diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-06-29 19:21:38 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-06-29 19:21:38 +0000 |
commit | 11e9b7b58837da351f08c18e6f0f4faba4d7d301 (patch) | |
tree | d9b28159a53c3814c8a2e6b33a5f01557b757439 /spec/requests/api/deploy_tokens_spec.rb | |
parent | 2b0b97e746e327c6168505df7740e667b690a27f (diff) | |
download | gitlab-ce-11e9b7b58837da351f08c18e6f0f4faba4d7d301.tar.gz |
Add latest changes from gitlab-org/security/gitlab@13-1-stable-ee
Diffstat (limited to 'spec/requests/api/deploy_tokens_spec.rb')
-rw-r--r-- | spec/requests/api/deploy_tokens_spec.rb | 28 |
1 files changed, 23 insertions, 5 deletions
diff --git a/spec/requests/api/deploy_tokens_spec.rb b/spec/requests/api/deploy_tokens_spec.rb index 499c334d491..2b86d59fbba 100644 --- a/spec/requests/api/deploy_tokens_spec.rb +++ b/spec/requests/api/deploy_tokens_spec.rb @@ -204,7 +204,7 @@ describe API::DeployTokens do end context 'deploy token creation' do - shared_examples 'creating a deploy token' do |entity, unauthenticated_response| + shared_examples 'creating a deploy token' do |entity, unauthenticated_response, authorized_role| let(:expires_time) { 1.year.from_now } let(:params) do { @@ -231,9 +231,9 @@ describe API::DeployTokens do it { is_expected.to have_gitlab_http_status(:forbidden) } end - context 'when authenticated as maintainer' do + context "when authenticated as #{authorized_role}" do before do - send(entity).add_maintainer(user) + send(entity).send("add_#{authorized_role}", user) end it 'creates the deploy token' do @@ -282,7 +282,7 @@ describe API::DeployTokens do response end - it_behaves_like 'creating a deploy token', :project, :not_found + it_behaves_like 'creating a deploy token', :project, :not_found, :maintainer end describe 'POST /groups/:id/deploy_tokens' do @@ -291,7 +291,17 @@ describe API::DeployTokens do response end - it_behaves_like 'creating a deploy token', :group, :forbidden + it_behaves_like 'creating a deploy token', :group, :forbidden, :owner + + context 'when authenticated as maintainer' do + before do + group.add_maintainer(user) + end + + let(:params) { { name: 'test', scopes: ['read_repository'] } } + + it { is_expected.to have_gitlab_http_status(:forbidden) } + end end end @@ -320,6 +330,14 @@ describe API::DeployTokens do group.add_maintainer(user) end + it { is_expected.to have_gitlab_http_status(:forbidden) } + end + + context 'when authenticated as owner' do + before do + group.add_owner(user) + end + it 'calls the deploy token destroy service' do expect(::Groups::DeployTokens::DestroyService).to receive(:new) .with(group, user, token_id: group_deploy_token.id) |