diff options
| author | Timothy Andrew <mail@timothyandrew.net> | 2017-04-13 11:34:16 +0000 |
|---|---|---|
| committer | Timothy Andrew <mail@timothyandrew.net> | 2017-04-13 13:13:22 +0000 |
| commit | bee780e8fdf56fa24b54326e9c27f0b1ab7446f7 (patch) | |
| tree | 848f5b098a5da401eec063e77d8a9de4078619e4 /spec | |
| parent | 7629c9ec57cb9b14f41c1163b61df1e6ea6b0ca1 (diff) | |
| download | gitlab-ce-bee780e8fdf56fa24b54326e9c27f0b1ab7446f7.tar.gz | |
Allow OAuth clients to push code30305-oauth-token-push-code
- We currently support fetching code with username = 'oauth2' and
password = <access_token>.
- Trying to _push_ code with the same credentials fails with an authentication
error.
- There's no reason this shouldn't be enabled, especially since we allow the
OAuth client to create deploy keys with push access:
https://docs.gitlab.com/ce/api/deploy_keys.html#add-deploy-key
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/lib/gitlab/auth_spec.rb | 2 | ||||
| -rw-r--r-- | spec/requests/git_http_spec.rb | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb index 03c4879ed6f..d4a43192d03 100644 --- a/spec/lib/gitlab/auth_spec.rb +++ b/spec/lib/gitlab/auth_spec.rb @@ -118,7 +118,7 @@ describe Gitlab::Auth, lib: true do it 'succeeds for OAuth tokens with the `api` scope' do expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: 'oauth2') - expect(gl_auth.find_for_git_client("oauth2", token_w_api_scope.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, read_authentication_abilities)) + expect(gl_auth.find_for_git_client("oauth2", token_w_api_scope.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, full_authentication_abilities)) end it 'fails for OAuth tokens with other scopes' do diff --git a/spec/requests/git_http_spec.rb b/spec/requests/git_http_spec.rb index 006d6a6af1c..02a618388be 100644 --- a/spec/requests/git_http_spec.rb +++ b/spec/requests/git_http_spec.rb @@ -270,10 +270,10 @@ describe 'Git HTTP requests', lib: true do expect(response.content_type.to_s).to eq(Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE) end - it "uploads get status 401 (no project existence information leak)" do + it "uploads get status 200" do push_get "#{project.path_with_namespace}.git", user: 'oauth2', password: @token.token - expect(response).to have_http_status(401) + expect(response).to have_http_status(200) end end |