diff options
author | mortyccp <mortyccp@gmail.com> | 2018-12-30 10:08:37 +0300 |
---|---|---|
committer | mortyccp <mortyccp@gmail.com> | 2019-01-03 15:28:02 +0300 |
commit | 3a62f1565779ffc194dcf30e612fbcf8589f61ce (patch) | |
tree | f6c5c767ef794f853db0cfb5da77f3a6fa064633 /spec/lib | |
parent | b7e0a09de22eac10cba64c8980c2854efb2731c1 (diff) |
Remove authentication via warden and PRIVATE_TOKEN header
Diffstat (limited to 'spec/lib')
-rw-r--r-- | spec/lib/gitlab/middleware/go_spec.rb | 64 |
1 files changed, 18 insertions, 46 deletions
diff --git a/spec/lib/gitlab/middleware/go_spec.rb b/spec/lib/gitlab/middleware/go_spec.rb index b43eab5e2fd..3103dbd503e 100644 --- a/spec/lib/gitlab/middleware/go_spec.rb +++ b/spec/lib/gitlab/middleware/go_spec.rb @@ -96,40 +96,10 @@ describe Gitlab::Middleware::Go do it_behaves_like 'unauthorized' end - end - - context 'using warden' do - before do - env['warden'] = double(authenticate: current_user) - end - context 'when active' do - it_behaves_like 'authenticated' - end - - context 'when blocked' do + context 'with user is blocked' do before do - current_user.block! - end - - it_behaves_like 'unauthorized' - end - end - - context 'using a personal access token' do - let(:personal_access_token) { create(:personal_access_token, user: current_user) } - - before do - env['HTTP_PRIVATE_TOKEN'] = personal_access_token.token - end - - context 'with api scope' do - it_behaves_like 'authenticated' - end - - context 'with read_user scope' do - before do - personal_access_token.update_attribute(:scopes, [:read_user]) + current_user.block end it_behaves_like 'unauthorized' @@ -137,23 +107,25 @@ describe Gitlab::Middleware::Go do end context 'using basic auth' do - let(:personal_access_token) { create(:personal_access_token, user: current_user) } - - before do - env['REMOTE_ADDR'] = "192.168.0.1" - env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(current_user.username, personal_access_token.token) - end + context 'using a personal access token' do + let(:personal_access_token) { create(:personal_access_token, user: current_user) } - context 'with api scope' do - it_behaves_like 'authenticated' - end - - context 'with read_user scope' do before do - personal_access_token.update_attribute(:scopes, [:read_user]) + env['REMOTE_ADDR'] = "192.168.0.1" + env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(current_user.username, personal_access_token.token) + end + + context 'with api scope' do + it_behaves_like 'authenticated' + end + + context 'with read_user scope' do + before do + personal_access_token.update_attribute(:scopes, [:read_user]) + end + + it_behaves_like 'unauthorized' end - - it_behaves_like 'unauthorized' end end end |