Inicio Explorar Ayuda
Iniciar sesión
RISCI_ATOM
/
mastodon
espejo de https://github.com/tootsuite/mastodon.git
1
0
Fork 0
Archivos Incidencias 8 Wiki
Árbol: 33e07454f2
Ramas Etiquetas
mastodon
/
spec
/
requests
/
disabled_oauth_endpoints_spec.rb

disabled_oauth_endpoints_spec.rb 2.1 KB
Histórico Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 
  1. # frozen_string_literal: true
    2. 

  2. 

  3. require 'rails_helper'
    4. 

  4. 

  5. describe 'Disabled OAuth routes' do
    6. 

  6.   # These routes are disabled via the doorkeeper configuration for
    7. 

  7.   # `admin_authenticator`, as these routes should only be accessible by server
    8. 

  8.   # administrators. For now, these routes are not properly designed and
    9. 

  9.   # integrated into Mastodon, so we're disabling them completely
    10. 

  10.   describe 'GET /oauth/applications' do
    11. 

  11.     it 'returns 403 forbidden' do
    12. 

  12.       get oauth_applications_path
    13. 

  13. 

  14.       expect(response).to have_http_status(403)
    15. 

  15.     end
    16. 

  16.   end
    17. 

  17. 

  18.   describe 'POST /oauth/applications' do
    19. 

  19.     it 'returns 403 forbidden' do
    20. 

  20.       post oauth_applications_path
    21. 

  21. 

  22.       expect(response).to have_http_status(403)
    23. 

  23.     end
    24. 

  24.   end
    25. 

  25. 

  26.   describe 'GET /oauth/applications/new' do
    27. 

  27.     it 'returns 403 forbidden' do
    28. 

  28.       get new_oauth_application_path
    29. 

  29. 

  30.       expect(response).to have_http_status(403)
    31. 

  31.     end
    32. 

  32.   end
    33. 

  33. 

  34.   describe 'GET /oauth/applications/:id' do
    35. 

  35.     let(:application) { Fabricate(:application, scopes: 'read') }
    36. 

  36. 

  37.     it 'returns 403 forbidden' do
    38. 

  38.       get oauth_application_path(application)
    39. 

  39. 

  40.       expect(response).to have_http_status(403)
    41. 

  41.     end
    42. 

  42.   end
    43. 

  43. 

  44.   describe 'PATCH /oauth/applications/:id' do
    45. 

  45.     let(:application) { Fabricate(:application, scopes: 'read') }
    46. 

  46. 

  47.     it 'returns 403 forbidden' do
    48. 

  48.       patch oauth_application_path(application)
    49. 

  49. 

  50.       expect(response).to have_http_status(403)
    51. 

  51.     end
    52. 

  52.   end
    53. 

  53. 

  54.   describe 'PUT /oauth/applications/:id' do
    55. 

  55.     let(:application) { Fabricate(:application, scopes: 'read') }
    56. 

  56. 

  57.     it 'returns 403 forbidden' do
    58. 

  58.       put oauth_application_path(application)
    59. 

  59. 

  60.       expect(response).to have_http_status(403)
    61. 

  61.     end
    62. 

  62.   end
    63. 

  63. 

  64.   describe 'DELETE /oauth/applications/:id' do
    65. 

  65.     let(:application) { Fabricate(:application, scopes: 'read') }
    66. 

  66. 

  67.     it 'returns 403 forbidden' do
    68. 

  68.       delete oauth_application_path(application)
    69. 

  69. 

  70.       expect(response).to have_http_status(403)
    71. 

  71.     end
    72. 

  72.   end
    73. 

  73. 

  74.   describe 'GET /oauth/applications/:id/edit' do
    75. 

  75.     let(:application) { Fabricate(:application, scopes: 'read') }
    76. 

  76. 

  77.     it 'returns 403 forbidden' do
    78. 

  78.       get edit_oauth_application_path(application)
    79. 

  79. 

  80.       expect(response).to have_http_status(403)
    81. 

  81.     end
    82. 

  82.   end
    83. 

  83. end
    84.