Verified Commit 84b63007 authored by James Edwards-Jones's avatar James Edwards-Jones Committed by Paul Slaughter

PersonalAccessToken can be restricted to project from controller

parent 020e0444
Pipeline #32449322 failed with stages
in 36 minutes and 7 seconds
......@@ -37,7 +37,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
end
def personal_access_token_params
params.require(:personal_access_token).permit(:name, :expires_at, scopes: [])
params.require(:personal_access_token).permit(:name, :expires_at, scopes: [], project_ids: [])
end
# rubocop: disable CodeReuse/ActiveRecord
......
......@@ -33,6 +33,23 @@ describe Profiles::PersonalAccessTokensController do
expect(created_token).not_to be_nil
expect(created_token.expires_at).to eq(expires_at)
end
it "tokens are not restricted by project by default" do
post :create, personal_access_token: token_attributes
expect(created_token).not_to be_restricted_by_resource
end
it "allows creation of tokens restricted by project" do
allowed_project = create(:project)
restricted_project = create(:project)
post :create, personal_access_token: token_attributes.merge(project_ids: [allowed_project.id])
expect(created_token).to be_restricted_by_resource
expect(created_token.allows_resource?(allowed_project)).to be_truthy
expect(created_token.allows_resource?(restricted_project)).to be_falsey
end
end
describe '#index' do
......
......@@ -26,6 +26,14 @@ describe PersonalAccessToken do
end
end
describe '.create' do
it 'can be restricted to projects' do
token = create(:personal_access_token, projects: create_list(:project, 2))
expect(token.projects.count).to eq 2
end
end
describe ".active?" do
let(:active_personal_access_token) { build(:personal_access_token) }
let(:revoked_personal_access_token) { build(:personal_access_token, :revoked) }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment