Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-06-16 21:10:35 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-06-16 21:10:35 +0300
commit: 3597fb6d337baab5847863feedc98b433fb4000c (patch)
tree: 7c2cf77f03fc2dc43af4198bdddc75221edacaac /spec/lib/gitlab/git_access_spec.rb
parent: ec4abad65d774cfc94110577589d44de5da825de (diff)
1 files changed, 23 insertions, 1 deletions
diff --git a/spec/lib/gitlab/git_access_spec.rb b/spec/lib/gitlab/git_access_spec.rb
index 96a44575e24..3ee0310a9a2 100644
--- a/spec/lib/gitlab/git_access_spec.rb
+++ b/spec/lib/gitlab/git_access_spec.rb
@@ -440,6 +440,14 @@ RSpec.describe Gitlab::GitAccess do
       expect { pull_access_check }.to raise_forbidden("Your password expired. Please access GitLab from a web browser to update your password.")
     end
 
+    it 'allows ldap users with expired password to pull' do
+      project.add_maintainer(user)
+      user.update!(password_expires_at: 2.minutes.ago)
+      allow(user).to receive(:ldap_user?).and_return(true)
+
+      expect { pull_access_check }.not_to raise_error
+    end
+
     context 'when the project repository does not exist' do
       before do
         project.add_guest(user)
@@ -979,12 +987,26 @@ RSpec.describe Gitlab::GitAccess do
       end
 
       it 'disallows users with expired password to push' do
-        project.add_maintainer(user)
         user.update!(password_expires_at: 2.minutes.ago)
 
         expect { push_access_check }.to raise_forbidden("Your password expired. Please access GitLab from a web browser to update your password.")
       end
 
+      it 'allows ldap users with expired password to push' do
+        user.update!(password_expires_at: 2.minutes.ago)
+        allow(user).to receive(:ldap_user?).and_return(true)
+
+        expect { push_access_check }.not_to raise_error
+      end
+
+      it 'disallows blocked ldap users with expired password to push' do
+        user.block
+        user.update!(password_expires_at: 2.minutes.ago)
+        allow(user).to receive(:ldap_user?).and_return(true)
+
+        expect { push_access_check }.to raise_forbidden("Your account has been blocked.")
+      end
+
       it 'cleans up the files' do
         expect(project.repository).to receive(:clean_stale_repository_files).and_call_original
         expect { push_access_check }.not_to raise_error
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-06-16 21:10:35 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-06-16 21:10:35 +0300
commit	3597fb6d337baab5847863feedc98b433fb4000c (patch)
tree	7c2cf77f03fc2dc43af4198bdddc75221edacaac /spec/lib/gitlab/git_access_spec.rb
parent	ec4abad65d774cfc94110577589d44de5da825de (diff)