|
|
|
@ -30,7 +30,6 @@ require 'spec_helper' |
|
|
|
|
|
|
|
|
|
describe ::OpenIDConnect::ProvidersController, type: :controller do |
|
|
|
|
let(:user) { build_stubbed :admin } |
|
|
|
|
let(:ee) { true } |
|
|
|
|
|
|
|
|
|
let(:valid_params) do |
|
|
|
|
{ |
|
|
|
@ -42,129 +41,135 @@ describe ::OpenIDConnect::ProvidersController, type: :controller do |
|
|
|
|
|
|
|
|
|
before do |
|
|
|
|
login_as user |
|
|
|
|
allow(EnterpriseToken).to receive(:show_banners?).and_return(!ee) |
|
|
|
|
without_enterprise_token |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when not ee' do |
|
|
|
|
let(:ee) { false } |
|
|
|
|
context 'without an EE token' do |
|
|
|
|
|
|
|
|
|
it 'renders upsale' do |
|
|
|
|
get :index |
|
|
|
|
expect(response.status).to eq 200 |
|
|
|
|
expect(response).to have_http_status(:ok) |
|
|
|
|
expect(response).to render_template 'openid_connect/providers/upsale' |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when not admin' do |
|
|
|
|
let(:user) { build_stubbed :user } |
|
|
|
|
|
|
|
|
|
it 'renders 403' do |
|
|
|
|
get :index |
|
|
|
|
expect(response.status).to eq 403 |
|
|
|
|
context 'with an EE token' do |
|
|
|
|
before do |
|
|
|
|
login_as user |
|
|
|
|
with_enterprise_token :openid_providers |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when not logged in' do |
|
|
|
|
let(:user) { User.anonymous } |
|
|
|
|
context 'when not admin' do |
|
|
|
|
let(:user) { build_stubbed(:user) } |
|
|
|
|
|
|
|
|
|
it 'renders 403' do |
|
|
|
|
get :index |
|
|
|
|
expect(response.status).to redirect_to(signin_url(back_url: openid_connect_providers_url)) |
|
|
|
|
it 'renders 403' do |
|
|
|
|
get :index |
|
|
|
|
expect(response).to have_http_status(:forbidden) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
describe '#index' do |
|
|
|
|
it 'renders the index page' do |
|
|
|
|
get :index |
|
|
|
|
expect(response).to be_successful |
|
|
|
|
expect(response).to render_template 'index' |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
context 'when not logged in' do |
|
|
|
|
let(:user) { User.anonymous } |
|
|
|
|
|
|
|
|
|
describe '#new' do |
|
|
|
|
it 'renders the new page' do |
|
|
|
|
get :new |
|
|
|
|
expect(response).to be_successful |
|
|
|
|
expect(assigns[:provider]).to be_new_record |
|
|
|
|
expect(response).to render_template 'new' |
|
|
|
|
it 'renders 403' do |
|
|
|
|
get :index |
|
|
|
|
expect(response.status).to redirect_to(signin_url(back_url: openid_connect_providers_url)) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'redirects to the index page if no provider available', with_settings: { |
|
|
|
|
plugin_openproject_openid_connect: { |
|
|
|
|
"providers" => OpenIDConnect::Provider::ALLOWED_TYPES.inject({}) do |accu, name| |
|
|
|
|
accu.merge(name => { "identifier" => "IDENTIFIER", "secret" => "SECRET" }) |
|
|
|
|
end |
|
|
|
|
} |
|
|
|
|
} do |
|
|
|
|
get :new |
|
|
|
|
expect(response).to be_redirect |
|
|
|
|
describe '#index' do |
|
|
|
|
it 'renders the index page' do |
|
|
|
|
get :index |
|
|
|
|
expect(response).to be_successful |
|
|
|
|
expect(response).to render_template 'index' |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
describe '#create' do |
|
|
|
|
it 'is successful if valid params' do |
|
|
|
|
post :create, params: { openid_connect_provider: valid_params } |
|
|
|
|
expect(flash[:notice]).to eq(I18n.t(:notice_successful_create)) |
|
|
|
|
expect(Setting.plugin_openproject_openid_connect["providers"]).to have_key("azure") |
|
|
|
|
expect(response).to be_redirect |
|
|
|
|
end |
|
|
|
|
describe '#new' do |
|
|
|
|
it 'renders the new page' do |
|
|
|
|
get :new |
|
|
|
|
expect(response).to be_successful |
|
|
|
|
expect(assigns[:provider]).to be_new_record |
|
|
|
|
expect(response).to render_template 'new' |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'renders an error if invalid params' do |
|
|
|
|
post :create, params: { openid_connect_provider: valid_params.merge(identifier: "") } |
|
|
|
|
expect(response).to render_template 'new' |
|
|
|
|
it 'redirects to the index page if no provider available', with_settings: { |
|
|
|
|
plugin_openproject_openid_connect: { |
|
|
|
|
"providers" => OpenIDConnect::Provider::ALLOWED_TYPES.inject({}) do |accu, name| |
|
|
|
|
accu.merge(name => { "identifier" => "IDENTIFIER", "secret" => "SECRET" }) |
|
|
|
|
end |
|
|
|
|
} |
|
|
|
|
} do |
|
|
|
|
get :new |
|
|
|
|
expect(response).to be_redirect |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
describe '#edit' do |
