diff options
Diffstat (limited to 'spec/lib/gitlab/auth')
-rw-r--r-- | spec/lib/gitlab/auth/auth_finders_spec.rb | 4 | ||||
-rw-r--r-- | spec/lib/gitlab/auth/current_user_mode_spec.rb | 31 | ||||
-rw-r--r-- | spec/lib/gitlab/auth/ldap/config_spec.rb | 5 | ||||
-rw-r--r-- | spec/lib/gitlab/auth/ldap/user_spec.rb | 2 | ||||
-rw-r--r-- | spec/lib/gitlab/auth/o_auth/user_spec.rb | 2 | ||||
-rw-r--r-- | spec/lib/gitlab/auth/saml/user_spec.rb | 10 | ||||
-rw-r--r-- | spec/lib/gitlab/auth/unique_ips_limiter_spec.rb | 10 |
7 files changed, 48 insertions, 16 deletions
diff --git a/spec/lib/gitlab/auth/auth_finders_spec.rb b/spec/lib/gitlab/auth/auth_finders_spec.rb index 9283c31a207..484b4702497 100644 --- a/spec/lib/gitlab/auth/auth_finders_spec.rb +++ b/spec/lib/gitlab/auth/auth_finders_spec.rb @@ -69,7 +69,7 @@ RSpec.describe Gitlab::Auth::AuthFinders do expect(subject).to eq(user) expect(@current_authenticated_job).to eq job expect(subject).to be_from_ci_job_token - expect(subject.ci_job_token_scope.source_project).to eq(job.project) + expect(subject.ci_job_token_scope.current_project).to eq(job.project) end end @@ -100,7 +100,7 @@ RSpec.describe Gitlab::Auth::AuthFinders do expect(subject).to eq(user) expect(@current_authenticated_job).to eq job expect(subject).to be_from_ci_job_token - expect(subject.ci_job_token_scope.source_project).to eq(job.project) + expect(subject.ci_job_token_scope.current_project).to eq(job.project) end else it 'returns nil' do diff --git a/spec/lib/gitlab/auth/current_user_mode_spec.rb b/spec/lib/gitlab/auth/current_user_mode_spec.rb index a21f0931b78..0a68a4a0ae2 100644 --- a/spec/lib/gitlab/auth/current_user_mode_spec.rb +++ b/spec/lib/gitlab/auth/current_user_mode_spec.rb @@ -194,10 +194,41 @@ RSpec.describe Gitlab::Auth::CurrentUserMode, :request_store do it 'creates a timestamp in the session' do subject.request_admin_mode! + subject.enable_admin_mode!(password: user.password) expect(session).to include(expected_session_entry(be_within(1.second).of(Time.now))) end + + it 'returns true after successful enable' do + subject.request_admin_mode! + + expect(subject.enable_admin_mode!(password: user.password)).to eq(true) + end + + it 'returns false after unsuccessful enable' do + subject.request_admin_mode! + + expect(subject.enable_admin_mode!(password: 'wrong password')).to eq(false) + end + + context 'when user is not an admin' do + let(:user) { build_stubbed(:user) } + + it 'returns false' do + subject.request_admin_mode! + + expect(subject.enable_admin_mode!(password: user.password)).to eq(false) + end + end + + context 'when admin mode is not requested' do + it 'raises error' do + expect do + subject.enable_admin_mode!(password: user.password) + end.to raise_error(Gitlab::Auth::CurrentUserMode::NotRequestedError) + end + end end describe '#disable_admin_mode!' do diff --git a/spec/lib/gitlab/auth/ldap/config_spec.rb b/spec/lib/gitlab/auth/ldap/config_spec.rb index 3be983857bc..160fd78b2b9 100644 --- a/spec/lib/gitlab/auth/ldap/config_spec.rb +++ b/spec/lib/gitlab/auth/ldap/config_spec.rb @@ -99,7 +99,7 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK expect { described_class.new }.to raise_error ArgumentError end - it 'works' do + it 'returns an instance of Gitlab::Auth::Ldap::Config' do expect(config).to be_a described_class end @@ -122,7 +122,8 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK