access_token_validation_service_spec.rb 2.86 KB
Newer Older
1 2
require 'spec_helper'

3
describe AccessTokenValidationService do
4
  describe ".include_any_scope?" do
5 6
    let(:request) { double("request") }

7 8
    it "returns true if the required scope is present in the token's scopes" do
      token = double("token", scopes: [:api, :read_user])
9
      scopes = [:api]
10

11
      expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true)
12 13 14 15
    end

    it "returns true if more than one of the required scopes is present in the token's scopes" do
      token = double("token", scopes: [:api, :read_user, :other_scope])
16
      scopes = [:api, :other_scope]
17

18
      expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true)
19 20 21 22
    end

    it "returns true if the list of required scopes is an exact match for the token's scopes" do
      token = double("token", scopes: [:api, :read_user, :other_scope])
23
      scopes = [:api, :read_user, :other_scope]
24

25
      expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true)
26 27 28 29
    end

    it "returns true if the list of required scopes contains all of the token's scopes, in addition to others" do
      token = double("token", scopes: [:api, :read_user])
30
      scopes = [:api, :read_user, :other_scope]
31

32
      expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true)
33 34 35 36
    end

    it 'returns true if the list of required scopes is blank' do
      token = double("token", scopes: [])
37
      scopes = []
38

39
      expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true)
40 41 42 43
    end

    it "returns false if there are no scopes in common between the required scopes and the token scopes" do
      token = double("token", scopes: [:api, :read_user])
44
      scopes = [:other_scope]
45

46
      expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(false)
47 48 49
    end

    context "conditions" do
50 51
      it "ignores any scopes whose `if` condition returns false" do
        token = double("token", scopes: [:api, :read_user])
52
        scopes = [API::Scope.new(:api, if: ->(_) { false })]
53

54
        expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(false)
55
      end
56

57 58
      it "does not ignore scopes whose `if` condition is not set" do
        token = double("token", scopes: [:api, :read_user])
59
        scopes = [API::Scope.new(:api, if: ->(_) { false }), :read_user]
60

61
        expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true)
62
      end
63

64 65
      it "does not ignore scopes whose `if` condition returns true" do
        token = double("token", scopes: [:api, :read_user])
66
        scopes = [API::Scope.new(:api, if: ->(_) { true }), API::Scope.new(:read_user, if: ->(_) { false })]
67

68
        expect(described_class.new(token, request: request).include_any_scope?(scopes)).to be(true)
69
      end
70 71 72
    end
  end
end