From b8ec1f4201c74c500e4f7010b238c7920599da7a Mon Sep 17 00:00:00 2001 From: Timothy Andrew Date: Wed, 28 Jun 2017 07:12:23 +0000 Subject: Extract a `Gitlab::Scope` class. - To represent an authorization scope, such as `api` or `read_user` - This is a better abstraction than the hash we were previously using. --- .../services/access_token_validation_service_spec.rb | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) (limited to 'spec/services/access_token_validation_service_spec.rb') diff --git a/spec/services/access_token_validation_service_spec.rb b/spec/services/access_token_validation_service_spec.rb index 279f4ed93ac..660a05e0b6d 100644 --- a/spec/services/access_token_validation_service_spec.rb +++ b/spec/services/access_token_validation_service_spec.rb @@ -1,37 +1,33 @@ require 'spec_helper' describe AccessTokenValidationService, services: true do - def scope(data) - OpenStruct.new(data) - end - describe ".include_any_scope?" do let(:request) { double("request") } it "returns true if the required scope is present in the token's scopes" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :api })] + scopes = [API::Scope.new(:api)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end it "returns true if more than one of the required scopes is present in the token's scopes" do token = double("token", scopes: [:api, :read_user, :other_scope]) - scopes = [scope({ name: :api }), scope({ name: :other_scope })] + scopes = [API::Scope.new(:api), API::Scope.new(:other_scope)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end it "returns true if the list of required scopes is an exact match for the token's scopes" do token = double("token", scopes: [:api, :read_user, :other_scope]) - scopes = [scope({ name: :api }), scope({ name: :read_user }), scope({ name: :other_scope })] + scopes = [API::Scope.new(:api), API::Scope.new(:read_user), API::Scope.new(:other_scope)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end it "returns true if the list of required scopes contains all of the token's scopes, in addition to others" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :api }), scope({ name: :read_user }), scope({ name: :other_scope })] + scopes = [API::Scope.new(:api), API::Scope.new(:read_user), API::Scope.new(:other_scope)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end @@ -45,7 +41,7 @@ describe AccessTokenValidationService, services: true do it "returns false if there are no scopes in common between the required scopes and the token scopes" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :other_scope })] + scopes = [API::Scope.new(:other_scope)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(false) end @@ -53,21 +49,21 @@ describe AccessTokenValidationService, services: true do context "conditions" do it "ignores any scopes whose `if` condition returns false" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :api, if: ->(_) { false } })] + scopes = [API::Scope.new(:api, if: ->(_) { false })] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(false) end it "does not ignore scopes whose `if` condition is not set" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :api, if: ->(_) { false } }), scope({ name: :read_user })] + scopes = [API::Scope.new(:api, if: ->(_) { false }), API::Scope.new(:read_user)] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end it "does not ignore scopes whose `if` condition returns true" do token = double("token", scopes: [:api, :read_user]) - scopes = [scope({ name: :api, if: ->(_) { true } }), scope({ name: :read_user, if: ->(_) { false } })] + scopes = [API::Scope.new(:api, if: ->(_) { true }), API::Scope.new(:read_user, if: ->(_) { false })] expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true) end -- cgit v1.2.3