request_authenticator_spec.rb 2.22 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13
require 'spec_helper'

describe Gitlab::Auth::RequestAuthenticator do
  let(:env) do
    {
      'rack.input' => '',
      'REQUEST_METHOD' => 'GET'
    }
  end
  let(:request) { ActionDispatch::Request.new(env) }

  subject { described_class.new(request) }

14
  describe '#user' do
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
    let!(:sessionless_user) { build(:user) }
    let!(:session_user) { build(:user) }

    it 'returns sessionless user first' do
      allow_any_instance_of(described_class).to receive(:find_sessionless_user).and_return(sessionless_user)
      allow_any_instance_of(described_class).to receive(:find_user_from_warden).and_return(session_user)

      expect(subject.user).to eq sessionless_user
    end

    it 'returns session user if no sessionless user found' do
      allow_any_instance_of(described_class).to receive(:find_user_from_warden).and_return(session_user)

      expect(subject.user).to eq session_user
    end

    it 'returns nil if no user found' do
      expect(subject.user).to be_blank
    end

    it 'bubbles up exceptions' do
36
      allow_any_instance_of(described_class).to receive(:find_user_from_warden).and_raise(Gitlab::Auth::UnauthorizedError)
37 38 39
    end
  end

40
  describe '#find_sessionless_user' do
41
    let!(:access_token_user) { build(:user) }
42
    let!(:feed_token_user) { build(:user) }
43 44 45

    it 'returns access_token user first' do
      allow_any_instance_of(described_class).to receive(:find_user_from_access_token).and_return(access_token_user)
46
      allow_any_instance_of(described_class).to receive(:find_user_from_feed_token).and_return(feed_token_user)
47 48 49 50

      expect(subject.find_sessionless_user).to eq access_token_user
    end

51 52
    it 'returns feed_token user if no access_token user found' do
      allow_any_instance_of(described_class).to receive(:find_user_from_feed_token).and_return(feed_token_user)
53

54
      expect(subject.find_sessionless_user).to eq feed_token_user
55 56 57 58 59 60
    end

    it 'returns nil if no user found' do
      expect(subject.find_sessionless_user).to be_blank
    end

61
    it 'rescue Gitlab::Auth::AuthenticationError exceptions' do
62
      allow_any_instance_of(described_class).to receive(:find_user_from_access_token).and_raise(Gitlab::Auth::UnauthorizedError)
63 64 65 66 67

      expect(subject.find_sessionless_user).to be_blank
    end
  end
end