diff options
| author | Timothy Andrew <mail@timothyandrew.net> | 2017-06-28 10:12:23 +0300 |
|---|---|---|
| committer | Timothy Andrew <mail@timothyandrew.net> | 2017-06-29 09:15:57 +0300 |
| commit | b8ec1f4201c74c500e4f7010b238c7920599da7a (patch) | |
| tree | f13e0aab941b8ff209716315a4d21626db878373 /spec/services/access_token_validation_service_spec.rb | |
| parent | c1fcd730cc9dbee5b41ce2a6a12f8d84416b1a4a (diff) | |
Extract a `Gitlab::Scope` class.
- To represent an authorization scope, such as `api` or `read_user`
- This is a better abstraction than the hash we were previously using.
Diffstat (limited to 'spec/services/access_token_validation_service_spec.rb')
| -rw-r--r-- | spec/services/access_token_validation_service_spec.rb | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/spec/services/access_token_validation_service_spec.rb b/spec/services/access_token_validation_service_spec.rb index 279f4ed93ac..660a05e0b6d 100644 --- a/spec/services/access_token_validation_service_spec.rb +++ b/spec/services/access_token_validation_service_spec.rb @@ -1,37 +1,33 @@ require 'spec_helper' describe AccessTokenValidationService, services: true do - def scope(data) - OpenStruct.new(data) - end - describe ".include_any_scope?" do let(:request) { double("request") } it "returns true if the required scope is present in the token's scopes" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :api })] + scopes = [API::Scope.new(:api)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end it "returns true if more than one of the required scopes is present in the token's scopes" do token = double("token", scopes: [:api, :read_user, :other_scope]) - scopes = [scope({ name: :api }), scope({ name: :other_scope })] + scopes = [API::Scope.new(:api), API::Scope.new(:other_scope)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end it "returns true if the list of required scopes is an exact match for the token's scopes" do token = double("token", scopes: [:api, :read_user, :other_scope]) - scopes = [scope({ name: :api }), scope({ name: :read_user }), scope({ name: :other_scope })] + scopes = [API::Scope.new(:api), API::Scope.new(:read_user), API::Scope.new(:other_scope)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end it "returns true if the list of required scopes contains all of the token's scopes, in addition to others" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :api }), scope({ name: :read_user }), scope({ name: :other_scope })] + scopes = [API::Scope.new(:api), API::Scope.new(:read_user), API::Scope.new(:other_scope)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end @@ -45,7 +41,7 @@ describe AccessTokenValidationService, services: true do it "returns false if there are no scopes in common between the required scopes and the token scopes" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :other_scope })] + scopes = [API::Scope.new(:other_scope)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(false) end @@ -53,21 +49,21 @@ describe AccessTokenValidationService, services: true do context "conditions" do it "ignores any scopes whose `if` condition returns false" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :api, if: ->(_) { false } })] + scopes = [API::Scope.new(:api, if: ->(_) { false })] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(false) end it "does not ignore scopes whose `if` condition is not set" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :api, if: ->(_) { false } }), scope({ name: :read_user })] + scopes = [API::Scope.new(:api, if: ->(_) { false }), API::Scope.new(:read_user)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end it "does not ignore scopes whose `if` condition returns true" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :api, if: ->(_) { true } }), scope({ name: :read_user, if: ->(_) { false } })] + scopes = [API::Scope.new(:api, if: ->(_) { true }), API::Scope.new(:read_user, if: ->(_) { false })] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end |