diff options
Diffstat (limited to 'spec/requests/api/users_spec.rb')
-rw-r--r-- | spec/requests/api/users_spec.rb | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index 01a24be9f20..71fdd986f20 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -1449,6 +1449,48 @@ RSpec.describe API::Users do end end + describe "PUT /user/:id/credit_card_validation" do + let(:credit_card_validated_time) { Time.utc(2020, 1, 1) } + + context 'when unauthenticated' do + it 'returns authentication error' do + put api("/user/#{user.id}/credit_card_validation"), params: { credit_card_validated_at: credit_card_validated_time } + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + + context 'when authenticated as non-admin' do + it "does not allow updating user's credit card validation", :aggregate_failures do + put api("/user/#{user.id}/credit_card_validation", user), params: { credit_card_validated_at: credit_card_validated_time } + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + context 'when authenticated as admin' do + it "updates user's credit card validation", :aggregate_failures do + put api("/user/#{user.id}/credit_card_validation", admin), params: { credit_card_validated_at: credit_card_validated_time } + + expect(response).to have_gitlab_http_status(:ok) + expect(user.reload.credit_card_validated_at).to eq(credit_card_validated_time) + end + + it "returns 400 error if credit_card_validated_at is missing" do + put api("/user/#{user.id}/credit_card_validation", admin), params: {} + + expect(response).to have_gitlab_http_status(:bad_request) + end + + it 'returns 404 error if user not found' do + put api("/user/#{non_existing_record_id}/credit_card_validation", admin), params: { credit_card_validated_at: credit_card_validated_time } + + expect(response).to have_gitlab_http_status(:not_found) + expect(json_response['message']).to eq('404 User Not Found') + end + end + end + describe "DELETE /users/:id/identities/:provider" do let(:test_user) { create(:omniauth_user, provider: 'ldapmain') } |