Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
79180473
Commit
79180473
authored
May 07, 2020
by
Peter Leitzen
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Refactor and speed up users API specs
parent
19b78d28
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
69 additions
and
146 deletions
+69
-146
spec/requests/api/users_spec.rb
spec/requests/api/users_spec.rb
+69
-146
No files found.
spec/requests/api/users_spec.rb
View file @
79180473
...
...
@@ -3,21 +3,18 @@
require
'spec_helper'
describe
API
::
Users
,
:do_not_mock_admin_mode
do
let
(
:user
)
{
create
(
:user
,
username:
'user.with.dot'
)
}
let
(
:admin
)
{
create
(
:admin
)
}
let
(
:key
)
{
create
(
:key
,
user:
user
)
}
let
(
:gpg_key
)
{
create
(
:gpg_key
,
user:
user
)
}
let
(
:email
)
{
create
(
:email
,
user:
user
)
}
let
_it_be
(
:admin
)
{
create
(
:admin
)
}
let
_it_be
(
:user
,
reload:
true
)
{
create
(
:user
,
username:
'user.with.dot'
)
}
let
_it_be
(
:key
)
{
create
(
:key
,
user:
user
)
}
let
_it_be
(
:gpg_key
)
{
create
(
:gpg_key
,
user:
user
)
}
let
_it_be
(
:email
)
{
create
(
:email
,
user:
user
)
}
let
(
:omniauth_user
)
{
create
(
:omniauth_user
)
}
let
(
:ldap_user
)
{
create
(
:omniauth_user
,
provider:
'ldapmain'
)
}
let
(
:ldap_blocked_user
)
{
create
(
:omniauth_user
,
provider:
'ldapmain'
,
state:
'ldap_blocked'
)
}
let
(
:not_existing_user_id
)
{
(
User
.
maximum
(
'id'
)
||
0
)
+
10
}
let
(
:not_existing_pat_id
)
{
(
PersonalAccessToken
.
maximum
(
'id'
)
||
0
)
+
10
}
let
(
:private_user
)
{
create
(
:user
,
private_profile:
true
)
}
context
'admin notes'
do
let
(
:admin
)
{
create
(
:admin
,
note:
'2019-10-06 | 2FA added | user requested | www.gitlab.com'
)
}
let
(
:user
)
{
create
(
:user
,
note:
'2018-11-05 | 2FA removed | user requested | www.gitlab.com'
)
}
let
_it_be
(
:admin
)
{
create
(
:admin
,
note:
'2019-10-06 | 2FA added | user requested | www.gitlab.com'
)
}
let
_it_be
(
:user
,
reload:
true
)
{
create
(
:user
,
note:
'2018-11-05 | 2FA removed | user requested | www.gitlab.com'
)
}
describe
'POST /users'
do
context
'when unauthenticated'
do
...
...
@@ -428,8 +425,9 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
'returns the correct order when sorted by id'
do
admin
user
# order of let_it_be definitions:
# - admin
# - user
get
api
(
'/users'
,
admin
),
params:
{
order_by:
'id'
,
sort:
'asc'
}
...
...
@@ -440,8 +438,6 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
'returns users with 2fa enabled'
do
admin
user
user_with_2fa
=
create
(
:user
,
:two_factor_via_otp
)
get
api
(
'/users'
,
admin
),
params:
{
two_factor:
'enabled'
}
...
...
@@ -663,10 +659,6 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
"POST /users"
do
before
do
admin
end
it
"creates user"
do
expect
do
post
api
(
"/users"
,
admin
),
params:
attributes_for
(
:user
,
projects_limit:
3
)
...
...
@@ -905,8 +897,6 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
"PUT /users/:id"
do
let_it_be
(
:admin_user
)
{
create
(
:admin
)
}
it
"returns 200 OK on success"
do
put
api
(
"/users/
#{
user
.
id
}
"
,
admin
),
params:
{
bio:
'new test bio'
}
...
...
@@ -923,8 +913,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
"updates user with empty bio"
do
user
.
bio
=
'previous bio'
user
.
save!
user
.
update!
(
bio:
'previous bio'
)
put
api
(
"/users/
#{
user
.
id
}
"
,
admin
),
params:
{
bio:
''
}
...
...
@@ -1041,7 +1030,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
"updates private profile to false when nil is given"
do
user
.
update
(
private_profile:
true
)
user
.
update
!
