diff options
Diffstat (limited to 'spec/migrations/migrate_forbidden_redirect_uris_spec.rb')
-rw-r--r-- | spec/migrations/migrate_forbidden_redirect_uris_spec.rb | 48 |
1 files changed, 0 insertions, 48 deletions
diff --git a/spec/migrations/migrate_forbidden_redirect_uris_spec.rb b/spec/migrations/migrate_forbidden_redirect_uris_spec.rb deleted file mode 100644 index 7c3cc9f07c8..00000000000 --- a/spec/migrations/migrate_forbidden_redirect_uris_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' -require Rails.root.join('db', 'post_migrate', '20181026091631_migrate_forbidden_redirect_uris.rb') - -describe MigrateForbiddenRedirectUris do - let(:oauth_application) { table(:oauth_applications) } - let(:oauth_access_grant) { table(:oauth_access_grants) } - - let!(:control_app) { oauth_application.create(random_params) } - let!(:control_access_grant) { oauth_application.create(random_params) } - let!(:forbidden_js_app) { oauth_application.create(random_params.merge(redirect_uri: 'javascript://alert()')) } - let!(:forbidden_vb_app) { oauth_application.create(random_params.merge(redirect_uri: 'VBSCRIPT://alert()')) } - let!(:forbidden_access_grant) { oauth_application.create(random_params.merge(redirect_uri: 'vbscript://alert()')) } - - context 'oauth application' do - it 'migrates forbidden javascript URI' do - expect { migrate! }.to change { forbidden_js_app.reload.redirect_uri }.to('http://forbidden-scheme-has-been-overwritten') - end - - it 'migrates forbidden VBScript URI' do - expect { migrate! }.to change { forbidden_vb_app.reload.redirect_uri }.to('http://forbidden-scheme-has-been-overwritten') - end - - it 'does not migrate a valid URI' do - expect { migrate! }.not_to change { control_app.reload.redirect_uri } - end - end - - context 'access grant' do - it 'migrates forbidden VBScript URI' do - expect { migrate! }.to change { forbidden_access_grant.reload.redirect_uri }.to('http://forbidden-scheme-has-been-overwritten') - end - - it 'does not migrate a valid URI' do - expect { migrate! }.not_to change { control_access_grant.reload.redirect_uri } - end - end - - def random_params - { - name: 'test', - secret: 'test', - uid: Doorkeeper::OAuth::Helpers::UniqueToken.generate, - redirect_uri: 'http://valid.com' - } - end -end |