diff options
Diffstat (limited to 'spec/requests/api')
| -rw-r--r-- | spec/requests/api/environments_spec.rb | 22 | ||||
| -rw-r--r-- | spec/requests/api/events_spec.rb | 4 | ||||
| -rw-r--r-- | spec/requests/api/graphql/gitlab_schema_spec.rb | 16 | ||||
| -rw-r--r-- | spec/requests/api/internal_spec.rb | 101 | ||||
| -rw-r--r-- | spec/requests/api/merge_requests_spec.rb | 124 | ||||
| -rw-r--r-- | spec/requests/api/pipelines_spec.rb | 66 | ||||
| -rw-r--r-- | spec/requests/api/projects_spec.rb | 49 | ||||
| -rw-r--r-- | spec/requests/api/runner_spec.rb | 2 | ||||
| -rw-r--r-- | spec/requests/api/settings_spec.rb | 33 |
9 files changed, 376 insertions, 41 deletions
diff --git a/spec/requests/api/environments_spec.rb b/spec/requests/api/environments_spec.rb index 493d3642255..8fc7fdc8632 100644 --- a/spec/requests/api/environments_spec.rb +++ b/spec/requests/api/environments_spec.rb @@ -32,6 +32,7 @@ describe API::Environments do expect(json_response.first['name']).to eq(environment.name) expect(json_response.first['external_url']).to eq(environment.external_url) expect(json_response.first['project'].keys).to contain_exactly(*project_data_keys) + expect(json_response.first).not_to have_key("last_deployment") end end @@ -188,4 +189,25 @@ describe API::Environments do end end end + + describe 'GET /projects/:id/environments/:environment_id' do + context 'as member of the project' do + it 'returns project environments' do + create(:deployment, :success, project: project, environment: environment) + + get api("/projects/#{project.id}/environments/#{environment.id}", user) + + expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/environment') + end + end + + context 'as non member' do + it 'returns a 404 status code' do + get api("/projects/#{project.id}/environments/#{environment.id}", non_member) + + expect(response).to have_gitlab_http_status(404) + end + end + end end diff --git a/spec/requests/api/events_spec.rb b/spec/requests/api/events_spec.rb index 0ac23505de7..065b16c6221 100644 --- a/spec/requests/api/events_spec.rb +++ b/spec/requests/api/events_spec.rb @@ -270,8 +270,8 @@ describe API::Events do end context 'when exists some events' do - let(:merge_request1) { create(:merge_request, :closed, author: user, assignee: user, source_project: private_project, title: 'Test') } - let(:merge_request2) { create(:merge_request, :closed, author: user, assignee: user, source_project: private_project, title: 'Test') } + let(:merge_request1) { create(:merge_request, :closed, author: user, assignees: [user], source_project: private_project, title: 'Test') } + let(:merge_request2) { create(:merge_request, :closed, author: user, assignees: [user], source_project: private_project, title: 'Test') } before do create_event(merge_request1) diff --git a/spec/requests/api/graphql/gitlab_schema_spec.rb b/spec/requests/api/graphql/gitlab_schema_spec.rb index 708a000532b..f95f460fd14 100644 --- a/spec/requests/api/graphql/gitlab_schema_spec.rb +++ b/spec/requests/api/graphql/gitlab_schema_spec.rb @@ -3,14 +3,24 @@ require 'spec_helper' describe 'GitlabSchema configurations' do include GraphqlHelpers - let(:project) { create(:project, :repository) } - let!(:query) { graphql_query_for('project', 'fullPath' => project.full_path) } + it 'shows an error if complexity is too high' do + project = create(:project, :repository) + query = graphql_query_for('project', { 'fullPath' => project.full_path }, "id\nname\ndescription") - it 'shows an error if complexity it too high' do allow(GitlabSchema).to receive(:max_query_complexity).and_return 1 post_graphql(query, current_user: nil) expect(graphql_errors.first['message']).to include('which exceeds max complexity of 1') end + + context 'when IntrospectionQuery' do + it 'is not too complex' do + query = File.read(Rails.root.join('spec/fixtures/api/graphql/introspection.graphql')) + + post_graphql(query, current_user: nil) + + expect(graphql_errors).to be_nil + end + end end diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb index 0919540e4ba..1ce8f520962 100644 --- a/spec/requests/api/internal_spec.rb +++ b/spec/requests/api/internal_spec.rb @@ -888,8 +888,10 @@ describe API::Internal do } end + let(:branch_name) { 'feature' } + let(:changes) do - "#{Gitlab::Git::BLANK_SHA} 570e7b2abdd848b95f2f578043fc23bd6f6fd24d refs/heads/new_branch" + "#{Gitlab::Git::BLANK_SHA} 570e7b2abdd848b95f2f578043fc23bd6f6fd24d refs/heads/#{branch_name}" end let(:push_options) do @@ -905,9 +907,9 @@ describe