hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[#1234] Mastodon 2.4.3 hierarchical scopes initial support (WIP).

Browse source
This commit is contained in:
Ivan Tashkinov 2019-09-08 15:00:03 +03:00
commit b63faf9819
8 changed files with 113 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

38
test/plugs/oauth_scopes_plug_test.exs
View file

@ -84,7 +84,8 @@ defmodule Pleroma.Plugs.OAuthScopesPlugTest do
refute conn.assigns[:user]
end
test "returns 403 and halts in case of no :fallback option and `token.scopes` not fulfilling specified 'any of' conditions",
test "returns 403 and halts " <>
"in case of no :fallback option and `token.scopes` not fulfilling specified 'any of' conditions",
%{conn: conn} do
token = insert(:oauth_token, scopes: ["read", "write"])
any_of_scopes = ["follow"]
@ -101,7 +102,8 @@ defmodule Pleroma.Plugs.OAuthScopesPlugTest do
assert Jason.encode!(%{error: expected_error}) == conn.resp_body
end
test "returns 403 and halts in case of no :fallback option and `token.scopes` not fulfilling specified 'all of' conditions",
test "returns 403 and halts " <>
"in case of no :fallback option and `token.scopes` not fulfilling specified 'all of' conditions",
%{conn: conn} do
token = insert(:oauth_token, scopes: ["read", "write"])
all_of_scopes = ["write", "follow"]
@ -119,4 +121,36 @@ defmodule Pleroma.Plugs.OAuthScopesPlugTest do
assert Jason.encode!(%{error: expected_error}) == conn.resp_body
end
describe "with hierarchical scopes, " do
test "proceeds with no op if `token.scopes` fulfill specified 'any of' conditions", %{
conn: conn
} do
token = insert(:oauth_token, scopes: ["read", "write"]) |> Repo.preload(:user)
conn =
conn
|> assign(:user, token.user)
|> assign(:token, token)
|> OAuthScopesPlug.call(%{scopes: ["read:something"]})
refute conn.halted
assert conn.assigns[:user]
end
test "proceeds with no op if `token.scopes` fulfill specified 'all of' conditions", %{
conn: conn
} do
token = insert(:oauth_token, scopes: ["scope1", "scope2", "scope3"]) |> Repo.preload(:user)
conn =
conn
|> assign(:user, token.user)
|> assign(:token, token)
|> OAuthScopesPlug.call(%{scopes: ["scope1:subscope", "scope2:subscope"], op: :&})
refute conn.halted
assert conn.assigns[:user]
end
end
end