(
private_profile:
true
)
put
api
(
"/users/
#{
user
.
id
}
"
,
admin
),
params:
{
private_profile:
nil
}
...
...
@@ -1050,7 +1039,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
"does not modify private profile when field is not provided"
do
user
.
update
(
private_profile:
true
)
user
.
update
!
(
private_profile:
true
)
put
api
(
"/users/
#{
user
.
id
}
"
,
admin
),
params:
{}
...
...
@@ -1062,7 +1051,7 @@ describe API::Users, :do_not_mock_admin_mode do
theme
=
Gitlab
::
Themes
.
each
.
find
{
|
t
|
t
.
id
!=
Gitlab
::
Themes
.
default
.
id
}
scheme
=
Gitlab
::
ColorSchemes
.
each
.
find
{
|
t
|
t
.
id
!=
Gitlab
::
ColorSchemes
.
default
.
id
}
user
.
update
(
theme_id:
theme
.
id
,
color_scheme_id:
scheme
.
id
)
user
.
update
!
(
theme_id:
theme
.
id
,
color_scheme_id:
scheme
.
id
)
put
api
(
"/users/
#{
user
.
id
}
"
,
admin
),
params:
{}
...
...
@@ -1072,6 +1061,8 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
"does not update admin status"
do
admin_user
=
create
(
:admin
)
put
api
(
"/users/
#{
admin_user
.
id
}
"
,
admin
),
params:
{
can_create_group:
false
}
expect
(
response
).
to
have_gitlab_http_status
(
:ok
)
...
...
@@ -1242,10 +1233,6 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
"POST /users/:id/keys"
do
before
do
admin
end
it
"does not create invalid ssh key"
do
post
api
(
"/users/
#{
user
.
id
}
/keys"
,
admin
),
params:
{
title:
"invalid key"
}
...
...
@@ -1275,9 +1262,7 @@ describe API::Users, :do_not_mock_admin_mode do
describe
'GET /user/:id/keys'
do
it
'returns 404 for non-existing user'
do
user_id
=
not_existing_user_id
get
api
(
"/users/
#{
user_id
}
/keys"
)
get
api
(
"/users/
#{
non_existing_record_id
}
/keys"
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 User Not Found'
)
...
...
@@ -1285,7 +1270,6 @@ describe API::Users, :do_not_mock_admin_mode do
it
'returns array of ssh keys'
do
user
.
keys
<<
key
user
.
save
get
api
(
"/users/
#{
user
.
id
}
/keys"
)
...
...
@@ -1298,7 +1282,7 @@ describe API::Users, :do_not_mock_admin_mode do
describe
'GET /user/:user_id/keys'
do
it
'returns 404 for non-existing user'
do
get
api
(
"/users/
#{
no
t_existing_user
_id
}
/keys"
)
get
api
(
"/users/
#{
no
n_existing_record
_id
}
/keys"
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 User Not Found'
)
...
...
@@ -1306,7 +1290,6 @@ describe API::Users, :do_not_mock_admin_mode do
it
'returns array of ssh keys'
do
user
.
keys
<<
key
user
.
save
get
api
(
"/users/
#{
user
.
username
}
/keys"
)
...
...
@@ -1318,13 +1301,9 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
'DELETE /user/:id/keys/:key_id'
do
before
do
admin
end
context
'when unauthenticated'
do
it
'returns authentication error'
do
delete
api
(
"/users/
#{
user
.
id
}
/keys/
42
"
)
delete
api
(
"/users/
#{
user
.
id
}
/keys/
#{
non_existing_record_id
}
"
)
expect
(
response
).
to
have_gitlab_http_status
(
:unauthorized
)
end
end
...
...
@@ -1332,7 +1311,6 @@ describe API::Users, :do_not_mock_admin_mode do
context
'when authenticated'
do
it
'deletes existing key'
do
user
.
keys
<<
key
user
.
save
expect
do
delete
api
(
"/users/
#{
user
.
id
}
/keys/
#{
key
.
id
}
"
,
admin
)
...
...
@@ -1347,14 +1325,14 @@ describe API::Users, :do_not_mock_admin_mode do
it
'returns 404 error if user not found'
do
user
.
keys
<<
key
user
.
save
delete
api
(
"/users/0/keys/
#{
key
.
id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 User Not Found'
)
end
it
'returns 404 error if key not foud'
do
delete
api
(
"/users/
#{
user
.
id
}
/keys/
42
"
,
admin
)
delete
api
(
"/users/
#{
user
.
id
}
/keys/
#{
non_existing_record_id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Key Not Found'
)
end
...
