diff options
author | Nick Thomas <nick@gitlab.com> | 2019-08-26 10:22:34 +0000 |
---|---|---|
committer | Nick Thomas <nick@gitlab.com> | 2019-08-26 10:22:34 +0000 |
commit | 74904116d81903ec854f81421720d9edd6fe9926 (patch) | |
tree | 4432faeabb2666850f64721323335443d8f7099a /spec/services | |
parent | f5fa604c3e6ae3fd6915480b96a3c956cdcfcb8f (diff) | |
parent | f56c2191a10667783d488eb3415ac2ba2b3f06a3 (diff) | |
download | gitlab-ce-74904116d81903ec854f81421720d9edd6fe9926.tar.gz |
Merge branch '66443-unrecoverable-configuration-loop-in-external-auth-control' into 'master'
Resolve "Unrecoverable configuration loop in external auth control"
Closes #66443
See merge request gitlab-org/gitlab-ce!32102
Diffstat (limited to 'spec/services')
-rw-r--r-- | spec/services/application_settings/update_service_spec.rb | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/spec/services/application_settings/update_service_spec.rb b/spec/services/application_settings/update_service_spec.rb index adb5219d691..ab06c1a1209 100644 --- a/spec/services/application_settings/update_service_spec.rb +++ b/spec/services/application_settings/update_service_spec.rb @@ -201,6 +201,24 @@ describe ApplicationSettings::UpdateService do enable_external_authorization_service_check end + it 'does not validate labels if external authorization gets disabled' do + expect_any_instance_of(described_class).not_to receive(:validate_classification_label) + + described_class.new(application_settings, admin, { external_authorization_service_enabled: false }).execute + end + + it 'does validate labels if external authorization gets enabled ' do + expect_any_instance_of(described_class).to receive(:validate_classification_label) + + described_class.new(application_settings, admin, { external_authorization_service_enabled: true }).execute + end + + it 'does validate labels if external authorization is left unchanged' do + expect_any_instance_of(described_class).to receive(:validate_classification_label) + + described_class.new(application_settings, admin, { external_authorization_service_default_label: 'new-label' }).execute + end + it 'does not save the settings with an error if the service denies access' do expect(::Gitlab::ExternalAuthorization) .to receive(:access_allowed?).with(admin, 'new-label') { false } |