Skip to content

G
gitlab-ce
Commit ce789a64 authored by Serena Fang's avatar Serena Fang
Browse files
Options

Update auth spec

parent a33ec9fe
Hide whitespace changes
Inline Side-by-side
Showing with 24 additions and 23 deletions
lib/gitlab/auth.rb
View file @ ce789a64
...@@ -203,10 +203,10 @@ module Gitlab ...@@ -203,10 +203,10 @@ module Gitlab
if project && token.user.project_bot? && !project.bots.include?(token.user) if project && token.user.project_bot? && !project.bots.include?(token.user)
return unless project.group return unless project.group
group_ids = project.group.self_and_ancestors.pluck(:id) group_ancestor_ids = project.group.self_and_ancestors.pluck(:id)
user_groups = token.user.groups.pluck(:id) user_group_ids = token.user.groups.pluck(:id)
return if (group_ids & user_groups).empty? return if (group_ancestor_ids & user_group_ids).empty?
end end
if can_user_login_with_non_expired_password?(token.user) || token.user.project_bot? if can_user_login_with_non_expired_password?(token.user) || token.user.project_bot?
......
spec/lib/gitlab/auth_spec.rb
View file @ ce789a64
...@@ -406,38 +406,39 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do ...@@ -406,38 +406,39 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
it_behaves_like 'with an invalid access token' it_behaves_like 'with an invalid access token'
end end
context 'when using a group namespace project access token' do context 'when in a group namespace' do
let_it_be(:group) { create(:group) } let_it_be(:group) { create(:group) }
let_it_be(:project) { create(:project, group: group) } let_it_be(:project) { create(:project, group: group) }
let_it_be(:project_bot_user) { create(:user, :project_bot) }
let_it_be(:access_token) { create(:personal_access_token, user: project_bot_user) }
context 'when the token belongs to the project' do context 'when using a project access token' do
before do let_it_be(:project_bot_user) { create(:user, :project_bot) }
project.add_maintainer(project_bot_user) let_it_be(:access_token) { create(:personal_access_token, user: project_bot_user) }
context 'when token user belongs to the project' do
before do
project.add_maintainer(project_bot_user)
end
it_behaves_like 'with a valid access token'
end end
it_behaves_like 'with a valid access token' it_behaves_like 'with an invalid access token'
end end
it_behaves_like 'with an invalid access token' context 'when using a group access token' do
end let_it_be(:project_bot_user) { create(:user, name: 'Group token bot', email: "group_#{group.id}_bot@example.com", username: "group_#{group.id}_bot", user_type: :project_bot) }
let_it_be(:access_token) { create(:personal_access_token, user: project_bot_user) }
context 'when using a group access token' do context 'when the token belongs to the group' do
let_it_be(:group) { create(:group) } before do
let_it_be(:project) { create(:project, group: group) } group.add_maintainer(project_bot_user)
let_it_be(:project_bot_user) { create(:user, name: 'Group token bot', email: "group_#{group.id}_bot@example.com", username: "group_#{group.id}_bot", user_type: 'project_bot'.to_sym) } end
let_it_be(:access_token) { create(:personal_access_token, user: project_bot_user) }
context 'when the token belongs to the group' do it_behaves_like 'with a valid access token'
before do
group.add_maintainer(project_bot_user)
end end
it_behaves_like 'with a valid access token' it_behaves_like 'with an invalid access token'
end end
it_behaves_like 'with an invalid access token'
end end
end end
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7