Fix build for !12300.

- The `/users` and `/users/:id` APIs are now accessible without authentication (!12445), and so scopes are not relevant for these endpoints. - Previously, we were testing our scope declaration against these two methods. This commit moves these tests to other `GET` user endpoints which still require authentication.

Fix build for !12300.
- The `/users` and `/users/:id` APIs are now accessible without authentication (!12445), and so scopes are not relevant for these endpoints. - Previously, we were testing our scope declaration against these two methods. This commit moves these tests to other `GET` user endpoints which still require authentication.
94258a65 · Timothy Andrew · 5e2f7f25 · 94258a65
Commit 94258a65 authored Jul 05, 2017 by Timothy Andrew
Hide whitespace changes
Inline Side-by-side

Showing with 35 additions and 14 deletions

spec/requests/api/users_spec.rb spec/requests/api/users_spec.rb +35 -14

No files found.
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -113,13 +113,6 @@ describe API::Users do

        expect(json_response.first.keys).not_to include 'is_admin'
      end
-
-      context "scopes" do
-        let(:path) { "/users" }
-        let(:api_call) { method(:api) }
-
-        include_examples 'allows the "read_user" scope'
-      end
    end

    context "when admin" do
@@ -216,13 +209,6 @@ describe API::Users do

      expect(response).to have_http_status(404)
    end
-
-    context "scopes" do
-      let(:path) { "/users/#{user.id}" }
-      let(:api_call) { method(:api) }
-
-      include_examples 'allows the "read_user" scope'
-    end
  end

  describe "POST /users" do
@@ -909,6 +895,13 @@ describe API::Users do
        expect(response).to match_response_schema('public_api/v4/user/public')
        expect(json_response['id']).to eq(user.id)
      end
+
+      context "scopes" do
+        let(:path) { "/user" }
+        let(:api_call) { method(:api) }
+
+        include_examples 'allows the "read_user" scope'
+      end
    end

    context 'with admin' do
@@ -978,6 +971,13 @@ describe API::Users do
        expect(json_response).to be_an Array
        expect(json_response.first["title"]).to eq(key.title)
      end
+
+      context "scopes" do
+        let(:path) { "/user/keys" }
+        let(:api_call) { method(:api) }
+
+        include_examples 'allows the "read_user" scope'
+      end
    end
  end

@@ -1011,6 +1011,13 @@ describe API::Users do

      expect(response).to have_http_status(404)
    end
+
+    context "scopes" do
+      let(:path) { "/user/keys/#{key.id}" }
+      let(:api_call) { method(:api) }
+
+      include_examples 'allows the "read_user" scope'
+    end
  end

  describe "POST /user/keys" do
@@ -1100,6 +1107,13 @@ describe API::Users do
        expect(json_response).to be_an Array
        expect(json_response.first["email"]).to eq(email.email)
      end
+
+      context "scopes" do
+        let(:path) { "/user/emails" }
+        let(:api_call) { method(:api) }
+
+        include_examples 'allows the "read_user" scope'
+      end
    end
  end

@@ -1132,6 +1146,13 @@ describe API::Users do

      expect(response).to have_http_status(404)
    end
+
+    context "scopes" do
+      let(:path) { "/user/emails/#{email.id}" }
+      let(:api_call) { method(:api) }
+
+      include_examples 'allows the "read_user" scope'
+    end
  end

  describe "POST /user/emails" do