Merge pull request #7382 from Razer6/git_ref_validation

Validate branch/tag-names and references WebUI, API
author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-09-04 15:52:42 +0300
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-09-04 15:52:42 +0300
commit: 9bb1d8fc8d2119ed46ac2e11ed9d295a61cf7a28 (patch)
tree: 51f60862e936de65c581f46bf4b641a2e7ad2cfa /spec
parent: 640a3c5c89cc2d20382f4c1045e4b0b05964176a (diff)
parent: 392113919adc75ba1537d89a0de8d0641e24d5b8 (diff)
download: gitlab-ce-9bb1d8fc8d2119ed46ac2e11ed9d295a61cf7a28.tar.gz
3 files changed, 89 insertions, 10 deletions
diff --git a/spec/lib/git_ref_validator_spec.rb b/spec/lib/git_ref_validator_spec.rb
new file mode 100644
index 00000000000..b2469c18395
--- /dev/null
+++ b/spec/lib/git_ref_validator_spec.rb
@@ -0,0 +1,20 @@
+require 'spec_helper'
+
+describe Gitlab::GitRefValidator do
+  it { Gitlab::GitRefValidator.validate('feature/new').should be_true }
+  it { Gitlab::GitRefValidator.validate('implement_@all').should be_true }
+  it { Gitlab::GitRefValidator.validate('my_new_feature').should be_true }
+  it { Gitlab::GitRefValidator.validate('#1').should be_true }
+  it { Gitlab::GitRefValidator.validate('feature/~new/').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature/^new/').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature/:new/').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature/?new/').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature/*new/').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature/[new/').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature/new/').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature/new.').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature\@{').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature\new').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature//new').should be_false }
+  it { Gitlab::GitRefValidator.validate('feature new').should be_false }
+end
diff --git a/spec/requests/api/branches_spec.rb b/spec/requests/api/branches_spec.rb
index f3d7ca2ed21..e7f91c5e46e 100644
--- a/spec/requests/api/branches_spec.rb
+++ b/spec/requests/api/branches_spec.rb
@@ -94,22 +94,50 @@ describe API::API, api: true  do
   describe "POST /projects/:id/repository/branches" do
     it "should create a new branch" do
       post api("/projects/#{project.id}/repository/branches", user),
-        branch_name: branch_name,
-        ref: branch_sha
+           branch_name: 'feature1',
+           ref: branch_sha
 
       response.status.should == 201
 
-      json_response['name'].should == branch_name
+      json_response['name'].should == 'feature1'
       json_response['commit']['id'].should == branch_sha
     end
 
     it "should deny for user without push access" do
       post api("/projects/#{project.id}/repository/branches", user2),
-        branch_name: branch_name,
-        ref: branch_sha
-
+           branch_name: branch_name,
+           ref: branch_sha
       response.status.should == 403
     end
+
+    it 'should return 400 if branch name is invalid' do
+      post api("/projects/#{project.id}/repository/branches", user),
+           branch_name: 'new design',
+           ref: branch_sha
+      response.status.should == 400
+      json_response['message'].should == 'Branch name invalid'
+    end
+
+    it 'should return 400 if branch already exists' do
+      post api("/projects/#{project.id}/repository/branches", user),
+           branch_name: 'new_design1',
+           ref: branch_sha
+      response.status.should == 201
+
+      post api("/projects/#{project.id}/repository/branches", user),
+           branch_name: 'new_design1',
+           ref: branch_sha
+      response.status.should == 400
+      json_response['message'].should == 'Branch already exists'
+    end
+
+    it 'should return 400 if ref name is invalid' do
+      post api("/projects/#{project.id}/repository/branches", user),
+           branch_name: 'new_design3',
+           ref: 'foo'
+      response.status.should == 400
+      json_response['message'].should == 'Invalid reference name'
+    end
   end
 
   describe "DELETE /projects/:id/repository/branches/:branch" do
@@ -120,6 +148,11 @@ describe API::API, api: true  do
       response.status.should == 200
     end
 
+    it 'should return 404 if branch not exists' do
+      delete api("/projects/#{project.id}/repository/branches/foobar", user)
+      response.status.should == 404
+    end
+
     it "should remove protected branch" do
       project.protected_branches.create(name: branch_name)
       delete api("/projects/#{project.id}/repository/branches/#{branch_name}", user)
diff --git a/spec/requests/api/repositories_spec.rb b/spec/requests/api/repositories_spec.rb
index f8603e11a04..ffcdbc4255e 100644
--- a/spec/requests/api/repositories_spec.rb
+++ b/spec/requests/api/repositories_spec.rb
@@ -25,20 +25,46 @@ describe API::API, api: true  do
   describe 'POST /projects/:id/repository/tags' do
     it 'should create a new tag' do
       post api("/projects/#{project.id}/repository/tags", user),
-           tag_name: 'v1.0.0',
+           tag_name: 'v2.0.0',
            ref: 'master'
-
       response.status.should == 201
-      json_response['name'].should == 'v1.0.0'
+      json_response['name'].should == 'v2.0.0'
     end
 
     it 'should deny for user without push access' do
       post api("/projects/#{project.id}/repository/tags", user2),
            tag_name: 'v1.0.0',
            ref: '621491c677087aa243f165eab467bfdfbee00be1'
-
       response.status.should == 403
     end
+
+    it 'should return 400 if tag name is invalid' do
+      post api("/projects/#{project.id}/repository/tags", user),
+           tag_name: 'v 1.0.0',
+           ref: 'master'
+      response.status.should == 400
+      json_response['message'].should == 'Tag name invalid'
+    end
+
+    it 'should return 400 if tag already exists' do
+      post api("/projects/#{project.id}/repository/tags", user),
+           tag_name: 'v8.0.0',
+           ref: 'master'
+      response.status.should == 201
+      post api("/projects/#{project.id}/repository/tags", user),
+           tag_name: 'v8.0.0',
+           ref: 'master'
+      response.status.should == 400
+      json_response['message'].should == 'Tag already exists'
+    end
+
+    it 'should return 400 if ref name is invalid' do
+      post api("/projects/#{project.id}/repository/tags", user),
+           tag_name: 'mytag',
+           ref: 'foo'
+      response.status.should == 400
+      json_response['message'].should == 'Invalid reference name'
+    end
   end
 
   describe "GET /projects/:id/repository/tree" do
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-09-04 15:52:42 +0300
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-09-04 15:52:42 +0300
commit	9bb1d8fc8d2119ed46ac2e11ed9d295a61cf7a28 (patch)
tree	51f60862e936de65c581f46bf4b641a2e7ad2cfa /spec
parent	640a3c5c89cc2d20382f4c1045e4b0b05964176a (diff)
parent	392113919adc75ba1537d89a0de8d0641e24d5b8 (diff)
download	gitlab-ce-9bb1d8fc8d2119ed46ac2e11ed9d295a61cf7a28.tar.gz