Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/controllers/groups/settings/applications_controller_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/controllers/groups/settings/applications_controller_spec.rb')
-rw-r--r--spec/controllers/groups/settings/applications_controller_spec.rb357
1 files changed, 306 insertions, 51 deletions
diff --git a/spec/controllers/groups/settings/applications_controller_spec.rb b/spec/controllers/groups/settings/applications_controller_spec.rb
index c398fd044c2..aa50ef9a92c 100644
--- a/spec/controllers/groups/settings/applications_controller_spec.rb
+++ b/spec/controllers/groups/settings/applications_controller_spec.rb
@@ -23,17 +23,55 @@ RSpec.describe Groups::Settings::ApplicationsController do
expect(response).to render_template :index
expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
end
- end
- context 'when user is not owner' do
- before do
- group.add_maintainer(user)
+ context 'when admin mode is enabled' do
+ let!(:user) { create(:user, :admin) }
+
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'renders the applications page' do
+ get :index, params: { group_id: group }
+
+ expect(response).to render_template :index
+ expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
+ end
end
+ end
- it 'renders a 404' do
- get :index, params: { group_id: group }
+ %w[guest reporter developer maintainer].each do |role|
+ context "when user is a #{role}" do
+ before do
+ group.send("add_#{role}", user)
+ end
+
+ it 'renders a 404' do
+ get :index, params: { group_id: group }
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+
+ context "when admin mode is enabled for the admin user who is a #{role} of a group" do
+ let!(:user) { create(:user, :admin) }
+
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'renders the applications page' do
+ get :index, params: { group_id: group }
- expect(response).to have_gitlab_http_status(:not_found)
+ expect(response).to render_template :index
+ expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
+ end
+ end
end
end
end
@@ -44,23 +82,61 @@ RSpec.describe Groups::Settings::ApplicationsController do
group.add_owner(user)
end
- it 'renders the application form' do
+ it 'renders the edit application page' do
get :edit, params: { group_id: group, id: application.id }
expect(response).to render_template :edit
expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
end
- end
- context 'when user is not owner' do
- before do
- group.add_maintainer(user)
+ context 'when admin mode is enabled' do
+ let!(:user) { create(:user, :admin) }
+
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'renders the edit application page' do
+ get :edit, params: { group_id: group, id: application.id }
+
+ expect(response).to render_template :edit
+ expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
+ end
end
+ end
- it 'renders a 404' do
- get :edit, params: { group_id: group, id: application.id }
+ %w[guest reporter developer maintainer].each do |role|
+ context "when user is a #{role}" do
+ before do
+ group.send("add_#{role}", user)
+ end
+
+ it 'renders a 404' do
+ get :edit, params: { group_id: group, id: application.id }
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+
+ context "when admin mode is enabled for the admin user who is a #{role} of a group" do
+ let!(:user) { create(:user, :admin) }
- expect(response).to have_gitlab_http_status(:not_found)
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'renders the edit application page' do
+ get :edit, params: { group_id: group, id: application.id }
+
+ expect(response).to render_template :edit
+ expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
+ end
+ end
end
end
end
@@ -121,19 +197,71 @@ RSpec.describe Groups::Settings::ApplicationsController do
expect(response).to render_template :index
end
end
- end
- context 'when user is not owner' do
- before do
- group.add_maintainer(user)
+ context 'when admin mode is enabled' do
+ let!(:user) { create(:user, :admin) }
+
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'creates the application' do
+ create_params = attributes_for(:application, trusted: false, confidential: false, scopes: ['api'])
+
+ expect do
+ post :create, params: { group_id: group, doorkeeper_application: create_params }
+ end.to change { Doorkeeper::Application.count }.by(1)
+
+ application = Doorkeeper::Application.last
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(response).to render_template :show
+ expect(application).to have_attributes(create_params.except(:uid, :owner_type))
+ end
end
+ end
+
+ %w[guest reporter developer maintainer].each do |role|
+ context "when user is a #{role}" do
+ let(:create_params) { attributes_for(:application, trusted: true, confidential: false, scopes: ['api']) }
+
+ before do
+ group.send("add_#{role}", user)
+ end
+
+ it 'renders a 404' do
+ post :create, params: { group_id: group, doorkeeper_application: create_params }
- it 'renders a 404' do
- create_params = attributes_for(:application, trusted: true, confidential: false, scopes: ['api'])
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+
+ context "when admin mode is enabled for the admin user who is a #{role} of a group" do
+ let!(:user) { create(:user, :admin) }
+
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'creates the application' do
+ create_params = attributes_for(:application, trusted: false, confidential: false, scopes: ['api'])
- post :create, params: { group_id: group, doorkeeper_application: create_params }
+ expect do
+ post :create, params: { group_id: group, doorkeeper_application: create_params }
+ end.to change { Doorkeeper::Application.count }.by(1)
- expect(response).to have_gitlab_http_status(:not_found)
+ application = Doorkeeper::Application.last
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(response).to render_template :show
