diff options
author | Timothy Andrew <mail@timothyandrew.net> | 2017-07-05 03:44:40 +0000 |
---|---|---|
committer | Timothy Andrew <mail@timothyandrew.net> | 2017-07-05 03:44:40 +0000 |
commit | 94258a6500855ca37e42e442ede642091a8d4366 (patch) | |
tree | 15e57752dbf9813d0ffcb14167bbd0be18623cd0 | |
parent | 5e2f7f25eb6ed1118cb541e43026915a7c4cdfef (diff) | |
download | gitlab-ce-94258a6500855ca37e42e442ede642091a8d4366.tar.gz |
Fix build for !12300.
- The `/users` and `/users/:id` APIs are now accessible without
authentication (!12445), and so scopes are not relevant for these endpoints.
- Previously, we were testing our scope declaration against these two methods.
This commit moves these tests to other `GET` user endpoints which still
require authentication.
-rw-r--r-- | spec/requests/api/users_spec.rb | 49 |
1 files changed, 35 insertions, 14 deletions
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index b8109ce401c..70b94a09e6b 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -113,13 +113,6 @@ describe API::Users do expect(json_response.first.keys).not_to include 'is_admin' end - - context "scopes" do - let(:path) { "/users" } - let(:api_call) { method(:api) } - - include_examples 'allows the "read_user" scope' - end end context "when admin" do @@ -216,13 +209,6 @@ describe API::Users do expect(response).to have_http_status(404) end - - context "scopes" do - let(:path) { "/users/#{user.id}" } - let(:api_call) { method(:api) } - - include_examples 'allows the "read_user" scope' - end end describe "POST /users" do @@ -909,6 +895,13 @@ describe API::Users do expect(response).to match_response_schema('public_api/v4/user/public') expect(json_response['id']).to eq(user.id) end + + context "scopes" do + let(:path) { "/user" } + let(:api_call) { method(:api) } + + include_examples 'allows the "read_user" scope' + end end context 'with admin' do @@ -978,6 +971,13 @@ describe API::Users do expect(json_response).to be_an Array expect(json_response.first["title"]).to eq(key.title) end + + context "scopes" do + let(:path) { "/user/keys" } + let(:api_call) { method(:api) } + + include_examples 'allows the "read_user" scope' + end end end @@ -1011,6 +1011,13 @@ describe API::Users do expect(response).to have_http_status(404) end + + context "scopes" do + let(:path) { "/user/keys/#{key.id}" } + let(:api_call) { method(:api) } + + include_examples 'allows the "read_user" scope' + end end describe "POST /user/keys" do @@ -1100,6 +1107,13 @@ describe API::Users do expect(json_response).to be_an Array expect(json_response.first["email"]).to eq(email.email) end + + context "scopes" do + let(:path) { "/user/emails" } + let(:api_call) { method(:api) } + + include_examples 'allows the "read_user" scope' + end end end @@ -1132,6 +1146,13 @@ describe API::Users do expect(response).to have_http_status(404) end + + context "scopes" do + let(:path) { "/user/emails/#{email.id}" } + let(:api_call) { method(:api) } + + include_examples 'allows the "read_user" scope' + end end describe "POST /user/emails" do |