From e8f7e5516bf0449f0d7f435ae720aa35f40e1dd0 Mon Sep 17 00:00:00 2001 From: Kamil Trzcinski Date: Sat, 14 May 2016 19:45:48 -0500 Subject: Added specs for JwtController --- spec/requests/jwt_controller_spec.rb | 87 ++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 spec/requests/jwt_controller_spec.rb (limited to 'spec/requests/jwt_controller_spec.rb') diff --git a/spec/requests/jwt_controller_spec.rb b/spec/requests/jwt_controller_spec.rb new file mode 100644 index 00000000000..782d710e1b4 --- /dev/null +++ b/spec/requests/jwt_controller_spec.rb @@ -0,0 +1,87 @@ +require 'spec_helper' + +describe JwtController do + let(:services) { { 'test' => TestService } } + let(:parameters) { { service: 'test' } } + let(:ok_status) { { status: 'OK' } } + + before { allow_any_instance_of(JwtController).to receive(:SERVICES).and_return services } + + context 'existing service' do + before { expect_any_instance_of(TestService).to receive(:execute).and_return(ok_status) } + + subject! { get '/jwt/auth', parameters } + + it { expect(response.status).to eq(200) } + end + + context 'when using authorized request' do + context 'using CI token' do + let(:project) { create(:empty_project, runners_token: 'token', builds_enabled: builds_enabled) } + let(:headers) { { HTTP_AUTHENTICATION: authorize('gitlab-ci-token', project.runners_token) } } + + context 'project with enabled CI' do + let(:builds_enabled) { true } + + it do + expect(TestService).to receive(:new).with(project, nil, parameters).and_call_original + + get '/jwt/auth', parameters, headers + end + end + + context 'project with disabled CI' do + let(:builds_enabled) { false } + + it do + expect(TestService).to receive(:new).with(project, nil, parameters).and_call_original + + get '/jwt/auth', parameters, headers + end + end + end + + context 'using User login' do + let(:user) { create(:user) } + let(:headers) { { HTTP_AUTHENTICATION: authorize('user', 'password') } } + + before { expect_any_instance_of(Gitlab::Auth).to receive(:find).with('user', 'password').and_return(user) } + + it do + expect(TestService).to receive(:new).with(nil, user, parameters).and_call_original + + get '/jwt/auth', parameters, headers + end + end + + context 'using invalid login' do + let(:headers) { { HTTP_AUTHENTICATION: authorize('invalid', 'password') } } + + subject! { get '/jwt/auth', parameters, headers } + + it { expect(response.status).to eq(403) } + end + end + + context 'unknown service' do + subject! { get '/jwt/auth', service: 'unknown' } + + it { expect(response.status).to eq(404) } + end + + def authorize(login, password) + ActionController::HttpAuthentication::Basic.encode_credentials(login, password) + end + + class TestService + attr_accessor :project, :current_user, :params + + def initialize(project, user, params = {}) + @project, @current_user, @params = project, user, params.dup + end + + def execute + { status: 'OK' } + end + end +end -- cgit v1.2.1 From 7b88dca77eeb2a93b5a343d27af513ea28222379 Mon Sep 17 00:00:00 2001 From: Kamil Trzcinski Date: Sun, 15 May 2016 00:33:06 -0500 Subject: Update JwtController specs --- spec/requests/jwt_controller_spec.rb | 57 +++++++++++++----------------------- 1 file changed, 21 insertions(+), 36 deletions(-) (limited to 'spec/requests/jwt_controller_spec.rb') diff --git a/spec/requests/jwt_controller_spec.rb b/spec/requests/jwt_controller_spec.rb index 782d710e1b4..7bb71365a48 100644 --- a/spec/requests/jwt_controller_spec.rb +++ b/spec/requests/jwt_controller_spec.rb @@ -1,61 +1,58 @@ require 'spec_helper' describe JwtController do - let(:services) { { 'test' => TestService } } - let(:parameters) { { service: 'test' } } - let(:ok_status) { { status: 'OK' } } + let(:service) { double(execute: {}) } + let(:service_class) { double(new: service) } + let(:service_name) { 'test' } + let(:parameters) { { service: service_name } } - before { allow_any_instance_of(JwtController).to receive(:SERVICES).and_return services } + before { stub_const('JwtController::SERVICES', service_name => service_class) } context 'existing service' do - before { expect_any_instance_of(TestService).to receive(:execute).and_return(ok_status) } - subject! { get '/jwt/auth', parameters } it { expect(response.status).to eq(200) } + + context 'returning custom http code' do + let(:service) { double(execute: { http_status: 505 }) } + + it { expect(response.status).to eq(505) } + end end context 'when using authorized request' do context 'using CI token' do let(:project) { create(:empty_project, runners_token: 'token', builds_enabled: builds_enabled) } - let(:headers) { { HTTP_AUTHENTICATION: authorize('gitlab-ci-token', project.runners_token) } } + let(:headers) { { authorization: credentials('gitlab_ci_token', project.runners_token) } } + + subject! { get '/jwt/auth', parameters, headers } context 'project with enabled CI' do