diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-09 12:08:03 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-09 12:08:03 +0000 |
commit | cddaddb86bf6d4d277d206c42a9138a2d660ea56 (patch) | |
tree | 92da110e04602b7ea62835e41327e552150279f5 /spec/lib/gitlab/auth/request_authenticator_spec.rb | |
parent | 5afd8575506372dd64c238203bd05b4826f3ae2e (diff) | |
download | gitlab-ce-cddaddb86bf6d4d277d206c42a9138a2d660ea56.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/lib/gitlab/auth/request_authenticator_spec.rb')
-rw-r--r-- | spec/lib/gitlab/auth/request_authenticator_spec.rb | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/spec/lib/gitlab/auth/request_authenticator_spec.rb b/spec/lib/gitlab/auth/request_authenticator_spec.rb index 4dbcd0df302..87c96803c3a 100644 --- a/spec/lib/gitlab/auth/request_authenticator_spec.rb +++ b/spec/lib/gitlab/auth/request_authenticator_spec.rb @@ -42,6 +42,8 @@ describe Gitlab::Auth::RequestAuthenticator do describe '#find_sessionless_user' do let!(:access_token_user) { build(:user) } let!(:feed_token_user) { build(:user) } + let!(:static_object_token_user) { build(:user) } + let!(:job_token_user) { build(:user) } it 'returns access_token user first' do allow_any_instance_of(described_class).to receive(:find_user_from_web_access_token).and_return(access_token_user) @@ -56,6 +58,22 @@ describe Gitlab::Auth::RequestAuthenticator do expect(subject.find_sessionless_user([:api])).to eq feed_token_user end + it 'returns static_object_token user if no feed_token user found' do + allow_any_instance_of(described_class) + .to receive(:find_user_from_static_object_token) + .and_return(static_object_token_user) + + expect(subject.find_sessionless_user([:api])).to eq static_object_token_user + end + + it 'returns job_token user if no static_object_token user found' do + allow_any_instance_of(described_class) + .to receive(:find_user_from_job_token) + .and_return(job_token_user) + + expect(subject.find_sessionless_user([:api])).to eq job_token_user + end + it 'returns nil if no user found' do expect(subject.find_sessionless_user([:api])).to be_blank end @@ -67,6 +85,39 @@ describe Gitlab::Auth::RequestAuthenticator do end end + describe '#find_user_from_job_token' do + let!(:user) { build(:user) } + let!(:job) { build(:ci_build, user: user) } + + before do + env[Gitlab::Auth::AuthFinders::JOB_TOKEN_HEADER] = 'token' + end + + context 'with API requests' do + before do + env['SCRIPT_NAME'] = '/api/endpoint' + end + + it 'tries to find the user' do + expect(::Ci::Build).to receive(:find_by_token).and_return(job) + + expect(subject.find_sessionless_user([:api])).to eq user + end + end + + context 'without API requests' do + before do + env['SCRIPT_NAME'] = '/web/endpoint' + end + + it 'does not search for job users' do + expect(::Ci::Build).not_to receive(:find_by_token) + + expect(subject.find_sessionless_user([:api])).to be_nil + end + end + end + describe '#runner' do let!(:runner) { build(:ci_runner) } |