Commit b7c8f7d7 authored by Douwe Maan's avatar Douwe Maan

Update specs for sudo behavior

parent a6c462b2
...@@ -2,5 +2,13 @@ class OauthAccessToken < Doorkeeper::AccessToken ...@@ -2,5 +2,13 @@ class OauthAccessToken < Doorkeeper::AccessToken
belongs_to :resource_owner, class_name: 'User' belongs_to :resource_owner, class_name: 'User'
belongs_to :application, class_name: 'Doorkeeper::Application' belongs_to :application, class_name: 'Doorkeeper::Application'
alias_method :user, :resource_owner alias_attribute :user, :resource_owner
def scopes=(value)
if value.is_a?(Array)
super(Doorkeeper::OAuth::Scopes.from_array(value).to_s)
else
super
end
end
end end
...@@ -396,7 +396,7 @@ module API ...@@ -396,7 +396,7 @@ module API
def sudo! def sudo!
return unless sudo_identifier return unless sudo_identifier
raise UnauthorizedError unless initial_current_user unauthorized! unless initial_current_user
unless initial_current_user.admin? unless initial_current_user.admin?
forbidden!('Must be admin to use sudo') forbidden!('Must be admin to use sudo')
...@@ -409,10 +409,7 @@ module API ...@@ -409,10 +409,7 @@ module API
validate_access_token!(scopes: [:sudo]) validate_access_token!(scopes: [:sudo])
sudoed_user = find_user(sudo_identifier) sudoed_user = find_user(sudo_identifier)
not_found!("User with ID or username '#{sudo_identifier}'") unless sudoed_user
unless sudoed_user
not_found!("No user id or username for: #{sudo_identifier}")
end
@current_user = sudoed_user @current_user = sudoed_user
end end
......
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment