2022-11-07 12:23:54 +01:00
|
|
|
require 'swagger_helper'
|
|
|
|
|
|
|
|
|
|
describe 'Users API', type: :request do
|
|
|
|
|
path '/user' do
|
|
|
|
|
get 'info about the currently logged-in user' do
|
2022-11-07 13:41:39 +01:00
|
|
|
# security [oauth2: []]
|
2022-11-07 12:23:54 +01:00
|
|
|
tags '1. User'
|
|
|
|
|
produces 'application/json'
|
2022-11-07 13:41:39 +01:00
|
|
|
let(:user) { create(:user) }
|
|
|
|
|
let(:api_access_token) { create(:oauth2_access_token, resource_owner_id: user.id, scopes: api_scopes&.join(' ')).token }
|
|
|
|
|
let(:Authorization) { "Bearer #{api_access_token}" }
|
2022-11-07 12:23:54 +01:00
|
|
|
|
|
|
|
|
response '200', 'success' do
|
2022-11-07 13:41:39 +01:00
|
|
|
let(:api_scopes) { ['user:read'] }
|
2022-11-07 12:23:54 +01:00
|
|
|
run_test! do |response|
|
|
|
|
|
data = JSON.parse(response.body)
|
2022-11-07 13:41:39 +01:00
|
|
|
expect(data['user']['id']).to eq(user.id)
|
2022-11-07 12:23:54 +01:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2022-11-07 13:41:39 +01:00
|
|
|
response '403', 'missing scope' do
|
|
|
|
|
let(:api_scopes) { [] }
|
|
|
|
|
run_test!
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
2022-11-07 12:23:54 +01:00
|
|
|
response '401', 'not logged-in' do
|
2022-11-07 13:41:39 +01:00
|
|
|
let(:Authorization) { "" }
|
2022-11-07 12:23:54 +01:00
|
|
|
run_test!
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