API::Internal do it 'enqueues a PostReceive worker job' do expect(PostReceive).to receive(:perform_async) - .with(gl_repository, identifier, changes, push_options) + .with(gl_repository, identifier, changes, { ci: { skip: true } }) - post api("/internal/post_receive"), params: valid_params + post api('/internal/post_receive'), params: valid_params end it 'decreases the reference counter and returns the result' do @@ -915,17 +917,17 @@ describe API::Internal do .and_return(reference_counter) expect(reference_counter).to receive(:decrease).and_return(true) - post api("/internal/post_receive"), params: valid_params + post api('/internal/post_receive'), params: valid_params expect(json_response['reference_counter_decreased']).to be(true) end it 'returns link to create new merge request' do - post api("/internal/post_receive"), params: valid_params + post api('/internal/post_receive'), params: valid_params expect(json_response['merge_request_urls']).to match [{ - "branch_name" => "new_branch", - "url" => "http://#{Gitlab.config.gitlab.host}/#{project.namespace.name}/#{project.path}/merge_requests/new?merge_request%5Bsource_branch%5D=new_branch", + "branch_name" => branch_name, + "url" => "http://#{Gitlab.config.gitlab.host}/#{project.namespace.name}/#{project.path}/merge_requests/new?merge_request%5Bsource_branch%5D=#{branch_name}", "new_merge_request" => true }] end @@ -933,16 +935,87 @@ describe API::Internal do it 'returns empty array if printing_merge_request_link_enabled is false' do project.update!(printing_merge_request_link_enabled: false) - post api("/internal/post_receive"), params: valid_params + post api('/internal/post_receive'), params: valid_params expect(json_response['merge_request_urls']).to eq([]) end + it 'does not invoke MergeRequests::PushOptionsHandlerService' do + expect(MergeRequests::PushOptionsHandlerService).not_to receive(:new) + + post api('/internal/post_receive'), params: valid_params + end + + context 'when there are merge_request push options' do + before do + valid_params[:push_options] = ['merge_request.create'] + end + + it 'invokes MergeRequests::PushOptionsHandlerService' do + expect(MergeRequests::PushOptionsHandlerService).to receive(:new) + + post api('/internal/post_receive'), params: valid_params + end + + it 'creates a new merge request' do + expect do + post api('/internal/post_receive'), params: valid_params + end.to change { MergeRequest.count }.by(1) + end + + it 'links to the newly created merge request' do + post api('/internal/post_receive'), params: valid_params + + expect(json_response['merge_request_urls']).to match [{ + 'branch_name' => branch_name, + 'url' => "http://#{Gitlab.config.gitlab.host}/#{project.namespace.name}/#{project.path}/merge_requests/1", + 'new_merge_request' => false + }] + end + + it 'adds errors on the service instance to warnings' do + expect_any_instance_of( + MergeRequests::PushOptionsHandlerService + ).to receive(:errors).at_least(:once).and_return(['my error']) + + post api('/internal/post_receive'), params: valid_params + + expect(json_response['warnings']).to eq('Error encountered with push options \'merge_request.create\': my error') + end + + it 'adds ActiveRecord errors on invalid MergeRequest records to warnings' do + invalid_merge_request = MergeRequest.new + invalid_merge_request.errors.add(:base, 'my error') + + expect_any_instance_of( + MergeRequests::CreateService + ).to receive(:execute).and_return(invalid_merge_request) + + post api('/internal/post_receive'), params: valid_params + + expect(json_response['warnings']).to eq('Error encountered with push options \'merge_request.create\': my error') + end + + context 'when the feature is disabled' do + it 'does not invoke MergeRequests::PushOptionsHandlerService' do + Feature.disable(:mr_push_options) + + expect(MergeRequests::PushOptionsHandlerService).to receive(:new) + + expect do + post api('/internal/post_receive'), params: valid_params + end.not_to change { MergeRequest.count } + + Feature.enable(:mr_push_options) + end + end + end + context 'broadcast message exists' do let!