1 files changed, 87 insertions, 32 deletions

diff --git a/spec/support/shared_examples/requests/access_tokens_controller_shared_examples.rb b/spec/support/shared_examples/requests/access_tokens_controller_shared_examples.rb
index 59e641e2af6..2170025824f 100644
--- a/spec/support/shared_examples/requests/access_tokens_controller_shared_examples.rb
+++ b/spec/support/shared_examples/requests/access_tokens_controller_shared_examples.rb
@@ -1,21 +1,98 @@
 # frozen_string_literal: true
 
 RSpec.shared_examples 'GET resource access tokens available' do
-  let_it_be(:active_resource_access_token) { create(:personal_access_token, user: bot_user) }
+  let_it_be(:active_resource_access_token) { create(:personal_access_token, user: access_token_user) }
 
-  it 'retrieves active resource access tokens' do
-    subject
+  it 'retrieves active access tokens' do
+    get_access_tokens
 
-    token_entities = assigns(:active_resource_access_tokens)
+    token_entities = assigns(:active_access_tokens)
     expect(token_entities.length).to eq(1)
     expect(token_entities[0][:name]).to eq(active_resource_access_token.name)
   end
 
   it 'lists all available scopes' do
-    subject
+    get_access_tokens
 
     expect(assigns(:scopes)).to eq(Gitlab::Auth.resource_bot_scopes)
   end
+
+  it 'returns for json response' do
+    get_access_tokens_json
+
+    expect(json_response.count).to eq(1)
+  end
+end
+
+RSpec.shared_examples 'GET access tokens are paginated and ordered' do
+  before do
+    create(:personal_access_token, user: access_token_user)
+  end
+
+  context "when multiple access tokens are returned" do
+    before do
+      allow(Kaminari.config).to receive(:default_per_page).and_return(1)
+      create(:personal_access_token, user: access_token_user)
+    end
+
+    it "returns paginated response", :aggregate_failures do
+      get_access_tokens_with_page
+      expect(assigns(:active_access_tokens).count).to eq(1)
+
+      expect_header('X-Per-Page', '1')
+      expect_header('X-Page', '1')
+      expect_header('X-Next-Page', '2')
+      expect_header('X-Total', '2')
+    end
+  end
+
+  context "when access_token_pagination feature flag is disabled" do
+    before do
+      stub_feature_flags(access_token_pagination: false)
+      create(:personal_access_token, user: access_token_user)
+    end
+
+    it "returns all tokens in system" do
+      get_access_tokens_with_page
+      expect(assigns(:active_access_tokens).count).to eq(2)
+    end
+  end
+
+  context "when tokens returned are ordered" do
+    let(:expires_1_day_from_now) { 1.day.from_now.to_date }
+    let(:expires_2_day_from_now) { 2.days.from_now.to_date }
+
+    before do
+      create(:personal_access_token, user: access_token_user, name: "Token1", expires_at: expires_1_day_from_now)
+      create(:personal_access_token, user: access_token_user, name: "Token2", expires_at: expires_2_day_from_now)
+    end
+
+    it "orders token list ascending on expires_at" do
+      get_access_tokens
+
+      first_token = assigns(:active_access_tokens).first.as_json
+      expect(first_token['name']).to eq("Token1")
+      expect(first_token['expires_at']).to eq(expires_1_day_from_now.strftime("%Y-%m-%d"))
+    end
+
+    it "orders tokens on id in case token has same expires_at" do
+      create(:personal_access_token, user: access_token_user, name: "Token3", expires_at: expires_1_day_from_now)
+
+      get_access_tokens
+
+      first_token = assigns(:active_access_tokens).first.as_json
+      expect(first_token['name']).to eq("Token3")
+      expect(first_token['expires_at']).to eq(expires_1_day_from_now.strftime("%Y-%m-%d"))
+
+      second_token = assigns(:active_access_tokens).second.as_json
+      expect(second_token['name']).to eq("Token1")
+      expect(second_token['expires_at']).to eq(expires_1_day_from_now.strftime("%Y-%m-%d"))
+    end
+  end
+
+  def expect_header(header_name, header_val)
+    expect(response.headers[header_name]).to eq(header_val)
+  end
 end
 
 RSpec.shared_examples 'POST resource access tokens available' do
@@ -83,7 +160,7 @@ end
 
 RSpec.shared_examples 'PUT resource access tokens available' do
   it 'calls delete user worker' do
-    expect(DeleteUserWorker).to receive(:perform_async).with(user.id, bot_user.id, skip_authorization: true)
+    expect(DeleteUserWorker).to receive(:perform_async).with(user.id, access_token_user.id, skip_authorization: true)
 
     subject
   end
@@ -91,34 +168,12 @@ RSpec.shared_examples 'PUT resource access tokens available' do
   it 'removes membership of bot user' do
     subject
 
-    expect(resource.reload.bots).not_to include(bot_user)
+    expect(resource.reload.bots).not_to include(access_token_user)
   end
 
-  context 'when user_destroy_with_limited_execution_time_worker is enabled' do
-    it 'creates GhostUserMigration records to handle migration in a worker' do
-      expect { subject }.to(
-        change { Users::GhostUserMigration.count }.from(0).to(1))
-    end
-  end
-
-  context 'when user_destroy_with_limited_execution_time_worker is disabled' do
-    before do
-      stub_feature_flags(user_destroy_with_limited_execution_time_worker: false)
-    end
-
-    it 'converts issuables of the bot user to ghost user' do
-      issue = create(:issue, author: bot_user)
-
-      subject
-
-      expect(issue.reload.author.ghost?).to be true
-    end
-
-    it 'deletes project bot user' do
-      subject
-
-      expect(User.exists?(bot_user.id)).to be_falsy
-    end
+  it 'creates GhostUserMigration records to handle migration in a worker' do
+    expect { subject }.to(
+      change { Users::GhostUserMigration.count }.from(0).to(1))
   end
 
   context 'when unsuccessful' do