cartodb/spec/lib/tasks/oauth_rake_spec.rb
2020-06-15 10:58:47 +08:00

113 lines
4.0 KiB
Ruby

require 'spec_helper_min'
require 'rake'
describe 'oauth.rake' do
before(:all) do
Rake.application.rake_require('tasks/oauth')
Rake::Task.define_task(:environment)
@sequel_developer = FactoryGirl.create(:valid_user)
@developer = Carto::User.find(@sequel_developer.id)
@user = FactoryGirl.create(:valid_user)
@oauth_app = FactoryGirl.create(:oauth_app, user: @developer)
end
before(:each) do
@oauth_app_user = @oauth_app.oauth_app_users.create!(user_id: @user.id)
end
after(:each) do
@oauth_app_user.reload.destroy!
Delorean.back_to_the_present
end
after(:all) do
@oauth_app.destroy!
@user.destroy
@sequel_developer.destroy
end
describe '#destroy_expired_access_tokens' do
before(:each) do
Rake::Task['cartodb:oauth:destroy_expired_access_tokens'].reenable
end
it 'does not delete just created access tokens' do
access_token = @oauth_app_user.oauth_access_tokens.create!
Rake::Task['cartodb:oauth:destroy_expired_access_tokens'].invoke
expect(Carto::OauthAccessToken.exists?(access_token.id)).to(be_true)
end
it 'deletes old access tokens' do
access_token = @oauth_app_user.oauth_access_tokens.create!
Delorean.jump(2.hours)
Rake::Task['cartodb:oauth:destroy_expired_access_tokens'].invoke
expect(Carto::OauthAccessToken.exists?(access_token.id)).to(be_false)
end
end
describe '#destroy_expired_refresh_tokens' do
before(:each) do
Rake::Task['cartodb:oauth:destroy_expired_refresh_tokens'].reenable
end
it 'does not delete just created access tokens' do
refresh_token = @oauth_app_user.oauth_refresh_tokens.create!(scopes: ['offline'])
Rake::Task['cartodb:oauth:destroy_expired_refresh_tokens'].invoke
expect(Carto::OauthRefreshToken.exists?(refresh_token.id)).to(be_true)
end
it 'deletes old access tokens' do
refresh_token = @oauth_app_user.oauth_refresh_tokens.create!(scopes: ['offline'])
Delorean.jump(1.year)
Rake::Task['cartodb:oauth:destroy_expired_refresh_tokens'].invoke
expect(Carto::OauthRefreshToken.exists?(refresh_token.id)).to(be_false)
end
end
describe '#destroy_expired_authorization_codes' do
before(:each) do
Rake::Task['cartodb:oauth:destroy_expired_authorization_codes'].reenable
end
it 'does not delete just created access tokens' do
authorization_code = @oauth_app_user.oauth_authorization_codes.create!
Rake::Task['cartodb:oauth:destroy_expired_authorization_codes'].invoke
expect(Carto::OauthAuthorizationCode.exists?(authorization_code.id)).to(be_true)
end
it 'deletes old access tokens' do
authorization_code = @oauth_app_user.oauth_authorization_codes.create!
Delorean.jump(2.minutes)
Rake::Task['cartodb:oauth:destroy_expired_authorization_codes'].invoke
expect(Carto::OauthAuthorizationCode.exists?(authorization_code.id)).to(be_false)
end
end
describe '#create_ownership_role' do
before(:each) do
Rake::Task['cartodb:oauth:create_ownership_role'].reenable
end
it 'does nothing for a user with ownership role' do
expect(@oauth_app_user.exists_ownership_role?).to(be_true)
Carto::OauthAppUser.any_instance.expects(:create_ownership_role).never
Carto::OauthAppUser.any_instance.expects(:grant_ownership_role_privileges).never
Carto::ApiKey.any_instance.expects(:grant_ownership_role_privileges).never
Carto::ApiKey.any_instance.expects(:save_cdb_conf_info).never
Rake::Task['cartodb:oauth:create_ownership_role'].invoke
end
it 'creates ownership roles + grants for oauth app users missing it' do
drop_role_query = %{ DROP ROLE "#{@oauth_app_user.ownership_role_name}" }
@developer.in_database(as: :superuser).execute(drop_role_query)
expect(@oauth_app_user.exists_ownership_role?).to(be_false)
Carto::OauthAppUser.any_instance.expects(:grant_ownership_role_privileges).once
Rake::Task['cartodb:oauth:create_ownership_role'].invoke
expect(@oauth_app_user.exists_ownership_role?).to(be_true)
end
end
end