suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix scope check

Browse Source
This commit is contained in:
Konstantin Haase 2013-01-11 16:20:53 +01:00
parent 6cb512be30
commit ada6ee0f2c
3 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/travis/api/app/endpoint/authorization.rb
View File

@ -243,7 +243,17 @@ class Travis::Api::App
end end
def acceptable?(scopes) def acceptable?(scopes)
scopes.include? 'public_repo' or scopes.include? 'repo' User::Oauth.wanted_scopes.all? do |scope|
acceptable_scopes_for(scope).any? { |s| scopes.include? s }
end
end
def acceptable_scopes_for(scope)
case scope = scope.to_s
when /^(.+):/ then [$1, scope]
when 'public_repo' then [scope, 'repo']
else [scope]
end
end end
def post_message(payload) def post_message(payload)

2
spec/spec_helper.rb
View File

@ -47,6 +47,8 @@ RSpec.configure do |c|
c.before :each do c.before :each do
DatabaseCleaner.start DatabaseCleaner.start
::Redis.connect(url: Travis.config.redis.url).flushdb ::Redis.connect(url: Travis.config.redis.url).flushdb
Travis.config.oauth2 ||= {}
Travis.config.oauth2.scope = "user:email,public_repo"
set_app Travis::Api::App.new set_app Travis::Api::App.new
end end

4
spec/unit/endpoint/authorization_spec.rb
View File

@ -26,8 +26,8 @@ describe Travis::Api::App::Endpoint::Authorization do
describe 'POST /auth/github' do describe 'POST /auth/github' do
before do before do
data = { 'id' => user.github_id, 'name' => user.name, 'login' => user.login, 'gravatar_id' => user.gravatar_id } data = { 'id' => user.github_id, 'name' => user.name, 'login' => user.login, 'gravatar_id' => user.gravatar_id }
GH.stubs(:with).with(token: 'private repos').returns stub(:[] => user.login, :headers => {'x-oauth-scopes' => 'repo'}, :to_hash => data) GH.stubs(:with).with(token: 'private repos').returns stub(:[] => user.login, :headers => {'x-oauth-scopes' => 'user,repo'}, :to_hash => data)
GH.stubs(:with).with(token: 'public repos').returns stub(:[] => user.login, :headers => {'x-oauth-scopes' => 'public_repo'}, :to_hash => data) GH.stubs(:with).with(token: 'public repos').returns stub(:[] => user.login, :headers => {'x-oauth-scopes' => 'user,public_repo'}, :to_hash => data)
GH.stubs(:with).with(token: 'no repos').returns stub(:[] => user.login, :headers => {'x-oauth-scopes' => 'user'}, :to_hash => data) GH.stubs(:with).with(token: 'no repos').returns stub(:[] => user.login, :headers => {'x-oauth-scopes' => 'user'}, :to_hash => data)
GH.stubs(:with).with(token: 'invalid token').raises(Faraday::Error::ClientError, 'CLIENT ERROR!') GH.stubs(:with).with(token: 'invalid token').raises(Faraday::Error::ClientError, 'CLIENT ERROR!')
end end