Add latest changes from gitlab-org/security/gitlab@15-8-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-03-01 18:33:31 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-03-01 18:33:31 +0000
commit: 0fcbe48468f0e566929599dda36b2dedd72e5708 (patch)
tree: 0a33f7a23aee7cffaa0d07046c5c0573aec3a7d2 /spec/services/resource_access_tokens/create_service_spec.rb
parent: cf599b3cb9210c48820e7d88c4393303aa28826e (diff)
download: gitlab-ce-0fcbe48468f0e566929599dda36b2dedd72e5708.tar.gz
1 files changed, 25 insertions, 26 deletions
diff --git a/spec/services/resource_access_tokens/create_service_spec.rb b/spec/services/resource_access_tokens/create_service_spec.rb
index a8c8d41ca09..442232920f9 100644
--- a/spec/services/resource_access_tokens/create_service_spec.rb
+++ b/spec/services/resource_access_tokens/create_service_spec.rb
@@ -27,13 +27,6 @@ RSpec.describe ResourceAccessTokens::CreateService do
       end
     end
 
-    shared_examples 'correct error message' do
-      it 'returns correct error message' do
-        expect(subject.error?).to be true
-        expect(subject.errors).to include(error_message)
-      end
-    end
-
     shared_examples 'allows creation of bot with valid params' do
       it { expect { subject }.to change { User.count }.by(1) }
 
@@ -207,11 +200,16 @@ RSpec.describe ResourceAccessTokens::CreateService do
           end
 
           context 'when invalid scope is passed' do
-            let(:error_message) { 'Scopes can only contain available scopes' }
             let_it_be(:params) { { scopes: [:invalid_scope] } }
 
             it_behaves_like 'token creation fails'
-            it_behaves_like 'correct error message'
+
+            it 'returns the scope error message' do
+              response = subject
+
+              expect(response.error?).to be true
+              expect(response.errors).to include("Scopes can only contain available scopes")
+            end
           end
         end
 
@@ -219,7 +217,6 @@ RSpec.describe ResourceAccessTokens::CreateService do
           let_it_be(:bot_user) { create(:user, :project_bot) }
 
           let(:unpersisted_member) { build(:project_member, source: resource, user: bot_user) }
-          let(:error_message) { 'Could not provision maintainer access to project access token' }
 
           before do
             allow_next_instance_of(ResourceAccessTokens::CreateService) do |service|
@@ -229,7 +226,13 @@ RSpec.describe ResourceAccessTokens::CreateService do
           end
 
           it_behaves_like 'token creation fails'
-          it_behaves_like 'correct error message'
+
+          it 'returns the provisioning error message' do
+            response = subject
+
+            expect(response.error?).to be true
+            expect(response.errors).to include("Could not provision maintainer access to project access token")
+          end
         end
       end
 
@@ -243,10 +246,14 @@ RSpec.describe ResourceAccessTokens::CreateService do
     end
 
     shared_examples 'when user does not have permission to create a resource bot' do
-      let(:error_message) { "User does not have permission to create #{resource_type} access token" }
-
       it_behaves_like 'token creation fails'
-      it_behaves_like 'correct error message'
+
+      it 'returns the permission error message' do
+        response = subject
+
+        expect(response.error?).to be true
+        expect(response.errors).to include("User does not have permission to create #{resource_type} access token")
+      end
     end
 
     context 'when resource is a project' do
@@ -266,19 +273,11 @@ RSpec.describe ResourceAccessTokens::CreateService do
           let_it_be(:params) { { access_level: Gitlab::Access::OWNER } }
 
           context 'when the executor is a MAINTAINER' do
-            let(:error_message) { 'Could not provision owner access to project access token' }
-
-            context 'with OWNER access_level, in integer format' do
-              it_behaves_like 'token creation fails'
-              it_behaves_like 'correct error message'
-            end
-
-            context 'with OWNER access_level, in string format' do
-              let(:error_message) { 'Could not provision owner access to project access token' }
-              let_it_be(:params) { { access_level: Gitlab::Access::OWNER.to_s } }
+            it 'does not add the bot user with the specified access level in the resource' do
+              response = subject
 
-              it_behaves_like 'token creation fails'
-              it_behaves_like 'correct error message'
+              expect(response.error?).to be true
+              expect(response.errors).to include('Could not provision owner access to project access token')
             end
           end
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-03-01 18:33:31 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-03-01 18:33:31 +0000
commit	0fcbe48468f0e566929599dda36b2dedd72e5708 (patch)
tree	0a33f7a23aee7cffaa0d07046c5c0573aec3a7d2 /spec/services/resource_access_tokens/create_service_spec.rb
parent	cf599b3cb9210c48820e7d88c4393303aa28826e (diff)
download	gitlab-ce-0fcbe48468f0e566929599dda36b2dedd72e5708.tar.gz