Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
c429c1c7
Commit
c429c1c7
authored
Oct 07, 2021
by
Małgorzata Ksionek
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add cr remarks
parent
e7676119
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
22 additions
and
48 deletions
+22
-48
ee/spec/lib/gitlab/auth/group_saml/session_enforcer_spec.rb
ee/spec/lib/gitlab/auth/group_saml/session_enforcer_spec.rb
+22
-48
No files found.
ee/spec/lib/gitlab/auth/group_saml/session_enforcer_spec.rb
View file @
c429c1c7
...
@@ -3,6 +3,12 @@
...
@@ -3,6 +3,12 @@
require
'spec_helper'
require
'spec_helper'
RSpec
.
describe
Gitlab
::
Auth
::
GroupSaml
::
SessionEnforcer
do
RSpec
.
describe
Gitlab
::
Auth
::
GroupSaml
::
SessionEnforcer
do
shared_examples
'not enforced'
do
it
'is not enforced'
do
expect
(
enforced?
).
to
be
false
end
end
describe
'#access_restricted'
do
describe
'#access_restricted'
do
let_it_be
(
:saml_provider
)
{
create
(
:saml_provider
,
enforced_sso:
true
)
}
let_it_be
(
:saml_provider
)
{
create
(
:saml_provider
,
enforced_sso:
true
)
}
let_it_be
(
:user
)
{
create
(
:user
)
}
let_it_be
(
:user
)
{
create
(
:user
)
}
...
@@ -35,9 +41,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
...
@@ -35,9 +41,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
end
end
end
end
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
context
'with sub-group'
do
context
'with sub-group'
do
before
do
before
do
...
@@ -48,9 +52,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
...
@@ -48,9 +52,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
subject
(
:enforced?
)
{
described_class
.
new
(
user
,
group
).
access_restricted?
}
subject
(
:enforced?
)
{
described_class
.
new
(
user
,
group
).
access_restricted?
}
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'with expired session'
do
context
'with expired session'
do
...
@@ -74,9 +76,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
...
@@ -74,9 +76,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
end
end
end
end
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'with two active sessions for the same provider and one pre-sso'
,
:clean_gitlab_redis_shared_state
do
context
'with two active sessions for the same provider and one pre-sso'
,
:clean_gitlab_redis_shared_state
do
...
@@ -94,9 +94,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
...
@@ -94,9 +94,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
end
end
end
end
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'without enforced_sso_expiry feature flag'
do
context
'without enforced_sso_expiry feature flag'
do
...
@@ -106,41 +104,31 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
...
@@ -106,41 +104,31 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
stub_feature_flags
(
enforced_sso_expiry:
false
)
stub_feature_flags
(
enforced_sso_expiry:
false
)
end
end
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'without group'
do
context
'without group'
do
let
(
:root_group
)
{
nil
}
let
(
:root_group
)
{
nil
}
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'without saml_provider'
do
context
'without saml_provider'
do
let
(
:root_group
)
{
create
(
:group
)
}
let
(
:root_group
)
{
create
(
:group
)
}
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'with admin'
,
:enable_admin_mode
do
context
'with admin'
,
:enable_admin_mode
do
let
(
:user
)
{
create
(
:user
,
:admin
)
}
let
(
:user
)
{
create
(
:user
,
:admin
)
}
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'with auditor'
do
context
'with auditor'
do
let
(
:user
)
{
create
(
:user
,
:auditor
)
}
let
(
:user
)
{
create
(
:user
,
:auditor
)
}
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'with group owner'
do
context
'with group owner'
do
...
@@ -148,9 +136,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
...
@@ -148,9 +136,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
root_group
.
add_owner
(
user
)
root_group
.
add_owner
(
user
)
end
end
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
end
end
...
@@ -162,17 +148,13 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
...
@@ -162,17 +148,13 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
context
'with admin'
,
:enable_admin_mode
do
context
'with admin'
,
:enable_admin_mode
do
let
(
:user
)
{
create
(
:user
,
:admin
)
}
let
(
:user
)
{
create
(
:user
,
:admin
)
}
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'with auditor'
do
context
'with auditor'
do
let
(
:user
)
{
create
(
:user
,
:auditor
)
}
let
(
:user
)
{
create
(
:user
,
:auditor
)
}
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'with group owner'
do
context
'with group owner'
do
...
@@ -180,9 +162,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
...
@@ -180,9 +162,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
root_group
.
add_owner
(
user
)
root_group
.
add_owner
(
user
)
end
end
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
context
'when group is a subgroup'
do
context
'when group is a subgroup'
do
before
do
before
do
...
@@ -202,9 +182,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
...
@@ -202,9 +182,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
context
'with project bot'
do
context
'with project bot'
do
let
(
:user
)
{
create
(
:user
,
:project_bot
)
}
let
(
:user
)
{
create
(
:user
,
:project_bot
)
}
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
end
end
end
end
...
@@ -227,15 +205,11 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
...
@@ -227,15 +205,11 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
end
end
end
end
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
context
'without any session'
do
context
'without any session'
do
it
'returns false'
do
it_behaves_like
'not enforced'
expect
(
enforced?
).
to
eq
(
false
)
end
end
end
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment