Commit 28ed9907 authored by Kamil Trzcinski's avatar Kamil Trzcinski

Fix http status codes for container registry authentication service

parent dfd0e245
...@@ -6,9 +6,9 @@ module Auth ...@@ -6,9 +6,9 @@ module Auth
return error('not found', 404) unless registry.enabled return error('not found', 404) unless registry.enabled
if params[:offline_token] if params[:offline_token]
return error('forbidden', 403) unless current_user return error('forbidden', 401) unless current_user
else else
return error('forbidden', 401) unless scope return error('forbidden', 403) unless scope
end end
{ token: authorized_token(scope).encoded } { token: authorized_token(scope).encoded }
......
...@@ -57,11 +57,6 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do ...@@ -57,11 +57,6 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
end end
end end
shared_examples 'a unauthorized' do
it { is_expected.to include(http_status: 401) }
it { is_expected.to_not include(:token) }
end
shared_examples 'a forbidden' do shared_examples 'a forbidden' do
it { is_expected.to include(http_status: 403) } it { is_expected.to include(http_status: 403) }
it { is_expected.to_not include(:token) } it { is_expected.to_not include(:token) }
...@@ -116,7 +111,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do ...@@ -116,7 +111,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
{ scope: "repository:#{project.path_with_namespace}:pull,push" } { scope: "repository:#{project.path_with_namespace}:pull,push" }
end end
it_behaves_like 'a unauthorized' it_behaves_like 'a forbidden'
end end
end end
...@@ -154,7 +149,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do ...@@ -154,7 +149,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
context 'disallow for private' do context 'disallow for private' do
let(:project) { create(:empty_project, :private) } let(:project) { create(:empty_project, :private) }
it_behaves_like 'a unauthorized' it_behaves_like 'a forbidden'
end end
end end
...@@ -165,7 +160,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do ...@@ -165,7 +160,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
context 'disallow for all' do context 'disallow for all' do
let(:project) { create(:empty_project, :public) } let(:project) { create(:empty_project, :public) }
it_behaves_like 'a unauthorized' it_behaves_like 'a forbidden'
end end
end end
end end
...@@ -185,7 +180,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do ...@@ -185,7 +180,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
{ scope: 'invalid:aa:bb' } { scope: 'invalid:aa:bb' }
end end
it_behaves_like 'a unauthorized' it_behaves_like 'a forbidden'
end end
context 'for private project' do context 'for private project' do
...@@ -195,7 +190,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do ...@@ -195,7 +190,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
{ scope: "repository:#{project.path_with_namespace}:pull" } { scope: "repository:#{project.path_with_namespace}:pull" }
end end
it_behaves_like 'a unauthorized' it_behaves_like 'a forbidden'
end end
context 'for public project' do context 'for public project' do
...@@ -214,7 +209,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do ...@@ -214,7 +209,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
{ scope: "repository:#{project.path_with_namespace}:push" } { scope: "repository:#{project.path_with_namespace}:push" }
end end
it_behaves_like 'a unauthorized' it_behaves_like 'a forbidden'
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment