
Diffstat (limited to 'spec/lib/gitlab')
-rw-r--r-- | spec/lib/gitlab/auth_spec.rb | 11 | ||||
-rw-r--r-- | spec/lib/gitlab/git_access_spec.rb | 16 |
2 files changed, 6 insertions, 21 deletions
diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb index 4ed554f06ec..db517c25ef4 100644 --- a/spec/lib/gitlab/auth_spec.rb +++ b/spec/lib/gitlab/auth_spec.rb @@ -261,7 +261,7 @@ describe Gitlab::Auth do let(:auth_failure) { Gitlab::Auth::Result.new(nil, nil) } context 'when the deploy token has read_repository as scope' do - let(:deploy_token) { create(:deploy_token, :read_repository, project: project) } + let(:deploy_token) { create(:deploy_token, read_registry: false, projects: [project]) } it 'succeeds when project is present, token is valid and has read_repository as scope' do abilities = %i(read_project download_code) @@ -284,13 +284,6 @@ describe Gitlab::Auth do .to eq(auth_failure) end - it 'fails for any other project' do - another_project = create(:project) - expect(gl_auth).to receive(:rate_limit!).with('ip', success: false, login: '') - expect(gl_auth.find_for_git_client('', deploy_token.token, project: another_project, ip: 'ip')) - .to eq(auth_failure) - end - it 'fails if token has been revoked' do deploy_token.revoke! @@ -302,7 +295,7 @@ describe Gitlab::Auth do end context 'when the deploy token has read_registry as a scope' do - let(:deploy_token) { create(:deploy_token, :read_registry, project: project) } + let(:deploy_token) { create(:deploy_token, read_repository: false, projects: [project]) } context 'when registry enabled' do before do diff --git a/spec/lib/gitlab/git_access_spec.rb b/spec/lib/gitlab/git_access_spec.rb index 928825c21fa..000e9e86813 100644 --- a/spec/lib/gitlab/git_access_spec.rb +++ b/spec/lib/gitlab/git_access_spec.rb @@ -147,25 +147,17 @@ describe Gitlab::GitAccess do end context 'when actor is DeployToken' do - context 'when DeployToken is active and belongs to project' do - let(:actor) { create(:deploy_token, :read_repo, project: project) } + let(:project_deploy_token) { create(:project_deploy_token, project: project) } + let(:actor) { project_deploy_token.deploy_token } + context 'when DeployToken is active and belongs to project' do it 'allows pull access' do expect { pull_access_check }.not_to raise_error end end - context 'when DeployToken has been revoked' do - let(:actor) { create(:deploy_token, :read_repo, project: project) } - - it 'blocks pull access' do - actor.revoke! - expect { pull_access_check }.to raise_not_found - end - end - context 'when DeployToken does not belong to project' do - let(:actor) { create(:deploy_token, :read_repo) } + let(:actor) { create(:deploy_token) } it 'blocks pull access' do expect { pull_access_check }.to raise_not_found |