diff options
Diffstat (limited to 'spec/features/profiles/oauth_applications_spec.rb')
-rw-r--r-- | spec/features/profiles/oauth_applications_spec.rb | 53 |
1 files changed, 51 insertions, 2 deletions
diff --git a/spec/features/profiles/oauth_applications_spec.rb b/spec/features/profiles/oauth_applications_spec.rb index ee1daf69f62..86cc761d790 100644 --- a/spec/features/profiles/oauth_applications_spec.rb +++ b/spec/features/profiles/oauth_applications_spec.rb @@ -35,9 +35,59 @@ RSpec.describe 'Profile > Applications' do expect(page).to have_content('Your applications (0)') expect(page).to have_content('Authorized applications (0)') end + end + + describe 'Authorized applications', :js do + let(:other_user) { create(:user) } + let(:application) { create(:oauth_application, owner: user) } + let(:created_at) { 2.days.ago } + let(:token) { create(:oauth_access_token, application: application, resource_owner: user) } + let(:anonymous_token) { create(:oauth_access_token, resource_owner: user) } + + context 'with multiple access token types and multiple owners' do + let!(:other_user_token) { create(:oauth_access_token, application: application, resource_owner: other_user) } + + before do + token.update_column(:created_at, created_at) + anonymous_token.update_columns(application_id: nil, created_at: 1.day.ago) + end + + it 'displays the correct authorized applications' do + visit oauth_applications_path + + expect(page).to have_content('Authorized applications (2)') + + page.within('div.oauth-authorized-applications') do + # Ensure the correct user's token details are displayed + # when the application has more than one token + page.within("tr#application_#{application.id}") do + expect(page).to have_content(created_at) + end + + expect(page).to have_content('Anonymous') + expect(page).not_to have_content(other_user_token.created_at) + end + end + end it 'deletes an authorized application' do - create(:oauth_access_token, resource_owner: user) + token + visit oauth_applications_path + + page.within('div.oauth-authorized-applications') do + page.within("tr#application_#{application.id}") do + click_button 'Revoke' + end + end + + accept_gl_confirm(button_text: 'Revoke application') + + expect(page).to have_content('The application was revoked access.') + expect(page).to have_content('Authorized applications (0)') + end + + it 'deletes an anonymous authorized application' do + anonymous_token visit oauth_applications_path page.within('.oauth-authorized-applications') do @@ -48,7 +98,6 @@ RSpec.describe 'Profile > Applications' do accept_gl_confirm(button_text: 'Revoke application') expect(page).to have_content('The application was revoked access.') - expect(page).to have_content('Your applications (0)') expect(page).to have_content('Authorized applications (0)') end end |