diff options
| author | JB Vasseur <jvasseur@gmail.com> | 2018-10-11 22:35:17 +0900 |
|---|---|---|
| committer | JB Vasseur <jvasseur@gmail.com> | 2018-10-11 22:35:17 +0900 |
| commit | f1645bf7e722096f570a706d37c3379f07a55a68 (patch) | |
| tree | cdbe95104d6d46de2b3b505474de2b44251a98ac /spec/requests | |
| parent | 33c88f5e5192bec231656e4253263178d8004e63 (diff) | |
| download | gitlab-ce-f1645bf7e722096f570a706d37c3379f07a55a68.tar.gz | |
Fix unauthorized user tests and add non-authenticated user tests
Diffstat (limited to 'spec/requests')
| -rw-r--r-- | spec/requests/api/applications_spec.rb | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/spec/requests/api/applications_spec.rb b/spec/requests/api/applications_spec.rb index f95b40fff17..9240dd94990 100644 --- a/spec/requests/api/applications_spec.rb +++ b/spec/requests/api/applications_spec.rb @@ -95,6 +95,14 @@ describe API::Applications, :api do end end + context 'authorized user without authorization' do + it 'cannot list application' do + get api('/applications', user) + + expect(response).to have_http_status 403 + end + end + context 'non-authenticated user' do it 'cannot list application' do get api('/applications', user) @@ -109,16 +117,24 @@ describe API::Applications, :api do it 'can delete an application' do expect do delete api("/applications/#{application.id}", admin_user) - end.to change { Doorkeeper::Application.count }.by -1 - + end.to change { Doorkeeper::Application.count }.by(-1) + expect(response).to have_gitlab_http_status(204) end end - context 'non-authenticated user' do + context 'authorized user without authorization' do it 'cannot delete an application' do delete api("/applications/#{application.id}", user) + expect(response).to have_http_status 403 + end + end + + context 'non-authenticated user' do + it 'cannot delete an application' do + delete api("/applications/#{application.id}") + expect(response).to have_http_status 401 end end |