summaryrefslogtreecommitdiff
path: root/spec/requests/api/project_snippets_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/requests/api/project_snippets_spec.rb')
-rw-r--r--spec/requests/api/project_snippets_spec.rb132
1 files changed, 77 insertions, 55 deletions
diff --git a/spec/requests/api/project_snippets_spec.rb b/spec/requests/api/project_snippets_spec.rb
index 5998790fae5..b859b977c34 100644
--- a/spec/requests/api/project_snippets_spec.rb
+++ b/spec/requests/api/project_snippets_spec.rb
@@ -2,7 +2,7 @@
require 'spec_helper'
-RSpec.describe API::ProjectSnippets, feature_category: :source_code_management do
+RSpec.describe API::ProjectSnippets, :aggregate_failures, feature_category: :source_code_management do
include SnippetHelpers
let_it_be(:project) { create(:project, :public) }
@@ -14,8 +14,12 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
describe "GET /projects/:project_id/snippets/:id/user_agent_detail" do
let_it_be(:user_agent_detail) { create(:user_agent_detail, subject: public_snippet) }
+ it_behaves_like 'GET request permissions for admin mode' do
+ let(:path) { "/projects/#{public_snippet.project.id}/snippets/#{public_snippet.id}/user_agent_detail" }
+ end
+
it 'exposes known attributes' do
- get api("/projects/#{project.id}/snippets/#{public_snippet.id}/user_agent_detail", admin)
+ get api("/projects/#{project.id}/snippets/#{public_snippet.id}/user_agent_detail", admin, admin_mode: true)
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['user_agent']).to eq(user_agent_detail.user_agent)
@@ -26,7 +30,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
it 'respects project scoping' do
other_project = create(:project)
- get api("/projects/#{other_project.id}/snippets/#{public_snippet.id}/user_agent_detail", admin)
+ get api("/projects/#{other_project.id}/snippets/#{public_snippet.id}/user_agent_detail", admin, admin_mode: true)
expect(response).to have_gitlab_http_status(:not_found)
end
@@ -38,7 +42,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
context 'with snippets disabled' do
it_behaves_like '403 response' do
- let(:request) { get api("/projects/#{project_no_snippets.id}/snippets/#{non_existing_record_id}/user_agent_detail", admin, admin_mode: true) }
+ subject(:request) { get api("/projects/#{project_no_snippets.id}/snippets/#{non_existing_record_id}/user_agent_detail", admin, admin_mode: true) }
end
end
end
@@ -72,7 +76,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
context 'with snippets disabled' do
it_behaves_like '403 response' do
- let(:request) { get api("/projects/#{project_no_snippets.id}/snippets", user) }
+ subject(:request) { get api("/projects/#{project_no_snippets.id}/snippets", user) }
end
end
end
@@ -83,16 +87,14 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
it 'returns snippet json' do
get api("/projects/#{project.id}/snippets/#{snippet.id}", user)
- aggregate_failures do
- expect(response).to have_gitlab_http_status(:ok)
+ expect(response).to have_gitlab_http_status(:ok)
- expect(json_response['title']).to eq(snippet.title)
- expect(json_response['description']).to eq(snippet.description)
- expect(json_response['file_name']).to eq(snippet.file_name_on_repo)
- expect(json_response['files']).to eq(snippet.blobs.map { |blob| snippet_blob_file(blob) })
- expect(json_response['ssh_url_to_repo']).to eq(snippet.ssh_url_to_repo)
- expect(json_response['http_url_to_repo']).to eq(snippet.http_url_to_repo)
- end
+ expect(json_response['title']).to eq(snippet.title)
+ expect(json_response['description']).to eq(snippet.description)
+ expect(json_response['file_name']).to eq(snippet.file_name_on_repo)
+ expect(json_response['files']).to eq(snippet.blobs.map { |blob| snippet_blob_file(blob) })
+ expect(json_response['ssh_url_to_repo']).to eq(snippet.ssh_url_to_repo)
+ expect(json_response['http_url_to_repo']).to eq(snippet.http_url_to_repo)
end
