diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-09-29 01:01:32 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-09-29 01:01:37 +0300 |
commit | cbc166ca72db07da07995c60bbbf4e83ba30699d (patch) | |
tree | 6c3f398e6be23b6e3c9aa03e1fe9579f815ebbe3 /spec/lib/bulk_imports | |
parent | 36c8a31d573bdd2edd4c87be63eb8dde20a79761 (diff) |
Add latest changes from gitlab-org/security/gitlab@15-4-stable-ee
Diffstat (limited to 'spec/lib/bulk_imports')
-rw-r--r-- | spec/lib/bulk_imports/projects/pipelines/repository_pipeline_spec.rb | 19 | ||||
-rw-r--r-- | spec/lib/bulk_imports/projects/pipelines/snippets_repository_pipeline_spec.rb | 20 |
2 files changed, 34 insertions, 5 deletions
diff --git a/spec/lib/bulk_imports/projects/pipelines/repository_pipeline_spec.rb b/spec/lib/bulk_imports/projects/pipelines/repository_pipeline_spec.rb index 38b22538e70..a968104fc91 100644 --- a/spec/lib/bulk_imports/projects/pipelines/repository_pipeline_spec.rb +++ b/spec/lib/bulk_imports/projects/pipelines/repository_pipeline_spec.rb @@ -20,8 +20,9 @@ RSpec.describe BulkImports::Projects::Pipelines::RepositoryPipeline do ) end - let_it_be(:tracker) { create(:bulk_import_tracker, entity: entity) } - let_it_be(:context) { BulkImports::Pipeline::Context.new(tracker) } + let_it_be_with_reload(:tracker) { create(:bulk_import_tracker, entity: entity) } + + let(:context) { BulkImports::Pipeline::Context.new(tracker) } let(:extracted_data) { BulkImports::Pipeline::ExtractedData.new(data: project_data) } @@ -61,7 +62,7 @@ RSpec.describe BulkImports::Projects::Pipelines::RepositoryPipeline do context 'blocked local networks' do let(:project_data) { { 'httpUrlToRepo' => 'http://localhost/foo.git' } } - it 'imports new repository into destination project' do + it 'prevents import' do allow(Gitlab.config.gitlab).to receive(:host).and_return('notlocalhost.gitlab.com') allow(Gitlab::CurrentSettings).to receive(:allow_local_requests_from_web_hooks_and_services?).and_return(false) @@ -70,6 +71,18 @@ RSpec.describe BulkImports::Projects::Pipelines::RepositoryPipeline do expect(context.entity.failed?).to eq(true) end end + + context 'when scheme is blocked' do + let(:project_data) { { 'httpUrlToRepo' => 'file://example/tmp/foo.git' } } + + it 'prevents import' do + pipeline.run + + expect(context.entity.failed?).to eq(true) + expect(context.entity.failures.first).to be_present + expect(context.entity.failures.first.exception_message).to eq('Only allowed schemes are http, https') + end + end end describe '#after_run' do diff --git a/spec/lib/bulk_imports/projects/pipelines/snippets_repository_pipeline_spec.rb b/spec/lib/bulk_imports/projects/pipelines/snippets_repository_pipeline_spec.rb index 4d12b49e2c0..dfd01cdf4bb 100644 --- a/spec/lib/bulk_imports/projects/pipelines/snippets_repository_pipeline_spec.rb +++ b/spec/lib/bulk_imports/projects/pipelines/snippets_repository_pipeline_spec.rb @@ -135,9 +135,25 @@ RSpec.describe BulkImports::Projects::Pipelines::SnippetsRepositoryPipeline do end context 'when url is invalid' do - let(:http_url_to_repo) { 'http://0.0.0.0' } + context 'when not a real URL' do + let(:http_url_to_repo) { 'http://0.0.0.0' } - it_behaves_like 'skippable snippet' + it_behaves_like 'skippable snippet' + end + + context 'when scheme is blocked' do + let(:http_url_to_repo) { 'file://example.com/foo/bar/snippets/42.git' } + + it_behaves_like 'skippable snippet' + + it 'logs the failure' do + pipeline.run + + expect(tracker.failed?).to eq(true) + expect(tracker.entity.failures.first).to be_present + expect(tracker.entity.failures.first.exception_message).to eq('Only allowed schemes are http, https') + end + end end context 'when snippet is invalid' do |