remove now-unused test
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
This commit is contained in:
parent
52d8183787
commit
3d546409b2
2 changed files with 1 additions and 59 deletions
|
@ -62,11 +62,7 @@ def validate(blank_scopes, _app_scopes, _user) when blank_scopes in [nil, []],
|
|||
do: {:error, :missing_scopes}
|
||||
|
||||
def validate(scopes, app_scopes, %Pleroma.User{is_admin: is_admin}) do
|
||||
if !is_admin && contains_admin_scopes?(scopes) do
|
||||
{:error, :user_is_not_an_admin}
|
||||
else
|
||||
validate_scopes_are_supported(scopes, app_scopes)
|
||||
end
|
||||
validate_scopes_are_supported(scopes, app_scopes)
|
||||
end
|
||||
|
||||
@spec filter_admin_scopes([String.t()], Pleroma.User.t()) :: [String.t()]
|
||||
|
|
|
@ -862,60 +862,6 @@ test "returns 401 for wrong credentials", %{conn: conn} do
|
|||
assert result =~ "Invalid Username/Password"
|
||||
end
|
||||
|
||||
test "returns 401 when attempting to use an admin scope with a non-admin", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
app = insert(:oauth_app, scopes: ["admin"])
|
||||
redirect_uri = OAuthController.default_redirect_uri(app)
|
||||
|
||||
result =
|
||||
conn
|
||||
|> post("/oauth/authorize", %{
|
||||
"authorization" => %{
|
||||
"name" => user.nickname,
|
||||
"password" => "test",
|
||||
"client_id" => app.client_id,
|
||||
"redirect_uri" => redirect_uri,
|
||||
"state" => "statepassed",
|
||||
"scope" => Enum.join(app.scopes, " ")
|
||||
}
|
||||
})
|
||||
|> html_response(:unauthorized)
|
||||
|
||||
# Keep the details
|
||||
assert result =~ app.client_id
|
||||
assert result =~ redirect_uri
|
||||
|
||||
# Error message
|
||||
assert result =~ "outside of authorized scopes"
|
||||
end
|
||||
|
||||
test "returns 401 for missing scopes" do
|
||||
user = insert(:user, is_admin: false)
|
||||
app = insert(:oauth_app, scopes: ["read", "write", "admin"])
|
||||
redirect_uri = OAuthController.default_redirect_uri(app)
|
||||
|
||||
result =
|
||||
build_conn()
|
||||
|> post("/oauth/authorize", %{
|
||||
"authorization" => %{
|
||||
"name" => user.nickname,
|
||||
"password" => "test",
|
||||
"client_id" => app.client_id,
|
||||
"redirect_uri" => redirect_uri,
|
||||
"state" => "statepassed",
|
||||
"scope" => ""
|
||||
}
|
||||
})
|
||||
|> html_response(:unauthorized)
|
||||
|
||||
# Keep the details
|
||||
assert result =~ app.client_id
|
||||
assert result =~ redirect_uri
|
||||
|
||||
# Error message
|
||||
assert result =~ "This action is outside of authorized scopes"
|
||||
end
|
||||
|
||||
test "returns 401 for scopes beyond app scopes hierarchy", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
app = insert(:oauth_app, scopes: ["read", "write"])
|
||||
|
|
Loading…
Reference in a new issue