diff options
author | Rémy Coutable <remy@rymai.me> | 2018-10-22 08:52:42 +0000 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2018-10-22 08:52:42 +0000 |
commit | 631f4e2f54290b539fa3a7bc928589b1949adc34 (patch) | |
tree | b9da9af0823ab3a8ab618a61a60b1ee63f2af612 /spec/requests | |
parent | 5b6007f995b60b938c65efe9a18ed4f2c7dafa4d (diff) | |
parent | 192ccaebfc09c29bc62defb5f9a0fc69600600a1 (diff) | |
download | gitlab-ce-631f4e2f54290b539fa3a7bc928589b1949adc34.tar.gz |
Merge branch '52559-applications-api-get-delete' into 'master'
Add Applications API endpoints for listing and deleting entries.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/52559
See merge request https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22296
Diffstat (limited to 'spec/requests')
-rw-r--r-- | spec/requests/api/applications_spec.rb | 70 |
1 files changed, 63 insertions, 7 deletions
diff --git a/spec/requests/api/applications_spec.rb b/spec/requests/api/applications_spec.rb index f56bc932f40..270e12bf201 100644 --- a/spec/requests/api/applications_spec.rb +++ b/spec/requests/api/applications_spec.rb @@ -5,6 +5,7 @@ describe API::Applications, :api do let(:admin_user) { create(:user, admin: true) } let(:user) { create(:user, admin: false) } + let!(:application) { create(:application, name: 'another_application', redirect_uri: 'http://other_application.url', scopes: '') } describe 'POST /applications' do context 'authenticated and authorized user' do @@ -15,7 +16,7 @@ describe API::Applications, :api do application = Doorkeeper::Application.find_by(name: 'application_name', redirect_uri: 'http://application.url') - expect(response).to have_http_status 201 + expect(response).to have_gitlab_http_status(201) expect(json_response).to be_a Hash expect(json_response['application_id']).to eq application.uid expect(json_response['secret']).to eq application.secret @@ -27,7 +28,7 @@ describe API::Applications, :api do post api('/applications', admin_user), name: 'application_name', redirect_uri: 'wrong_url_format', scopes: '' end.not_to change { Doorkeeper::Application.count } - expect(response).to have_http_status 400 + expect(response).to have_gitlab_http_status(400) expect(json_response).to be_a Hash expect(json_response['message']['redirect_uri'][0]).to eq('must be an absolute URI.') end @@ -37,7 +38,7 @@ describe API::Applications, :api do post api('/applications', admin_user), redirect_uri: 'http://application.url', scopes: '' end.not_to change { Doorkeeper::Application.count } - expect(response).to have_http_status 400 + expect(response).to have_gitlab_http_status(400) expect(json_response).to be_a Hash expect(json_response['error']).to eq('name is missing') end @@ -47,7 +48,7 @@ describe API::Applications, :api do post api('/applications', admin_user), name: 'application_name', scopes: '' end.not_to change { Doorkeeper::Application.count } - expect(response).to have_http_status 400 + expect(response).to have_gitlab_http_status(400) expect(json_response).to be_a Hash expect(json_response['error']).to eq('redirect_uri is missing') end @@ -57,7 +58,7 @@ describe API::Applications, :api do post api('/applications', admin_user), name: 'application_name', redirect_uri: 'http://application.url' end.not_to change { Doorkeeper::Application.count } - expect(response).to have_http_status 400 + expect(response).to have_gitlab_http_status(400) expect(json_response).to be_a Hash expect(json_response['error']).to eq('scopes is missing') end @@ -69,7 +70,7 @@ describe API::Applications, :api do post api('/applications', user), name: 'application_name', redirect_uri: 'http://application.url', scopes: '' end.not_to change { Doorkeeper::Application.count } - expect(response).to have_http_status 403 + expect(response).to have_gitlab_http_status(403) end end @@ -79,7 +80,62 @@ describe API::Applications, :api do post api('/applications'), name: 'application_name', redirect_uri: 'http://application.url' end.not_to change { Doorkeeper::Application.count } - expect(response).to have_http_status 401 + expect(response).to have_gitlab_http_status(401) + end + end + end + + describe 'GET /applications' do + context 'authenticated and authorized user' do + it 'can list application' do + get api('/applications', admin_user) + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to be_a(Array) + end + end + + context 'authorized user without authorization' do + it 'cannot list application' do + get api('/applications', user) + + expect(response).to have_gitlab_http_status(403) + end + end + + context 'non-authenticated user' do + it 'cannot list application' do + get api('/applications') + + expect(response).to have_gitlab_http_status(401) + end + end + end + + describe 'DELETE /applications/:id' do + context 'authenticated and authorized user' do + it 'can delete an application' do + expect do + delete api("/applications/#{application.id}", admin_user) + end.to change { Doorkeeper::Application.count }.by(-1) + + expect(response).to have_gitlab_http_status(204) + end + end + + context 'authorized user without authorization' do + it 'cannot delete an application' do + delete api("/applications/#{application.id}", user) + + expect(response).to have_gitlab_http_status(403) + end + end + + context 'non-authenticated user' do + it 'cannot delete an application' do + delete api("/applications/#{application.id}") + + expect(response).to have_gitlab_http_status(401) end end end |