diff options
| author | Douwe Maan <douwe@gitlab.com> | 2018-02-08 14:26:18 +0000 |
|---|---|---|
| committer | Douwe Maan <douwe@gitlab.com> | 2018-02-08 14:26:18 +0000 |
| commit | bbb3e58bc7143df31355baddc970670e1e64503d (patch) | |
| tree | 712b159ad384f7c349416f7de8e8feb9afe9b43a /spec | |
| parent | 15eb0ab0f8ec1bef02065949cade065956c9d4d1 (diff) | |
| parent | 583ef9458c5e5c32a14629f5754bc53ed0ad8a33 (diff) | |
| download | gitlab-ce-bbb3e58bc7143df31355baddc970670e1e64503d.tar.gz | |
Merge branch 'feature/oidc-groups-claim' into 'master'
Add groups to OpenID Connect claims
See merge request gitlab-org/gitlab-ce!16929
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/models/user_spec.rb | 25 | ||||
| -rw-r--r-- | spec/requests/openid_connect_spec.rb | 24 |
2 files changed, 44 insertions, 5 deletions
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index cb02d526a98..76a6aef39cc 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -1586,14 +1586,37 @@ describe User do describe '#authorized_groups' do let!(:user) { create(:user) } let!(:private_group) { create(:group) } + let!(:child_group) { create(:group, parent: private_group) } + + let!(:project_group) { create(:group) } + let!(:project) { create(:project, group: project_group) } before do private_group.add_user(user, Gitlab::Access::MASTER) + project.add_master(user) end subject { user.authorized_groups } - it { is_expected.to eq([private_group]) } + it { is_expected.to contain_exactly private_group, project_group } + end + + describe '#membership_groups' do + let!(:user) { create(:user) } + let!(:parent_group) { create(:group) } + let!(:child_group) { create(:group, parent: parent_group) } + + before do + parent_group.add_user(user, Gitlab::Access::MASTER) + end + + subject { user.membership_groups } + + if Group.supports_nested_groups? + it { is_expected.to contain_exactly parent_group, child_group } + else + it { is_expected.to contain_exactly parent_group } + end end describe '#authorized_projects', :delete do diff --git a/spec/requests/openid_connect_spec.rb b/spec/requests/openid_connect_spec.rb index 1a5ad9b04e4..5d349f45a33 100644 --- a/spec/requests/openid_connect_spec.rb +++ b/spec/requests/openid_connect_spec.rb @@ -65,10 +65,20 @@ describe 'OpenID Connect requests' do ) end - let(:public_email) { build :email, email: 'public@example.com' } - let(:private_email) { build :email, email: 'private@example.com' } + let!(:public_email) { build :email, email: 'public@example.com' } + let!(:private_email) { build :email, email: 'private@example.com' } - it 'includes all user information' do + let!(:group1) { create :group, path: 'group1' } + let!(:group2) { create :group, path: 'group2' } + let!(:group3) { create :group, path: 'group3', parent: group2 } + let!(:group4) { create :group, path: 'group4', parent: group3 } + + before do + group1.add_user(user, GroupMember::OWNER) + group3.add_user(user, Gitlab::Access::DEVELOPER) + end + + it 'includes all user information and group memberships' do request_user_info expect(json_response).to eq({ @@ -79,7 +89,13 @@ describe 'OpenID Connect requests' do 'email_verified' => true, 'website' => 'https://example.com', 'profile' => 'http://localhost/alice', - 'picture' => "http://localhost/uploads/-/system/user/avatar/#{user.id}/dk.png" + 'picture' => "http://localhost/uploads/-/system/user/avatar/#{user.id}/dk.png", + 'groups' => + if Group.supports_nested_groups? + ['group1', 'group2/group3', 'group2/group3/group4'] + else + ['group1', 'group2/group3'] + end }) end end |