(:broadcast_message) { create(:broadcast_message, starts_at: 1.day.ago, ends_at: 1.day.from_now ) } it 'returns one broadcast message' do - post api("/internal/post_receive"), params: valid_params + post api('/internal/post_receive'), params: valid_params expect(response).to have_gitlab_http_status(200) expect(json_response['broadcast_message']).to eq(broadcast_message.message) @@ -951,7 +1024,7 @@ describe API::Internal do context 'broadcast message does not exist' do it 'returns empty string' do - post api("/internal/post_receive"), params: valid_params + post api('/internal/post_receive'), params: valid_params expect(response).to have_gitlab_http_status(200) expect(json_response['broadcast_message']).to eq(nil) @@ -962,7 +1035,7 @@ describe API::Internal do it 'returns empty string' do allow(BroadcastMessage).to receive(:current).and_return(nil) - post api("/internal/post_receive"), params: valid_params + post api('/internal/post_receive'), params: valid_params expect(response).to have_gitlab_http_status(200) expect(json_response['broadcast_message']).to eq(nil) @@ -974,7 +1047,7 @@ describe API::Internal do project_moved = Gitlab::Checks::ProjectMoved.new(project, user, 'http', 'foo/baz') project_moved.add_message - post api("/internal/post_receive"), params: valid_params + post api('/internal/post_receive'), params: valid_params expect(response).to have_gitlab_http_status(200) expect(json_response["redirected_message"]).to be_present @@ -987,7 +1060,7 @@ describe API::Internal do project_created = Gitlab::Checks::ProjectCreated.new(project, user, 'http') project_created.add_message - post api("/internal/post_receive"), params: valid_params + post api('/internal/post_receive'), params: valid_params expect(response).to have_gitlab_http_status(200) expect(json_response["project_created_message"]).to be_present @@ -999,7 +1072,7 @@ describe API::Internal do it 'does not try to notify that project moved' do allow_any_instance_of(Gitlab::Identifier).to receive(:identify).and_return(nil) - post api("/internal/post_receive"), params: valid_params + post api('/internal/post_receive'), params: valid_params expect(response).to have_gitlab_http_status(200) end diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb index 7ffa365c651..45818edbf68 100644 --- a/spec/requests/api/merge_requests_spec.rb +++ b/spec/requests/api/merge_requests_spec.rb @@ -5,14 +5,15 @@ describe API::MergeRequests do let(:base_time) { Time.now } set(:user) { create(:user) } + set(:user2) { create(:user) } set(:admin) { create(:user, :admin) } let(:project) { create(:project, :public, :repository, creator: user, namespace: user.namespace, only_allow_merge_if_pipeline_succeeds: false) } let(:milestone) { create(:milestone, title: '1.0.0', project: project) } let(:milestone1) { create(:milestone, title: '0.9', project: project) } - let!(:merge_request) { create(:merge_request, :simple, milestone: milestone1, author: user, assignee: user, source_project: project, target_project: project, title: "Test", created_at: base_time) } - let!(:merge_request_closed) { create(:merge_request, state: "closed", milestone: milestone1, author: user, assignee: user, source_project: project, target_project: project, title: "Closed test", created_at: base_time + 1.second) } - let!(:merge_request_merged) { create(:merge_request, state: "merged", author: user, assignee: user, source_project: project, target_project: project, title: "Merged test", created_at: base_time + 2.seconds, merge_commit_sha: '9999999999999999999999999999999999999999') } - let!(:merge_request_locked) { create(:merge_request, state: "locked", milestone: milestone1, author: user, assignee: user, source_project: project, target_project: project, title: "Locked test", created_at: base_time + 1.second) } + let!(:merge_request) { create(:merge_request, :simple, milestone: milestone1, author: user, assignees: [user], source_project: project, target_project: project, title: "Test", created_at: base_time) } + let!(:merge_request_closed) { create(:merge_request, state: "closed", milestone: milestone1, author: user, assignees: [user], source_project: project, target_project: project, title: "Closed test", created_at: base_time + 1.second) } + let!(:merge_request_merged) { create(:merge_request, state: "merged", author: user, assignees: [user], source_project: project, target_project: project, title: "Merged test", created_at: base_time + 2.seconds, merge_commit_sha: '9999999999999999999999999999999999999999') } + let!(:merge_request_locked) { create(:merge_request, state: "locked", milestone: milestone1, author: user, assignees: [user], source_project: project, target_project: project, title: "Locked test", created_at: base_time + 1.second) } let!(:note) { create(:note_on_merge_request, author: user, project: project, noteable: merge_request, note: "a comment on a MR") } let!