diff options
author | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-04 18:43:41 -0500 |
---|---|---|
committer | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-06 21:20:16 -0500 |
commit | 171b2625b128e5954ce0a150a4fc923a22164e4e (patch) | |
tree | 834586c27477a404e71fe2fac9d17ecf3e495e58 /spec | |
parent | 7deab3172257bef7818ce834c1e0709432ddd5e0 (diff) | |
download | gitlab-ce-171b2625b128e5954ce0a150a4fc923a22164e4e.tar.gz |
Addreses backend review suggestions
- Remove extra method for authorize_admin_project
- Ensure project presence
- Rename 'read_repo' to 'read_repository' to be more verbose
Diffstat (limited to 'spec')
-rw-r--r-- | spec/factories/deploy_tokens.rb | 6 | ||||
-rw-r--r-- | spec/lib/gitlab/auth_spec.rb | 10 | ||||
-rw-r--r-- | spec/models/deploy_token_spec.rb | 1 | ||||
-rw-r--r-- | spec/policies/deploy_token_policy_spec.rb | 45 | ||||
-rw-r--r-- | spec/presenters/projects/settings/deploy_tokens_presenter_spec.rb | 2 |
5 files changed, 55 insertions, 9 deletions
diff --git a/spec/factories/deploy_tokens.rb b/spec/factories/deploy_tokens.rb index fa349e10ddc..7cce55a3e14 100644 --- a/spec/factories/deploy_tokens.rb +++ b/spec/factories/deploy_tokens.rb @@ -5,14 +5,14 @@ FactoryBot.define do sequence(:name) { |n| "PDT #{n}" } revoked false expires_at { 5.days.from_now } - scopes %w(read_repo read_registry) + scopes %w(read_repository read_registry) trait :revoked do revoked true end - trait :read_repo do - scopes ['read_repo'] + trait :read_repository do + scopes ['read_repository'] end trait :read_registry do diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb index 79984787e2a..f704c20f598 100644 --- a/spec/lib/gitlab/auth_spec.rb +++ b/spec/lib/gitlab/auth_spec.rb @@ -5,7 +5,7 @@ describe Gitlab::Auth do describe 'constants' do it 'API_SCOPES contains all scopes for API access' do - expect(subject::API_SCOPES).to eq %i[api read_user sudo read_repo] + expect(subject::API_SCOPES).to eq %i[api read_user sudo read_repository] end it 'OPENID_SCOPES contains all scopes for OpenID Connect' do @@ -19,7 +19,7 @@ describe Gitlab::Auth do it 'optional_scopes contains all non-default scopes' do stub_container_registry_config(enabled: true) - expect(subject.optional_scopes).to eq %i[read_user sudo read_repo read_registry openid] + expect(subject.optional_scopes).to eq %i[read_user sudo read_repository read_registry openid] end context 'registry_scopes' do @@ -260,10 +260,10 @@ describe Gitlab::Auth do let(:project) { create(:project) } let(:auth_failure) { Gitlab::Auth::Result.new(nil, nil) } - context 'when the deploy token has read_repo as scope' do - let(:deploy_token) { create(:deploy_token, :read_repo, project: project) } + context 'when the deploy token has read_repository as scope' do + let(:deploy_token) { create(:deploy_token, :read_repository, project: project) } - it 'succeeds when project is present, token is valid and has read_repo as scope' do + it 'succeeds when project is present, token is valid and has read_repository as scope' do abilities = %i(read_project download_code) auth_success = Gitlab::Auth::Result.new(deploy_token, project, :deploy_token, abilities) diff --git a/spec/models/deploy_token_spec.rb b/spec/models/deploy_token_spec.rb index 26d846ac6c8..50f6f441a58 100644 --- a/spec/models/deploy_token_spec.rb +++ b/spec/models/deploy_token_spec.rb @@ -4,6 +4,7 @@ describe DeployToken do let(:deploy_token) { create(:deploy_token) } it { is_expected.to belong_to :project } + it { is_expected.to validate_presence_of :project } describe 'validations' do context 'with no scopes defined' do diff --git a/spec/policies/deploy_token_policy_spec.rb b/spec/policies/deploy_token_policy_spec.rb new file mode 100644 index 00000000000..cbb5fb815a1 --- /dev/null +++ b/spec/policies/deploy_token_policy_spec.rb @@ -0,0 +1,45 @@ +require 'spec_helper' + +describe DeployTokenPolicy do + let(:current_user) { create(:user) } + let(:project) { create(:project) } + let(:deploy_token) { create(:deploy_token, project: project) } + + subject { described_class.new(current_user, deploy_token) } + + describe 'creating a deploy key' do + context 'when user is master' do + before do + project.add_master(current_user) + end + + it { is_expected.to be_allowed(:create_deploy_token) } + end + + context 'when user is not master' do + before do + project.add_developer(current_user) + end + + it { is_expected.to be_disallowed(:create_deploy_token) } + end + end + + describe 'updating a deploy key' do + context 'when user is master' do + before do + project.add_master(current_user) + end + + it { is_expected.to be_allowed(:update_deploy_token) } + end + + context 'when user is not master' do + before do + project.add_developer(current_user) + end + + it { is_expected.to be_disallowed(:update_deploy_token) } + end + end +end diff --git a/spec/presenters/projects/settings/deploy_tokens_presenter_spec.rb b/spec/presenters/projects/settings/deploy_tokens_presenter_spec.rb index ca734019727..7bfe074ad30 100644 --- a/spec/presenters/projects/settings/deploy_tokens_presenter_spec.rb +++ b/spec/presenters/projects/settings/deploy_tokens_presenter_spec.rb @@ -9,7 +9,7 @@ describe Projects::Settings::DeployTokensPresenter do describe '#available_scopes' do it 'returns the all the deploy token scopes' do - expect(presenter.available_scopes).to match_array(%w(read_repo read_registry)) + expect(presenter.available_scopes).to match_array(%w(read_repository read_registry)) end end |