5 files changed, 95 insertions, 8 deletions

diff --git a/test/unit/lib/redmine/wiki_formatting/common_mark/formatter_test.rb b/test/unit/lib/redmine/wiki_formatting/common_mark/formatter_test.rb
index d267abbf9..bb0c5d450 100644
--- a/test/unit/lib/redmine/wiki_formatting/common_mark/formatter_test.rb
+++ b/test/unit/lib/redmine/wiki_formatting/common_mark/formatter_test.rb
@@ -226,7 +226,7 @@ class Redmine::WikiFormatting::CommonMark::FormatterTest < ActionView::TestCase
       text = STR_WITH_PRE.join("\n\n")
       replacement = "New text"
 
-      assert_equal [STR_WITH_PRE[0..1], "New text"].flatten.join("\n\n"),
+      assert_equal [STR_WITH_PRE[0..1], "New text"].join("\n\n"),
         @formatter.new(text).update_section(3, replacement)
     end
 
diff --git a/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb b/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb
index 32280cfdf..678d4c6b2 100644
--- a/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb
+++ b/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb
@@ -466,19 +466,19 @@ class Redmine::WikiFormatting::TextileFormatterTest < ActionView::TestCase
     replacement = "New text"
 
     assert_equal(
-      [STR_WITHOUT_PRE[0], replacement, STR_WITHOUT_PRE[2..4]].flatten.join("\n\n"),
+      [STR_WITHOUT_PRE[0], replacement, STR_WITHOUT_PRE[2..4]].join("\n\n"),
       @formatter.new(TEXT_WITHOUT_PRE).update_section(2, replacement)
     )
     assert_equal(
-      [STR_WITHOUT_PRE[0..1], replacement, STR_WITHOUT_PRE[4]].flatten.join("\n\n"),
+      [STR_WITHOUT_PRE[0..1], replacement, STR_WITHOUT_PRE[4]].join("\n\n"),
       @formatter.new(TEXT_WITHOUT_PRE).update_section(3, replacement)
     )
     assert_equal(
-      [STR_WITHOUT_PRE[0..2], replacement, STR_WITHOUT_PRE[4]].flatten.join("\n\n"),
+      [STR_WITHOUT_PRE[0..2], replacement, STR_WITHOUT_PRE[4]].join("\n\n"),
       @formatter.new(TEXT_WITHOUT_PRE).update_section(5, replacement)
     )
     assert_equal(
-      [STR_WITHOUT_PRE[0..3], replacement].flatten.join("\n\n"),
+      [STR_WITHOUT_PRE[0..3], replacement].join("\n\n"),
       @formatter.new(TEXT_WITHOUT_PRE).update_section(6, replacement)
     )
     assert_equal TEXT_WITHOUT_PRE, @formatter.new(TEXT_WITHOUT_PRE).update_section(0, replacement)
@@ -488,7 +488,7 @@ class Redmine::WikiFormatting::TextileFormatterTest < ActionView::TestCase
   def test_update_section_with_hash_should_update_the_requested_section
     replacement = "New text"
     assert_equal(
-      [STR_WITHOUT_PRE[0], replacement, STR_WITHOUT_PRE[2..4]].flatten.join("\n\n"),
+      [STR_WITHOUT_PRE[0], replacement, STR_WITHOUT_PRE[2..4]].join("\n\n"),
       @formatter.new(TEXT_WITHOUT_PRE).
         update_section(2, replacement, ActiveSupport::Digest.hexdigest(STR_WITHOUT_PRE[1]))
     )
@@ -552,7 +552,7 @@ class Redmine::WikiFormatting::TextileFormatterTest < ActionView::TestCase
     text = STR_WITH_PRE.join("\n\n")
     replacement = "New text"
     assert_equal(
-      [STR_WITH_PRE[0..1], "New text"].flatten.join("\n\n"),
+      [STR_WITH_PRE[0..1], "New text"].join("\n\n"),
       @formatter.new(text).update_section(3, replacement)
     )
   end
diff --git a/test/unit/member_test.rb b/test/unit/member_test.rb
index 42fba4783..df9088027 100644
--- a/test/unit/member_test.rb
+++ b/test/unit/member_test.rb
@@ -108,7 +108,7 @@ class MemberTest < ActiveSupport::TestCase
     assert !member.save
     assert_include I18n.translate('activerecord.errors.messages.empty'), member.errors[:role]
     assert_equal 'Rôle doit être renseigné(e)',
-                 [member.errors.full_messages].flatten.join
+                 [member.errors.full_messages].join
   end
 
   def test_validate_member_role
diff --git a/test/unit/role_test.rb b/test/unit/role_test.rb
index 21103919f..1d0d39d7e 100644
--- a/test/unit/role_test.rb
+++ b/test/unit/role_test.rb
@@ -175,6 +175,32 @@ class RoleTest < ActiveSupport::TestCase
     assert_equal false, role.permissions_tracker_ids?(:view_issues, 1)
   end
 
