From: FloatingGhost Date: Sat, 17 Dec 2022 23:21:24 +0000 (+0000) Subject: remove now-unused test X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=3d546409b275e0fb0df0f9aa2659c4864b6b9edb;p=akkoma remove now-unused test --- diff --git a/lib/pleroma/web/o_auth/scopes.ex b/lib/pleroma/web/o_auth/scopes.ex index ccd8d4665..d5e7c29d6 100644 --- a/lib/pleroma/web/o_auth/scopes.ex +++ b/lib/pleroma/web/o_auth/scopes.ex @@ -62,11 +62,7 @@ defmodule Pleroma.Web.OAuth.Scopes do do: {:error, :missing_scopes} def validate(scopes, app_scopes, %Pleroma.User{is_admin: is_admin}) do - if !is_admin && contains_admin_scopes?(scopes) do - {:error, :user_is_not_an_admin} - else - validate_scopes_are_supported(scopes, app_scopes) - end + validate_scopes_are_supported(scopes, app_scopes) end @spec filter_admin_scopes([String.t()], Pleroma.User.t()) :: [String.t()] diff --git a/test/pleroma/web/o_auth/o_auth_controller_test.exs b/test/pleroma/web/o_auth/o_auth_controller_test.exs index bc2d929e5..7240624ef 100644 --- a/test/pleroma/web/o_auth/o_auth_controller_test.exs +++ b/test/pleroma/web/o_auth/o_auth_controller_test.exs @@ -862,60 +862,6 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do assert result =~ "Invalid Username/Password" end - test "returns 401 when attempting to use an admin scope with a non-admin", %{conn: conn} do - user = insert(:user) - app = insert(:oauth_app, scopes: ["admin"]) - redirect_uri = OAuthController.default_redirect_uri(app) - - result = - conn - |> post("/oauth/authorize", %{ - "authorization" => %{ - "name" => user.nickname, - "password" => "test", - "client_id" => app.client_id, - "redirect_uri" => redirect_uri, - "state" => "statepassed", - "scope" => Enum.join(app.scopes, " ") - } - }) - |> html_response(:unauthorized) - - # Keep the details - assert result =~ app.client_id - assert result =~ redirect_uri - - # Error message - assert result =~ "outside of authorized scopes" - end - - test "returns 401 for missing scopes" do - user = insert(:user, is_admin: false) - app = insert(:oauth_app, scopes: ["read", "write", "admin"]) - redirect_uri = OAuthController.default_redirect_uri(app) - - result = - build_conn() - |> post("/oauth/authorize", %{ - "authorization" => %{ - "name" => user.nickname, - "password" => "test", - "client_id" => app.client_id, - "redirect_uri" => redirect_uri, - "state" => "statepassed", - "scope" => "" - } - }) - |> html_response(:unauthorized) - - # Keep the details - assert result =~ app.client_id - assert result =~ redirect_uri - - # Error message - assert result =~ "This action is outside of authorized scopes" - end - test "returns 401 for scopes beyond app scopes hierarchy", %{conn: conn} do user = insert(:user) app = insert(:oauth_app, scopes: ["read", "write"])