it 'returns 404 for invalid snippet id' do
@@ -104,7 +106,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
context 'with snippets disabled' do
it_behaves_like '403 response' do
- let(:request) { get api("/projects/#{project_no_snippets.id}/snippets/#{non_existing_record_id}", user) }
+ subject(:request) { get api("/projects/#{project_no_snippets.id}/snippets/#{non_existing_record_id}", user) }
end
end
@@ -126,22 +128,25 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
let(:file_content) { 'puts "hello world"' }
let(:file_params) { { files: [{ file_path: file_path, content: file_content }] } }
let(:params) { base_params.merge(file_params) }
+ let(:admin_mode) { false }
+
+ subject(:request) { post api("/projects/#{project.id}/snippets/", actor, admin_mode: admin_mode), params: params }
- subject { post api("/projects/#{project.id}/snippets/", actor, admin_mode: actor.admin?), params: params }
+ it_behaves_like 'POST request permissions for admin mode' do
+ let(:path) { "/projects/#{project.id}/snippets/" }
+ end
shared_examples 'project snippet repository actions' do
let(:snippet) { ProjectSnippet.find(json_response['id']) }
it 'commit the files to the repository' do
- subject
+ request
- aggregate_failures do
- expect(snippet.repository.exists?).to be_truthy
+ expect(snippet.repository.exists?).to be_truthy
- blob = snippet.repository.blob_at(snippet.default_branch, file_path)
+ blob = snippet.repository.blob_at(snippet.default_branch, file_path)
- expect(blob.data).to eq file_content
- end
+ expect(blob.data).to eq file_content
end
end
@@ -152,7 +157,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
it 'creates a new snippet' do
project.add_developer(actor)
- subject
+ request
expect(response).to have_gitlab_http_status(:created)
end
@@ -160,7 +165,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
context 'that does not belong to the project' do
it 'does not create a new snippet' do
- subject
+ request
expect(response).to have_gitlab_http_status(:forbidden)
end
@@ -180,7 +185,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
end
it 'creates a new snippet' do
- subject
+ request
expect(response).to have_gitlab_http_status(:created)
snippet = ProjectSnippet.find(json_response['id'])
@@ -196,9 +201,10 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
context 'with an admin' do
let(:actor) { admin }
+ let(:admin_mode) { true }
it 'creates a new snippet' do
- subject
+ request
expect(response).to have_gitlab_http_status(:created)
snippet = ProjectSnippet.find(json_response['id'])
@@ -214,7 +220,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
it 'returns 400 for missing parameters' do
params.delete(:title)
- subject
+ request
expect(response).to have_gitlab_http_status(:bad_request)
end
@@ -226,7 +232,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
it 'returns 400 if title is blank' do
params[:title] = ''
- subject
+ request
expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response['error']).to eq 'title is empty'
@@ -235,6 +241,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
context 'when save fails because the repository could not be created' do
let(:actor) { admin }
+ let(:admin_mode) { true }
before do
allow_next_instance_of(Snippets::CreateService) do |instance|
@@ -243,7 +250,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
end
it 'returns 400' do
- subject
+ request
expect(response).to have_gitlab_http_status(:bad_request)
end
@@ -264,7 +271,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
it 'creates the snippet' do
params['visibility'] = 'private'
- expect { subject }.to change { Snippet.count }.by(1)
+ expect { request }.to change { Snippet.count }.by(1)
end
end
@@ -274,13 +281,13 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
end
it 'rejects the snippet' do
- expect { subject }.not_to change { Snippet.count }
+ expect { request }.not_to change { Snippet.count }
expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response['message']['error']).to match(/snippet has been recognized as spam/)
end
it 'creates a spam log' do
- expect { subject }
+ expect { request }
.to log_spam(title: 'Test Title', user_id: user.id, noteable_type: 'ProjectSnippet')
end
end
@@ -288,7 +295,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
context 'with snippets disabled' do
it_behaves_like '403 response' do
- let(:request) { post api("/projects/#{project_no_snippets.id}/snippets", user), params: params }
+ subject(:request) { post api("/projects/#{project_no_snippets.id}/snippets", user), params: params }
end
end
end
@@ -296,6 +303,11 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
describe 'PUT /projects/:project_id/snippets/:id/' do
let(:visibility_level) { Snippet::PUBLIC }
let(:snippet) { create(:project_snippet, :repository, author: admin, visibility_level: visibility_level, project: project) }
+ let(:params) { { title: 'Foo' } }
+
+ it_behaves_like 'PUT request permissions for admin mode' do
+ let(:path) { "/projects/#{snippet.project.id}/snippets/#{snippet.id}" }
+ end
it_behaves_like 'snippet file updates'
it_behaves_like 'snippet non-file updates'
@@ -317,7 +329,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
let(:visibility_level) { Snippet::PRIVATE }
it 'creates the snippet' do
- expect { update_snippet(params: { title: 'Foo' }) }
+ expect { update_snippet(admin_mode: true, params: params) }
.to change { snippet.reload.title }.to('Foo')
end
end
@@ -326,12 +338,12 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
let(:visibility_level) { Snippet::PUBLIC }
it 'rejects the snippet' do
- expect { update_snippet(params: { title: 'Foo' }) }
+ expect { update_snippet(params: params) }
.not_to change { snippet.reload.title }
end
it 'creates a spam log' do
- expect { update_snippet(params: { title: 'Foo' }) }
+ expect { update_snippet(params: params) }
.to log_spam(title: 'Foo', user_id: admin.id, noteable_type: 'ProjectSnippet')
end
end
@@ -340,7 +352,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
let(:visibility_level) { Snippet::PRIVATE }
it 'rejects the snippet' do
- expect { update_snippet(params: { title: 'Foo', visibility: 'public' }) }
+ expect { update_snippet(admin_mode: true, params: { title: 'Foo', visibility: 'public' }) }
.not_to change { snippet.reload.title }
expect(response).to have_gitlab_http_status(:bad_request)
@@ -348,7 +360,7 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
end
it 'creates a spam log' do
- expect { update_snippet(params: { title: 'Foo', visibility: 'public' }) }
+ expect { update_snippet(admin_mode: true, params: { title: 'Foo', visibility: 'public' }) }
.to log_spam(title: 'Foo', user_id: admin.id, noteable_type: 'ProjectSnippet')
end
end
@@ -356,47 +368,55 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
context 'with snippets disabled' do
it_behaves_like '403 response' do
- let(:request) { put api("/projects/#{project_no_snippets.id}/snippets/#{non_existing_record_id}", admin, admin_mode: true), params: { description: 'foo' } }
+ subject(:request) { put api("/projects/#{project_no_snippets.id}/snippets/#{non_existing_record_id}", admin, admin_mode: true), params: { description: 'foo' } }
end
end
- def update_snippet(snippet_id: snippet.id, params: {})
- put api("/projects/#{snippet.project.id}/snippets/#{snippet_id}", admin), params: params
+ def update_snippet(snippet_id: snippet.id, admin_mode: false, params: {})
+ put api("/projects/#{snippet.project.id}/snippets/#{snippet_id}", admin, admin_mode: admin_mode), params: params
end
end
describe 'DELETE /projects/:project_id/snippets/:id/' do
let_it_be(:snippet, refind: true) { public_snippet }
+ let(:path) { "/projects/#{snippet.project.id}/snippets/#{snippet.id}/" }
+
+ it_behaves_like 'DELETE request permissions for admin mode'
it 'deletes snippet' do