(:note2) { create(:note_on_merge_request, author: user, project: project, noteable: merge_request, note: "another comment on a MR") } let(:label) { create(:label, title: 'label', color: '#FFAABB', project: project) } @@ -20,6 +21,9 @@ describe API::MergeRequests do before do project.add_reporter(user) + project.add_reporter(user2) + + stub_licensed_features(multiple_merge_request_assignees: false) end shared_context 'with labels' do @@ -45,9 +49,9 @@ describe API::MergeRequests do get api(endpoint_path, user) end - create(:merge_request, state: 'closed', milestone: milestone1, author: user, assignee: user, source_project: project, target_project: project, title: 'Test', created_at: base_time) + create(:merge_request, state: 'closed', milestone: milestone1, author: user, assignees: [user], source_project: project, target_project: project, title: 'Test', created_at: base_time) - merge_request = create(:merge_request, milestone: milestone1, author: user, assignee: user, source_project: project, target_project: project, title: 'Test', created_at: base_time) + merge_request = create(:merge_request, milestone: milestone1, author: user, assignees: [user], source_project: project, target_project: project, title: 'Test', created_at: base_time) merge_request.metrics.update!(merged_by: user, latest_closed_by: user, @@ -333,7 +337,7 @@ describe API::MergeRequests do state: 'closed', milestone: milestone1, author: user, - assignee: user, + assignees: [user], source_project: project, target_project: project, title: "Test", @@ -451,7 +455,7 @@ describe API::MergeRequests do context 'when authenticated' do let!(:project2) { create(:project, :public, namespace: user.namespace) } - let!(:merge_request2) { create(:merge_request, :simple, author: user, assignee: user, source_project: project2, target_project: project2) } + let!(:merge_request2) { create(:merge_request, :simple, author: user, assignees: [user], source_project: project2, target_project: project2) } let(:user2) { create(:user) } it 'returns an array of all merge requests except unauthorized ones' do @@ -494,7 +498,7 @@ describe API::MergeRequests do end it 'returns an array of merge requests created by current user if no scope is given' do - merge_request3 = create(:merge_request, :simple, author: user2, assignee: user, source_project: project2, target_project: project2, source_branch: 'other-branch') + merge_request3 = create(:merge_request, :simple, author: user2, assignees: [user], source_project: project2, target_project: project2, source_branch: 'other-branch') get api('/merge_requests', user2) @@ -502,7 +506,7 @@ describe API::MergeRequests do end it 'returns an array of merge requests authored by the given user' do - merge_request3 = create(:merge_request, :simple, author: user2, assignee: user, source_project: project2, target_project: project2, source_branch: 'other-branch') + merge_request3 = create(:merge_request, :simple, author: user2, assignees: [user], source_project: project2, target_project: project2, source_branch: 'other-branch') get api('/merge_requests', user), params: { author_id: user2.id, scope: :all } @@ -510,7 +514,7 @@ describe API::MergeRequests do end it 'returns an array of merge requests assigned to the given user' do - merge_request3 = create(:merge_request, :simple, author: user, assignee: user2, source_project: project2, target_project: project2, source_branch: 'other-branch') + merge_request3 = create(:merge_request, :simple, author: user, assignees: [user2], source_project: project2, target_project: project2, source_branch: 'other-branch') get api('/merge_requests', user), params: { assignee_id: user2.id, scope: :all } @@ -535,7 +539,7 @@ describe API::MergeRequests do end it 'returns an array of merge requests assigned to me' do - merge_request3 = create(:merge_request, :simple, author: user, assignee: user2, source_project: project2, target_project: project2, source_branch: 'other-branch') + merge_request3 = create(:merge_request, :simple, author: user, assignees: [user2], source_project: project2, target_project: project2, source_branch: 'other-branch') get api('/merge_requests', user2), params: { scope: 'assigned_to_me' } @@ -543,7 +547,7 @@ describe API::MergeRequests do end it 'returns an array of merge requests assigned to me (kebab-case)' do - merge_request3 = create(:merge_request, :simple, author: user, assignee: user2, source_project: project2, target_project: project2, source_branch: 'other-branch') + merge_request3 = create(:merge_request, :simple, author: user, assignees: [user2], source_project: project2, target_project: project2, source_branch: 'other-branch') get api('/merge_requests', user2), params: { scope: 'assigned-to-me' } @@ -551,7 +555,7 @@ describe API::MergeRequests do end it 'returns an array of merge requests created by me' do - merge_request3 = create(:merge_request, :simple, author: user2, assignee: user, source_project: project2, target_project: project2, source_branch: 'other-branch') + merge_request3 = create(:merge_request, :simple, author: user2, assignees: [user], source_project: project2, target_project: project2, source_branch: 'other-branch') get api('/merge_requests', user2), params: { scope: 'created_by_me' } @@ -559,7 +563,7 @@ describe API::MergeRequests do end it 'returns an array of merge requests created by me (kebab-case)' do - merge_request3 = create(:merge_request, :simple, author: user2, assignee: user, source_project: project2, target_project: project2, source_branch: 'other-branch') + merge_request3 = create(:merge_request, :simple, author: user2, assignees: [user], source_project: project2, target_project: project2, source_branch: 'other-branch') get api('/merge_requests', user2), params: { scope: 'created-by-me' } @@ -567,7 +571,7 @@ describe API::MergeRequests do end it 'returns merge requests reacted by the authenticated user by the given emoji' do - merge_request3 = create(:merge_request, :simple, author: user, assignee: user, source_project: project2, target_project: project2, source_branch: 'other-branch') + merge_request3 = create(:merge_request, :simple, author: user, assignees: [user], source_project: project2, target_project: project2, source_branch: 'other-branch') award_emoji = create(:award_emoji, awardable: merge_request3, user: user2, name: 'star') get api('/merge_requests', user2), params: { my_reaction_emoji: award_emoji.name, scope: 'all' } @@ -700,7 +704,7 @@ describe API::MergeRequests do get api("/projects/#{project.id}/merge_requests", user) end.count - create(:merge_request, author: user, assignee: user, source_project: project, target_project: project, created_at: base_time) + create(:merge_request, author: user, assignees: [user], source_project: project, target_project: project, created_at: base_time) expect do get api("/projects/#{project.id}/merge_requests", user) @@ -730,7 +734,7 @@ describe API::MergeRequests do describe "GET /projects/:id/merge_requests/:merge_request_iid" do it 'matches json schema' do - merge_request = create(:merge_request, :with_test_reports, milestone: milestone1, author: user, assignee: user, source_project: project, target_project: project, title: "Test", created_at: base_time) + merge_request = create(:merge_request, :with_test_reports, milestone: milestone1, author: user, assignees: [user], source_project: project, target_project: project, title: "Test", created_at: base_time) get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user) expect(response).to have_gitlab_http_status(200) @@ -851,7 +855,7 @@ describe API::MergeRequests do end context 'Work in Progress' do - let!(:merge_request_wip) { create(:merge_request, author: user, assignee: user, source_project: project, target_project: project, title: "WIP: Test", created_at: base_time + 1.second) } + let!(:merge_request_wip) { create(:merge_request, author: user, assignees: [user], source_project: project, target_project: project, title: "WIP: Test", created_at: base_time + 1.second) } it "returns merge request" do get api("/projects/#{project.id}/merge_requests/#{merge_request_wip.iid}", user) @@ -867,7 +871,7 @@ describe API::MergeRequests do merge_request_overflow = create(:merge_request, :simple, author: user, - assignee: user, + assignees: [user], source_project: project, source_branch: 'expand-collapse-files', target_project: project, @@ -1005,6 +1009,71 @@ describe API::MergeRequests do end describe 'POST /projects/:id/merge_requests' do + context 'support for deprecated assignee_id' do + let(:params) do + { + title: 'Test merge request', + source_branch: 'feature_conflict', + target_branch: 'master', + author_id: user.id, + assignee_id: user2.id + } + end + + it 'creates a new merge request' do + post api("/projects/#{project.id}/merge_requests", user), params: params + + expect(response).to have_gitlab_http_status(201) + expect(json_response['title']).to eq('Test merge request') + expect(json_response['assignee']['name']).to eq(user2.name) + expect(json_response['assignees'].first['name']).to eq(user2.name) + end + + it 