diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-06-20 14:10:13 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-06-20 14:10:13 +0300 |
commit | 0ea3fcec397b69815975647f5e2aa5fe944a8486 (patch) | |
tree | 7979381b89d26011bcf9bdc989a40fcc2f1ed4ff /spec/requests/api/internal | |
parent | 72123183a20411a36d607d70b12d57c484394c8e (diff) |
Add latest changes from gitlab-org/gitlab@15-1-stable-eev15.1.0-rc42
Diffstat (limited to 'spec/requests/api/internal')
-rw-r--r-- | spec/requests/api/internal/base_spec.rb | 58 | ||||
-rw-r--r-- | spec/requests/api/internal/mail_room_spec.rb | 53 | ||||
-rw-r--r-- | spec/requests/api/internal/workhorse_spec.rb | 42 |
3 files changed, 151 insertions, 2 deletions
diff --git a/spec/requests/api/internal/base_spec.rb b/spec/requests/api/internal/base_spec.rb index acfe476a864..93e4e72f78f 100644 --- a/spec/requests/api/internal/base_spec.rb +++ b/spec/requests/api/internal/base_spec.rb @@ -51,6 +51,64 @@ RSpec.describe API::Internal::Base do end end + describe 'GET /internal/error_tracking_allowed' do + let_it_be(:project) { create(:project) } + + let(:params) { { project_id: project.id, public_key: 'key' } } + + context 'when the secret header is missing' do + it 'responds with unauthorized entity' do + post api("/internal/error_tracking_allowed"), params: params + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + + context 'when some params are missing' do + it 'responds with unprocessable entity' do + post api("/internal/error_tracking_allowed"), params: params.except(:public_key), + headers: { API::Helpers::GITLAB_SHARED_SECRET_HEADER => Base64.encode64(secret_token) } + + expect(response).to have_gitlab_http_status(:unprocessable_entity) + end + end + + context 'when the error tracking is disabled' do + it 'returns enabled: false' do + create(:error_tracking_client_key, project: project, active: false) + + post api("/internal/error_tracking_allowed"), params: params, + headers: { API::Helpers::GITLAB_SHARED_SECRET_HEADER => Base64.encode64(secret_token) } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to eq({ 'enabled' => false }) + end + + context 'when the error tracking record does not exist' do + it 'returns enabled: false' do + post api("/internal/error_tracking_allowed"), params: params, + headers: { API::Helpers::GITLAB_SHARED_SECRET_HEADER => Base64.encode64(secret_token) } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to eq({ 'enabled' => false }) + end + end + end + + context 'when the error tracking is enabled' do + it 'returns enabled: true' do + client_key = create(:error_tracking_client_key, project: project, active: true) + params[:public_key] = client_key.public_key + + post api("/internal/error_tracking_allowed"), params: params, + headers: { API::Helpers::GITLAB_SHARED_SECRET_HEADER => Base64.encode64(secret_token) } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to eq({ 'enabled' => true }) + end + end + end + describe 'GET /internal/two_factor_recovery_codes' do let(:key_id) { key.id } diff --git a/spec/requests/api/internal/mail_room_spec.rb b/spec/requests/api/internal/mail_room_spec.rb index 67ea617f90d..a0a9c1f9cb3 100644 --- a/spec/requests/api/internal/mail_room_spec.rb +++ b/spec/requests/api/internal/mail_room_spec.rb @@ -33,7 +33,7 @@ RSpec.describe API::Internal::MailRoom do let(:incoming_email_secret) { 'incoming_email_secret' } let(:service_desk_email_secret) { 'service_desk_email_secret' } - let(:email_content) { fixture_file("emails/commands_in_reply.eml") } + let(:email_content) { fixture_file("emails/service_desk_reply.eml") } before do allow(Gitlab::MailRoom::Authenticator).to receive(:secret).with(:incoming_email).and_return(incoming_email_secret) @@ -117,7 +117,7 @@ RSpec.describe API::Internal::MailRoom do email = ActionMailer::Base.deliveries.last expect(email).not_to be_nil - expect(email.to).to match_array(["jake@adventuretime.ooo"]) + expect(email.to).to match_array(["alan@adventuretime.ooo"]) expect(email.subject).to include("Rejected") expect(email.body.parts.last.to_s).to include("We couldn't process your email") end @@ -190,5 +190,54 @@ RSpec.describe API::Internal::MailRoom do expect(response).to have_gitlab_http_status(:unauthorized) end end + + context 'handle invalid utf-8 email content' do + let(:email_content) do + File.open(expand_fixture_path("emails/service_desk_reply_illegal_utf8.eml"), "r:SHIFT_JIS") { |f| f.read } + end + + let(:encoded_email_content) { Gitlab::EncodingHelper.encode_utf8(email_content) } + let(:auth_headers) do + jwt_token = JWT.encode(auth_payload, incoming_email_secret, 'HS256') + { Gitlab::MailRoom::INTERNAL_API_REQUEST_HEADER => jwt_token } + end + + it 'schedules a EmailReceiverWorker job with email content encoded to utf-8 forcefully' do + Sidekiq::Testing.fake! do + expect do + post api("/internal/mail_room/incoming_email"), headers: auth_headers, params: email_content + end.to change { EmailReceiverWorker.jobs.size }.by(1) + end + + expect(response).to have_gitlab_http_status(:ok) + + job = EmailReceiverWorker.jobs.last + expect(job).to match a_hash_including('args' => [encoded_email_content]) + end + end + + context 'handle text/plain request content type' do + let(:auth_headers) do + jwt_token = JWT.encode(auth_payload, incoming_email_secret, 'HS256') + { + Gitlab::MailRoom::INTERNAL_API_REQUEST_HEADER => jwt_token, + 'Content-Type' => 'text/plain' + } + end + + it 'schedules a EmailReceiverWorker job with email content encoded to utf-8 forcefully' do + Sidekiq::Testing.fake! do + expect do + post api("/internal/mail_room/incoming_email"), headers: auth_headers, params: email_content + end.to change { EmailReceiverWorker.jobs.size }.by(1) + end + + expect(response).to have_gitlab_http_status(:ok) + expect(response.content_type).to eql('application/json') + + job = EmailReceiverWorker.jobs.last + expect(job).to match a_hash_including('args' => [email_content]) + end + end end end diff --git a/spec/requests/api/internal/workhorse_spec.rb b/spec/requests/api/internal/workhorse_spec.rb new file mode 100644 index 00000000000..d40c14cc0fd --- /dev/null +++ b/spec/requests/api/internal/workhorse_spec.rb @@ -0,0 +1,42 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe API::Internal::Workhorse, :allow_forgery_protection do + include WorkhorseHelpers + + context '/authorize_upload' do + let_it_be(:user) { create(:user) } + + let(:headers) { {} } + + subject { post(api('/internal/workhorse/authorize_upload'), headers: headers) } + + def expect_status(status) + subject + expect(response).to have_gitlab_http_status(status) + end + + context 'without workhorse internal header' do + it { expect_status(:forbidden) } + end + + context 'with workhorse internal header' do + let(:headers) { workhorse_internal_api_request_header } + + it { expect_status(:unauthorized) } + + context 'as a logged in user' do + before do + login_as(user) + end + + it { expect_status(:success) } + it 'returns the temp upload path' do + subject + expect(json_response['TempPath']).to eq(Rails.root.join('tmp/tests/public/uploads/tmp').to_s) + end + end + end + end +end |