Update specs for sudo behavior

b7c8f7d7 · Douwe Maan · a6c462b2 · b7c8f7d7 · b7c8f7d7 · b7c8f7d7
Commit b7c8f7d7 authored Oct 30, 2017 by Douwe Maan
Showing with 155 additions and 241 deletions

app/models/oauth_access_token.rb app/models/oauth_access_token.rb +9 -1

lib/api/helpers.rb lib/api/helpers.rb +2 -5

spec/requests/api/helpers_spec.rb spec/requests/api/helpers_spec.rb +144 -235

No files found.
--- a/app/models/oauth_access_token.rb
+++ b/app/models/oauth_access_token.rb
@@ -2,5 +2,13 @@ class OauthAccessToken < Doorkeeper::AccessToken
  belongs_to :resource_owner, class_name: 'User'
  belongs_to :application, class_name: 'Doorkeeper::Application'

-  alias_method :user, :resource_owner
+  alias_attribute :user, :resource_owner
+
+  def scopes=(value)
+    if value.is_a?(Array)
+      super(Doorkeeper::OAuth::Scopes.from_array(value).to_s)
+    else
+      super
+    end
+  end
 end
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -396,7 +396,7 @@ module API
    def sudo!
      return unless sudo_identifier

-      raise UnauthorizedError unless initial_current_user
+      unauthorized! unless initial_current_user

      unless initial_current_user.admin?
        forbidden!('Must be admin to use sudo')
@@ -409,10 +409,7 @@ module API
      validate_access_token!(scopes: [:sudo])

      sudoed_user = find_user(sudo_identifier)
-
-      unless sudoed_user
-        not_found!("No user id or username for: #{sudo_identifier}")
-      end
+      not_found!("User with ID or username '#{sudo_identifier}'") unless sudoed_user

      @current_user = sudoed_user
    end

--- a/spec/requests/api/helpers_spec.rb
+++ b/spec/requests/api/helpers_spec.rb