+  def test_allowed_to_with_symbol
+    role = Role.create!(:name => 'Test', :permissions => [:view_issues])
+    assert_equal true, role.allowed_to?(:view_issues)
+    assert_equal false, role.allowed_to?(:add_issues)
+  end
+
+  def test_allowed_to_with_symbol_and_scope
+    role = Role.create!(:name => 'Test', :permissions => [:view_issues, :delete_issues])
+    assert_equal true, role.allowed_to?(:view_issues, [:view_issues, :add_issues])
+    assert_equal false, role.allowed_to?(:add_issues, [:view_issues, :add_issues])
+    assert_equal false, role.allowed_to?(:delete_issues, [:view_issues, :add_issues])
+  end
+
+  def test_allowed_to_with_hash
+    role = Role.create!(:name => 'Test', :permissions => [:view_issues])
+    assert_equal true, role.allowed_to?(:controller => 'issues', :action => 'show')
+    assert_equal false, role.allowed_to?(:controller => 'issues', :action => 'create')
+  end
+
+  def test_allowed_to_with_hash_and_scope
+    role = Role.create!(:name => 'Test', :permissions => [:view_issues, :delete_issues])
+    assert_equal true, role.allowed_to?({:controller => 'issues', :action => 'show'}, [:view_issues, :add_issues])
+    assert_equal false, role.allowed_to?({:controller => 'issues', :action => 'create'}, [:view_issues, :add_issues])
+    assert_equal false, role.allowed_to?({:controller => 'issues', :action => 'destroy'}, [:view_issues, :add_issues])
+  end
+
   def test_has_permission_without_permissions
     role = Role.create!(:name => 'Test')
     assert_equal false, role.has_permission?(:delete_issues)
diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb
index 8474e174b..967771c87 100644
--- a/test/unit/user_test.rb
+++ b/test/unit/user_test.rb
@@ -1398,6 +1398,67 @@ class UserTest < ActiveSupport::TestCase
     end
   end
 
+  def test_should_recognize_authorized_by_oauth
+    u = User.find 2
+    assert_not u.authorized_by_oauth?
+    u.oauth_scope = [:add_issues, :view_issues]
+    assert u.authorized_by_oauth?
+  end
+
+  def test_admin_should_be_limited_by_oauth_scope
+    u = User.find_by_admin(true)
+    assert u.admin?
+
+    u.oauth_scope = [:add_issues, :view_issues]
+    assert_not u.admin?
+
+    u.oauth_scope = [:add_issues, :view_issues, :admin]
+    assert u.admin?
+
+    u = User.find_by_admin(false)
+    assert_not u.admin?
+    u.oauth_scope = [:add_issues, :view_issues, :admin]
+    assert_not u.admin?
+  end
+
+  def test_oauth_scope_should_limit_global_user_permissions
+    admin = User.find 1
+    user = User.find 2
+    [admin, user].each do |u|
+      assert u.allowed_to?(:add_issues, nil, global: true)
+      assert u.allowed_to?(:view_issues, nil, global: true)
+      u.oauth_scope = [:view_issues]
+      assert_not u.allowed_to?(:add_issues, nil, global: true)
+      assert u.allowed_to?(:view_issues, nil, global: true)
+    end
+  end
+
+  def test_oauth_scope_should_limit_project_user_permissions
+    admin = User.find 1
+    project = Project.find 5
+    assert admin.allowed_to?(:add_issues, project)
+    assert admin.allowed_to?(:view_issues, project)
+    admin.oauth_scope = [:view_issues]
+    assert_not admin.allowed_to?(:add_issues, project)
+    assert admin.allowed_to?(:view_issues, project)
+
+    admin.oauth_scope = [:view_issues, :admin]
+    assert admin.allowed_to?(:add_issues, project)
+    assert admin.allowed_to?(:view_issues, project)
+
+    user = User.find 2
+    project = Project.find 1
+    assert user.allowed_to?(:add_issues, project)
+    assert user.allowed_to?(:view_issues, project)
+    user.oauth_scope = [:view_issues]
+    assert_not user.allowed_to?(:add_issues, project)
+    assert user.allowed_to?(:view_issues, project)
+
+    user.oauth_scope = [:view_issues, :admin]
+    assert_not user.allowed_to?(:add_issues, project)
+    assert user.allowed_to?(:view_issues, project)
+  end
+
   def test_destroy_should_delete_associated_reactions
     users(:users_004).reactions.create!(
       [