# * if authenticated via basic auth all permissions are granted, so the list will contain all permissions.
# * unauthenticated users have no permissions, so the list will be empty.
def show
- @permissions = if current_token.present?
+ @permissions = if doorkeeper_token.present?
+ doorkeeper_token.scopes.map { |s| :"allow_#{s}" }
+ elsif current_token.present?
ClientApplication.all_permissions.select { |p| current_token.read_attribute(p) }
elsif current_user
ClientApplication.all_permissions
end
end
- def test_permissions_oauth
+ def test_permissions_oauth1
token = create(:access_token,
:allow_read_prefs => true,
:allow_write_api => true,
assert_select "permission[name='allow_read_gpx']", :count => 0
end
end
+
+ def test_permissions_oauth2
+ user = create(:user)
+ token = create(:oauth_access_token,
+ :resource_owner_id => user.id,
+ :scopes => %w[read_prefs write_api])
+ get permissions_path, :headers => bearer_authorization_header(token.token)
+ assert_response :success
+ assert_select "osm > permissions", :count => 1 do
+ assert_select "permission", :count => 2
+ assert_select "permission[name='allow_read_prefs']", :count => 1
+ assert_select "permission[name='allow_write_api']", :count => 1
+ assert_select "permission[name='allow_read_gpx']", :count => 0
+ end
+ end
end
end
FactoryBot.define do
factory :oauth_access_token, :class => "Doorkeeper::AccessToken" do
- association :resource_owner_id, :factory => :user
association :application, :factory => :oauth_application
end
end
projects / rails.git / commitdiff