diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 18:44:42 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 18:44:42 +0300 |
commit | 4555e1b21c365ed8303ffb7a3325d773c9b8bf31 (patch) | |
tree | 5423a1c7516cffe36384133ade12572cf709398d /spec/requests/api/users_spec.rb | |
parent | e570267f2f6b326480d284e0164a6464ba4081bc (diff) |
Add latest changes from gitlab-org/gitlab@13-12-stable-eev13.12.0-rc42
Diffstat (limited to 'spec/requests/api/users_spec.rb')
-rw-r--r-- | spec/requests/api/users_spec.rb | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index 01a24be9f20..71fdd986f20 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -1449,6 +1449,48 @@ RSpec.describe API::Users do end end + describe "PUT /user/:id/credit_card_validation" do + let(:credit_card_validated_time) { Time.utc(2020, 1, 1) } + + context 'when unauthenticated' do + it 'returns authentication error' do + put api("/user/#{user.id}/credit_card_validation"), params: { credit_card_validated_at: credit_card_validated_time } + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + + context 'when authenticated as non-admin' do + it "does not allow updating user's credit card validation", :aggregate_failures do + put api("/user/#{user.id}/credit_card_validation", user), params: { credit_card_validated_at: credit_card_validated_time } + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + context 'when authenticated as admin' do + it "updates user's credit card validation", :aggregate_failures do + put api("/user/#{user.id}/credit_card_validation", admin), params: { credit_card_validated_at: credit_card_validated_time } + + expect(response).to have_gitlab_http_status(:ok) + expect(user.reload.credit_card_validated_at).to eq(credit_card_validated_time) + end + + it "returns 400 error if credit_card_validated_at is missing" do + put api("/user/#{user.id}/credit_card_validation", admin), params: {} + + expect(response).to have_gitlab_http_status(:bad_request) + end + + it 'returns 404 error if user not found' do + put api("/user/#{non_existing_record_id}/credit_card_validation", admin), params: { credit_card_validated_at: credit_card_validated_time } + + expect(response).to have_gitlab_http_status(:not_found) + expect(json_response['message']).to eq('404 User Not Found') + end + end + end + describe "DELETE /users/:id/identities/:provider" do let(:test_user) { create(:omniauth_user, provider: 'ldapmain') } |