summaryrefslogtreecommitdiff
path: root/spec
diff options
context:
space:
mode:
authorFrancisco Javier López <fjlopez@gitlab.com>2018-06-13 08:25:01 +0000
committerDouwe Maan <douwe@gitlab.com>2018-06-13 08:25:01 +0000
commitdf45623b3455193395d523bc88deee87b5f6d56f (patch)
tree410e4847b2ee01dbf60d1f0c47badd420d39957a /spec
parent504f3620330fa0cc8b6f3cb3f1647db2158a036f (diff)
downloadgitlab-ce-df45623b3455193395d523bc88deee87b5f6d56f.tar.gz
Restoring user v3 endpoint
Diffstat (limited to 'spec')
-rw-r--r--spec/requests/api/users_spec.rb73
-rw-r--r--spec/support/api/scopes/read_user_shared_examples.rb10
2 files changed, 45 insertions, 38 deletions
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index 3377d67b644..a97c3f3461a 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -1123,58 +1123,63 @@ describe API::Users do
describe "GET /user" do
let(:personal_access_token) { create(:personal_access_token, user: user).token }
- context 'with regular user' do
- context 'with personal access token' do
- it 'returns 403 without private token when sudo is defined' do
- get api("/user?private_token=#{personal_access_token}&sudo=123")
+ shared_examples 'get user info' do |version|
+ context 'with regular user' do
+ context 'with personal access token' do
+ it 'returns 403 without private token when sudo is defined' do
+ get api("/user?private_token=#{personal_access_token}&sudo=123", version: version)
- expect(response).to have_gitlab_http_status(403)
+ expect(response).to have_gitlab_http_status(403)
+ end
end
- end
- it 'returns current user without private token when sudo not defined' do
- get api("/user", user)
+ it 'returns current user without private token when sudo not defined' do
+ get api("/user", user, version: version)
- expect(response).to have_gitlab_http_status(200)
- expect(response).to match_response_schema('public_api/v4/user/public')
- expect(json_response['id']).to eq(user.id)
- end
+ expect(response).to have_gitlab_http_status(200)
+ expect(response).to match_response_schema('public_api/v4/user/public')
+ expect(json_response['id']).to eq(user.id)
+ end
- context "scopes" do
- let(:path) { "/user" }
- let(:api_call) { method(:api) }
+ context "scopes" do
+ let(:path) { "/user" }
+ let(:api_call) { method(:api) }
- include_examples 'allows the "read_user" scope'
+ include_examples 'allows the "read_user" scope', version
+ end
end
- end
- context 'with admin' do
- let(:admin_personal_access_token) { create(:personal_access_token, user: admin).token }
+ context 'with admin' do
+ let(:admin_personal_access_token) { create(:personal_access_token, user: admin).token }
- context 'with personal access token' do
- it 'returns 403 without private token when sudo defined' do
- get api("/user?private_token=#{admin_personal_access_token}&sudo=#{user.id}")
+ context 'with personal access token' do
+ it 'returns 403 without private token when sudo defined' do
+ get api("/user?private_token=#{admin_personal_access_token}&sudo=#{user.id}", version: version)
- expect(response).to have_gitlab_http_status(403)
- end
+ expect(response).to have_gitlab_http_status(403)
+ end
- it 'returns initial current user without private token but with is_admin when sudo not defined' do
- get api("/user?private_token=#{admin_personal_access_token}")
+ it 'returns initial current user without private token but with is_admin when sudo not defined' do
+ get api("/user?private_token=#{admin_personal_access_token}", version: version)
- expect(response).to have_gitlab_http_status(200)
- expect(response).to match_response_schema('public_api/v4/user/admin')
- expect(json_response['id']).to eq(admin.id)
+ expect(response).to have_gitlab_http_status(200)
+ expect(response).to match_response_schema('public_api/v4/user/admin')
+ expect(json_response['id']).to eq(admin.id)
+ end
end
end
- end
- context 'with unauthenticated user' do
- it "returns 401 error if user is unauthenticated" do
- get api("/user")
+ context 'with unauthenticated user' do
+ it "returns 401 error if user is unauthenticated" do
+ get api("/user", version: version)
- expect(response).to have_gitlab_http_status(401)
+ expect(response).to have_gitlab_http_status(401)
+ end
end
end
+
+ it_behaves_like 'get user info', 'v3'
+ it_behaves_like 'get user info', 'v4'
end
describe "GET /user/keys" do
diff --git a/spec/support/api/scopes/read_user_shared_examples.rb b/spec/support/api/scopes/read_user_shared_examples.rb
index 06ae8792c61..d7cef137989 100644
--- a/spec/support/api/scopes/read_user_shared_examples.rb
+++ b/spec/support/api/scopes/read_user_shared_examples.rb
@@ -1,10 +1,12 @@
-shared_examples_for 'allows the "read_user" scope' do
+shared_examples_for 'allows the "read_user" scope' do |api_version|
+ let(:version) { api_version || 'v4' }
+
context 'for personal access tokens' do
context 'when the requesting token has the "api" scope' do
let(:token) { create(:personal_access_token, scopes: ['api'], user: user) }
it 'returns a "200" response' do
- get api_call.call(path, user, personal_access_token: token)
+ get api_call.call(path, user, personal_access_token: token, version: version)
expect(response).to have_gitlab_http_status(200)
end
@@ -14,7 +16,7 @@ shared_examples_for 'allows the "read_user" scope' do
let(:token) { create(:personal_access_token, scopes: ['read_user'], user: user) }
it 'returns a "200" response' do
- get api_call.call(path, user, personal_access_token: token)
+ get api_call.call(path, user, personal_access_token: token, version: version)
expect(response).to have_gitlab_http_status(200)
end
@@ -28,7 +30,7 @@ shared_examples_for 'allows the "read_user" scope' do
end
it 'returns a "403" response' do
- get api_call.call(path, user, personal_access_token: token)
+ get api_call.call(path, user, personal_access_token: token, version: version)
expect(response).to have_gitlab_http_status(403)
end