diff options
author | Patricio Cano <suprnova32@gmail.com> | 2016-04-05 19:22:58 -0500 |
---|---|---|
committer | Patricio Cano <suprnova32@gmail.com> | 2016-04-05 19:22:58 -0500 |
commit | 7efaf22bccb16b381f7e76054d084e741006fc5f (patch) | |
tree | d949e9c33761969ce7c8e4503bb947a7be77066d /spec | |
parent | 518ec6b2660c55beba2833ce71b93774ed0a6c2a (diff) | |
download | gitlab-ce-7efaf22bccb16b381f7e76054d084e741006fc5f.tar.gz |
Removed extra LDAP tests and added tests for the external groups feature
Diffstat (limited to 'spec')
-rw-r--r-- | spec/lib/gitlab/saml/user_spec.rb | 68 |
1 files changed, 46 insertions, 22 deletions
diff --git a/spec/lib/gitlab/saml/user_spec.rb b/spec/lib/gitlab/saml/user_spec.rb index 6f5cf3a1cf5..84a26af940b 100644 --- a/spec/lib/gitlab/saml/user_spec.rb +++ b/spec/lib/gitlab/saml/user_spec.rb @@ -5,7 +5,7 @@ describe Gitlab::Saml::User, lib: true do let(:gl_user) { saml_user.gl_user } let(:uid) { 'my-uid' } let(:provider) { 'saml' } - let(:auth_hash) { OmniAuth::AuthHash.new(uid: uid, provider: provider, info: info_hash) } + let(:auth_hash) { OmniAuth::AuthHash.new(uid: uid, provider: provider, info: info_hash, extra: { raw_info: { groups: %w(Developers Freelancers Designers) } }) } let(:info_hash) do { name: 'John', @@ -31,8 +31,8 @@ describe Gitlab::Saml::User, lib: true do describe 'account exists on server' do before { stub_omniauth_config({ allow_single_sign_on: ['saml'], auto_link_saml_user: true }) } + let!(:existing_user) { create(:user, email: 'john@mail.com', username: 'john') } context 'and should bind with SAML' do - let!(:existing_user) { create(:user, email: 'john@mail.com', username: 'john') } it 'adds the SAML identity to the existing user' do saml_user.save expect(gl_user).to be_valid @@ -42,6 +42,32 @@ describe Gitlab::Saml::User, lib: true do expect(identity.provider).to eql 'saml' end end + + context 'external groups' do + context 'are defined' do + before { stub_saml_config({ options: { name: 'saml', groups_attribute: 'groups', external_groups: %w(Freelancers), args: {} } }) } + it 'marks the user as external' do + saml_user.save + expect(gl_user.external).to be_truthy + end + end + + before { stub_saml_config({ options: { name: 'saml', groups_attribute: 'groups', external_groups: %w(Interns), args: {} } }) } + context 'are defined but the user does not belong there' do + it 'does not mark the user as external' do + saml_user.save + expect(gl_user.external).to be_falsey + end + end + + context 'user was external, now should not be' do + it 'should make user internal' do + existing_user.update_attribute('external', true) + saml_user.save + expect(gl_user.external).to be_falsey + end + end + end end describe 'no account exists on server' do @@ -74,6 +100,24 @@ describe Gitlab::Saml::User, lib: true do end end + context 'external groups' do + context 'are defined' do + before { stub_saml_config({ options: { name: 'saml', groups_attribute: 'groups', external_groups: %w(Freelancers), args: {} } }) } + it 'marks the user as external' do + saml_user.save + expect(gl_user.external).to be_truthy + end + end + + before { stub_saml_config({ options: { name: 'saml', groups_attribute: 'groups', external_groups: %w(Interns), args: {} } }) } + context 'are defined but the user does not belong there' do + it 'does not mark the user as external' do + saml_user.save + expect(gl_user.external).to be_falsey + end + end + end + context 'with auto_link_ldap_user disabled (default)' do before { stub_omniauth_config({ auto_link_ldap_user: false, auto_link_saml_user: false, allow_single_sign_on: ['saml'] }) } include_examples 'to verify compliance with allow_single_sign_on' @@ -193,26 +237,6 @@ describe Gitlab::Saml::User, lib: true do expect(gl_user).not_to be_blocked end end - - context 'dont block on create (LDAP)' do - before { allow_any_instance_of(Gitlab::LDAP::Config).to receive_messages(block_auto_created_users: false) } - - it do - saml_user.save - expect(gl_user).to be_valid - expect(gl_user).not_to be_blocked - end - end - - context 'block on create (LDAP)' do - before { allow_any_instance_of(Gitlab::LDAP::Config).to receive_messages(block_auto_created_users: true) } - - it do - saml_user.save - expect(gl_user).to be_valid - expect(gl_user).not_to be_blocked - end - end end end end |