- delete api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin)
+ delete api(path, admin, admin_mode: true)
expect(response).to have_gitlab_http_status(:no_content)
end
it 'returns 404 for invalid snippet id' do
- delete api("/projects/#{snippet.project.id}/snippets/#{non_existing_record_id}", admin)
+ delete api("/projects/#{snippet.project.id}/snippets/#{non_existing_record_id}", admin, admin_mode: true)
expect(response).to have_gitlab_http_status(:not_found)
expect(json_response['message']).to eq('404 Snippet Not Found')
end
it_behaves_like '412 response' do
- let(:request) { api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin, admin_mode: true) }
+ subject(:request) { api(path, admin, admin_mode: true) }
end
context 'with snippets disabled' do
it_behaves_like '403 response' do
- let(:request) { delete api("/projects/#{project_no_snippets.id}/snippets/#{non_existing_record_id}", admin, admin_mode: true) }
+ subject(:request) { delete api("/projects/#{project_no_snippets.id}/snippets/#{non_existing_record_id}", admin, admin_mode: true) }
end
end
end
describe 'GET /projects/:project_id/snippets/:id/raw' do
let_it_be(:snippet) { create(:project_snippet, :repository, :public, author: admin, project: project) }
+ let(:path) { "/projects/#{snippet.project.id}/snippets/#{snippet.id}/raw" }
+
+ it_behaves_like 'GET request permissions for admin mode' do
+ let(:failed_status_code) { :ok }
+ end
it 'returns raw text' do
- get api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/raw", admin)
+ get api(path, admin)
expect(response).to have_gitlab_http_status(:ok)
expect(response.media_type).to eq 'text/plain'
@@ -404,19 +424,17 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
end
it 'returns 404 for invalid snippet id' do
- get api("/projects/#{snippet.project.id}/snippets/#{non_existing_record_id}/raw", admin)
+ get api("/projects/#{snippet.project.id}/snippets/#{non_existing_record_id}/raw", admin, admin_mode: true)
expect(response).to have_gitlab_http_status(:not_found)
expect(json_response['message']).to eq('404 Snippet Not Found')
end
- it_behaves_like 'project snippet access levels' do
- let(:path) { "/projects/#{snippet.project.id}/snippets/#{snippet.id}/raw" }
- end
+ it_behaves_like 'project snippet access levels'
context 'with snippets disabled' do
it_behaves_like '403 response' do
- let(:request) { get api("/projects/#{project_no_snippets.id}/snippets/#{non_existing_record_id}/raw", admin, admin_mode: true) }
+ subject(:request) { get api("/projects/#{project_no_snippets.id}/snippets/#{non_existing_record_id}/raw", admin, admin_mode: true) }
end
end
@@ -424,19 +442,23 @@ RSpec.describe API::ProjectSnippets, feature_category: :source_code_management d
let_it_be(:snippet_with_empty_repo) { create(:project_snippet, :empty_repo, author: admin, project: project) }
let_it_be(:admin_mode) { snippet.author.admin? }
- subject { get api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/raw", snippet.author, admin_mode: admin_mode) }
+ subject { get api(path, snippet.author, admin_mode: admin_mode) }
end
end
describe 'GET /projects/:project_id/snippets/:id/files/:ref/:file_path/raw' do
let_it_be(:snippet) { create(:project_snippet, :repository, author: admin, project: project) }
+ let(:path) { "/projects/#{snippet.project.id}/snippets/#{snippet.id}/files/master/%2Egitattributes/raw" }
+
+ it_behaves_like 'GET request permissions for admin mode' do
+ let(:failed_status_code) { :not_found }
+ end
+
it_behaves_like 'raw snippet files' do
let(:api_path) { "/projects/#{snippet.project.id}/snippets/#{snippet_id}/files/#{ref}/#{file_path}/raw" }
end
- it_behaves_like 'project snippet access levels' do
- let(:path) { "/projects/#{snippet.project.id}/snippets/#{snippet.id}/files/master/%2Egitattributes/raw" }
- end
+ it_behaves_like 'project snippet access levels'
end
end
View Lorry Controller Status