diff options
| author | Imre Farkas <ifarkas@gitlab.com> | 2019-04-05 14:45:47 +0300 |
|---|---|---|
| committer | Andreas Brandl <abrandl@gitlab.com> | 2019-04-05 14:45:47 +0300 |
| commit | d9d7237d2ebf101ca35ed8ba2740e7c7093437ea (patch) | |
| tree | 419b0af4bc8de6de5888feec4f502bcc468df400 /spec/controllers/concerns/project_unauthorized_spec.rb | |
| parent | 30fa3cbdb74df2dfeebb2929a10dd301a0dde55e (diff) | |
Move Contribution Analytics related spec in spec/features/groups/group_page_with_external_authorization_service_spec to EE
Diffstat (limited to 'spec/controllers/concerns/project_unauthorized_spec.rb')
| -rw-r--r-- | spec/controllers/concerns/project_unauthorized_spec.rb | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/spec/controllers/concerns/project_unauthorized_spec.rb b/spec/controllers/concerns/project_unauthorized_spec.rb new file mode 100644 index 00000000000..90b59b027cf --- /dev/null +++ b/spec/controllers/concerns/project_unauthorized_spec.rb @@ -0,0 +1,51 @@ +require 'spec_helper' + +describe ProjectUnauthorized do + include ExternalAuthorizationServiceHelpers + let(:user) { create(:user) } + + before do + sign_in user + end + + render_views + + describe '#project_unauthorized_proc' do + controller(::Projects::ApplicationController) do + def show + head :ok + end + end + + let(:project) { create(:project) } + + before do + project.add_developer(user) + end + + it 'renders a 200 when the service allows access to the project' do + external_service_allow_access(user, project) + + get :show, params: { namespace_id: project.namespace.to_param, id: project.to_param } + + expect(response).to have_gitlab_http_status(200) + end + + it 'renders a 403 when the service denies access to the project' do + external_service_deny_access(user, project) + + get :show, params: { namespace_id: project.namespace.to_param, id: project.to_param } + + expect(response).to have_gitlab_http_status(403) + expect(response.body).to match("External authorization denied access to this project") + end + + it 'renders a 404 when the user cannot see the project at all' do + other_project = create(:project, :private) + + get :show, params: { namespace_id: other_project.namespace.to_param, id: other_project.to_param } + + expect(response).to have_gitlab_http_status(404) + end + end +end |