Allow basic authentication on go get middleware

author: mortyccp <mortyccp@gmail.com> 2018-12-01 20:41:24 +0300
committer: mortyccp <mortyccp@gmail.com> 2019-01-03 15:28:02 +0300
commit: d1fea99deb2b46467c456db17570710d60dd477b (patch)
tree: f4bc98f1f10c31186d7e7980b6d9afc3480cfdc1 /spec/lib
parent: 32fbc12cc532f15392a4c4fa08b6229b06fe5bf0 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/spec/lib/gitlab/middleware/go_spec.rb b/spec/lib/gitlab/middleware/go_spec.rb
index 7a3a9ab875b..3a34f238937 100644
--- a/spec/lib/gitlab/middleware/go_spec.rb
+++ b/spec/lib/gitlab/middleware/go_spec.rb
@@ -135,6 +135,26 @@ describe Gitlab::Middleware::Go do
                     it_behaves_like 'unauthorized'
                   end
                 end
+
+                context 'using basic auth' do
+                  let(:personal_access_token) { create(:personal_access_token, user: current_user) }
+
+                  before do
+                    env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(current_user.username, personal_access_token.token)
+                  end
+
+                  context 'with api scope' do
+                    it_behaves_like 'authenticated'
+                  end
+
+                  context 'with read_user scope' do
+                    before do
+                      personal_access_token.update_attribute(:scopes, [:read_user])
+                    end
+
+                    it_behaves_like 'unauthorized'
+                  end
+                end
               end
             end
           end
author	mortyccp <mortyccp@gmail.com>	2018-12-01 20:41:24 +0300
committer	mortyccp <mortyccp@gmail.com>	2019-01-03 15:28:02 +0300
commit	d1fea99deb2b46467c456db17570710d60dd477b (patch)
tree	f4bc98f1f10c31186d7e7980b6d9afc3480cfdc1 /spec/lib
parent	32fbc12cc532f15392a4c4fa08b6229b06fe5bf0 (diff)