add travis_token scope

2012-12-12 17:11:25 +01:00 · 2012-12-12 17:11:25 +01:00 · bc1c960c20
commit bc1c960c20
parent 8669420f04
4 changed files with 36 additions and 2 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -45,7 +45,7 @@ GIT

 GIT
  remote: git://github.com/travis-ci/travis-core.git
-  revision: 751da684a3c44b2c493ebc41e9b38ff8edd5cef8
+  revision: 500daa4a822d09783f5e64dbc196275770f2570e
  specs:
    travis-core (0.0.1)
      actionmailer (~> 3.2.3)
--- a/lib/travis/api/app/access_token.rb
+++ b/lib/travis/api/app/access_token.rb
@ -10,7 +10,13 @@ class Travis::Api::App
      new(options).tap(&:save)
    end

+    def self.for_travis_token(travis_token, options = {})
+      travis_token = Token.find_by_token(travis_token) unless travis_token.respond_to? :user
+      new(scope: :travis_token, app_id: 1, user: travis_token.user).tap(&:save) if travis_token
+    end
+
    def self.find_by_token(token)
+      return token if token.is_a? self
      user_id, app_id, *scopes = redis.lrange(key(token), 0, -1)
      new(token: token, scopes: scopes, user_id: user_id, app_id: app_id) if user_id
    end
--- a/lib/travis/api/app/middleware/scope_check.rb
+++ b/lib/travis/api/app/middleware/scope_check.rb
@ -19,11 +19,16 @@ class Travis::Api::App
      end

      def token
-        @token ||= header_token || query_token
+        @token ||= header_token || query_token || travis_token
      end

      private

+        def travis_token
+          return unless token = params[:token]
+          AccessToken.for_travis_token(token) || ""
+        end
+
        def query_token
          params[:access_token] if params[:access_token] and not params[:access_token].empty?
        end
--- a/spec/unit/middleware/scope_check_spec.rb
+++ b/spec/unit/middleware/scope_check_spec.rb
@ -41,6 +41,29 @@ describe Travis::Api::App::Middleware::ScopeCheck do
    end
  end

+  describe 'with travis token' do
+    let(:travis_token) { stub_travis_token(user: user) }
+    let(:token) { travis_token.token }
+
+    before do
+      Token.stubs(:find_by_token).with(travis_token.token).returns(travis_token)
+      Token.stubs(:find_by_token).with("invalid").returns(nil)
+    end
+
+    it 'accepts a valid travis token' do
+      get('/', token: token).should be_ok
+    end
+
+    it 'rejects an invalid travis token' do
+      get('/', token: token)
+      headers['X-OAuth-Scopes'].should == 'travis_token'
+    end
+
+    it 'sets the scope to travis_token' do
+      get('/', token: "invalid").should_not be_ok
+    end
+  end
+
  describe 'reject requests with an invalide token' do
    it 'rejects Authorization token header' do
      get('/', {}, 'HTTP_AUTHORIZATION' => "token foo").should_not be_ok