New test to cover not allowed to authenticate application

thape-cn · Jan 6, 2024 · 49d0b05 · 49d0b05
1 parent a7e0d3e
commit 49d0b05
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 2 deletions.
diff --git a/test/controllers/doorkeeper_authorizations_controller_test.rb b/test/controllers/doorkeeper_authorizations_controller_test.rb
@@ -34,4 +34,18 @@ def setup
     assert_response :redirect
     assert_includes response.headers['location'], 'error=access_denied'
   end
+
+  test 'should raise error if user is not allowed to authenticate application' do
+    disallowed_user = users(:user_shin)
+    disallowed_application = oauth_applications(:oauth_app_yxt_oauth2)
+
+    sign_in disallowed_user
+
+    assert_raises(Doorkeeper::Errors::DoorkeeperError) do
+      get oauth_authorization_url, params: { client_id: disallowed_application.uid,
+                                             redirect_uri: disallowed_application.redirect_uri,
+                                             response_type: 'code',
+                                             scope: 'public' }
+    end
+  end
 end
diff --git a/test/fixtures/oauth_applications.yml b/test/fixtures/oauth_applications.yml
@@ -53,7 +53,7 @@ oauth_app_yxt_oauth2:
   confidential: true
   div_class: "primary"
   icon: "fa-graduation-cap"
-  allow_login_by_default: true
+  allow_login_by_default: false
   superapp: false
   created_at: <%= Time.zone.now %>
   updated_at: <%= Time.zone.now %>

diff --git a/test/fixtures/user_allowed_applications.yml b/test/fixtures/user_allowed_applications.yml
@@ -57,4 +57,4 @@ user_demo_use_oauth_app_yxt_oauth2:
 user_shin_use_oauth_app_yxt_oauth2:
   user_id: 3  # user_shin
   oauth_application_id: 4  # oauth_app_yxt_oauth2
-  enable: true
+  enable: false