suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

pass if scope does not match

Browse Source
This commit is contained in:
Konstantin Haase 2013-01-13 20:08:56 +01:00
parent cc2a1cd50e
commit 01fe983a0c
2 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/travis/api/app/extensions/scoping.rb
View File

@ -31,9 +31,9 @@ class Travis::Api::App
headers['Vary'] << ', Authorization' unless public? headers['Vary'] << ', Authorization' unless public?
true true
elsif env['travis.access_token'] elsif env['travis.access_token']
halt 403, "insufficient access" pass { halt 403, "insufficient access" }
else else
halt 401, "no access token supplied" pass { halt 401, "no access token supplied" }
end end
end end
end end

13
spec/unit/extensions/scoping_spec.rb
View File

@ -8,6 +8,8 @@ describe Travis::Api::App::Extensions::Scoping do
register Travis::Api::App::Extensions::Scoping register Travis::Api::App::Extensions::Scoping
get('/') { 'ok' } get('/') { 'ok' }
get('/private', scope: :private) { 'ok' } get('/private', scope: :private) { 'ok' }
get('/pass_me', scope: :private) { 'first' }
get('/pass_me') { 'second' }
end end
User.stubs(:find).with(user.id).returns(user) User.stubs(:find).with(user.id).returns(user)
@ -62,4 +64,15 @@ describe Travis::Api::App::Extensions::Scoping do
headers['X-Accepted-OAuth-Scopes'].should == 'private' headers['X-Accepted-OAuth-Scopes'].should == 'private'
headers['X-OAuth-Scopes'].should == 'foo,bar' headers['X-OAuth-Scopes'].should == 'foo,bar'
end end
it 'passes on to unscoped routes' do
get('/pass_me').should be_ok
body.should == 'second'
end
it 'does not pass if scope matches' do
with_scopes('/pass_me', :private).should be_ok
body.should == 'first'
end
end end