summaryrefslogtreecommitdiff
path: root/spec/controllers/admin/applications_controller_spec.rb
blob: 1feda0ed36ff1363a9bbe3abb19e0b2341fafc1f (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe Admin::ApplicationsController do
  let(:admin) { create(:admin) }
  let(:application) { create(:oauth_application, owner_id: nil, owner_type: nil) }

  before do
    sign_in(admin)
  end

  describe 'GET #index' do
    render_views

    it 'renders the application form' do
      get :index

      expect(response).to have_gitlab_http_status(:ok)
    end
  end

  describe 'GET #new' do
    it 'renders the application form' do
      get :new

      expect(response).to render_template :new
      expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
    end
  end

  describe 'GET #edit' do
    it 'renders the application form' do
      get :edit, params: { id: application.id }

      expect(response).to render_template :edit
      expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
    end
  end

  describe 'PUT #renew' do
    let(:oauth_params) do
      {
        id: application.id
      }
    end

    subject { put :renew, params: oauth_params }

    it { is_expected.to have_gitlab_http_status(:ok) }
    it { expect { subject }.to change { application.reload.secret } }

    it 'returns the secret in json format' do
      subject

      expect(json_response['secret']).not_to be_nil
    end

    context 'when renew fails' do
      before do
        allow_next_found_instance_of(Doorkeeper::Application) do |application|
          allow(application).to receive(:save).and_return(false)
        end
      end

      it { expect { subject }.not_to change { application.reload.secret } }
      it { is_expected.to have_gitlab_http_status(:unprocessable_entity) }
    end
  end

  describe 'POST #create' do
    it 'creates the application' do
      create_params = attributes_for(:application, trusted: true, confidential: false, scopes: ['api'])

      expect do
        post :create, params: { doorkeeper_application: create_params }
      end.to change { Doorkeeper::Application.count }.by(1)

      application = Doorkeeper::Application.last

      expect(response).to have_gitlab_http_status(:ok)
      expect(response).to render_template :show
      expect(application).to have_attributes(create_params.except(:uid, :owner_type))
    end

    it 'renders the application form on errors' do
      expect do
        post :create, params: { doorkeeper_application: attributes_for(:application).merge(redirect_uri: nil) }
      end.not_to change { Doorkeeper::Application.count }

      expect(response).to render_template :new
      expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
    end

    context 'when the params are for a confidential application' do
      it 'creates a confidential application' do
        create_params = attributes_for(:application, confidential: true, scopes: ['read_user'])

        expect do
          post :create, params: { doorkeeper_application: create_params }
        end.to change { Doorkeeper::Application.count }.by(1)

        application = Doorkeeper::Application.last

        expect(response).to have_gitlab_http_status(:ok)
        expect(response).to render_template :show
        expect(application).to have_attributes(create_params.except(:uid, :owner_type))
      end
    end

    context 'when scopes are not present' do
      it 'renders the application form on errors' do
        create_params = attributes_for(:application, trusted: true, confidential: false)

        expect do
          post :create, params: { doorkeeper_application: create_params }
        end.not_to change { Doorkeeper::Application.count }

        expect(response).to render_template :new
      end
    end
  end

  describe 'PATCH #update' do
    it 'updates the application' do
      doorkeeper_params = { redirect_uri: 'http://example.com/', trusted: true, confidential: false }

      patch :update, params: { id: application.id, doorkeeper_application: doorkeeper_params }

      application.reload

      expect(response).to redirect_to(admin_application_path(application))
      expect(application)
        .to have_attributes(redirect_uri: 'http://example.com/', trusted: true, confidential: false)
    end

    it 'renders the application form on errors' do
      patch :update, params: { id: application.id, doorkeeper_application: { redirect_uri: nil } }

      expect(response).to render_template :edit
      expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
    end

    context 'when updating the application to be confidential' do
      it 'successfully sets the application to confidential' do
        doorkeeper_params = { confidential: true }

        patch :update, params: { id: application.id, doorkeeper_application: doorkeeper_params }

        expect(response).to redirect_to(admin_application_path(application))
        expect(application).to be_confidential
      end
    end
  end
end
View Lorry Controller Status