summaryrefslogtreecommitdiff
path: root/spec/requests/api/personal_access_tokens/self_revocation_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/requests/api/personal_access_tokens/self_revocation_spec.rb')
-rw-r--r--spec/requests/api/personal_access_tokens/self_revocation_spec.rb69
1 files changed, 0 insertions, 69 deletions
diff --git a/spec/requests/api/personal_access_tokens/self_revocation_spec.rb b/spec/requests/api/personal_access_tokens/self_revocation_spec.rb
deleted file mode 100644
index f829b39cc1e..00000000000
--- a/spec/requests/api/personal_access_tokens/self_revocation_spec.rb
+++ /dev/null
@@ -1,69 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-RSpec.describe API::PersonalAccessTokens::SelfRevocation do
- let_it_be(:current_user) { create(:user) }
-
- describe 'DELETE /personal_access_tokens/self' do
- let(:path) { '/personal_access_tokens/self' }
- let(:token) { create(:personal_access_token, user: current_user) }
-
- subject(:delete_token) { delete api(path, personal_access_token: token) }
-
- shared_examples 'revoking token succeeds' do
- it 'revokes token' do
- delete_token
-
- expect(response).to have_gitlab_http_status(:no_content)
- expect(token.reload).to be_revoked
- end
- end
-
- shared_examples 'revoking token denied' do |status|
- it 'cannot revoke token' do
- delete_token
-
- expect(response).to have_gitlab_http_status(status)
- end
- end
-
- context 'when current_user is an administrator', :enable_admin_mode do
- let(:current_user) { create(:admin) }
-
- it_behaves_like 'revoking token succeeds'
-
- context 'with impersonated token' do
- let(:token) { create(:personal_access_token, :impersonation, user: current_user) }
-
- it_behaves_like 'revoking token succeeds'
- end
- end
-
- context 'when current_user is not an administrator' do
- let(:current_user) { create(:user) }
-
- it_behaves_like 'revoking token succeeds'
-
- context 'with impersonated token' do
- let(:token) { create(:personal_access_token, :impersonation, user: current_user) }
-
- it_behaves_like 'revoking token denied', :bad_request
- end
-
- context 'with already revoked token' do
- let(:token) { create(:personal_access_token, :revoked, user: current_user) }
-
- it_behaves_like 'revoking token denied', :unauthorized
- end
- end
-
- Gitlab::Auth.all_available_scopes.each do |scope|
- context "with a '#{scope}' scoped token" do
- let(:token) { create(:personal_access_token, scopes: [scope], user: current_user) }
-
- it_behaves_like 'revoking token succeeds'
- end
- end
- end
-end
View Lorry Controller Status