Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2025-11-13 16:56:00 +01:00
Code Issues Packages Projects Releases Activity

Add OAuth2 provider capability using doorkeeper gem (#24808).

Browse Source 
Patch by Jens Krämer (user:jkraemer).

git-svn-id: https://svn.redmine.org/redmine/trunk@23837 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Marius Balteanu
2025-06-12 07:09:03 +00:00
parent e56d84b632
commit 2d3b3b939e
29 changed files with 750 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
test/unit/user_test.rb
View File

@@ -1398,6 +1398,67 @@ class UserTest < ActiveSupport::TestCase
end
end
def test_should_recognize_authorized_by_oauth
u = User.find 2
assert_not u.authorized_by_oauth?
u.oauth_scope = [:add_issues, :view_issues]
assert u.authorized_by_oauth?
end
def test_admin_should_be_limited_by_oauth_scope
u = User.find_by_admin(true)
assert u.admin?
u.oauth_scope = [:add_issues, :view_issues]
assert_not u.admin?
u.oauth_scope = [:add_issues, :view_issues, :admin]
assert u.admin?
u = User.find_by_admin(false)
assert_not u.admin?
u.oauth_scope = [:add_issues, :view_issues, :admin]
assert_not u.admin?
end
def test_oauth_scope_should_limit_global_user_permissions
admin = User.find 1
user = User.find 2
[admin, user].each do |u|
assert u.allowed_to?(:add_issues, nil, global: true)
assert u.allowed_to?(:view_issues, nil, global: true)
u.oauth_scope = [:view_issues]
assert_not u.allowed_to?(:add_issues, nil, global: true)
assert u.allowed_to?(:view_issues, nil, global: true)
end
end
def test_oauth_scope_should_limit_project_user_permissions
admin = User.find 1
project = Project.find 5
assert admin.allowed_to?(:add_issues, project)
assert admin.allowed_to?(:view_issues, project)
admin.oauth_scope = [:view_issues]
assert_not admin.allowed_to?(:add_issues, project)
assert admin.allowed_to?(:view_issues, project)
admin.oauth_scope = [:view_issues, :admin]
assert admin.allowed_to?(:add_issues, project)
assert admin.allowed_to?(:view_issues, project)
user = User.find 2
project = Project.find 1
assert user.allowed_to?(:add_issues, project)
assert user.allowed_to?(:view_issues, project)
user.oauth_scope = [:view_issues]
assert_not user.allowed_to?(:add_issues, project)
assert user.allowed_to?(:view_issues, project)
user.oauth_scope = [:view_issues, :admin]
assert_not user.allowed_to?(:add_issues, project)
assert user.allowed_to?(:view_issues, project)
end
def test_destroy_should_delete_associated_reactions
users(:users_004).reactions.create!(
[