diff options
author | Ryan Cobb <rcobb@gitlab.com> | 2019-10-08 01:07:18 +0300 |
---|---|---|
committer | Ryan Cobb <rcobb@gitlab.com> | 2019-10-24 21:06:40 +0300 |
commit | 5c072495284de9aae26b1efcefcefc1d8571065a (patch) | |
tree | 2f3a3d346cd352ee2df801371e8d1c5b11c1d1bc /spec | |
parent | 1425a56c75beecaa289ad59587d636f8f469509e (diff) |
Mask Sentry auth token
This makes it so we mask Sentry's auth token. This mask only occurs in
the UI.
Diffstat (limited to 'spec')
-rw-r--r-- | spec/services/error_tracking/list_projects_service_spec.rb | 13 | ||||
-rw-r--r-- | spec/services/projects/operations/update_service_spec.rb | 21 |
2 files changed, 34 insertions, 0 deletions
diff --git a/spec/services/error_tracking/list_projects_service_spec.rb b/spec/services/error_tracking/list_projects_service_spec.rb index 730fccc599e..a272a604184 100644 --- a/spec/services/error_tracking/list_projects_service_spec.rb +++ b/spec/services/error_tracking/list_projects_service_spec.rb @@ -50,6 +50,19 @@ describe ErrorTracking::ListProjectsService do end end + context 'masked param token' do + let(:params) { ActionController::Parameters.new(token: "*********", api_host: new_api_host) } + + before do + expect(error_tracking_setting).to receive(:list_sentry_projects) + .and_return({ projects: [] }) + end + + it 'uses database token' do + expect { subject.execute }.not_to change { error_tracking_setting.token } + end + end + context 'sentry client raises exception' do context 'Sentry::Client::Error' do before do diff --git a/spec/services/projects/operations/update_service_spec.rb b/spec/services/projects/operations/update_service_spec.rb index b2f9fd6df79..81d59a98b9b 100644 --- a/spec/services/projects/operations/update_service_spec.rb +++ b/spec/services/projects/operations/update_service_spec.rb @@ -145,6 +145,27 @@ describe Projects::Operations::UpdateService do end end + context 'with masked param token' do + let(:params) do + { + error_tracking_setting_attributes: { + enabled: false, + token: '*' * 8 + } + } + end + + before do + create(:project_error_tracking_setting, project: project, token: 'token') + end + + it 'does not update token' do + expect(result[:status]).to eq(:success) + + expect(project.error_tracking_setting.token).to eq('token') + end + end + context 'with invalid parameters' do let(:params) { {} } |