diff options
| author | Timothy Andrew <mail@timothyandrew.net> | 2016-11-22 12:13:37 +0300 |
|---|---|---|
| committer | Timothy Andrew <mail@timothyandrew.net> | 2016-12-16 13:59:31 +0300 |
| commit | 36b3210b9ec4fffd9fa5a73626907e8a6a59f435 (patch) | |
| tree | 11f045f3647f24901a8966b472d27cab86338f44 /spec/requests | |
| parent | 7fa06ed55d18af4d055041eb27d38fecf9b5548f (diff) | |
Validate access token scopes in `Gitlab::Auth`
- This module is used for git-over-http, as well as JWT.
- The only valid scope here is `api`, currently.
Diffstat (limited to 'spec/requests')
| -rw-r--r-- | spec/requests/git_http_spec.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/spec/requests/git_http_spec.rb b/spec/requests/git_http_spec.rb index f1728d61def..d71bb08c218 100644 --- a/spec/requests/git_http_spec.rb +++ b/spec/requests/git_http_spec.rb @@ -230,7 +230,7 @@ describe 'Git HTTP requests', lib: true do context "when an oauth token is provided" do before do application = Doorkeeper::Application.create!(name: "MyApp", redirect_uri: "https://app.com", owner: user) - @token = Doorkeeper::AccessToken.create!(application_id: application.id, resource_owner_id: user.id) + @token = Doorkeeper::AccessToken.create!(application_id: application.id, resource_owner_id: user.id, scopes: "api") end it "downloads get status 200" do |