diff options
Diffstat (limited to 'spec/requests/api/users_spec.rb')
-rw-r--r-- | spec/requests/api/users_spec.rb | 184 |
1 files changed, 90 insertions, 94 deletions
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index 2cd1483f486..94fba451860 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -368,6 +368,16 @@ RSpec.describe API::Users do expect(json_response.map { |u| u['id'] }).not_to include(internal_user.id) end end + + context 'admins param' do + it 'returns all users' do + get api("/users?admins=true", user) + + expect(response).to match_response_schema('public_api/v4/user/basics') + expect(json_response.size).to eq(2) + expect(json_response.map { |u| u['id'] }).to include(user.id, admin.id) + end + end end context "when admin" do @@ -487,6 +497,16 @@ RSpec.describe API::Users do expect(response).to have_gitlab_http_status(:bad_request) end end + + context 'admins param' do + it 'returns only admins' do + get api("/users?admins=true", admin) + + expect(response).to match_response_schema('public_api/v4/user/basics') + expect(json_response.size).to eq(1) + expect(json_response.first['id']).to eq(admin.id) + end + end end describe "GET /users/:id" do @@ -2368,7 +2388,7 @@ RSpec.describe API::Users do activate expect(response).to have_gitlab_http_status(:forbidden) - expect(json_response['message']).to eq('403 Forbidden - A blocked user must be unblocked to be activated') + expect(json_response['message']).to eq('403 Forbidden - A blocked user must be unblocked to be activated') expect(user.reload.state).to eq('blocked') end end @@ -2382,7 +2402,7 @@ RSpec.describe API::Users do activate expect(response).to have_gitlab_http_status(:forbidden) - expect(json_response['message']).to eq('403 Forbidden - A blocked user must be unblocked to be activated') + expect(json_response['message']).to eq('403 Forbidden - A blocked user must be unblocked to be activated') expect(user.reload.state).to eq('ldap_blocked') end end @@ -2439,7 +2459,7 @@ RSpec.describe API::Users do deactivate expect(response).to have_gitlab_http_status(:forbidden) - expect(json_response['message']).to eq("403 Forbidden - The user you are trying to deactivate has been active in the past #{::User::MINIMUM_INACTIVE_DAYS} days and cannot be deactivated") + expect(json_response['message']).to eq("403 Forbidden - The user you are trying to deactivate has been active in the past #{::User::MINIMUM_INACTIVE_DAYS} days and cannot be deactivated") expect(user.reload.state).to eq('active') end end @@ -2467,7 +2487,7 @@ RSpec.describe API::Users do deactivate expect(response).to have_gitlab_http_status(:forbidden) - expect(json_response['message']).to eq('403 Forbidden - A blocked user cannot be deactivated by the API') + expect(json_response['message']).to eq('403 Forbidden - A blocked user cannot be deactivated by the API') expect(user.reload.state).to eq('blocked') end end @@ -2481,7 +2501,7 @@ RSpec.describe API::Users do deactivate expect(response).to have_gitlab_http_status(:forbidden) - expect(json_response['message']).to eq('403 Forbidden - A blocked user cannot be deactivated by the API') + expect(json_response['message']).to eq('403 Forbidden - A blocked user cannot be deactivated by the API') expect(user.reload.state).to eq('ldap_blocked') end end @@ -2493,7 +2513,7 @@ RSpec.describe API::Users do deactivate expect(response).to have_gitlab_http_status(:forbidden) - expect(json_response['message']).to eq('403 Forbidden - An internal user cannot be deactivated by the API') + expect(json_response['message']).to eq('403 Forbidden - An internal user cannot be deactivated by the API') end end @@ -2853,115 +2873,91 @@ RSpec.describe API::Users do let(:expires_at) { 3.days.from_now.to_date.to_s } let(:scopes) { %w(api read_user) } - context 'when feature flag is enabled' do - before do - stub_feature_flags(pat_creation_api_for_admin: true) - end - - it 'returns error if required attributes are missing' do - post api("/users/#{user.id}/personal_access_tokens", admin) - - expect(response).to have_gitlab_http_status(:bad_request) - expect(json_response['error']).to eq('name is missing, scopes is missing, scopes does not have a valid value') - end - - it 'returns a 404 error if user not found' do - post api("/users/#{non_existing_record_id}/personal_access_tokens", admin), - params: { - name: name, - scopes: scopes, - expires_at: expires_at - } + it 'returns error if required attributes are missing' do + post api("/users/#{user.id}/personal_access_tokens", admin) - expect(response).to have_gitlab_http_status(:not_found) - expect(json_response['message']).to eq('404 User Not Found') - end + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response['error']).to eq('name is missing, scopes is missing, scopes does not have a valid value') + end - it 