From bc78ae6985ee37f9ac2ffc2dbf6f445078d16038 Mon Sep 17 00:00:00 2001 From: Tiago Botelho Date: Mon, 22 Jan 2018 18:10:56 +0000 Subject: Add specs --- spec/lib/gitlab/checks/new_project_spec.rb | 46 ++++++++++++++++ spec/lib/gitlab/checks/project_moved_spec.rb | 18 +++---- spec/lib/gitlab/git_access_spec.rb | 79 ++++++++++++++++++++++++++++ 3 files changed, 134 insertions(+), 9 deletions(-) create mode 100644 spec/lib/gitlab/checks/new_project_spec.rb (limited to 'spec/lib') diff --git a/spec/lib/gitlab/checks/new_project_spec.rb b/spec/lib/gitlab/checks/new_project_spec.rb new file mode 100644 index 00000000000..c696e02e41a --- /dev/null +++ b/spec/lib/gitlab/checks/new_project_spec.rb @@ -0,0 +1,46 @@ +require 'rails_helper' + +describe Gitlab::Checks::NewProject, :clean_gitlab_redis_shared_state do + let(:user) { create(:user) } + let(:project) { create(:project) } + + describe '.fetch_new_project_message' do + context 'with a new project message queue' do + let(:new_project) { described_class.new(user, project, 'http') } + + before do + new_project.add_new_project_message + end + + it 'returns new project message' do + expect(described_class.fetch_new_project_message(user.id, project.id)).to eq(new_project.new_project_message) + end + + it 'deletes the new project message from redis' do + expect(Gitlab::Redis::SharedState.with { |redis| redis.get("new_project:#{user.id}:#{project.id}") }).not_to be_nil + described_class.fetch_new_project_message(user.id, project.id) + expect(Gitlab::Redis::SharedState.with { |redis| redis.get("new_project:#{user.id}:#{project.id}") }).to be_nil + end + end + + context 'with no new project message queue' do + it 'returns nil' do + expect(described_class.fetch_new_project_message(1, 2)).to be_nil + end + end + end + + describe '#add_new_project_message' do + it 'queues a new project message' do + new_project = described_class.new(user, project, 'http') + + expect(new_project.add_new_project_message).to eq('OK') + end + + it 'handles anonymous push' do + new_project = described_class.new(user, nil, 'http') + + expect(new_project.add_new_project_message).to be_nil + end + end +end diff --git a/spec/lib/gitlab/checks/project_moved_spec.rb b/spec/lib/gitlab/checks/project_moved_spec.rb index f90c2d6aded..b03a598edd8 100644 --- a/spec/lib/gitlab/checks/project_moved_spec.rb +++ b/spec/lib/gitlab/checks/project_moved_spec.rb @@ -6,14 +6,14 @@ describe Gitlab::Checks::ProjectMoved, :clean_gitlab_redis_shared_state do describe '.fetch_redirct_message' do context 'with a redirect message queue' do - it 'should return the redirect message' do + it 'returns the redirect message' do project_moved = described_class.new(project, user, 'foo/bar', 'http') project_moved.add_redirect_message expect(described_class.fetch_redirect_message(user.id, project.id)).to eq(project_moved.redirect_message) end - it 'should delete the redirect message from redis' do + it 'deletes the redirect message from redis' do project_moved = described_class.new(project, user, 'foo/bar', 'http') project_moved.add_redirect_message @@ -24,19 +24,19 @@ describe Gitlab::Checks::ProjectMoved, :clean_gitlab_redis_shared_state do end context 'with no redirect message queue' do - it 'should return nil' do + it 'returns nil' do expect(described_class.fetch_redirect_message(1, 2)).to be_nil end end end describe '#add_redirect_message' do - it 'should queue a redirect message' do + it 'queues a redirect message' do project_moved = described_class.new(project, user, 'foo/bar', 'http') expect(project_moved.add_redirect_message).to eq("OK") end - it 'should handle anonymous clones' do + it 'handles anonymous clones' do project_moved = described_class.new(project, nil, 'foo/bar', 'http') expect(project_moved.add_redirect_message).to eq(nil) @@ -45,7 +45,7 @@ describe Gitlab::Checks::ProjectMoved, :clean_gitlab_redis_shared_state do describe '#redirect_message' do context 'when the push is rejected' do - it 'should return a redirect message telling the user to try again' do + it 'returns a redirect message telling the user to try again' do project_moved = described_class.new(project, user, 'foo/bar', 'http') message = "Project 'foo/bar' was moved to '#{project.full_path}'." + "\n\nPlease update your Git remote:" + @@ -56,7 +56,7 @@ describe