Add SCIM specs

ee/spec/controllers/groups/saml_providers_controller_spec.rb

@@ -79,6 +79,23 @@ describe Groups::SamlProvidersController do
         expect(response).to render_template 'groups/saml_providers/show'
       end
 
+      it 'has the SCIM token URL' do
+        group.add_owner(user)
+
+        subject
+
+        expect(assigns(:scim_token_url)).to eq('http://test.host/groups/group1/-/scim_oauth')
+      end
+
+      it 'sets scim_token_exists if SCIM token is found' do
+        create(:scim_oauth_access_token, group: group)
+        group.add_owner(user)
+
+        subject
+
+        expect(assigns(:scim_token_exists)).to be true
+      end
+
       context 'not on a top level group', :nested_groups do
         let(:group) { create(:group, :nested) }
 

ee/spec/controllers/groups/scim_oauth_controller_spec.rb

+require 'spec_helper'
+
+describe Groups::ScimOauthController do
+  let(:saml_provider) { create(:saml_provider, group: group) }
+  let(:group) { create(:group, :private, parent_id: nil) }
+  let(:user) { create(:user) }
+
+  before do
+    sign_in(user)
+  end
+
+  def stub_saml_config(enabled:)
+    providers = enabled ? %i(group_saml) : []
+    allow(Devise).to receive(:omniauth_providers).and_return(providers)
+  end
+
+  context 'when the feature is enabled' do
+    before do
+      stub_saml_config(enabled: true)
+      stub_licensed_features(group_saml: true)
+      stub_feature_flags(group_scim: true)
+    end
+
+    describe 'GET #show' do
+      subject { get :show, params: { group_id: group }, format: :json }
+
+      before do
+        group.add_owner(user)
+      end
+
+      context 'without token' do
+        it 'shows an empty response' do
+          subject
+
+          expect(json_response).to eq({})
+        end
+      end
+
+      context 'with token' do
+        let!(:scim_token) { create(:scim_oauth_access_token, group: group) }
+
+        before do
+          subject
+        end
+
+        it 'shows the token' do
+          expect(json_response['scim_token']).to eq(scim_token.token)
+        end
+
+        it 'shows the url' do
+          expect(json_response['scim_api_url']).not_to be_empty
+        end
+      end
+    end
+
+    describe 'POST #create' do
+      subject { post :create, params: { group_id: group }, format: :json }
+
+      before do
+        group.add_owner(user)
+      end
+
+      context 'without token' do
+        it 'creates a new SCIM token record' do
+          expect { subject }.to change { ScimOauthAccessToken.count }.by(1)
+        end
+
+        context 'json' do
+          before do
+            subject
+          end
+
+          it 'shows the token' do
+            expect(json_response['scim_token']).not_to be_empty
+          end
+
+          it 'shows the url' do
+            expect(json_response['scim_api_url']).not_to be_empty
+          end
+        end
+      end
+
+      context 'with token' do
+        let!(:scim_token) { create(:scim_oauth_access_token, group: group) }
+
+        it 'does not create a new SCIM token record' do
+          expect { subject }.not_to change { ScimOauthAccessToken.count }
+        end
+
+        it 'updates the token' do
+          expect { subject }.to change { scim_token.reload.token }
+        end
+
+        context 'json' do
+          before do
+            subject
+          end
+
+          it 'shows the token' do
+            expect(json_response['scim_token']).to eq(scim_token.reload.token)
+          end
+
+          it 'shows the url' do
+            expect(json_response['scim_api_url']).not_to be_empty
+          end
+        end
+      end
+    end
+  end
+end

ee/spec/serializers/scim_oauth_access_token_entity_spec.rb

+require 'spec_helper'
+
+describe ScimOauthAccessTokenEntity do
+  let(:entity) do
+    described_class.new(create(:scim_oauth_access_token))
+  end
+
+  subject { entity.as_json }
+
+  it "exposes the URL" do
+    is_expected.to include(:scim_api_url)
+  end
+
+  it "exposes the token" do
+    is_expected.to include(:scim_token)
+  end
+end