'creates a new merge request when assignee_id is empty' do + params[:assignee_id] = '' + + post api("/projects/#{project.id}/merge_requests", user), params: params + + expect(response).to have_gitlab_http_status(201) + expect(json_response['title']).to eq('Test merge request') + expect(json_response['assignee']).to be_nil + end + + it 'filters assignee_id of unauthorized user' do + private_project = create(:project, :private, :repository) + another_user = create(:user) + private_project.add_maintainer(user) + params[:assignee_id] = another_user.id + + post api("/projects/#{private_project.id}/merge_requests", user), params: params + + expect(response).to have_gitlab_http_status(201) + expect(json_response['assignee']).to be_nil + end + end + + context 'single assignee restrictions' do + let(:params) do + { + title: 'Test merge request', + source_branch: 'feature_conflict', + target_branch: 'master', + author_id: user.id, + assignee_ids: [user.id, user2.id] + } + end + + it 'creates a new project merge request with no more than one assignee' do + post api("/projects/#{project.id}/merge_requests", user), params: params + + expect(response).to have_gitlab_http_status(201) + expect(json_response['title']).to eq('Test merge request') + expect(json_response['assignees'].count).to eq(1) + expect(json_response['assignees'].first['name']).to eq(user.name) + expect(json_response.dig('assignee', 'name')).to eq(user.name) + end + end + context 'between branches projects' do context 'different labels' do let(:params) do @@ -1574,6 +1643,19 @@ describe API::MergeRequests do expect(json_response['force_remove_source_branch']).to be_truthy end + it 'filters assignee_id of unauthorized user' do + private_project = create(:project, :private, :repository) + mr = create(:merge_request, source_project: private_project, target_project: private_project) + another_user = create(:user) + private_project.add_maintainer(user) + params = { assignee_id: another_user.id } + + put api("/projects/#{private_project.id}/merge_requests/#{mr.iid}", user), params: params + + expect(response).to have_gitlab_http_status(200) + expect(json_response['assignee']).to be_nil + end + context 'when updating labels' do it 'allows special label names' do put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user), @@ -1728,7 +1810,7 @@ describe API::MergeRequests do issue = create(:issue, project: jira_project) description = "Closes #{ext_issue.to_reference(jira_project)}\ncloses #{issue.to_reference}" merge_request = create(:merge_request, - :simple, author: user, assignee: user, source_project: jira_project, description: description) + :simple, author: user, assignees: [user], source_project: jira_project, description: description) get api("/projects/#{jira_project.id}/merge_requests/#{merge_request.iid}/closes_issues", user) diff --git a/spec/requests/api/pipelines_spec.rb b/spec/requests/api/pipelines_spec.rb index 9fed07cae82..0d46463312b 100644 --- a/spec/requests/api/pipelines_spec.rb +++ b/spec/requests/api/pipelines_spec.rb @@ -445,6 +445,72 @@ describe API::Pipelines do end end + describe 'GET /projects/:id/pipelines/:pipeline_id/variables' do + subject { get api("/projects/#{project.id}/pipelines/#{pipeline.id}/variables", api_user) } + + let(:api_user) { user } + + context 'user is a mantainer' do + it 'returns pipeline variables empty' do + subject + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to be_empty + end + + context 'with variables' do + let!(:variable) { create(:ci_pipeline_variable, pipeline: pipeline, key: 'foo', value: 'bar') } + + it 'returns pipeline variables' do + subject + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to contain_exactly({ "key" => "foo", "value" => "bar" }) + end + end + end + + context 'user is a developer' do + let(:pipeline_owner_user) { create(:user) } + let(:pipeline) { create(:ci_empty_pipeline, project: project, user: pipeline_owner_user) } + + before do + project.add_developer(api_user) + end + + context 'pipeline created by the developer user' do + let(:api_user) { pipeline_owner_user } + let!