let(:builds_enabled) { true } - it do - expect(TestService).to receive(:new).with(project, nil, parameters).and_call_original - - get '/jwt/auth', parameters, headers - end + it { expect(service_class).to have_received(:new).with(project, nil, parameters) } end context 'project with disabled CI' do let(:builds_enabled) { false } - it do - expect(TestService).to receive(:new).with(project, nil, parameters).and_call_original - - get '/jwt/auth', parameters, headers - end + it { expect(response.status).to eq(403) } end end context 'using User login' do let(:user) { create(:user) } - let(:headers) { { HTTP_AUTHENTICATION: authorize('user', 'password') } } + let(:headers) { { authorization: credentials('user', 'password') } } before { expect_any_instance_of(Gitlab::Auth).to receive(:find).with('user', 'password').and_return(user) } - it do - expect(TestService).to receive(:new).with(nil, user, parameters).and_call_original + subject! { get '/jwt/auth', parameters, headers } - get '/jwt/auth', parameters, headers - end + it { expect(service_class).to have_received(:new).with(nil, user, parameters) } end context 'using invalid login' do - let(:headers) { { HTTP_AUTHENTICATION: authorize('invalid', 'password') } } + let(:headers) { { authorization: credentials('invalid', 'password') } } subject! { get '/jwt/auth', parameters, headers } @@ -69,19 +66,7 @@ describe JwtController do it { expect(response.status).to eq(404) } end - def authorize(login, password) + def credentials(login, password) ActionController::HttpAuthentication::Basic.encode_credentials(login, password) end - - class TestService - attr_accessor :project, :current_user, :params - - def initialize(project, user, params = {}) - @project, @current_user, @params = project, user, params.dup - end - - def execute - { status: 'OK' } - end - end end -- cgit v1.2.1 From 646018a40e7d29682f31e774f453a6b3427b4216 Mon Sep 17 00:00:00 2001 From: Kamil Trzcinski Date: Sun, 22 May 2016 14:14:12 -0500 Subject: Fix the CI login to Container Registry (the gitlab-ci-token user) --- spec/requests/jwt_controller_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'spec/requests/jwt_controller_spec.rb') diff --git a/spec/requests/jwt_controller_spec.rb b/spec/requests/jwt_controller_spec.rb index 7bb71365a48..d006ff195cf 100644 --- a/spec/requests/jwt_controller_spec.rb +++ b/spec/requests/jwt_controller_spec.rb @@ -23,7 +23,7 @@ describe JwtController do context 'when using authorized request' do context 'using CI token' do let(:project) { create(:empty_project, runners_token: 'token', builds_enabled: builds_enabled) } - let(:headers) { { authorization: credentials('gitlab_ci_token', project.runners_token) } } + let(:headers) { { authorization: credentials('gitlab-ci-token', project.runners_token) } } subject! { get '/jwt/auth', parameters, headers } -- cgit v1.2.1 From 07f49626d01ddffcd127e937c528b74b8248043b Mon Sep 17 00:00:00 2001 From: Jacob Vosmaer Date: Mon, 6 Jun 2016 17:40:26 +0200 Subject: Fix tests --- spec/requests/jwt_controller_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'spec/requests/jwt_controller_spec.rb') diff --git a/spec/requests/jwt_controller_spec.rb b/spec/requests/jwt_controller_spec.rb index d006ff195cf..c995993a853 100644 --- a/spec/requests/jwt_controller_spec.rb +++ b/spec/requests/jwt_controller_spec.rb @@ -44,7 +44,7 @@ describe JwtController do let(:user) { create(:user) } let(:headers) { { authorization: credentials('user', 'password') } } - before { expect_any_instance_of(Gitlab::Auth).to receive(:find).with('user', 'password').and_return(user) } + before { expect(Gitlab::Auth).to receive(:find_in_gitlab_or_ldap).with('user', 'password').and_return(user) } subject! { get '/jwt/auth', parameters, headers } -- cgit v1.2.1 From 0e896ffe4eebb8bcf04bc1327d498bb041faed56 Mon Sep 17 00:00:00 2001 From: Jacob Vosmaer Date: Fri, 10 Jun 2016 14:51:16 +0200 Subject: Improve Gitlab::Auth method names Auth.find was a very generic name for a very specific method. Auth.find_in_gitlab_or_ldap was inaccurate in GitLab EE where it also looks in Kerberos. --- spec/requests/jwt_controller_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'spec/requests/jwt_controller_spec.rb') diff --git a/spec/requests/jwt_controller_spec.rb b/spec/requests/jwt_controller_spec.rb index c995993a853..d2d4a9eca18 100644 --- a/spec/requests/jwt_controller_spec.rb +++ b/spec/requests/jwt_controller_spec.rb @@ -44,7 +44,7 @@ describe JwtController do let(:user) { create(:user) } let(:headers) { { authorization: credentials('user', 'password') } } - before { expect(Gitlab::Auth).to receive(:find_in_gitlab_or_ldap).with('user', 'password').and_return(user) } + before { expect(Gitlab::Auth).to receive(:find_with_user_password).with('user', 'password').and_return(user) } subject! { get '/jwt/auth', parameters, headers } -- cgit v1.2.1