...
@@ -1362,10 +1340,6 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
'POST /users/:id/keys'
do
before
do
admin
end
it
'does not create invalid GPG key'
do
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys"
,
admin
)
...
...
@@ -1374,7 +1348,8 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
'creates GPG key'
do
key_attrs
=
attributes_for
:gpg_key
key_attrs
=
attributes_for
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
expect
do
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys"
,
admin
),
params:
key_attrs
...
...
@@ -1390,10 +1365,6 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
'GET /user/:id/gpg_keys'
do
before
do
admin
end
context
'when unauthenticated'
do
it
'returns authentication error'
do
get
api
(
"/users/
#{
user
.
id
}
/gpg_keys"
)
...
...
@@ -1411,7 +1382,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
'returns 404 error if key not foud'
do
delete
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
42
"
,
admin
)
delete
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
#{
non_existing_record_id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 GPG Key Not Found'
)
...
...
@@ -1419,7 +1390,6 @@ describe API::Users, :do_not_mock_admin_mode do
it
'returns array of GPG keys'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
get
api
(
"/users/
#{
user
.
id
}
/gpg_keys"
,
admin
)
...
...
@@ -1432,13 +1402,9 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
'DELETE /user/:id/gpg_keys/:key_id'
do
before
do
admin
end
context
'when unauthenticated'
do
it
'returns authentication error'
do
delete
api
(
"/users/
#{
user
.
id
}
/keys/
42
"
)
delete
api
(
"/users/
#{
user
.
id
}
/keys/
#{
non_existing_record_id
}
"
)
expect
(
response
).
to
have_gitlab_http_status
(
:unauthorized
)
end
...
...
@@ -1447,7 +1413,6 @@ describe API::Users, :do_not_mock_admin_mode do
context
'when authenticated'
do
it
'deletes existing key'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
expect
do
delete
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
#{
gpg_key
.
id
}
"
,
admin
)
...
...
@@ -1458,7 +1423,6 @@ describe API::Users, :do_not_mock_admin_mode do
it
'returns 404 error if user not found'
do
user
.
keys
<<
key
user
.
save
delete
api
(
"/users/0/gpg_keys/
#{
gpg_key
.
id
}
"
,
admin
)
...
...
@@ -1467,7 +1431,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
'returns 404 error if key not foud'
do
delete
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
42
"
,
admin
)
delete
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
#{
non_existing_record_id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 GPG Key Not Found'
)
...
...
@@ -1476,13 +1440,9 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
'POST /user/:id/gpg_keys/:key_id/revoke'
do
before
do
admin
end
context
'when unauthenticated'
do
it
'returns authentication error'
do
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
42
/revoke"
)
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
#{
non_existing_record_id
}
/revoke"
)
expect
(
response
).
to
have_gitlab_http_status
(
:unauthorized
)
end
...
...
@@ -1491,7 +1451,6 @@ describe API::Users, :do_not_mock_admin_mode do
context
'when authenticated'
do
it
'revokes existing key'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
expect
do
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
#{
gpg_key
.
id
}
/revoke"
,
admin
)
...
...
@@ -1502,7 +1461,6 @@ describe API::Users, :do_not_mock_admin_mode do
it
'returns 404 error if user not found'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
post
api
(
"/users/0/gpg_keys/
#{
gpg_key
.
id
}
/revoke"
,
admin
)
...
...
@@ -1511,7 +1469,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
'returns 404 error if key not foud'
do
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
42
/revoke"
,
admin
)
post
api
(
"/users/
#{
user
.
id
}
/gpg_keys/
#{
non_existing_record_id
}
/revoke"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 GPG Key Not Found'
)
...
...
@@ -1520,10 +1478,6 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
"POST /users/:id/emails"
do
before
do
admin
end
it
"does not create invalid email"
do
post
api
(
"/users/
#{
user
.
id
}
/emails"
,
admin
),
params:
{}
...
...
@@ -1561,10 +1515,6 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
'GET /user/:id/emails'
do
before
do
admin
end
context
'when unauthenticated'
do
it
'returns authentication error'
do
get
api
(
"/users/
#{
user
.
id
}
/emails"
)
...
...
