diff options
| author | Ahmad Sherif <me@ahmadsherif.com> | 2019-07-22 17:56:40 +0300 |
|---|---|---|
| committer | Ahmad Sherif <me@ahmadsherif.com> | 2019-09-10 14:43:11 +0300 |
| commit | 3c2b4a1cede956d5160ccf08d0a561bf31248161 (patch) | |
| tree | 9462f59d477ffe7ac1eee0fe56cf9f343b568d1f /spec/lib/gitlab/auth | |
| parent | f7e7ee713aa21874bf6810d01976c2b5342c0995 (diff) | |
Enable serving static objects from an external storage
It consists of two parts:
1. Redirecting users to the configured external storage
1. Allowing the external storage to request the static object(s)
on behalf of the user by means of specific tokens
Part of https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/6829
Diffstat (limited to 'spec/lib/gitlab/auth')
| -rw-r--r-- | spec/lib/gitlab/auth/user_auth_finders_spec.rb | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/spec/lib/gitlab/auth/user_auth_finders_spec.rb b/spec/lib/gitlab/auth/user_auth_finders_spec.rb index 41265da97a4..dd8070c1240 100644 --- a/spec/lib/gitlab/auth/user_auth_finders_spec.rb +++ b/spec/lib/gitlab/auth/user_auth_finders_spec.rb @@ -115,6 +115,60 @@ describe Gitlab::Auth::UserAuthFinders do end end + describe '#find_user_from_static_object_token' do + context 'when request format is archive' do + before do + env['SCRIPT_NAME'] = 'project/-/archive/master.zip' + end + + context 'when token header param is present' do + context 'when token is correct' do + it 'returns the user' do + request.headers['X-Gitlab-Static-Object-Token'] = user.static_object_token + + expect(find_user_from_static_object_token(:archive)).to eq(user) + end + end + + context 'when token is incorrect' do + it 'returns the user' do + request.headers['X-Gitlab-Static-Object-Token'] = 'foobar' + + expect { find_user_from_static_object_token(:archive) }.to raise_error(Gitlab::Auth::UnauthorizedError) + end + end + end + + context 'when token query param is present' do + context 'when token is correct' do + it 'returns the user' do + set_param(:token, user.static_object_token) + + expect(find_user_from_static_object_token(:archive)).to eq(user) + end + end + + context 'when token is incorrect' do + it 'returns the user' do + set_param(:token, 'foobar') + + expect { find_user_from_static_object_token(:archive) }.to raise_error(Gitlab::Auth::UnauthorizedError) + end + end + end + end + + context 'when request format is not archive' do + before do + env['script_name'] = 'url' + end + + it 'returns nil' do + expect(find_user_from_static_object_token(:foo)).to be_nil + end + end + end + describe '#find_user_from_access_token' do let(:personal_access_token) { create(:personal_access_token, user: user) } |