(:variable) { create(:ci_pipeline_variable, pipeline: pipeline, key: 'foo', value: 'bar') } + + it 'returns pipeline variables' do + subject + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to contain_exactly({ "key" => "foo", "value" => "bar" }) + end + end + + context 'pipeline created is not created by the developer user' do + let(:api_user) { create(:user) } + + it 'should not return pipeline variables' do + subject + + expect(response).to have_gitlab_http_status(403) + end + end + end + + context 'user is not a project member' do + it 'should not return pipeline variables' do + get api("/projects/#{project.id}/pipelines/#{pipeline.id}/variables", non_member) + + expect(response).to have_gitlab_http_status(404) + expect(json_response['message']).to eq '404 Project Not Found' + end + end + end + describe 'DELETE /projects/:id/pipelines/:pipeline_id' do context 'authorized user' do let(:owner) { project.owner } diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb index 2bfb17d9c9a..352ea448c00 100644 --- a/spec/requests/api/projects_spec.rb +++ b/spec/requests/api/projects_spec.rb @@ -46,6 +46,8 @@ shared_examples 'languages and percentages JSON response' do end describe API::Projects do + include ExternalAuthorizationServiceHelpers + let(:user) { create(:user) } let(:user2) { create(:user) } let(:user3) { create(:user) } @@ -1336,6 +1338,39 @@ describe API::Projects do end end end + + context 'with external authorization' do + let(:project) do + create(:project, + namespace: user.namespace, + external_authorization_classification_label: 'the-label') + end + + context 'when the user has access to the project' do + before do + external_service_allow_access(user, project) + end + + it 'includes the label in the response' do + get api("/projects/#{project.id}", user) + + expect(response).to have_gitlab_http_status(200) + expect(json_response['external_authorization_classification_label']).to eq('the-label') + end + end + + context 'when the external service denies access' do + before do + external_service_deny_access(user, project) + end + + it 'returns a 404' do + get api("/projects/#{project.id}", user) + + expect(response).to have_gitlab_http_status(404) + end + end + end end describe 'GET /projects/:id/users' do @@ -1890,6 +1925,20 @@ describe API::Projects do expect(response).to have_gitlab_http_status(403) end end + + context 'when updating external classification' do + before do + enable_external_authorization_service_check + end + + it 'updates the classification label' do + put(api("/projects/#{project.id}", user), params: { external_authorization_classification_label: 'new label' }) + + expect(response).to have_gitlab_http_status(200) + + expect(project.reload.external_authorization_classification_label).to eq('new label') + end + end end describe 'POST /projects/:id/archive' do diff --git a/spec/requests/api/runner_spec.rb b/spec/requests/api/runner_spec.rb index 5fdc7c64030..3585a827838 100644 --- a/spec/requests/api/runner_spec.rb +++ b/spec/requests/api/runner_spec.rb @@ -1734,7 +1734,7 @@ describe API::Runner, :clean_gitlab_redis_shared_state do end it 'download artifacts' do - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response.headers.to_h).to include download_headers end end diff --git a/spec/requests/api/settings_spec.rb b/spec/requests/api/settings_spec.rb index f869325e892..527ab1cfb66 100644 --- a/spec/requests/api/settings_spec.rb +++ b/spec/requests/api/settings_spec.rb @@ -116,6 +116,39 @@ describe API::Settings, 'Settings' do expect(json_response['performance_bar_allowed_group_id']).to be_nil end + context 'external policy classification settings' do + let(:settings) do + { + external_authorization_service_enabled: true, + external_authorization_service_url: 'https://custom.service/', + external_authorization_service_default_label: 'default', + external_authorization_service_timeout: 9.99, + external_auth_client_cert: File.read('spec/fixtures/passphrase_x509_certificate.crt'), + external_auth_client_key: File.read('spec/fixtures/passphrase_x509_certificate_pk.key'), + external_auth_client_key_pass: "5iveL!fe" + } + end + let(:attribute_names) { settings.keys.map(&:to_s) } + + it 'includes the attributes in the API' do + get api("/application/settings", admin) + + expect(response).to have_gitlab_http_status(200) + attribute_names.each do |attribute| + expect(json_response.keys).to include(attribute) + end + end + + it 'allows updating the settings' do + put api("/application/settings", admin), params: settings + + expect(response).to have_gitlab_http_status(200) + settings.each do |attribute, value| + expect(ApplicationSetting.current.public_send(attribute)).to eq(value) + end + end + end + context "missing plantuml_url value when plantuml_enabled is true" do it "returns a blank parameter error message" do put api("/application/settings", admin), params: { plantuml_enabled: true } |