diff options
Diffstat (limited to 'spec/support/shared_examples/requests/api/read_user_shared_examples.rb')
-rw-r--r-- | spec/support/shared_examples/requests/api/read_user_shared_examples.rb | 32 |
1 files changed, 28 insertions, 4 deletions
diff --git a/spec/support/shared_examples/requests/api/read_user_shared_examples.rb b/spec/support/shared_examples/requests/api/read_user_shared_examples.rb index 59cd0ab67b4..b9fd997bd2c 100644 --- a/spec/support/shared_examples/requests/api/read_user_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/read_user_shared_examples.rb @@ -7,21 +7,33 @@ RSpec.shared_examples 'allows the "read_user" scope' do |api_version| context 'when the requesting token has the "api" scope' do let(:token) { create(:personal_access_token, scopes: ['api'], user: user) } - it 'returns a "200" response' do + it 'returns a "200" response on get request' do get api_call.call(path, user, personal_access_token: token, version: version) expect(response).to have_gitlab_http_status(:ok) end + + it 'returns a "200" response on head request' do + head api_call.call(path, user, personal_access_token: token, version: version) + + expect(response).to have_gitlab_http_status(:ok) + end end context 'when the requesting token has the "read_user" scope' do let(:token) { create(:personal_access_token, scopes: ['read_user'], user: user) } - it 'returns a "200" response' do + it 'returns a "200" response on get request' do get api_call.call(path, user, personal_access_token: token, version: version) expect(response).to have_gitlab_http_status(:ok) end + + it 'returns a "200" response on head request' do + head api_call.call(path, user, personal_access_token: token, version: version) + + expect(response).to have_gitlab_http_status(:ok) + end end context 'when the requesting token does not have any required scope' do @@ -45,21 +57,33 @@ RSpec.shared_examples 'allows the "read_user" scope' do |api_version| context 'when the requesting token has the "api" scope' do let!(:token) { Doorkeeper::AccessToken.create! application_id: application.id, resource_owner_id: user.id, scopes: "api" } - it 'returns a "200" response' do + it 'returns a "200" response on get request' do get api_call.call(path, user, oauth_access_token: token) expect(response).to have_gitlab_http_status(:ok) end + + it 'returns a "200" response on head request' do + head api_call.call(path, user, oauth_access_token: token) + + expect(response).to have_gitlab_http_status(:ok) + end end context 'when the requesting token has the "read_user" scope' do let!(:token) { Doorkeeper::AccessToken.create! application_id: application.id, resource_owner_id: user.id, scopes: "read_user" } - it 'returns a "200" response' do + it 'returns a "200" response on get request' do get api_call.call(path, user, oauth_access_token: token) expect(response).to have_gitlab_http_status(:ok) end + + it 'returns a "200" response on head request' do + head api_call.call(path, user, oauth_access_token: token) + + expect(response).to have_gitlab_http_status(:ok) + end end context 'when the requesting token does not have any required scope' do |