Gitlab::Checks::ProjectMoved, :clean_gitlab_redis_shared_state do end context 'when the push is not rejected' do - it 'should return a redirect message' do + it 'returns a redirect message' do project_moved = described_class.new(project, user, 'foo/bar', 'http') message = "Project 'foo/bar' was moved to '#{project.full_path}'." + "\n\nPlease update your Git remote:" + @@ -69,7 +69,7 @@ describe Gitlab::Checks::ProjectMoved, :clean_gitlab_redis_shared_state do describe '#permanent_redirect?' do context 'with a permanent RedirectRoute' do - it 'should return true' do + it 'returns true' do project.route.create_redirect('foo/bar', permanent: true) project_moved = described_class.new(project, user, 'foo/bar', 'http') expect(project_moved.permanent_redirect?).to be_truthy @@ -77,7 +77,7 @@ describe Gitlab::Checks::ProjectMoved, :clean_gitlab_redis_shared_state do end context 'without a permanent RedirectRoute' do - it 'should return false' do + it 'returns false' do project.route.create_redirect('foo/bar') project_moved = described_class.new(project, user, 'foo/bar', 'http') expect(project_moved.permanent_redirect?).to be_falsy diff --git a/spec/lib/gitlab/git_access_spec.rb b/spec/lib/gitlab/git_access_spec.rb index 457e219c1a5..3c98c95e301 100644 --- a/spec/lib/gitlab/git_access_spec.rb +++ b/spec/lib/gitlab/git_access_spec.rb @@ -152,6 +152,30 @@ describe Gitlab::GitAccess do expect { push_access_check }.to raise_not_found end end + + context 'when user is allowed to create project in namespace' do + let(:access) { described_class.new(actor, nil, protocol, authentication_abilities: authentication_abilities, redirected_path: redirected_path, target_namespace: user.namespace) } + + it 'blocks pull access with "not found"' do + expect { pull_access_check }.to raise_not_found + end + + it 'allows push access' do + expect { push_access_check }.not_to raise_error + end + end + + context 'when user is not allowed to create project in namespace' do + let(:user2) { create(:user) } + let(:access) { described_class.new(actor, nil, protocol, authentication_abilities: authentication_abilities, redirected_path: redirected_path, target_namespace: user2.namespace) } + + it 'blocks push and pull with "not found"' do + aggregate_failures do + expect { pull_access_check }.to raise_not_found + expect { push_access_check }.to raise_not_found + end + end + end end end @@ -311,6 +335,51 @@ describe Gitlab::GitAccess do end end + describe '#check_namespace_accessibility!' do + context 'when project exists' do + context 'when user can pull or push' do + before do + project.add_master(user) + end + + it 'does not block pull or push' do + aggregate_failures do + expect { push_access_check }.not_to raise_error + expect { pull_access_check }.not_to raise_error + end + end + end + end + + context 'when project does not exist' do + context 'when namespace does not exist' do + let(:access) { described_class.new(actor, nil, protocol, authentication_abilities: authentication_abilities, redirected_path: redirected_path, target_namespace: nil) } + + it 'blocks push and pull' do + aggregate_failures do + expect { push_access_check }.not_to raise_namespace_not_found + expect { pull_access_check }.not_to raise_namespace_not_found + end + end + end + + context 'when namespace exists' do + context 'when user is unable to push to namespace' do + let(:user2) { create(:user) } + let(:access) { described_class.new(actor, nil, protocol, authentication_abilities: authentication_abilities, redirected_path: redirected_path, target_namespace: user2.namespace) } + + it 'blocks push' do + expect { push_access_check }.to raise_project_create + end + + it 'does not block pull' do + expect { push_access_check }.to raise_error + end + end + end + end + end + describe '#check_download_access!' do it 'allows masters to pull' do project.add_master(user) @@ -773,6 +842,16 @@ describe Gitlab::GitAccess do Gitlab::GitAccess::ERROR_MESSAGES[:project_not_found]) end + def raise_namespace_not_found + raise_error(Gitlab::GitAccess::NotFoundError, + Gitlab::GitAccess::ERROR_MESSAGES[:namespace_not_found]) + end + + def raise_project_create + raise_error(Gitlab::GitAccess::NotFoundError, + Gitlab::GitAccess::ERROR_MESSAGES[:create]) + end + def build_authentication_abilities [ :read_project, -- cgit v1.2.1