|
|
|
|
context 'when found', with_settings: { |
|
|
|
|
plugin_openproject_openid_connect: { |
|
|
|
|
"providers" => { "azure" => { "identifier" => "IDENTIFIER", "secret" => "SECRET" } } |
|
|
|
|
} |
|
|
|
|
} do |
|
|
|
|
it 'renders the edit page' do |
|
|
|
|
get :edit, params: { id: 'azure' } |
|
|
|
|
expect(response).to be_successful |
|
|
|
|
expect(assigns[:provider]).to be_present |
|
|
|
|
expect(response).to render_template 'edit' |
|
|
|
|
describe '#create' do |
|
|
|
|
it 'is successful if valid params' do |
|
|
|
|
post :create, params: { openid_connect_provider: valid_params } |
|
|
|
|
expect(flash[:notice]).to eq(I18n.t(:notice_successful_create)) |
|
|
|
|
expect(Setting.plugin_openproject_openid_connect["providers"]).to have_key("azure") |
|
|
|
|
expect(response).to be_redirect |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'renders an error if invalid params' do |
|
|
|
|
post :create, params: { openid_connect_provider: valid_params.merge(identifier: "") } |
|
|
|
|
expect(response).to render_template 'new' |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when not found' do |
|
|
|
|
it 'renders 404' do |
|
|
|
|
get :edit, params: { id: 'doesnoexist' } |
|
|
|
|
expect(response).not_to be_successful |
|
|
|
|
expect(response.status).to eq 404 |
|
|
|
|
describe '#edit' do |
|
|
|
|
context 'when found', with_settings: { |
|
|
|
|
plugin_openproject_openid_connect: { |
|
|
|
|
"providers" => { "azure" => { "identifier" => "IDENTIFIER", "secret" => "SECRET" } } |
|
|
|
|
} |
|
|
|
|
} do |
|
|
|
|
it 'renders the edit page' do |
|
|
|
|
get :edit, params: { id: 'azure' } |
|
|
|
|
expect(response).to be_successful |
|
|
|
|
expect(assigns[:provider]).to be_present |
|
|
|
|
expect(response).to render_template 'edit' |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when not found' do |
|
|
|
|
it 'renders 404' do |
|
|
|
|
get :edit, params: { id: 'doesnoexist' } |
|
|
|
|
expect(response).not_to be_successful |
|
|
|
|
expect(response).to have_http_status(:not_found) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
describe '#update' do |
|
|
|
|
context 'when found', with_settings: { |
|
|
|
|
plugin_openproject_openid_connect: { |
|
|
|
|
"providers" => { "azure" => { "identifier" => "IDENTIFIER", "secret" => "SECRET" } } |
|
|
|
|
} |
|
|
|
|
} do |
|
|
|
|
it 'successfully updates the provider configuration' do |
|
|
|
|
put :update, params: { id: "azure", openid_connect_provider: valid_params.merge(secret: "NEWSECRET") } |
|
|
|
|
expect(response).to be_redirect |
|
|
|
|
expect(flash[:notice]).to be_present |
|
|
|
|
provider = OpenProject::OpenIDConnect.providers.find { |item| item.name == "azure" } |
|
|
|
|
expect(provider.secret).to eq("NEWSECRET") |
|
|
|
|
describe '#update' do |
|
|
|
|
context 'when found', with_settings: { |
|
|
|
|
plugin_openproject_openid_connect: { |
|
|
|
|
"providers" => { "azure" => { "identifier" => "IDENTIFIER", "secret" => "SECRET" } } |
|
|
|
|
} |
|
|
|
|
} do |
|
|
|
|
it 'successfully updates the provider configuration' do |
|
|
|
|
put :update, params: { id: "azure", openid_connect_provider: valid_params.merge(secret: "NEWSECRET") } |
|
|
|
|
expect(response).to be_redirect |
|
|
|
|
expect(flash[:notice]).to be_present |
|
|
|
|
provider = OpenProject::OpenIDConnect.providers.find { |item| item.name == "azure" } |
|
|
|
|
expect(provider.secret).to eq("NEWSECRET") |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
describe '#destroy' do |
|
|
|
|
context 'when found', with_settings: { |
|
|
|
|
plugin_openproject_openid_connect: { |
|
|
|
|
"providers" => { "azure" => { "identifier" => "IDENTIFIER", "secret" => "SECRET" } } |
|
|
|
|
} |
|
|
|
|
} do |
|
|
|
|
it 'removes the provider' do |
|
|
|
|
delete :destroy, params: { id: "azure" } |
|
|
|
|
expect(response).to be_redirect |
|
|
|
|
expect(flash[:notice]).to be_present |
|
|
|
|
expect(OpenProject::OpenIDConnect.providers).to be_empty |
|
|
|
|
describe '#destroy' do |
|
|
|
|
context 'when found', with_settings: { |
|
|
|
|
plugin_openproject_openid_connect: { |
|
|
|
|
"providers" => { "azure" => { "identifier" => "IDENTIFIER", "secret" => "SECRET" } } |
|
|
|
|
} |
|
|
|
|
} do |
|
|
|
|
it 'removes the provider' do |
|
|
|
|
delete :destroy, params: { id: "azure" } |
|
|
|
|
expect(response).to be_redirect |
|
|
|
|
expect(flash[:notice]).to be_present |
|
|
|
|
expect(OpenProject::OpenIDConnect.providers).to be_empty |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|