diff options
Diffstat (limited to 'spec/support/api/scopes/read_user_shared_examples.rb')
-rw-r--r-- | spec/support/api/scopes/read_user_shared_examples.rb | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/spec/support/api/scopes/read_user_shared_examples.rb b/spec/support/api/scopes/read_user_shared_examples.rb index 3bd589d64b9..06ae8792c61 100644 --- a/spec/support/api/scopes/read_user_shared_examples.rb +++ b/spec/support/api/scopes/read_user_shared_examples.rb @@ -6,7 +6,7 @@ shared_examples_for 'allows the "read_user" scope' do it 'returns a "200" response' do get api_call.call(path, user, personal_access_token: token) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) end end @@ -16,17 +16,21 @@ shared_examples_for 'allows the "read_user" scope' do it 'returns a "200" response' do get api_call.call(path, user, personal_access_token: token) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) end end context 'when the requesting token does not have any required scope' do let(:token) { create(:personal_access_token, scopes: ['read_registry'], user: user) } - it 'returns a "401" response' do + before do + stub_container_registry_config(enabled: true) + end + + it 'returns a "403" response' do get api_call.call(path, user, personal_access_token: token) - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(403) end end end @@ -40,7 +44,7 @@ shared_examples_for 'allows the "read_user" scope' do it 'returns a "200" response' do get api_call.call(path, user, oauth_access_token: token) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) end end @@ -50,7 +54,7 @@ shared_examples_for 'allows the "read_user" scope' do it 'returns a "200" response' do get api_call.call(path, user, oauth_access_token: token) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) end end @@ -60,7 +64,7 @@ shared_examples_for 'allows the "read_user" scope' do it 'returns a "403" response' do get api_call.call(path, user, oauth_access_token: token) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) end end end @@ -70,10 +74,10 @@ shared_examples_for 'does not allow the "read_user" scope' do context 'when the requesting token has the "read_user" scope' do let(:token) { create(:personal_access_token, scopes: ['read_user'], user: user) } - it 'returns a "401" response' do + it 'returns a "403" response' do post api_call.call(path, user, personal_access_token: token), attributes_for(:user, projects_limit: 3) - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(403) end end end |