diff options
author | mortyccp <mortyccp@gmail.com> | 2018-12-01 20:41:24 +0300 |
---|---|---|
committer | mortyccp <mortyccp@gmail.com> | 2019-01-03 15:28:02 +0300 |
commit | d1fea99deb2b46467c456db17570710d60dd477b (patch) | |
tree | f4bc98f1f10c31186d7e7980b6d9afc3480cfdc1 /spec/lib | |
parent | 32fbc12cc532f15392a4c4fa08b6229b06fe5bf0 (diff) |
Allow basic authentication on go get middleware
Diffstat (limited to 'spec/lib')
-rw-r--r-- | spec/lib/gitlab/middleware/go_spec.rb | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/spec/lib/gitlab/middleware/go_spec.rb b/spec/lib/gitlab/middleware/go_spec.rb index 7a3a9ab875b..3a34f238937 100644 --- a/spec/lib/gitlab/middleware/go_spec.rb +++ b/spec/lib/gitlab/middleware/go_spec.rb @@ -135,6 +135,26 @@ describe Gitlab::Middleware::Go do it_behaves_like 'unauthorized' end end + + context 'using basic auth' do + let(:personal_access_token) { create(:personal_access_token, user: current_user) } + + before do + env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(current_user.username, personal_access_token.token) + end + + context 'with api scope' do + it_behaves_like 'authenticated' + end + + context 'with read_user scope' do + before do + personal_access_token.update_attribute(:scopes, [:read_user]) + end + + it_behaves_like 'unauthorized' + end + end end end end |