Review tests that require admin access to audit and standardize access token creation
While investigating issues with access tokens on Staging, I realized that our tests don't create admin access tokens consistently, and sometimes they do so in a way that allows later tests to use the same token when admin access is not required.
We should review the (22) spec files that require admin access and:
- update them to use the API client consistently (e.g., via
Runtime::API::Client.as_admin
) - ensure than when
GITLAB_QA_ADMIN_ACCESS_TOKEN
is given, the tests use that token rather than creating a new one - ensure tests that don't require admin access don't use an admin token created by a previous test (e.g., don't overwrite
Runtime::Env.personal_access_token
with an admin access token)
Edited by Mark Lapierre