mirror of
				https://github.com/discourse/discourse.git
				synced 2025-02-25 18:55:32 -06:00 
			
		
		
		
	
		
			
				
	
	
		
			28 lines
		
	
	
		
			1.1 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
			
		
		
	
	
			28 lines
		
	
	
		
			1.1 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
| require 'rails_helper'
 | |
| 
 | |
| describe UserApiKey do
 | |
|   context "#allow?" do
 | |
|     it "can look up permissions correctly" do
 | |
|       key = UserApiKey.new(scopes: ['message_bus', 'notifications'])
 | |
| 
 | |
|       expect(key.allow?("PATH_INFO" => "/random", "REQUEST_METHOD" => "GET")).to eq(false)
 | |
|       expect(key.allow?("PATH_INFO" => "/message-bus/1234/poll", "REQUEST_METHOD" => "POST")).to eq(true)
 | |
| 
 | |
|       expect(key.allow?("action_dispatch.request.path_parameters" => { controller: "notifications", action: "mark_read" },
 | |
|                         "PATH_INFO" => "/xyz", "REQUEST_METHOD" => "PUT")).to eq(true)
 | |
| 
 | |
|       expect(key.allow?("action_dispatch.request.path_parameters" => { controller: "user_api_keys", action: "revoke" },
 | |
|                         "PATH_INFO" => "/xyz", "REQUEST_METHOD" => "POST")).to eq(true)
 | |
| 
 | |
|     end
 | |
| 
 | |
|     it "can allow blanket read" do
 | |
| 
 | |
|       key = UserApiKey.new(scopes: ['read'])
 | |
| 
 | |
|       expect(key.allow?("PATH_INFO" => "/random", "REQUEST_METHOD" => "GET")).to eq(true)
 | |
|       expect(key.allow?("PATH_INFO" => "/random", "REQUEST_METHOD" => "PUT")).to eq(false)
 | |
|     end
 | |
|   end
 | |
| end
 |