diff options
Diffstat (limited to 'spec/services/resources/create_access_token_service_spec.rb')
-rw-r--r-- | spec/services/resources/create_access_token_service_spec.rb | 163 |
1 files changed, 0 insertions, 163 deletions
diff --git a/spec/services/resources/create_access_token_service_spec.rb b/spec/services/resources/create_access_token_service_spec.rb deleted file mode 100644 index 8c108d9937a..00000000000 --- a/spec/services/resources/create_access_token_service_spec.rb +++ /dev/null @@ -1,163 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -describe Resources::CreateAccessTokenService do - subject { described_class.new(resource_type, resource, user, params).execute } - - let_it_be(:user) { create(:user) } - let_it_be(:project) { create(:project, :private) } - let_it_be(:params) { {} } - - describe '#execute' do - # Created shared_examples as it will easy to include specs for group bots in https://gitlab.com/gitlab-org/gitlab/-/issues/214046 - shared_examples 'fails when user does not have the permission to create a Resource Bot' do - before do - resource.add_developer(user) - end - - it 'returns error' do - response = subject - - expect(response.error?).to be true - expect(response.message).to eq("User does not have permission to create #{resource_type} Access Token") - end - end - - shared_examples 'fails when flag is disabled' do - before do - stub_feature_flags(resource_access_token: false) - end - - it 'returns nil' do - expect(subject).to be nil - end - end - - shared_examples 'allows creation of bot with valid params' do - it { expect { subject }.to change { User.count }.by(1) } - - it 'creates resource bot user' do - response = subject - - access_token = response.payload[:access_token] - - expect(access_token.user.reload.user_type).to eq("#{resource_type}_bot") - end - - context 'bot name' do - context 'when no value is passed' do - it 'uses default value' do - response = subject - access_token = response.payload[:access_token] - - expect(access_token.user.name).to eq("#{resource.name.to_s.humanize} bot") - end - end - - context 'when user provides value' do - let(:params) { { name: 'Random bot' } } - - it 'overrides the default value' do - response = subject - access_token = response.payload[:access_token] - - expect(access_token.user.name).to eq(params[:name]) - end - end - end - - it 'adds the bot user as a maintainer in the resource' do - response = subject - access_token = response.payload[:access_token] - bot_user = access_token.user - - expect(resource.members.maintainers.map(&:user_id)).to include(bot_user.id) - end - - context 'personal access token' do - it { expect { subject }.to change { PersonalAccessToken.count }.by(1) } - - context 'when user does not provide scope' do - it 'has default scopes' do - response = subject - access_token = response.payload[:access_token] - - expect(access_token.scopes).to eq(Gitlab::Auth::API_SCOPES + Gitlab::Auth::REPOSITORY_SCOPES + Gitlab::Auth.registry_scopes - [:read_user]) - end - end - - context 'when user provides scope explicitly' do - let(:params) { { scopes: Gitlab::Auth::REPOSITORY_SCOPES } } - - it 'overrides the default value' do - response = subject - access_token = response.payload[:access_token] - - expect(access_token.scopes).to eq(Gitlab::Auth::REPOSITORY_SCOPES) - end - end - - context 'expires_at' do - context 'when no value is passed' do - it 'uses default value' do - response = subject - access_token = response.payload[:access_token] - - expect(access_token.expires_at).to eq(nil) - end - end - - context 'when user provides value' do - let(:params) { { expires_at: Date.today + 1.month } } - - it 'overrides the default value' do - response = subject - access_token = response.payload[:access_token] - - expect(access_token.expires_at).to eq(params[:expires_at]) - end - end - - context 'when invalid scope is passed' do - let(:params) { { scopes: [:invalid_scope] } } - - it 'returns error' do - response = subject - - expect(response.error?).to be true - end - end - end - end - - context 'when access provisioning fails' do - before do - allow(resource).to receive(:add_maintainer).and_return(nil) - end - - it 'returns error' do - response = subject - - expect(response.error?).to be true - end - end - end - - context 'when resource is a project' do - let(:resource_type) { 'project' } - let(:resource) { project } - - it_behaves_like 'fails when user does not have the permission to create a Resource Bot' - it_behaves_like 'fails when flag is disabled' - - context 'user with valid permission' do - before do - resource.add_maintainer(user) - end - - it_behaves_like 'allows creation of bot with valid params' - end - end - end -end |