1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
|
require 'spec_helper'
describe API, api: true do
include API::APIHelpers
include ApiHelpers
let(:user) { create(:user) }
let(:admin) { create(:admin) }
let(:key) { create(:key, user: user) }
let(:params) { {} }
let(:env) { {} }
def set_env(token_usr, identifier)
clear_env
clear_param
env[API::APIHelpers::PRIVATE_TOKEN_HEADER] = token_usr.private_token
env[API::APIHelpers::SUDO_HEADER] = identifier
end
def set_param(token_usr, identifier)
clear_env
clear_param
params[API::APIHelpers::PRIVATE_TOKEN_PARAM] = token_usr.private_token
params[API::APIHelpers::SUDO_PARAM] = identifier
end
def clear_env
env.delete(API::APIHelpers::PRIVATE_TOKEN_HEADER)
env.delete(API::APIHelpers::SUDO_HEADER)
end
def clear_param
params.delete(API::APIHelpers::PRIVATE_TOKEN_PARAM)
params.delete(API::APIHelpers::SUDO_PARAM)
end
def error!(message, status)
raise Exception
end
describe ".current_user" do
it "should return nil for an invalid token" do
env[API::APIHelpers::PRIVATE_TOKEN_HEADER] = 'invalid token'
self.class.any_instance.stub(:doorkeeper_guard){ false }
current_user.should be_nil
end
it "should return nil for a user without access" do
env[API::APIHelpers::PRIVATE_TOKEN_HEADER] = user.private_token
Gitlab::UserAccess.stub(allowed?: false)
current_user.should be_nil
end
it "should leave user as is when sudo not specified" do
env[API::APIHelpers::PRIVATE_TOKEN_HEADER] = user.private_token
current_user.should == user
clear_env
params[API::APIHelpers::PRIVATE_TOKEN_PARAM] = user.private_token
current_user.should == user
end
it "should change current user to sudo when admin" do
set_env(admin, user.id)
current_user.should == user
set_param(admin, user.id)
current_user.should == user
set_env(admin, user.username)
current_user.should == user
set_param(admin, user.username)
current_user.should == user
end
it "should throw an error when the current user is not an admin and attempting to sudo" do
set_env(user, admin.id)
expect { current_user }.to raise_error
set_param(user, admin.id)
expect { current_user }.to raise_error
set_env(user, admin.username)
expect { current_user }.to raise_error
set_param(user, admin.username)
expect { current_user }.to raise_error
end
it "should throw an error when the user cannot be found for a given id" do
id = user.id + admin.id
user.id.should_not == id
admin.id.should_not == id
set_env(admin, id)
expect { current_user }.to raise_error
set_param(admin, id)
expect { current_user }.to raise_error
end
it "should throw an error when the user cannot be found for a given username" do
username = "#{user.username}#{admin.username}"
user.username.should_not == username
admin.username.should_not == username
set_env(admin, username)
expect { current_user }.to raise_error
set_param(admin, username)
expect { current_user }.to raise_error
end
it "should handle sudo's to oneself" do
set_env(admin, admin.id)
current_user.should == admin
set_param(admin, admin.id)
current_user.should == admin
set_env(admin, admin.username)
current_user.should == admin
set_param(admin, admin.username)
current_user.should == admin
end
it "should handle multiple sudo's to oneself" do
set_env(admin, user.id)
current_user.should == user
current_user.should == user
set_env(admin, user.username)
current_user.should == user
current_user.should == user
set_param(admin, user.id)
current_user.should == user
current_user.should == user
set_param(admin, user.username)
current_user.should == user
current_user.should == user
end
it "should handle multiple sudo's to oneself using string ids" do
set_env(admin, user.id.to_s)
current_user.should == user
current_user.should == user
set_param(admin, user.id.to_s)
current_user.should == user
current_user.should == user
end
end
describe '.sudo_identifier' do
it "should return integers when input is an int" do
set_env(admin, '123')
sudo_identifier.should == 123
set_env(admin, '0001234567890')
sudo_identifier.should == 1234567890
set_param(admin, '123')
sudo_identifier.should == 123
set_param(admin, '0001234567890')
sudo_identifier.should == 1234567890
end
it "should return string when input is an is not an int" do
set_env(admin, '12.30')
sudo_identifier.should == "12.30"
set_env(admin, 'hello')
sudo_identifier.should == 'hello'
set_env(admin, ' 123')
sudo_identifier.should == ' 123'
set_param(admin, '12.30')
sudo_identifier.should == "12.30"
set_param(admin, 'hello')
sudo_identifier.should == 'hello'
set_param(admin, ' 123')
sudo_identifier.should == ' 123'
end
end
end
|
