quad/akkoma
1
0
Fork 0
forked from AkkomaGang/akkoma
Code Issues Pull requests Projects Releases Packages Wiki Activity

remove now-unused test

Browse source
This commit is contained in:
FloatingGhost 2022-12-17 23:21:24 +00:00
parent 52d8183787
commit 3d546409b2
2 changed files with 1 additions and 59 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/pleroma/web/o_auth/scopes.ex
View file

@ -62,12 +62,8 @@ def validate(blank_scopes, _app_scopes, _user) when blank_scopes in [nil, []],
do: {:error, :missing_scopes} do: {:error, :missing_scopes}
def validate(scopes, app_scopes, %Pleroma.User{is_admin: is_admin}) do def validate(scopes, app_scopes, %Pleroma.User{is_admin: is_admin}) do
if !is_admin && contains_admin_scopes?(scopes) do
{:error, :user_is_not_an_admin}
else
validate_scopes_are_supported(scopes, app_scopes) validate_scopes_are_supported(scopes, app_scopes)
end end
end
@spec filter_admin_scopes([String.t()], Pleroma.User.t()) :: [String.t()] @spec filter_admin_scopes([String.t()], Pleroma.User.t()) :: [String.t()]
@doc """ @doc """

54
test/pleroma/web/o_auth/o_auth_controller_test.exs
View file

@ -862,60 +862,6 @@ test "returns 401 for wrong credentials", %{conn: conn} do
assert result =~ "Invalid Username/Password" assert result =~ "Invalid Username/Password"
end end
test "returns 401 when attempting to use an admin scope with a non-admin", %{conn: conn} do
user = insert(:user)
app = insert(:oauth_app, scopes: ["admin"])
redirect_uri = OAuthController.default_redirect_uri(app)
result =
conn
|> post("/oauth/authorize", %{
"authorization" => %{
"name" => user.nickname,
"password" => "test",
"client_id" => app.client_id,
"redirect_uri" => redirect_uri,
"state" => "statepassed",
"scope" => Enum.join(app.scopes, " ")
}
})
|> html_response(:unauthorized)
# Keep the details
assert result =~ app.client_id
assert result =~ redirect_uri
# Error message
assert result =~ "outside of authorized scopes"
end
test "returns 401 for missing scopes" do
user = insert(:user, is_admin: false)
app = insert(:oauth_app, scopes: ["read", "write", "admin"])
redirect_uri = OAuthController.default_redirect_uri(app)
result =
build_conn()
|> post("/oauth/authorize", %{
"authorization" => %{
"name" => user.nickname,
"password" => "test",
"client_id" => app.client_id,
"redirect_uri" => redirect_uri,
"state" => "statepassed",
"scope" => ""
}
})
|> html_response(:unauthorized)
# Keep the details
assert result =~ app.client_id
assert result =~ redirect_uri
# Error message
assert result =~ "This action is outside of authorized scopes"
end
test "returns 401 for scopes beyond app scopes hierarchy", %{conn: conn} do test "returns 401 for scopes beyond app scopes hierarchy", %{conn: conn} do
user = insert(:user) user = insert(:user)
app = insert(:oauth_app, scopes: ["read", "write"]) app = insert(:oauth_app, scopes: ["read", "write"])