diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-02-26 22:53:59 +0200 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-02-26 22:53:59 +0200 |
| commit | 4e5164338a77894c68816bc1e7eec018aea8301c (patch) | |
| tree | cbba2fad5e43b44f0bf7b68faba40ea94f9640be | |
| parent | 2c5e4955c020eb8d5a28a48d6adc375c327523ac (diff) | |
| download | gitlab-ce-4e5164338a77894c68816bc1e7eec018aea8301c.tar.gz | |
specs for api/internal
| -rw-r--r-- | lib/api/internal.rb | 6 | ||||
| -rw-r--r-- | spec/requests/api/internal_spec.rb | 103 |
2 files changed, 109 insertions, 0 deletions
diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 5d74a761c05..d4f72d70d92 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -5,6 +5,12 @@ module Gitlab # # Check if ssh key has access to project code # + # Params: + # key_id - SSH Key id + # project - project path with namespace + # action - git action (git-upload-pack or git-receive-pack) + # ref - branch name + # get "/allowed" do key = Key.find(params[:key_id]) project = Project.find_with_namespace(params[:project]) diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb new file mode 100644 index 00000000000..d63429df1b0 --- /dev/null +++ b/spec/requests/api/internal_spec.rb @@ -0,0 +1,103 @@ +require 'spec_helper' + +describe Gitlab::API do + include ApiHelpers + + let(:user) { create(:user) } + let(:key) { create(:key, user: user) } + let(:project) { create(:project) } + + describe "GET /internal/check", no_db: true do + it do + get api("/internal/check") + + response.status.should == 200 + json_response['api_version'].should == Gitlab::API.version + end + end + + describe "GET /internal/discover" do + it do + get(api("/internal/discover"), key_id: key.id) + + response.status.should == 200 + + json_response['email'].should == user.email + end + end + + describe "GET /internal/allowed" do + context "access granted" do + before do + project.team << [user, :developer] + end + + context "git pull" do + it do + get( + api("/internal/allowed"), + ref: 'master', + key_id: key.id, + project: project.path_with_namespace, + action: 'git-upload-pack' + ) + + response.status.should == 200 + response.body.should == 'true' + end + end + + context "git push" do + it do + get( + api("/internal/allowed"), + ref: 'master', + key_id: key.id, + project: project.path_with_namespace, + action: 'git-receive-pack' + ) + + response.status.should == 200 + response.body.should == 'true' + end + end + end + + context "access denied" do + before do + project.team << [user, :guest] + end + + context "git pull" do + it do + get( + api("/internal/allowed"), + ref: 'master', + key_id: key.id, + project: project.path_with_namespace, + action: 'git-upload-pack' + ) + + response.status.should == 200 + response.body.should == 'false' + end + end + + context "git push" do + it do + get( + api("/internal/allowed"), + ref: 'master', + key_id: key.id, + project: project.path_with_namespace, + action: 'git-receive-pack' + ) + + response.status.should == 200 + response.body.should == 'false' + end + end + end + + end +end |