@@ -1581,7 +1531,6 @@ describe API::Users, :do_not_mock_admin_mode do
it
'returns array of emails'
do
user
.
emails
<<
email
user
.
save
get
api
(
"/users/
#{
user
.
id
}
/emails"
,
admin
)
...
...
@@ -1600,13 +1549,9 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
'DELETE /user/:id/emails/:email_id'
do
before
do
admin
end
context
'when unauthenticated'
do
it
'returns authentication error'
do
delete
api
(
"/users/
#{
user
.
id
}
/emails/
42
"
)
delete
api
(
"/users/
#{
user
.
id
}
/emails/
#{
non_existing_record_id
}
"
)
expect
(
response
).
to
have_gitlab_http_status
(
:unauthorized
)
end
end
...
...
@@ -1614,7 +1559,6 @@ describe API::Users, :do_not_mock_admin_mode do
context
'when authenticated'
do
it
'deletes existing email'
do
user
.
emails
<<
email
user
.
save
expect
do
delete
api
(
"/users/
#{
user
.
id
}
/emails/
#{
email
.
id
}
"
,
admin
)
...
...
@@ -1629,14 +1573,14 @@ describe API::Users, :do_not_mock_admin_mode do
it
'returns 404 error if user not found'
do
user
.
emails
<<
email
user
.
save
delete
api
(
"/users/0/emails/
#{
email
.
id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 User Not Found'
)
end
it
'returns 404 error if email not foud'
do
delete
api
(
"/users/
#{
user
.
id
}
/emails/
42
"
,
admin
)
delete
api
(
"/users/
#{
user
.
id
}
/emails/
#{
non_existing_record_id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Email Not Found'
)
end
...
...
@@ -1650,19 +1594,16 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
"DELETE /users/:id"
do
let!
(
:namespace
)
{
user
.
namespace
}
let!
(
:issue
)
{
create
(
:issue
,
author:
user
)
}
before
do
admin
end
let_it_be
(
:issue
)
{
create
(
:issue
,
author:
user
)
}
it
"deletes user"
,
:sidekiq_might_not_need_inline
do
namespace_id
=
user
.
namespace
.
id
perform_enqueued_jobs
{
delete
api
(
"/users/
#{
user
.
id
}
"
,
admin
)
}
expect
(
response
).
to
have_gitlab_http_status
(
:no_content
)
expect
{
User
.
find
(
user
.
id
)
}.
to
raise_error
ActiveRecord
::
RecordNotFound
expect
{
Namespace
.
find
(
namespace
.
id
)
}.
to
raise_error
ActiveRecord
::
RecordNotFound
expect
{
Namespace
.
find
(
namespace
_
id
)
}.
to
raise_error
ActiveRecord
::
RecordNotFound
end
context
"sole owner of a group"
do
...
...
@@ -1731,11 +1672,11 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
"GET /user"
do
let
(
:personal_access_token
)
{
create
(
:personal_access_token
,
user:
user
).
token
}
shared_examples
'get user info'
do
|
version
|
context
'with regular user'
do
context
'with personal access token'
do
let
(
:personal_access_token
)
{
create
(
:personal_access_token
,
user:
user
).
token
}
it
'returns 403 without private token when sudo is defined'
do
get
api
(
"/user?private_token=
#{
personal_access_token
}
&sudo=123"
,
version:
version
)
...
...
@@ -1803,7 +1744,6 @@ describe API::Users, :do_not_mock_admin_mode do
context
"when authenticated"
do
it
"returns array of ssh keys"
do
user
.
keys
<<
key
user
.
save
get
api
(
"/user/keys"
,
user
)
...
...
@@ -1825,14 +1765,14 @@ describe API::Users, :do_not_mock_admin_mode do
describe
"GET /user/keys/:key_id"
do
it
"returns single key"
do
user
.
keys
<<
key
user
.
save
get
api
(
"/user/keys/
#{
key
.
id
}
"
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
:ok
)
expect
(
json_response
[
"title"
]).
to
eq
(
key
.
title
)
end
it
"returns 404 Not Found within invalid ID"
do
get
api
(
"/user/keys/
42
"
,
user
)
get
api
(
"/user/keys/
#{
non_existing_record_id
}
"
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Key Not Found'
)
...
...
@@ -1840,8 +1780,8 @@ describe API::Users, :do_not_mock_admin_mode do
it
"returns 404 error if admin accesses user's ssh key"
do
user
.
keys
<<
key
user
.
save
admin
get
api
(
"/user/keys/
#{
key
.
id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Key Not Found'
)
...