'returns a 401 error when not authenticated' do - post api("/users/#{user.id}/personal_access_tokens"), - params: { - name: name, - scopes: scopes, - expires_at: expires_at - } + it 'returns a 404 error if user not found' do + post api("/users/#{non_existing_record_id}/personal_access_tokens", admin), + params: { + name: name, + scopes: scopes, + expires_at: expires_at + } - expect(response).to have_gitlab_http_status(:unauthorized) - expect(json_response['message']).to eq('401 Unauthorized') - end + expect(response).to have_gitlab_http_status(:not_found) + expect(json_response['message']).to eq('404 User Not Found') + end - it 'returns a 403 error when authenticated as normal user' do - post api("/users/#{user.id}/personal_access_tokens", user), - params: { - name: name, - scopes: scopes, - expires_at: expires_at - } + it 'returns a 401 error when not authenticated' do + post api("/users/#{user.id}/personal_access_tokens"), + params: { + name: name, + scopes: scopes, + expires_at: expires_at + } - expect(response).to have_gitlab_http_status(:forbidden) - expect(json_response['message']).to eq('403 Forbidden') - end + expect(response).to have_gitlab_http_status(:unauthorized) + expect(json_response['message']).to eq('401 Unauthorized') + end - it 'creates a personal access token when authenticated as admin' do - post api("/users/#{user.id}/personal_access_tokens", admin), - params: { - name: name, - expires_at: expires_at, - scopes: scopes - } + it 'returns a 403 error when authenticated as normal user' do + post api("/users/#{user.id}/personal_access_tokens", user), + params: { + name: name, + scopes: scopes, + expires_at: expires_at + } - expect(response).to have_gitlab_http_status(:created) - expect(json_response['name']).to eq(name) - expect(json_response['scopes']).to eq(scopes) - expect(json_response['expires_at']).to eq(expires_at) - expect(json_response['id']).to be_present - expect(json_response['created_at']).to be_present - expect(json_response['active']).to be_truthy - expect(json_response['revoked']).to be_falsey - expect(json_response['token']).to be_present - end + expect(response).to have_gitlab_http_status(:forbidden) + expect(json_response['message']).to eq('403 Forbidden') + end - context 'when an error is thrown by the model' do - let!(:admin_personal_access_token) { create(:personal_access_token, user: admin) } - let(:error_message) { 'error message' } + it 'creates a personal access token when authenticated as admin' do + post api("/users/#{user.id}/personal_access_tokens", admin), + params: { + name: name, + expires_at: expires_at, + scopes: scopes + } - before do - allow_next_instance_of(PersonalAccessToken) do |personal_access_token| - allow(personal_access_token).to receive_message_chain(:errors, :full_messages) - .and_return([error_message]) + expect(response).to have_gitlab_http_status(:created) + expect(json_response['name']).to eq(name) + expect(json_response['scopes']).to eq(scopes) + expect(json_response['expires_at']).to eq(expires_at) + expect(json_response['id']).to be_present + expect(json_response['created_at']).to be_present + expect(json_response['active']).to be_truthy + expect(json_response['revoked']).to be_falsey + expect(json_response['token']).to be_present + end - allow(personal_access_token).to receive(:save).and_return(false) - end - end + context 'when an error is thrown by the model' do + let!(:admin_personal_access_token) { create(:personal_access_token, user: admin) } + let(:error_message) { 'error message' } - it 'returns the error' do - post api("/users/#{user.id}/personal_access_tokens", personal_access_token: admin_personal_access_token), - params: { - name: name, - expires_at: expires_at, - scopes: scopes - } + before do + allow_next_instance_of(PersonalAccessToken) do |personal_access_token| + allow(personal_access_token).to receive_message_chain(:errors, :full_messages) + .and_return([error_message]) - expect(response).to have_gitlab_http_status(:unprocessable_entity) - expect(json_response['message']).to eq(error_message) + allow(personal_access_token).to receive(:save).and_return(false) end end - end - context 'when feature flag is disabled' do - before do - stub_feature_flags(pat_creation_api_for_admin: false) - end - - it 'returns a 404' do - post api("/users/#{user.id}/personal_access_tokens", admin), + it 'returns the error' do + post api("/users/#{user.id}/personal_access_tokens", personal_access_token: admin_personal_access_token), params: { name: name, expires_at: expires_at, scopes: scopes } - expect(response).to have_gitlab_http_status(:not_found) - expect(json_response['message']).to eq('404 Not Found') + expect(response).to have_gitlab_http_status(:unprocessable_entity) + expect(json_response['message']).to eq(error_message) end end end |