diff options
Diffstat (limited to 'spec/controllers/oauth/authorizations_controller_spec.rb')
| -rw-r--r-- | spec/controllers/oauth/authorizations_controller_spec.rb | 78 |
1 files changed, 46 insertions, 32 deletions
diff --git a/spec/controllers/oauth/authorizations_controller_spec.rb b/spec/controllers/oauth/authorizations_controller_spec.rb index 1b4bebd9707..f975502ca4e 100644 --- a/spec/controllers/oauth/authorizations_controller_spec.rb +++ b/spec/controllers/oauth/authorizations_controller_spec.rb @@ -3,7 +3,6 @@ require 'spec_helper' describe Oauth::AuthorizationsController do - let(:user) { create(:user) } let!(:application) { create(:oauth_application, scopes: 'api read_user', redirect_uri: 'http://example.com') } let(:params) do { @@ -19,53 +18,68 @@ describe Oauth::AuthorizationsController do end describe 'GET #new' do - context 'without valid params' do - it 'returns 200 code and renders error view' do - get :new + context 'when the user is confirmed' do + let(:user) { create(:user) } - expect(response).to have_gitlab_http_status(:ok) - expect(response).to render_template('doorkeeper/authorizations/error') + context 'without valid params' do + it 'returns 200 code and renders error view' do + get :new + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template('doorkeeper/authorizations/error') + end end - end - context 'with valid params' do - render_views + context 'with valid params' do + render_views - it 'returns 200 code and renders view' do - get :new, params: params + it 'returns 200 code and renders view' do + get :new, params: params - expect(response).to have_gitlab_http_status(:ok) - expect(response).to render_template('doorkeeper/authorizations/new') - end + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template('doorkeeper/authorizations/new') + end - it 'deletes session.user_return_to and redirects when skip authorization' do - application.update(trusted: true) - request.session['user_return_to'] = 'http://example.com' + it 'deletes session.user_return_to and redirects when skip authorization' do + application.update(trusted: true) + request.session['user_return_to'] = 'http://example.com' - get :new, params: params + get :new, params: params - expect(request.session['user_return_to']).to be_nil - expect(response).to have_gitlab_http_status(:found) - end + expect(request.session['user_return_to']).to be_nil + expect(response).to have_gitlab_http_status(:found) + end - context 'when there is already an access token for the application' do - context 'when the request scope matches any of the created token scopes' do - before do - scopes = Doorkeeper::OAuth::Scopes.from_string('api') + context 'when there is already an access token for the application' do + context 'when the request scope matches any of the created token scopes' do + before do + scopes = Doorkeeper::OAuth::Scopes.from_string('api') - allow(Doorkeeper.configuration).to receive(:scopes).and_return(scopes) + allow(Doorkeeper.configuration).to receive(:scopes).and_return(scopes) - create :oauth_access_token, application: application, resource_owner_id: user.id, scopes: scopes - end + create :oauth_access_token, application: application, resource_owner_id: user.id, scopes: scopes + end - it 'authorizes the request and redirects' do - get :new, params: params + it 'authorizes the request and redirects' do + get :new, params: params - expect(request.session['user_return_to']).to be_nil - expect(response).to have_gitlab_http_status(:found) + expect(request.session['user_return_to']).to be_nil + expect(response).to have_gitlab_http_status(:found) + end end end end end + + context 'when the user is unconfirmed' do + let(:user) { create(:user, confirmed_at: nil) } + + it 'returns 200 and renders error view' do + get :new, params: params + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template('doorkeeper/authorizations/error') + end + end end end |