...
@@ -1898,7 +1838,6 @@ describe API::Users, :do_not_mock_admin_mode do
describe
"DELETE /user/keys/:key_id"
do
it
"deletes existed key"
do
user
.
keys
<<
key
user
.
save
expect
do
delete
api
(
"/user/keys/
#{
key
.
id
}
"
,
user
)
...
...
@@ -1912,7 +1851,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
"returns 404 if key ID not found"
do
delete
api
(
"/user/keys/
42
"
,
user
)
delete
api
(
"/user/keys/
#{
non_existing_record_id
}
"
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Key Not Found'
)
...
...
@@ -1920,7 +1859,7 @@ describe API::Users, :do_not_mock_admin_mode do
it
"returns 401 error if unauthorized"
do
user
.
keys
<<
key
user
.
save
delete
api
(
"/user/keys/
#{
key
.
id
}
"
)
expect
(
response
).
to
have_gitlab_http_status
(
:unauthorized
)
end
...
...
@@ -1944,7 +1883,6 @@ describe API::Users, :do_not_mock_admin_mode do
context
'when authenticated'
do
it
'returns array of GPG keys'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
get
api
(
'/user/gpg_keys'
,
user
)
...
...
@@ -1966,7 +1904,6 @@ describe API::Users, :do_not_mock_admin_mode do
describe
'GET /user/gpg_keys/:key_id'
do
it
'returns a single key'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
get
api
(
"/user/gpg_keys/
#{
gpg_key
.
id
}
"
,
user
)
...
...
@@ -1975,7 +1912,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
'returns 404 Not Found within invalid ID'
do
get
api
(
'/user/gpg_keys/42'
,
user
)
get
api
(
"/user/gpg_keys/
#{
non_existing_record_id
}
"
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 GPG Key Not Found'
)
...
...
@@ -1983,7 +1920,6 @@ describe API::Users, :do_not_mock_admin_mode do
it
"returns 404 error if admin accesses user's GPG key"
do
user
.
gpg_keys
<<
gpg_key
user
.
save
get
api
(
"/user/gpg_keys/
#{
gpg_key
.
id
}
"
,
admin
)
...
...
@@ -2007,7 +1943,8 @@ describe API::Users, :do_not_mock_admin_mode do
describe
'POST /user/gpg_keys'
do
it
'creates a GPG key'
do
key_attrs
=
attributes_for
:gpg_key
key_attrs
=
attributes_for
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
expect
do
post
api
(
'/user/gpg_keys'
,
user
),
params:
key_attrs
...
...
@@ -2032,7 +1969,6 @@ describe API::Users, :do_not_mock_admin_mode do
describe
'POST /user/gpg_keys/:key_id/revoke'
do
it
'revokes existing GPG key'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
expect
do
post
api
(
"/user/gpg_keys/
#{
gpg_key
.
id
}
/revoke"
,
user
)
...
...
@@ -2042,7 +1978,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
'returns 404 if key ID not found'
do
post
api
(
'/user/gpg_keys/42/revoke'
,
user
)
post
api
(
"/user/gpg_keys/
#{
non_existing_record_id
}
/revoke"
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 GPG Key Not Found'
)
...
...
@@ -2050,7 +1986,6 @@ describe API::Users, :do_not_mock_admin_mode do
it
'returns 401 error if unauthorized'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
post
api
(
"/user/gpg_keys/
#{
gpg_key
.
id
}
/revoke"
)
...
...
@@ -2067,7 +2002,6 @@ describe API::Users, :do_not_mock_admin_mode do
describe
'DELETE /user/gpg_keys/:key_id'
do
it
'deletes existing GPG key'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
expect
do
delete
api
(
"/user/gpg_keys/
#{
gpg_key
.
id
}
"
,
user
)
...
...
@@ -2077,7 +2011,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
'returns 404 if key ID not found'
do
delete
api
(
'/user/gpg_keys/42'
,
user
)
delete
api
(
"/user/gpg_keys/
#{
non_existing_record_id
}
"
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 GPG Key Not Found'
)
...
...
@@ -2085,7 +2019,6 @@ describe API::Users, :do_not_mock_admin_mode do
it
'returns 401 error if unauthorized'
do
user
.
gpg_keys
<<
gpg_key
user
.
save
delete
api
(
"/user/gpg_keys/
#{
gpg_key
.
id
}
"
)
...
