diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-07-20 12:08:42 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-07-20 12:08:42 +0300 |
| commit | 65a0673d76bb86d6acca6dc3ab42dc91a04f56c2 (patch) | |
| tree | eb5691156a16c32f8d2e5f2bdec7b5aa582a2077 /spec/lib | |
| parent | 83cddbd52370f2845a9083d7e82cd5539703611b (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/lib')
| -rw-r--r-- | spec/lib/gitlab/auth/auth_finders_spec.rb | 28 | ||||
| -rw-r--r-- | spec/lib/gitlab/import_export/project/relation_tree_restorer_spec.rb | 2 |
2 files changed, 25 insertions, 5 deletions
diff --git a/spec/lib/gitlab/auth/auth_finders_spec.rb b/spec/lib/gitlab/auth/auth_finders_spec.rb index 1a1e165c50a..e5e93fa5cc1 100644 --- a/spec/lib/gitlab/auth/auth_finders_spec.rb +++ b/spec/lib/gitlab/auth/auth_finders_spec.rb @@ -516,12 +516,32 @@ RSpec.describe Gitlab::Auth::AuthFinders, feature_category: :system_access do set_bearer_token(token_3.token) end - it 'revokes the latest rotated token' do - expect(token_1).not_to be_revoked + context 'with url related to access tokens' do + before do + set_header('SCRIPT_NAME', "/personal_access_tokens/#{token_3.id}/rotate") + end + + it 'revokes the latest rotated token' do + expect(token_1).not_to be_revoked + + expect { find_user_from_access_token }.to raise_error(Gitlab::Auth::RevokedError) + + expect(token_1.reload).to be_revoked + end + end - expect { find_user_from_access_token }.to raise_error(Gitlab::Auth::RevokedError) + context 'with url not related to access tokens' do + before do + set_header('SCRIPT_NAME', '/epics/1') + end + + it 'does not revoke the latest rotated token' do + expect(token_1).not_to be_revoked - expect(token_1.reload).to be_revoked + expect { find_user_from_access_token }.to raise_error(Gitlab::Auth::RevokedError) + + expect(token_1.reload).not_to be_revoked + end end context 'when the feature flag is disabled' do diff --git a/spec/lib/gitlab/import_export/project/relation_tree_restorer_spec.rb b/spec/lib/gitlab/import_export/project/relation_tree_restorer_spec.rb index 180a6b6ff0a..0f4f2eb573c 100644 --- a/spec/lib/gitlab/import_export/project/relation_tree_restorer_spec.rb +++ b/spec/lib/gitlab/import_export/project/relation_tree_restorer_spec.rb @@ -60,7 +60,7 @@ RSpec.describe Gitlab::ImportExport::Project::RelationTreeRestorer, feature_cate let(:relation_reader) { Gitlab::ImportExport::Json::NdjsonReader.new(path) } let_it_be(:group) do - create(:group, :disabled_and_unoverridable).tap { |g| g.add_maintainer(user) } + create(:group, :shared_runners_disabled_and_unoverridable).tap { |g| g.add_maintainer(user) } end before do |