diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-31 21:17:06 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-31 21:17:06 +0300 |
| commit | 4747b1ebc408204ff9ac4e6b9afa1d97fcf8c91a (patch) | |
| tree | 1a7cf972d18990f46fadee34dae9676b7016f7c9 /spec/requests/api/protected_branches_spec.rb | |
| parent | ccab6fb4df8bc12220334618e56d911c4d0e447c (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/requests/api/protected_branches_spec.rb')
| -rw-r--r-- | spec/requests/api/protected_branches_spec.rb | 100 |
1 files changed, 78 insertions, 22 deletions
diff --git a/spec/requests/api/protected_branches_spec.rb b/spec/requests/api/protected_branches_spec.rb index 463893afd13..622e57edf6a 100644 --- a/spec/requests/api/protected_branches_spec.rb +++ b/spec/requests/api/protected_branches_spec.rb @@ -5,6 +5,7 @@ require 'spec_helper' RSpec.describe API::ProtectedBranches, feature_category: :source_code_management do let_it_be_with_reload(:project) { create(:project, :repository) } let_it_be(:maintainer) { create(:user) } + let_it_be(:developer) { create(:user) } let_it_be(:guest) { create(:user) } let(:protected_name) { 'feature' } @@ -16,12 +17,14 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management before_all do project.add_maintainer(maintainer) + project.add_developer(developer) project.add_guest(guest) end describe "GET /projects/:id/protected_branches" do let(:params) { {} } let(:route) { "/projects/#{project.id}/protected_branches" } + let(:expected_branch_names) { project.protected_branches.map { |x| x['name'] } } shared_examples_for 'protected branches' do it 'returns the protected branches' do @@ -39,9 +42,7 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management let(:user) { maintainer } context 'when search param is not present' do - it_behaves_like 'protected branches' do - let(:expected_branch_names) { project.protected_branches.map { |x| x['name'] } } - end + it_behaves_like 'protected branches' end context 'when search param is present' do @@ -53,6 +54,12 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management end end + context 'when authenticated as a developer' do + let(:user) { developer } + + it_behaves_like 'protected branches' + end + context 'when authenticated as a guest' do let(:user) { guest } @@ -105,6 +112,12 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management end end + context 'when authenticated as a developer' do + let(:user) { developer } + + it_behaves_like 'protected branch' + end + context 'when authenticated as a guest' do let(:user) { guest } @@ -243,10 +256,20 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management end end + context 'when authenticated as a developer' do + let(:user) { developer } + + it "returns a 403 error" do + post post_endpoint, params: { name: branch_name } + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + context 'when authenticated as a guest' do let(:user) { guest } - it "returns a 403 error if guest" do + it "returns a 403 error" do post post_endpoint, params: { name: branch_name } expect(response).to have_gitlab_http_status(:forbidden) @@ -295,6 +318,16 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management end end + context 'when authenticated as a developer' do + let(:user) { developer } + + it "returns a 403 error" do + patch api(route, user), params: { allow_force_push: true } + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + context 'when authenticated as a guest' do let(:user) { guest } @@ -307,42 +340,65 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management end describe "DELETE /projects/:id/protected_branches/unprotect/:branch" do - let(:user) { maintainer } let(:delete_endpoint) { api("/projects/#{project.id}/protected_branches/#{branch_name}", user) } - it "unprotects a single branch" do - delete delete_endpoint + context "when authenticated as a maintainer" do + let(:user) { maintainer } + + it "unprotects a single branch" do + delete delete_endpoint - expect(response).to have_gitlab_http_status(:no_content) - end + expect(response).to have_gitlab_http_status(:no_content) + end - it_behaves_like '412 response' do - let(:request) { delete_endpoint } - end + it_behaves_like '412 response' do + let(:request) { delete_endpoint } + end - it "returns 404 if branch does not exist" do - delete api("/projects/#{project.id}/protected_branches/barfoo", user) + it "returns 404 if branch does not exist" do + delete api("/projects/#{project.id}/protected_branches/barfoo", user) - expect(response).to have_gitlab_http_status(:not_found) + expect(response).to have_gitlab_http_status(:not_found) + end + + context 'when a policy restricts rule deletion' do + it "prevents deletion of the protected branch rule" do + disallow(:destroy_protected_branch, protected_branch) + + delete delete_endpoint + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + context 'when branch has a wildcard in its name' do + let(:protected_name) { 'feature*' } + + it "unprotects a wildcard branch" do + delete delete_endpoint + + expect(response).to have_gitlab_http_status(:no_content) + end + end end - context 'when a policy restricts rule deletion' do - it "prevents deletion of the protected branch rule" do - disallow(:destroy_protected_branch, protected_branch) + context 'when authenticated as a developer' do + let(:user) { developer } + it "returns a 403 error" do delete delete_endpoint expect(response).to have_gitlab_http_status(:forbidden) end end - context 'when branch has a wildcard in its name' do - let(:protected_name) { 'feature*' } + context 'when authenticated as a guest' do + let(:user) { guest } - it "unprotects a wildcard branch" do + it "returns a 403 error" do delete delete_endpoint - expect(response).to have_gitlab_http_status(:no_content) + expect(response).to have_gitlab_http_status(:forbidden) end end end |