...
@@ -2110,7 +2043,6 @@ describe API::Users, :do_not_mock_admin_mode do
context
"when authenticated"
do
it
"returns array of emails"
do
user
.
emails
<<
email
user
.
save
get
api
(
"/user/emails"
,
user
)
...
...
@@ -2132,22 +2064,22 @@ describe API::Users, :do_not_mock_admin_mode do
describe
"GET /user/emails/:email_id"
do
it
"returns single email"
do
user
.
emails
<<
email
user
.
save
get
api
(
"/user/emails/
#{
email
.
id
}
"
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
:ok
)
expect
(
json_response
[
"email"
]).
to
eq
(
email
.
email
)
end
it
"returns 404 Not Found within invalid ID"
do
get
api
(
"/user/emails/
42
"
,
user
)
get
api
(
"/user/emails/
#{
non_existing_record_id
}
"
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Email Not Found'
)
end
it
"returns 404 error if admin accesses user's email"
do
user
.
emails
<<
email
user
.
save
admin
get
api
(
"/user/emails/
#{
email
.
id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Email Not Found'
)
...
...
@@ -2192,7 +2124,6 @@ describe API::Users, :do_not_mock_admin_mode do
describe
"DELETE /user/emails/:email_id"
do
it
"deletes existed email"
do
user
.
emails
<<
email
user
.
save
expect
do
delete
api
(
"/user/emails/
#{
email
.
id
}
"
,
user
)
...
...
@@ -2206,7 +2137,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
"returns 404 if email ID not found"
do
delete
api
(
"/user/emails/
42
"
,
user
)
delete
api
(
"/user/emails/
#{
non_existing_record_id
}
"
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Email Not Found'
)
...
...
@@ -2214,7 +2145,7 @@ describe API::Users, :do_not_mock_admin_mode do
it
"returns 401 error if unauthorized"
do
user
.
emails
<<
email
user
.
save
delete
api
(
"/user/emails/
#{
email
.
id
}
"
)
expect
(
response
).
to
have_gitlab_http_status
(
:unauthorized
)
end
...
...
@@ -2320,7 +2251,7 @@ describe API::Users, :do_not_mock_admin_mode do
context
'performed by an admin user'
do
context
'for an active user'
do
let
(
:activity
)
{
{}
}
let
(
:user
)
{
create
(
:user
,
username:
'user.with.dot'
,
**
activity
)
}
let
(
:user
)
{
create
(
:user
,
**
activity
)
}
context
'with no recent activity'
do
let
(
:activity
)
{
{
last_activity_on:
::
User
::
MINIMUM_INACTIVE_DAYS
.
next
.
days
.
ago
}
}
...
...
@@ -2405,10 +2336,6 @@ describe API::Users, :do_not_mock_admin_mode do
describe
'POST /users/:id/block'
do
let
(
:blocked_user
)
{
create
(
:user
,
state:
'blocked'
)
}
before
do
admin
end
it
'blocks existing user'
do
post
api
(
"/users/
#{
user
.
id
}
/block"
,
admin
)
...
...
@@ -2451,10 +2378,6 @@ describe API::Users, :do_not_mock_admin_mode do
let
(
:blocked_user
)
{
create
(
:user
,
state:
'blocked'
)
}
let
(
:deactivated_user
)
{
create
(
:user
,
state:
'deactivated'
)
}
before
do
admin
end
it
'unblocks existing user'
do
post
api
(
"/users/
#{
user
.
id
}
/unblock"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:created
)
...
...
@@ -2648,21 +2571,21 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
'GET /users/:user_id/impersonation_tokens'
do
let
!
(
:active_personal_access_token
)
{
create
(
:personal_access_token
,
user:
user
)
}
let
!
(
:revoked_personal_access_token
)
{
create
(
:personal_access_token
,
:revoked
,
user:
user
)
}
let
!
(
:expired_personal_access_token
)
{
create
(
:personal_access_token
,
:expired
,
user:
user
)
}
let
!
(
:impersonation_token
)
{
create
(
:personal_access_token
,
:impersonation
,
user:
user
)
}
let
!