host: 'ldap.example.com', port: 386, hosts: nil, - encryption: nil + encryption: nil, + instrumentation_service: ActiveSupport::Notifications ) end diff --git a/spec/lib/gitlab/auth/ldap/user_spec.rb b/spec/lib/gitlab/auth/ldap/user_spec.rb index b471a89b491..5771b1cd609 100644 --- a/spec/lib/gitlab/auth/ldap/user_spec.rb +++ b/spec/lib/gitlab/auth/ldap/user_spec.rb @@ -133,7 +133,7 @@ RSpec.describe Gitlab::Auth::Ldap::User do context 'when user confirmation email is enabled' do before do - stub_application_setting send_user_confirmation_email: true + stub_application_setting_enum('email_confirmation_setting', 'hard') end it 'creates and confirms the user anyway' do diff --git a/spec/lib/gitlab/auth/o_auth/user_spec.rb b/spec/lib/gitlab/auth/o_auth/user_spec.rb index 95a518afcf1..bb81621ec92 100644 --- a/spec/lib/gitlab/auth/o_auth/user_spec.rb +++ b/spec/lib/gitlab/auth/o_auth/user_spec.rb @@ -108,7 +108,7 @@ RSpec.describe Gitlab::Auth::OAuth::User do context 'when user confirmation email is enabled' do before do - stub_application_setting send_user_confirmation_email: true + stub_application_setting_enum('email_confirmation_setting', 'hard') end it 'creates and confirms the user anyway' do diff --git a/spec/lib/gitlab/auth/saml/user_spec.rb b/spec/lib/gitlab/auth/saml/user_spec.rb index 796512bc52b..a8a5d8ae5df 100644 --- a/spec/lib/gitlab/auth/saml/user_spec.rb +++ b/spec/lib/gitlab/auth/saml/user_spec.rb @@ -46,6 +46,10 @@ RSpec.describe Gitlab::Auth::Saml::User do end context 'external groups' do + before do + stub_saml_group_config(%w(Interns)) + end + context 'are defined' do it 'marks the user as external' do stub_saml_group_config(%w(Freelancers)) @@ -55,10 +59,6 @@ RSpec.describe Gitlab::Auth::Saml::User do end end - before do - stub_saml_group_config(%w(Interns)) - end - context 'are defined but the user does not belong there' do it 'does not mark the user as external' do saml_user.save # rubocop:disable Rails/SaveBang @@ -317,7 +317,7 @@ RSpec.describe Gitlab::Auth::Saml::User do context 'when user confirmation email is enabled' do before do - stub_application_setting send_user_confirmation_email: true + stub_application_setting_enum('email_confirmation_setting', 'hard') end it 'creates and confirms the user anyway' do diff --git a/spec/lib/gitlab/auth/unique_ips_limiter_spec.rb b/spec/lib/gitlab/auth/unique_ips_limiter_spec.rb index b239de841b6..84f6411eae6 100644 --- a/spec/lib/gitlab/auth/unique_ips_limiter_spec.rb +++ b/spec/lib/gitlab/auth/unique_ips_limiter_spec.rb @@ -22,14 +22,14 @@ RSpec.describe Gitlab::Auth::UniqueIpsLimiter, :clean_gitlab_redis_shared_state end it 'resets count after specified time window' do - Timecop.freeze do + freeze_time do expect(described_class.update_and_return_ips_count(user.id, 'ip2')).to eq(1) expect(described_class.update_and_return_ips_count(user.id, 'ip3')).to eq(2) + end - travel_to(Time.now.utc + described_class.config.unique_ips_limit_time_window) do - expect(described_class.update_and_return_ips_count(user.id, 'ip4')).to eq(1) - expect(described_class.update_and_return_ips_count(user.id, 'ip5')).to eq(2) - end + travel_to(Time.now.utc + described_class.config.unique_ips_limit_time_window) do + expect(described_class.update_and_return_ips_count(user.id, 'ip4')).to eq(1) + expect(described_class.update_and_return_ips_count(user.id, 'ip5')).to eq(2) end end end |