summaryrefslogtreecommitdiff
path: root/spec/requests
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-05-26 15:41:13 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-05-26 15:41:13 +0000
commit1e61fc763e645038f2da69fc9af6fe166a6b101a (patch)
tree76053795a637d056347c1891d98935c0361a331d /spec/requests
parent57b9b49b27a730294ae37d2ac25cab943f4b801d (diff)
downloadgitlab-ce-1e61fc763e645038f2da69fc9af6fe166a6b101a.tar.gz
Add latest changes from gitlab-org/security/gitlab@13-0-stable-ee
Diffstat (limited to 'spec/requests')
-rw-r--r--spec/requests/api/notification_settings_spec.rb2
-rw-r--r--spec/requests/openid_connect_spec.rb13
-rw-r--r--spec/requests/profiles/notifications_controller_spec.rb4
3 files changed, 10 insertions, 9 deletions
diff --git a/spec/requests/api/notification_settings_spec.rb b/spec/requests/api/notification_settings_spec.rb
index cbdab2f53a6..2dfde4c8ec9 100644
--- a/spec/requests/api/notification_settings_spec.rb
+++ b/spec/requests/api/notification_settings_spec.rb
@@ -19,7 +19,7 @@ describe API::NotificationSettings do
end
describe "PUT /notification_settings" do
- let(:email) { create(:email, user: user) }
+ let(:email) { create(:email, :confirmed, user: user) }
it "updates global notification settings for the current user" do
put api("/notification_settings", user), params: { level: 'watch', notification_email: email.email }
diff --git a/spec/requests/openid_connect_spec.rb b/spec/requests/openid_connect_spec.rb
index bd270679acd..785ab98a3d0 100644
--- a/spec/requests/openid_connect_spec.rb
+++ b/spec/requests/openid_connect_spec.rb
@@ -9,15 +9,11 @@ describe 'OpenID Connect requests' do
name: 'Alice',
username: 'alice',
email: 'private@example.com',
- emails: [public_email],
- public_email: public_email.email,
website_url: 'https://example.com',
avatar: fixture_file_upload('spec/fixtures/dk.png')
)
end
- let(:public_email) { build :email, email: 'public@example.com' }
-
let(:access_grant) { create :oauth_access_grant, application: application, resource_owner_id: user.id }
let(:access_token) { create :oauth_access_token, application: application, resource_owner_id: user.id }
@@ -37,7 +33,7 @@ describe 'OpenID Connect requests' do
'name' => 'Alice',
'nickname' => 'alice',
'email' => 'public@example.com',
- 'email_verified' => false,
+ 'email_verified' => true,
'website' => 'https://example.com',
'profile' => 'http://localhost/alice',
'picture' => "http://localhost/uploads/-/system/user/avatar/#{user.id}/dk.png",
@@ -62,6 +58,11 @@ describe 'OpenID Connect requests' do
get '/oauth/userinfo', params: {}, headers: { 'Authorization' => "Bearer #{access_token.token}" }
end
+ before do
+ email = create(:email, :confirmed, email: 'public@example.com', user: user)
+ user.update!(public_email: email.email)
+ end
+
context 'Application without OpenID scope' do
let(:application) { create :oauth_application, scopes: 'api' }
@@ -123,7 +124,7 @@ describe 'OpenID Connect requests' do
end
it 'has false in email_verified claim' do
- expect(json_response['email_verified']).to eq(false)
+ expect(json_response['email_verified']).to eq(true)
end
end
diff --git a/spec/requests/profiles/notifications_controller_spec.rb b/spec/requests/profiles/notifications_controller_spec.rb
index 41349d6c12d..0b2741677ab 100644
--- a/spec/requests/profiles/notifications_controller_spec.rb
+++ b/spec/requests/profiles/notifications_controller_spec.rb
@@ -5,8 +5,8 @@ require 'spec_helper'
describe 'view user notifications' do
let(:user) do
create(:user) do |user|
- user.emails.create(email: 'original@example.com')
- user.emails.create(email: 'new@example.com')
+ user.emails.create(email: 'original@example.com', confirmed_at: Time.current)
+ user.emails.create(email: 'new@example.com', confirmed_at: Time.current)
user.notification_email = 'original@example.com'
user.save!
end