+ expect(application).to have_attributes(create_params.except(:uid, :owner_type))
+ end
+ end
end
end
end
@@ -162,6 +290,26 @@ RSpec.describe Groups::Settings::ApplicationsController do
expect(json_response['secret']).not_to be_nil
end
+ context 'when admin mode is enabled' do
+ let!(:user) { create(:user, :admin) }
+
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it { is_expected.to have_gitlab_http_status(:ok) }
+ it { expect { subject }.to change { application.reload.secret } }
+
+ it 'returns the secret in json format' do
+ subject
+
+ expect(json_response['secret']).not_to be_nil
+ end
+ end
+
context 'when renew fails' do
before do
allow_next_found_instance_of(Doorkeeper::Application) do |application|
@@ -174,21 +322,42 @@ RSpec.describe Groups::Settings::ApplicationsController do
end
end
- context 'when user is not owner' do
- before do
- group.add_maintainer(user)
- end
+ %w[guest reporter developer maintainer].each do |role|
+ context "when user is a #{role}" do
+ let(:oauth_params) do
+ {
+ group_id: group,
+ id: application.id
+ }
+ end
- let(:oauth_params) do
- {
- group_id: group,
- id: application.id
- }
- end
+ before do
+ group.send("add_#{role}", user)
+ end
- it 'renders a 404' do
- put :renew, params: oauth_params
- expect(response).to have_gitlab_http_status(:not_found)
+ it 'renders a 404' do
+ put :renew, params: oauth_params
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+
+ context "when admin mode is enabled for the admin user who is a #{role} of a group" do
+ let!(:user) { create(:user, :admin) }
+
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'returns the secret in json format' do
+ put :renew, params: oauth_params
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(json_response['secret']).not_to be_nil
+ end
+ end
end
end
end
@@ -230,19 +399,67 @@ RSpec.describe Groups::Settings::ApplicationsController do
expect(application).to be_confidential
end
end
- end
- context 'when user is not owner' do
- before do
- group.add_maintainer(user)
+ context 'when admin mode is enabled' do
+ let!(:user) { create(:user, :admin) }
+
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'updates the application' do
+ doorkeeper_params = { redirect_uri: 'http://example.com/', trusted: true, confidential: false }
+
+ patch :update, params: { group_id: group, id: application.id, doorkeeper_application: doorkeeper_params }
+
+ application.reload
+
+ expect(response).to redirect_to(group_settings_application_path(group, application))
+ expect(application)
+ .to have_attributes(redirect_uri: 'http://example.com/', trusted: false, confidential: false)
+ end
end
+ end
- it 'renders a 404' do
- doorkeeper_params = { redirect_uri: 'http://example.com/', trusted: true, confidential: false }
+ %w[guest reporter developer maintainer].each do |role|
+ context "when user is a #{role}" do
+ before do
+ group.send("add_#{role}", user)
+ end
- patch :update, params: { group_id: group, id: application.id, doorkeeper_application: doorkeeper_params }
+ it 'renders a 404' do
+ doorkeeper_params = { redirect_uri: 'http://example.com/', trusted: true, confidential: false }
+
+ patch :update, params: { group_id: group, id: application.id, doorkeeper_application: doorkeeper_params }
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
- expect(response).to have_gitlab_http_status(:not_found)
+ context "when admin mode is enabled for the admin user who is a #{role} of a group" do
+ let!(:user) { create(:user, :admin) }
+
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'updates the application' do
+ doorkeeper_params = { redirect_uri: 'http://example.com/', trusted: true, confidential: false }
+
+ patch :update, params: { group_id: group, id: application.id, doorkeeper_application: doorkeeper_params }
+
+ application.reload
+
+ expect(response).to redirect_to(group_settings_application_path(group, application))
+ expect(application)
+ .to have_attributes(redirect_uri: 'http://example.com/', trusted: false, confidential: false)
+ end
+ end
end
end
end
@@ -259,17 +476,55 @@ RSpec.describe Groups::Settings::ApplicationsController do
expect(Doorkeeper::Application.exists?(application.id)).to be_falsy
expect(response).to redirect_to(group_settings_applications_url(group))
end
- end
- context 'when user is not owner' do
- before do
- group.add_maintainer(user)
+ context 'when admin mode is enabled' do
+ let!(:user) { create(:user, :admin) }
+
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'deletes the application' do
+ delete :destroy, params: { group_id: group, id: application.id }
+
+ expect(Doorkeeper::Application.exists?(application.id)).to be_falsy
+ expect(response).to redirect_to(group_settings_applications_url(group))
+ end
end
+ end
- it 'renders a 404' do
- delete :destroy, params: { group_id: group, id: application.id }
+ %w[guest reporter developer maintainer].each do |role|
+ context "when user is a #{role}" do
+ before do
+ group.send("add_#{role}", user)
+ end
+
+ it 'renders a 404' do
+ delete :destroy, params: { group_id: group, id: application.id }
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+
+ context "when admin mode is enabled for the admin user who is a #{role} of a group" do
+ let!(:user) { create(:user, :admin) }
- expect(response).to have_gitlab_http_status(:not_found)
+ before do
+ Gitlab::Session.with_session(controller.session) do
+ controller.current_user_mode.request_admin_mode!
+ controller.current_user_mode.enable_admin_mode!(password: user.password)
+ end
+ end
+
+ it 'deletes the application' do
+ delete :destroy, params: { group_id: group, id: application.id }
+
+ expect(Doorkeeper::Application.exists?(application.id)).to be_falsy
+ expect(response).to redirect_to(group_settings_applications_url(group))
+ end
+ end
end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-25 05:40:34 +0300