summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTimothy Andrew <mail@timothyandrew.net>2017-07-05 03:44:40 +0000
committerTimothy Andrew <mail@timothyandrew.net>2017-07-05 03:44:40 +0000
commit94258a6500855ca37e42e442ede642091a8d4366 (patch)
tree15e57752dbf9813d0ffcb14167bbd0be18623cd0
parent5e2f7f25eb6ed1118cb541e43026915a7c4cdfef (diff)
downloadgitlab-ce-94258a6500855ca37e42e442ede642091a8d4366.tar.gz
Fix build for !12300.
- The `/users` and `/users/:id` APIs are now accessible without authentication (!12445), and so scopes are not relevant for these endpoints. - Previously, we were testing our scope declaration against these two methods. This commit moves these tests to other `GET` user endpoints which still require authentication.
-rw-r--r--spec/requests/api/users_spec.rb49
1 files changed, 35 insertions, 14 deletions
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index b8109ce401c..70b94a09e6b 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -113,13 +113,6 @@ describe API::Users do
expect(json_response.first.keys).not_to include 'is_admin'
end
-
- context "scopes" do
- let(:path) { "/users" }
- let(:api_call) { method(:api) }
-
- include_examples 'allows the "read_user" scope'
- end
end
context "when admin" do
@@ -216,13 +209,6 @@ describe API::Users do
expect(response).to have_http_status(404)
end
-
- context "scopes" do
- let(:path) { "/users/#{user.id}" }
- let(:api_call) { method(:api) }
-
- include_examples 'allows the "read_user" scope'
- end
end
describe "POST /users" do
@@ -909,6 +895,13 @@ describe API::Users do
expect(response).to match_response_schema('public_api/v4/user/public')
expect(json_response['id']).to eq(user.id)
end
+
+ context "scopes" do
+ let(:path) { "/user" }
+ let(:api_call) { method(:api) }
+
+ include_examples 'allows the "read_user" scope'
+ end
end
context 'with admin' do
@@ -978,6 +971,13 @@ describe API::Users do
expect(json_response).to be_an Array
expect(json_response.first["title"]).to eq(key.title)
end
+
+ context "scopes" do
+ let(:path) { "/user/keys" }
+ let(:api_call) { method(:api) }
+
+ include_examples 'allows the "read_user" scope'
+ end
end
end
@@ -1011,6 +1011,13 @@ describe API::Users do
expect(response).to have_http_status(404)
end
+
+ context "scopes" do
+ let(:path) { "/user/keys/#{key.id}" }
+ let(:api_call) { method(:api) }
+
+ include_examples 'allows the "read_user" scope'
+ end
end
describe "POST /user/keys" do
@@ -1100,6 +1107,13 @@ describe API::Users do
expect(json_response).to be_an Array
expect(json_response.first["email"]).to eq(email.email)
end
+
+ context "scopes" do
+ let(:path) { "/user/emails" }
+ let(:api_call) { method(:api) }
+
+ include_examples 'allows the "read_user" scope'
+ end
end
end
@@ -1132,6 +1146,13 @@ describe API::Users do
expect(response).to have_http_status(404)
end
+
+ context "scopes" do
+ let(:path) { "/user/emails/#{email.id}" }
+ let(:api_call) { method(:api) }
+
+ include_examples 'allows the "read_user" scope'
+ end
end
describe "POST /user/emails" do