diff options
author | Tuomo Ala-Vannesluoma <tuomoav@gmail.com> | 2018-10-05 16:41:11 +0300 |
---|---|---|
committer | Nick Thomas <nick@gitlab.com> | 2018-10-05 16:41:11 +0300 |
commit | c84b60b1645950a30fdbc37c9065a200dc750d90 (patch) | |
tree | 76d523f37481fa1422f63e96e2a1777d48060b9c /spec/requests/api/pages | |
parent | c972f2e459a6b45852a3d4e76566cdf772a6764a (diff) |
Make GitLab pages support access control
Diffstat (limited to 'spec/requests/api/pages')
-rw-r--r-- | spec/requests/api/pages/internal_access_spec.rb | 88 | ||||
-rw-r--r-- | spec/requests/api/pages/private_access_spec.rb | 88 | ||||
-rw-r--r-- | spec/requests/api/pages/public_access_spec.rb | 88 |
3 files changed, 264 insertions, 0 deletions
diff --git a/spec/requests/api/pages/internal_access_spec.rb b/spec/requests/api/pages/internal_access_spec.rb new file mode 100644 index 00000000000..c41eabe0a48 --- /dev/null +++ b/spec/requests/api/pages/internal_access_spec.rb @@ -0,0 +1,88 @@ +require 'spec_helper' + +describe "Internal Project Pages Access" do + using RSpec::Parameterized::TableSyntax + include AccessMatchers + + set(:group) { create(:group) } + set(:project) { create(:project, :internal, pages_access_level: ProjectFeature::ENABLED, namespace: group) } + + set(:admin) { create(:admin) } + set(:owner) { create(:user) } + set(:master) { create(:user) } + set(:developer) { create(:user) } + set(:reporter) { create(:user) } + set(:guest) { create(:user) } + set(:user) { create(:user) } + + before do + allow(Gitlab.config.pages).to receive(:access_control).and_return(true) + group.add_owner(owner) + project.add_master(master) + project.add_developer(developer) + project.add_reporter(reporter) + project.add_guest(guest) + end + + describe "Project should be internal" do + describe '#internal?' do + subject { project.internal? } + it { is_expected.to be_truthy } + end + end + + describe "GET /projects/:id/pages_access" do + context 'access depends on the level' do + where(:pages_access_level, :with_user, :expected_result) do + ProjectFeature::DISABLED | "admin" | 403 + ProjectFeature::DISABLED | "owner" | 403 + ProjectFeature::DISABLED | "master" | 403 + ProjectFeature::DISABLED | "developer" | 403 + ProjectFeature::DISABLED | "reporter" | 403 + ProjectFeature::DISABLED | "guest" | 403 + ProjectFeature::DISABLED | "user" | 403 + ProjectFeature::DISABLED | nil | 404 + ProjectFeature::PUBLIC | "admin" | 200 + ProjectFeature::PUBLIC | "owner" | 200 + ProjectFeature::PUBLIC | "master" | 200 + ProjectFeature::PUBLIC | "developer" | 200 + ProjectFeature::PUBLIC | "reporter" | 200 + ProjectFeature::PUBLIC | "guest" | 200 + ProjectFeature::PUBLIC | "user" | 200 + ProjectFeature::PUBLIC | nil | 404 + ProjectFeature::ENABLED | "admin" | 200 + ProjectFeature::ENABLED | "owner" | 200 + ProjectFeature::ENABLED | "master" | 200 + ProjectFeature::ENABLED | "developer" | 200 + ProjectFeature::ENABLED | "reporter" | 200 + ProjectFeature::ENABLED | "guest" | 200 + ProjectFeature::ENABLED | "user" | 200 + ProjectFeature::ENABLED | nil | 404 + ProjectFeature::PRIVATE | "admin" | 200 + ProjectFeature::PRIVATE | "owner" | 200 + ProjectFeature::PRIVATE | "master" | 200 + ProjectFeature::PRIVATE | "developer" | 200 + ProjectFeature::PRIVATE | "reporter" | 200 + ProjectFeature::PRIVATE | "guest" | 200 + ProjectFeature::PRIVATE | "user" | 403 + ProjectFeature::PRIVATE | nil | 404 + end + + with_them do + before do + project.project_feature.update(pages_access_level: pages_access_level) + end + it "correct return value" do + if !with_user.nil? + user = public_send(with_user) + get api("/projects/#{project.id}/pages_access", user) + else + get api("/projects/#{project.id}/pages_access") + end + + expect(response).to have_gitlab_http_status(expected_result) + end + end + end + end +end diff --git a/spec/requests/api/pages/private_access_spec.rb b/spec/requests/api/pages/private_access_spec.rb new file mode 100644 index 00000000000..d69c15b0477 --- /dev/null +++ b/spec/requests/api/pages/private_access_spec.rb @@ -0,0 +1,88 @@ +require 'spec_helper' + +describe "Private Project Pages Access" do + using RSpec::Parameterized::TableSyntax + include AccessMatchers + + set(:group) { create(:group) } + set(:project) { create(:project, :private, pages_access_level: ProjectFeature::ENABLED, namespace: group) } + + set(:admin) { create(:admin) } + set(:owner) { create(:user) } + set(:master) { create(:user) } + set(:developer) { create(:user) } + set(:reporter) { create(:user) } + set(:guest) { create(:user) } + set(:user) { create(:user) } + + before do + allow(Gitlab.config.pages).to receive(:access_control).and_return(true) + group.add_owner(owner) + project.add_master(master) + project.add_developer(developer) + project.add_reporter(reporter) + project.add_guest(guest) + end + + describe "Project should be private" do + describe '#private?' do + subject { project.private? } + it { is_expected.to be_truthy } + end + end + + describe "GET /projects/:id/pages_access" do + context 'access depends on the level' do + where(:pages_access_level, :with_user, :expected_result) do + ProjectFeature::DISABLED | "admin" | 403 + ProjectFeature::DISABLED | "owner" | 403 + ProjectFeature::DISABLED | "master" | 403 + ProjectFeature::DISABLED | "developer" | 403 + ProjectFeature::DISABLED | "reporter" | 403 + ProjectFeature::DISABLED | "guest" | 403 + ProjectFeature::DISABLED | "user" | 404 + ProjectFeature::DISABLED | nil | 404 + ProjectFeature::PUBLIC | "admin" | 200 + ProjectFeature::PUBLIC | "owner" | 200 + ProjectFeature::PUBLIC | "master" | 200 + ProjectFeature::PUBLIC | "developer" | 200 + ProjectFeature::PUBLIC | "reporter" | 200 + ProjectFeature::PUBLIC | "guest" | 200 + ProjectFeature::PUBLIC | "user" | 404 + ProjectFeature::PUBLIC | nil | 404 + ProjectFeature::ENABLED | "admin" | 200 + ProjectFeature::ENABLED | "owner" | 200 + ProjectFeature::ENABLED | "master" | 200 + ProjectFeature::ENABLED | "developer" | 200 + ProjectFeature::ENABLED | "reporter" | 200 + ProjectFeature::ENABLED | "guest" | 200 + ProjectFeature::ENABLED | "user" | 404 + ProjectFeature::ENABLED | nil | 404 + ProjectFeature::PRIVATE | "admin" | 200 + ProjectFeature::PRIVATE | "owner" | 200 + ProjectFeature::PRIVATE | "master" | 200 + ProjectFeature::PRIVATE | "developer" | 200 + ProjectFeature::PRIVATE | "reporter" | 200 + ProjectFeature::PRIVATE | "guest" | 200 + ProjectFeature::PRIVATE | "user" | 404 + ProjectFeature::PRIVATE | nil | 404 + end + + with_them do + before do + project.project_feature.update(pages_access_level: pages_access_level) + end + it "correct return value" do + if !with_user.nil? + user = public_send(with_user) + get api("/projects/#{project.id}/pages_access", user) + else + get api("/projects/#{project.id}/pages_access") + end + + expect(response).to have_gitlab_http_status(expected_result) + end + end + end + end +end diff --git a/spec/requests/api/pages/public_access_spec.rb b/spec/requests/api/pages/public_access_spec.rb new file mode 100644 index 00000000000..882ca26ac51 --- /dev/null +++ b/spec/requests/api/pages/public_access_spec.rb @@ -0,0 +1,88 @@ +require 'spec_helper' + +describe "Public Project Pages Access" do + using RSpec::Parameterized::TableSyntax + include AccessMatchers + + set(:group) { create(:group) } + set(:project) { create(:project, :public, pages_access_level: ProjectFeature::ENABLED, namespace: group) } + + set(:admin) { create(:admin) } + set(:owner) { create(:user) } + set(:master) { create(:user) } + set(:developer) { create(:user) } + set(:reporter) { create(:user) } + set(:guest) { create(:user) } + set(:user) { create(:user) } + + before do + allow(Gitlab.config.pages).to receive(:access_control).and_return(true) + group.add_owner(owner) + project.add_master(master) + project.add_developer(developer) + project.add_reporter(reporter) + project.add_guest(guest) + end + + describe "Project should be public" do + describe '#public?' do + subject { project.public? } + it { is_expected.to be_truthy } + end + end + + describe "GET /projects/:id/pages_access" do + context 'access depends on the level' do + where(:pages_access_level, :with_user, :expected_result) do + ProjectFeature::DISABLED | "admin" | 403 + ProjectFeature::DISABLED | "owner" | 403 + ProjectFeature::DISABLED | "master" | 403 + ProjectFeature::DISABLED | "developer" | 403 + ProjectFeature::DISABLED | "reporter" | 403 + ProjectFeature::DISABLED | "guest" | 403 + ProjectFeature::DISABLED | "user" | 403 + ProjectFeature::DISABLED | nil | 403 + ProjectFeature::PUBLIC | "admin" | 200 + ProjectFeature::PUBLIC | "owner" | 200 + ProjectFeature::PUBLIC | "master" | 200 + ProjectFeature::PUBLIC | "developer" | 200 + ProjectFeature::PUBLIC | "reporter" | 200 + ProjectFeature::PUBLIC | "guest" | 200 + ProjectFeature::PUBLIC | "user" | 200 + ProjectFeature::PUBLIC | nil | 200 + ProjectFeature::ENABLED | "admin" | 200 + ProjectFeature::ENABLED | "owner" | 200 + ProjectFeature::ENABLED | "master" | 200 + ProjectFeature::ENABLED | "developer" | 200 + ProjectFeature::ENABLED | "reporter" | 200 + ProjectFeature::ENABLED | "guest" | 200 + ProjectFeature::ENABLED | "user" | 200 + ProjectFeature::ENABLED | nil | 200 + ProjectFeature::PRIVATE | "admin" | 200 + ProjectFeature::PRIVATE | "owner" | 200 + ProjectFeature::PRIVATE | "master" | 200 + ProjectFeature::PRIVATE | "developer" | 200 + ProjectFeature::PRIVATE | "reporter" | 200 + ProjectFeature::PRIVATE | "guest" | 200 + ProjectFeature::PRIVATE | "user" | 403 + ProjectFeature::PRIVATE | nil | 403 + end + + with_them do + before do + project.project_feature.update(pages_access_level: pages_access_level) + end + it "correct return value" do + if !with_user.nil? + user = public_send(with_user) + get api("/projects/#{project.id}/pages_access", user) + else + get api("/projects/#{project.id}/pages_access") + end + + expect(response).to have_gitlab_http_status(expected_result) + end + end + end + end +end |