(
:revoked_impersonation_token
)
{
create
(
:personal_access_token
,
:impersonation
,
:revoked
,
user:
user
)
}
let
_it_be
(
:active_personal_access_token
)
{
create
(
:personal_access_token
,
user:
user
)
}
let
_it_be
(
:revoked_personal_access_token
)
{
create
(
:personal_access_token
,
:revoked
,
user:
user
)
}
let
_it_be
(
:expired_personal_access_token
)
{
create
(
:personal_access_token
,
:expired
,
user:
user
)
}
let
_it_be
(
:impersonation_token
)
{
create
(
:personal_access_token
,
:impersonation
,
user:
user
)
}
let
_it_be
(
:revoked_impersonation_token
)
{
create
(
:personal_access_token
,
:impersonation
,
:revoked
,
user:
user
)
}
it
'returns a 404 error if user not found'
do
get
api
(
"/users/
#{
no
t_existing_user
_id
}
/impersonation_tokens"
,
admin
)
get
api
(
"/users/
#{
no
n_existing_record
_id
}
/impersonation_tokens"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 User Not Found'
)
end
it
'returns a 403 error when authenticated as normal user'
do
get
api
(
"/users/
#{
no
t_existing_user
_id
}
/impersonation_tokens"
,
user
)
get
api
(
"/users/
#{
no
n_existing_record
_id
}
/impersonation_tokens"
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
:forbidden
)
expect
(
json_response
[
'message'
]).
to
eq
(
'403 Forbidden'
)
...
...
@@ -2711,7 +2634,7 @@ describe API::Users, :do_not_mock_admin_mode do
end
it
'returns a 404 error if user not found'
do
post
api
(
"/users/
#{
no
t_existing_user
_id
}
/impersonation_tokens"
,
admin
),
post
api
(
"/users/
#{
no
n_existing_record
_id
}
/impersonation_tokens"
,
admin
),
params:
{
name:
name
,
expires_at:
expires_at
...
...
@@ -2755,18 +2678,18 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
'GET /users/:user_id/impersonation_tokens/:impersonation_token_id'
do
let
!
(
:personal_access_token
)
{
create
(
:personal_access_token
,
user:
user
)
}
let
!
(
:impersonation_token
)
{
create
(
:personal_access_token
,
:impersonation
,
user:
user
)
}
let
_it_be
(
:personal_access_token
)
{
create
(
:personal_access_token
,
user:
user
)
}
let
_it_be
(
:impersonation_token
)
{
create
(
:personal_access_token
,
:impersonation
,
user:
user
)
}
it
'returns 404 error if user not found'
do
get
api
(
"/users/
#{
no
t_existing_user
_id
}
/impersonation_tokens/1"
,
admin
)
get
api
(
"/users/
#{
no
n_existing_record
_id
}
/impersonation_tokens/1"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 User Not Found'
)
end
it
'returns a 404 error if impersonation token not found'
do
get
api
(
"/users/
#{
user
.
id
}
/impersonation_tokens/
#{
no
t_existing_pat
_id
}
"
,
admin
)
get
api
(
"/users/
#{
user
.
id
}
/impersonation_tokens/
#{
no
n_existing_record
_id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Impersonation Token Not Found'
)
...
...
@@ -2796,18 +2719,18 @@ describe API::Users, :do_not_mock_admin_mode do
end
describe
'DELETE /users/:user_id/impersonation_tokens/:impersonation_token_id'
do
let
!
(
:personal_access_token
)
{
create
(
:personal_access_token
,
user:
user
)
}
let
!
(
:impersonation_token
)
{
create
(
:personal_access_token
,
:impersonation
,
user:
user
)
}
let
_it_be
(
:personal_access_token
)
{
create
(
:personal_access_token
,
user:
user
)
}
let
_it_be
(
:impersonation_token
)
{
create
(
:personal_access_token
,
:impersonation
,
user:
user
)
}
it
'returns a 404 error if user not found'
do
delete
api
(
"/users/
#{
no
t_existing_user
_id
}
/impersonation_tokens/1"
,
admin
)
delete
api
(
"/users/
#{
no
n_existing_record
_id
}
/impersonation_tokens/1"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 User Not Found'
)
end
it
'returns a 404 error if impersonation token not found'
do
delete
api
(
"/users/
#{
user
.
id
}
/impersonation_tokens/
#{
no
t_existing_pat
_id
}
"
,
admin
)
delete
api
(
"/users/
#{
user
.
id
}
/impersonation_tokens/
#{
no
n_existing_record
_id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Impersonation Token Not Found'
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment