mirror of
https://github.com/discourse/discourse.git
synced 2024-11-24 20:26:35 +08:00
3bb4f4c5ef
It wasn't obvious from the code, plus we'd never want this to regress!
77 lines
1.9 KiB
Ruby
77 lines
1.9 KiB
Ruby
require 'rails_helper'
|
|
|
|
describe Admin::ApiController do
|
|
|
|
it "is a subclass of AdminController" do
|
|
expect(Admin::ApiController < Admin::AdminController).to eq(true)
|
|
end
|
|
|
|
let(:admin) { Fabricate(:admin) }
|
|
|
|
context "as an admin" do
|
|
before do
|
|
sign_in(admin)
|
|
end
|
|
|
|
describe '#index' do
|
|
it "succeeds" do
|
|
get "/admin/api/keys.json"
|
|
expect(response.status).to eq(200)
|
|
end
|
|
end
|
|
|
|
describe '#regenerate_key' do
|
|
let(:api_key) { Fabricate(:api_key) }
|
|
|
|
it "returns 404 when there is no key" do
|
|
put "/admin/api/key.json", params: { id: 1234 }
|
|
expect(response.status).to eq(404)
|
|
end
|
|
|
|
it "delegates to the api key's `regenerate!` method" do
|
|
prev_value = api_key.key
|
|
put "/admin/api/key.json", params: { id: api_key.id }
|
|
expect(response.status).to eq(200)
|
|
|
|
api_key.reload
|
|
expect(api_key.key).not_to eq(prev_value)
|
|
expect(api_key.created_by.id).to eq(admin.id)
|
|
end
|
|
end
|
|
|
|
describe '#revoke_key' do
|
|
let(:api_key) { Fabricate(:api_key) }
|
|
|
|
it "returns 404 when there is no key" do
|
|
delete "/admin/api/key.json", params: { id: 1234 }
|
|
expect(response.status).to eq(404)
|
|
end
|
|
|
|
it "delegates to the api key's `regenerate!` method" do
|
|
delete "/admin/api/key.json", params: { id: api_key.id }
|
|
expect(response.status).to eq(200)
|
|
expect(ApiKey.where(key: api_key.key).count).to eq(0)
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#create_master_key' do
|
|
it "creates a record" do
|
|
sign_in(admin)
|
|
expect do
|
|
post "/admin/api/key.json"
|
|
end.to change(ApiKey, :count).by(1)
|
|
expect(response.status).to eq(200)
|
|
end
|
|
|
|
it "doesn't allow moderators to create master keys" do
|
|
sign_in(Fabricate(:moderator))
|
|
expect do
|
|
post "/admin/api/key.json"
|
|
end.to change(ApiKey, :count).by(0)
|
|
expect(response.status).to eq(404)
|
|
end
|
|
|
|
end
|
|
end
|