Expose the technical keys of group and role type in the oauth profile

hitobito · Aug 25, 2021 · b9faa03 · b9faa03
1 parent 3d362e8
commit b9faa03
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 6 deletions.
diff --git a/app/controllers/oauth/profiles_controller.rb b/app/controllers/oauth/profiles_controller.rb
@@ -44,7 +44,9 @@ def public_attrs_with_roles
         {
           group_id: role.group_id,
           group_name: role.group.name,
+          group_type: role.group.type,
           role_name: role.class.model_name.human,
+          role_type: role.class.model_name,
           permissions: role.class.permissions
         }
       end

diff --git a/app/helpers/oauth_applications_helper.rb b/app/helpers/oauth_applications_helper.rb
@@ -22,7 +22,7 @@ def format_doorkeeper_application_scopes(application)
   end
 
   def format_doorkeeper_application_scope(key)
-    Oauth::Application.human_scope(key) << " " << muted("(#{key})")
+    Oauth::Application.human_scope(key) + " " + muted("(#{key})")
   end
 
 end
diff --git a/spec/requests/oauth_profile_spec.rb b/spec/requests/oauth_profile_spec.rb
@@ -30,19 +30,19 @@
 
   context 'with email scope in token' do
     let(:token)  { Fabricate(:access_token, application: application, scopes: { scopes: 'email' }, resource_owner_id: user.id ) }
-    
+
     context 'with bad token signature' do
       it 'fails with HTTP 401 (unauthorized)' do
         get '/oauth/profile', headers: { 'Authorization': 'Bearer ' + token.token + 'X'}
-  
+
         expect(response).to have_http_status(:unauthorized)
       end
     end
 
     context 'with wrong scope in request' do
       it 'fails with HTTP 403 (forbidden)' do
         get '/oauth/profile', headers: { 'Authorization': 'Bearer ' + token.token, 'X-Scope': 'name' }
-        
+
         expect(response).to have_http_status(:forbidden)
         expect(response.content_type).to eq('application/json; charset=utf-8')
         expect(response.body).to eq('{"error":"invalid scope: name"}')
@@ -76,7 +76,7 @@
     it 'fails with 401 (unauthorized)' do
       get '/oauth/profile', headers: { 'Authorization': 'Bearer ' + token.token }
 
-      expect(response).to have_http_status(:unauthorized)  
+      expect(response).to have_http_status(:unauthorized)
     end
   end
 
@@ -105,7 +105,8 @@
 
         expect(response).to have_http_status(:ok)
         expect(response.content_type).to eq('application/json; charset=utf-8')
-        expect(response.body).to include('"group_name":"Bottom One","role_name":"Member"')
+        expect(response.body).to include('"group_name":"Bottom One"')
+        expect(response.body).to include('"role_name":"Member"')
       end
     end
   end