diff options
Diffstat (limited to 'spec/controllers/search_controller_spec.rb')
-rw-r--r-- | spec/controllers/search_controller_spec.rb | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/spec/controllers/search_controller_spec.rb b/spec/controllers/search_controller_spec.rb index 02a0cfe0272..752d6ae55cc 100644 --- a/spec/controllers/search_controller_spec.rb +++ b/spec/controllers/search_controller_spec.rb @@ -1,6 +1,8 @@ require 'spec_helper' describe SearchController do + include ExternalAuthorizationServiceHelpers + let(:user) { create(:user) } before do @@ -76,4 +78,41 @@ describe SearchController do expect(assigns[:search_objects].count).to eq(0) end end + + context 'with external authorization service enabled' do + let(:project) { create(:project, namespace: user.namespace) } + let(:note) { create(:note_on_issue, project: project) } + + before do + enable_external_authorization_service_check + end + + describe 'GET #show' do + it 'renders a 403 when no project is given' do + get :show, params: { scope: 'notes', search: note.note } + + expect(response).to have_gitlab_http_status(403) + end + + it 'renders a 200 when a project was set' do + get :show, params: { project_id: project.id, scope: 'notes', search: note.note } + + expect(response).to have_gitlab_http_status(200) + end + end + + describe 'GET #autocomplete' do + it 'renders a 403 when no project is given' do + get :autocomplete, params: { term: 'hello' } + + expect(response).to have_gitlab_http_status(403) + end + + it 'renders a 200 when a project was set' do + get :autocomplete, params: { project_id: project.id, term: 'hello' } + + expect(response).to have_gitlab_http_status(200) + end + end + end end |