Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Add more granular OAuth scopes (#7929)

Browse source 
* Add more granular OAuth scopes

* Add human-readable descriptions of the new scopes

* Ensure new scopes look good on the app UI

* Add tests

* Group scopes in screen and color-code dangerous ones

* Fix wrong extra scope
This commit is contained in:
Eugen Rochko 2018-07-05 18:31:35 +02:00 committed by GitHub
parent ca2cc556f1
commit 1f6ed4f86a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
69 changed files with 295 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

8
spec/controllers/api/v1/follow_requests_controller_spec.rb
View file

@ -4,7 +4,7 @@ RSpec.describe Api::V1::FollowRequestsController, type: :controller do
render_views
let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice', locked: true)) }
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'follow') }
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
let(:follower) { Fabricate(:account, username: 'bob') }
before do
@ -13,6 +13,8 @@ RSpec.describe Api::V1::FollowRequestsController, type: :controller do
end
describe 'GET #index' do
let(:scopes) { 'read:follows' }
before do
get :index, params: { limit: 1 }
end
@ -23,6 +25,8 @@ RSpec.describe Api::V1::FollowRequestsController, type: :controller do
end
describe 'POST #authorize' do
let(:scopes) { 'write:follows' }
before do
post :authorize, params: { id: follower.id }
end
@ -37,6 +41,8 @@ RSpec.describe Api::V1::FollowRequestsController, type: :controller do
end
describe 'POST #reject' do
let(:scopes) { 'write:follows' }
before do
post :reject, params: { id: follower.id }
end