diff options
| author | Sean McGivern <sean@gitlab.com> | 2018-11-23 12:14:45 +0000 |
|---|---|---|
| committer | Sean McGivern <sean@gitlab.com> | 2018-11-26 11:18:03 +0000 |
| commit | f1a7e7fea1fe714735d5719986eb09a6343e3887 (patch) | |
| tree | ed079f562d4af78804cdde51ac845921bb5a46d5 /spec/lib | |
| parent | ab0828cf0f70edb199d60576f7ba8f740040ff1e (diff) | |
| download | gitlab-ce-f1a7e7fea1fe714735d5719986eb09a6343e3887.tar.gz | |
Allow profiler to authenticate by stubbing users directly54327-profiler-doesn-t-work-with-auth-now
Previously, we used a personal access token. This had a couple of
problems:
1. If the user didn't have a PAT, we couldn't impersonate them.
2. It depended on reading the raw PAT from the database.
Instead, we can monkey-patch the authentication methods on
ApplicationController (overriding the Devise ones), and remove them once
we're done. This does mean that profiles will not profile auth
correctly, so for that, use a PAT directly.
Diffstat (limited to 'spec/lib')
| -rw-r--r-- | spec/lib/gitlab/profiler_spec.rb | 42 |
1 files changed, 25 insertions, 17 deletions
diff --git a/spec/lib/gitlab/profiler_spec.rb b/spec/lib/gitlab/profiler_spec.rb index 4059188fba1..8bb0c1a0b8a 100644 --- a/spec/lib/gitlab/profiler_spec.rb +++ b/spec/lib/gitlab/profiler_spec.rb @@ -43,31 +43,16 @@ describe Gitlab::Profiler do it 'uses the user for auth if given' do user = double(:user) - user_token = 'user' - allow(user).to receive_message_chain(:personal_access_tokens, :active, :pluck, :first).and_return(user_token) - - expect(app).to receive(:get).with('/', nil, 'Private-Token' => user_token) - expect(app).to receive(:get).with('/api/v4/users') + expect(described_class).to receive(:with_user).with(user) described_class.profile('/', user: user) end - context 'when providing a user without a personal access token' do - it 'raises an error' do - user = double(:user) - allow(user).to receive_message_chain(:personal_access_tokens, :active, :pluck).and_return([]) - - expect { described_class.profile('/', user: user) }.to raise_error('Your user must have a personal_access_token') - end - end - it 'uses the private_token for auth if both it and user are set' do user = double(:user) - user_token = 'user' - - allow(user).to receive_message_chain(:personal_access_tokens, :active, :pluck, :first).and_return(user_token) + expect(described_class).to receive(:with_user).with(nil).and_call_original expect(app).to receive(:get).with('/', nil, 'Private-Token' => private_token) expect(app).to receive(:get).with('/api/v4/users') @@ -210,6 +195,29 @@ describe Gitlab::Profiler do end end + describe '.with_user' do + context 'when the user is set' do + let(:user) { double(:user) } + + it 'overrides auth in ApplicationController to use the given user' do + expect(described_class.with_user(user) { ApplicationController.new.current_user }).to eq(user) + end + + it 'cleans up ApplicationController afterwards' do + expect { described_class.with_user(user) { } } + .to not_change { ActionController.instance_methods(false) } + end + end + + context 'when the user is nil' do + it 'does not define methods on ApplicationController' do + expect(ApplicationController).not_to receive(:define_method) + + described_class.with_user(nil) { } + end + end + end + describe '.log_load_times_by_model' do it 'logs the model, query count, and time by slowest first' do expect(null_logger).to receive(:load_times_by_model).and_return( |