add admin panel for personal access tokens

1 files changed, 95 insertions, 0 deletions

diff --git a/spec/features/admin/admin_users_personal_access_tokens_spec.rb b/spec/features/admin/admin_users_personal_access_tokens_spec.rb
new file mode 100644
index 00000000000..b7ec8c9fe86
--- /dev/null
+++ b/spec/features/admin/admin_users_personal_access_tokens_spec.rb
@@ -0,0 +1,95 @@
+require 'spec_helper'
+
+describe 'Admin > Users > Personal Access Tokens', feature: true, js: true do
+  let(:admin) { create(:admin) }
+  let!(:user) { create(:user) }
+
+  def active_personal_access_tokens
+    find(".table.active-personal-access-tokens")
+  end
+
+  def inactive_personal_access_tokens
+    find(".table.inactive-personal-access-tokens")
+  end
+
+  def created_personal_access_token
+    find("#created-personal-access-token").value
+  end
+
+  def disallow_personal_access_token_saves!
+    allow_any_instance_of(PersonalAccessToken).to receive(:save).and_return(false)
+    errors = ActiveModel::Errors.new(PersonalAccessToken.new).tap { |e| e.add(:name, "cannot be nil") }
+    allow_any_instance_of(PersonalAccessToken).to receive(:errors).and_return(errors)
+  end
+
+  before do
+    login_as(admin)
+  end
+
+  describe "token creation" do
+    it "allows creation of a token" do
+      name = FFaker::Product.brand
+
+      visit admin_user_personal_access_tokens_path(user_id: user.username)
+      fill_in "Name", with: name
+
+      # Set date to 1st of next month
+      find_field("Expires at").trigger('focus')
+      find("a[title='Next']").click
+      click_on "1"
+
+      # Scopes
+      check "api"
+      check "read_user"
+
+      check "You can impersonate the user"
+
+      click_on "Create Personal Access Token"
+      expect(active_personal_access_tokens).to have_text(name)
+      expect(active_personal_access_tokens).to have_text('In')
+      expect(active_personal_access_tokens).to have_text('api')
+      expect(active_personal_access_tokens).to have_text('read_user')
+      expect(active_personal_access_tokens).to have_text('true')
+    end
+
+    context "when creation fails" do
+      it "displays an error message" do
+        disallow_personal_access_token_saves!
+        visit admin_user_personal_access_tokens_path(user_id: user.username)
+        fill_in "Name", with: FFaker::Product.brand
+
+        expect { click_on "Create Personal Access Token" }.not_to change { PersonalAccessToken.count }
+        expect(page).to have_content("Name cannot be nil")
+      end
+    end
+  end
+
+  describe "inactive tokens" do
+    let!(:personal_access_token) { create(:personal_access_token, user: user) }
+
+    it "allows revocation of an active token" do
+      visit admin_user_personal_access_tokens_path(user_id: user.username)
+      click_on "Revoke"
+
+      expect(inactive_personal_access_tokens).to have_text(personal_access_token.name)
+    end
+
+    it "moves expired tokens to the 'inactive' section" do
+      personal_access_token.update(expires_at: 5.days.ago)
+      visit admin_user_personal_access_tokens_path(user_id: user.username)
+
+      expect(inactive_personal_access_tokens).to have_text(personal_access_token.name)
+    end
+
+    context "when revocation fails" do
+      it "displays an error message" do
+        disallow_personal_access_token_saves!
+        visit admin_user_personal_access_tokens_path(user_id: user.username)
+
+        click_on "Revoke"
+        expect(active_personal_access_tokens).to have_text(personal_access_token.name)
+        expect(page).to have_content("Could not revoke")
+      end
+    end
+  end
+end