diff options
| author | Bob Van Landuyt <bob@vanlanduyt.co> | 2018-05-10 16:13:05 +0200 |
|---|---|---|
| committer | Bob Van Landuyt <bob@vanlanduyt.co> | 2018-05-11 15:20:11 +0200 |
| commit | e0768a9bcb32e81fe18a77b21573969f45b47683 (patch) | |
| tree | 00e91e901cad4c4ae0a616cdf7b555b5773e3aad /spec/requests/git_http_spec.rb | |
| parent | d801dd177483a8375f1656654ca3638c18550204 (diff) | |
| download | gitlab-ce-e0768a9bcb32e81fe18a77b21573969f45b47683.tar.gz | |
Allow triggered builds git access
Allow builds that have been triggered by a user before terms were
enforced access to git. That way the builds can complete as usual.
Diffstat (limited to 'spec/requests/git_http_spec.rb')
| -rw-r--r-- | spec/requests/git_http_spec.rb | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/spec/requests/git_http_spec.rb b/spec/requests/git_http_spec.rb index 494db30e8e0..2514dab1714 100644 --- a/spec/requests/git_http_spec.rb +++ b/spec/requests/git_http_spec.rb @@ -1,6 +1,7 @@ require "spec_helper" describe 'Git HTTP requests' do + include TermsHelper include GitHttpHelpers include WorkhorseHelpers include UserActivitiesHelpers @@ -824,4 +825,56 @@ describe 'Git HTTP requests' do end end end + + context 'when terms are enforced' do + let(:project) { create(:project, :repository) } + let(:user) { create(:user) } + let(:path) { "#{project.full_path}.git" } + let(:env) { { user: user.username, password: user.password } } + + before do + project.add_master(user) + enforce_terms + end + + it 'blocks git access when the user did not accept terms', :aggregate_failures do + clone_get(path, env) do |response| + expect(response).to have_gitlab_http_status(:forbidden) + end + + download(path, env) do |response| + expect(response).to have_gitlab_http_status(:forbidden) + end + + upload(path, env) do |response| + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + context 'when the user accepted the terms' do + before do + accept_terms(user) + end + + it 'allows clones' do + clone_get(path, env) do |response| + expect(response).to have_gitlab_http_status(:ok) + end + end + + it_behaves_like 'pulls are allowed' + it_behaves_like 'pushes are allowed' + end + + context 'from CI' do + let(:build) { create(:ci_build, :running) } + let(:env) { { user: 'gitlab-ci-token', password: build.token } } + + before do + build.update!(user: user, project: project) + end + + it_behaves_like 'pulls are allowed' + end + end end |