diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-07-20 15:26:25 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-07-20 15:26:25 +0300 |
| commit | a09983ae35713f5a2bbb100981116d31ce99826e (patch) | |
| tree | 2ee2af7bd104d57086db360a7e6d8c9d5d43667a /spec/requests/api/snippets_spec.rb | |
| parent | 18c5ab32b738c0b6ecb4d0df3994000482f34bd8 (diff) | |
Add latest changes from gitlab-org/gitlab@13-2-stable-ee
Diffstat (limited to 'spec/requests/api/snippets_spec.rb')
| -rw-r--r-- | spec/requests/api/snippets_spec.rb | 156 |
1 files changed, 96 insertions, 60 deletions
diff --git a/spec/requests/api/snippets_spec.rb b/spec/requests/api/snippets_spec.rb index c12c95ae2e0..e676eb94337 100644 --- a/spec/requests/api/snippets_spec.rb +++ b/spec/requests/api/snippets_spec.rb @@ -2,14 +2,16 @@ require 'spec_helper' -describe API::Snippets do +RSpec.describe API::Snippets do + include SnippetHelpers + let_it_be(:user) { create(:user) } describe 'GET /snippets/' do it 'returns snippets available' do - public_snippet = create(:personal_snippet, :public, author: user) - private_snippet = create(:personal_snippet, :private, author: user) - internal_snippet = create(:personal_snippet, :internal, author: user) + public_snippet = create(:personal_snippet, :repository, :public, author: user) + private_snippet = create(:personal_snippet, :repository, :private, author: user) + internal_snippet = create(:personal_snippet, :repository, :internal, author: user) get api("/snippets/", user) @@ -22,6 +24,7 @@ describe API::Snippets do private_snippet.id) expect(json_response.last).to have_key('web_url') expect(json_response.last).to have_key('raw_url') + expect(json_response.last).to have_key('files') expect(json_response.last).to have_key('visibility') end @@ -59,32 +62,33 @@ describe API::Snippets do end describe 'GET /snippets/public' do - let!(:other_user) { create(:user) } - let!(:public_snippet) { create(:personal_snippet, :public, author: user) } - let!(:private_snippet) { create(:personal_snippet, :private, author: user) } - let!(:internal_snippet) { create(:personal_snippet, :internal, author: user) } - let!(:public_snippet_other) { create(:personal_snippet, :public, author: other_user) } - let!(:private_snippet_other) { create(:personal_snippet, :private, author: other_user) } - let!(:internal_snippet_other) { create(:personal_snippet, :internal, author: other_user) } - let!(:public_snippet_project) { create(:project_snippet, :public, author: user) } - let!(:private_snippet_project) { create(:project_snippet, :private, author: user) } - let!(:internal_snippet_project) { create(:project_snippet, :internal, author: user) } + let_it_be(:other_user) { create(:user) } + let_it_be(:public_snippet) { create(:personal_snippet, :repository, :public, author: user) } + let_it_be(:private_snippet) { create(:personal_snippet, :repository, :private, author: user) } + let_it_be(:internal_snippet) { create(:personal_snippet, :repository, :internal, author: user) } + let_it_be(:public_snippet_other) { create(:personal_snippet, :repository, :public, author: other_user) } + let_it_be(:private_snippet_other) { create(:personal_snippet, :repository, :private, author: other_user) } + let_it_be(:internal_snippet_other) { create(:personal_snippet, :repository, :internal, author: other_user) } + let_it_be(:public_snippet_project) { create(:project_snippet, :repository, :public, author: user) } + let_it_be(:private_snippet_project) { create(:project_snippet, :repository, :private, author: user) } + let_it_be(:internal_snippet_project) { create(:project_snippet, :repository, :internal, author: user) } it 'returns all snippets with public visibility from all users' do get api("/snippets/public", user) - expect(response).to have_gitlab_http_status(:ok) - expect(response).to include_pagination_headers - expect(json_response).to be_an Array - expect(json_response.map { |snippet| snippet['id']} ).to contain_exactly( - public_snippet.id, - public_snippet_other.id) - expect(json_response.map { |snippet| snippet['web_url']} ).to contain_exactly( - "http://localhost/snippets/#{public_snippet.id}", - "http://localhost/snippets/#{public_snippet_other.id}") - expect(json_response.map { |snippet| snippet['raw_url']} ).to contain_exactly( - "http://localhost/snippets/#{public_snippet.id}/raw", - "http://localhost/snippets/#{public_snippet_other.id}/raw") + aggregate_failures do + expect(response).to have_gitlab_http_status(:ok) + expect(response).to include_pagination_headers + expect(json_response).to be_an Array + expect(json_response.map { |snippet| snippet['id']} ).to contain_exactly( + public_snippet.id, + public_snippet_other.id) + expect(json_response.map { |snippet| snippet['web_url']} ).to contain_exactly( + "http://localhost/snippets/#{public_snippet.id}", + "http://localhost/snippets/#{public_snippet_other.id}") + expect(json_response[0]['files'].first).to eq snippet_blob_file(public_snippet_other.blobs.first) + expect(json_response[1]['files'].first).to eq snippet_blob_file(public_snippet.blobs.first) + end end end @@ -102,13 +106,8 @@ describe API::Snippets do get api("/snippets/#{snippet.id}/raw", author) expect(response).to have_gitlab_http_status(:ok) - expect(response.content_type).to eq 'text/plain' - end - - it 'forces attachment content disposition' do - get api("/snippets/#{snippet.id}/raw", author) - - expect(headers['Content-Disposition']).to match(/^attachment/) + expect(response.media_type).to eq 'text/plain' + expect(headers['Content-Disposition']).to match(/^inline/) end it 'returns 404 for invalid snippet id' do @@ -141,56 +140,88 @@ describe API::Snippets do end end + describe 'GET /snippets/:id/files/:ref/:file_path/raw' do + let_it_be(:snippet) { create(:personal_snippet, :repository, :private) } + + it_behaves_like 'raw snippet files' do + let(:api_path) { "/snippets/#{snippet_id}/files/#{ref}/#{file_path}/raw" } + end + end + describe 'GET /snippets/:id' do let_it_be(:admin) { create(:user, :admin) } let_it_be(:author) { create(:user) } let_it_be(:private_snippet) { create(:personal_snippet, :repository, :private, author: author) } let_it_be(:internal_snippet) { create(:personal_snippet, :repository, :internal, author: author) } + let(:snippet) { private_snippet } - it 'requires authentication' do - get api("/snippets/#{private_snippet.id}", nil) + subject { get api("/snippets/#{snippet.id}", user) } - expect(response).to have_gitlab_http_status(:unauthorized) + it 'hides private snippets from an ordinary user' do + subject + + expect(response).to have_gitlab_http_status(:not_found) end - it 'returns snippet json' do - get api("/snippets/#{private_snippet.id}", author) + context 'without a user' do + let(:user) { nil } - expect(response).to have_gitlab_http_status(:ok) + it 'requires authentication' do + subject - expect(json_response['title']).to eq(private_snippet.title) - expect(json_response['description']).to eq(private_snippet.description) - expect(json_response['file_name']).to eq(private_snippet.file_name_on_repo) - expect(json_response['visibility']).to eq(private_snippet.visibility) - expect(json_response['ssh_url_to_repo']).to eq(private_snippet.ssh_url_to_repo) - expect(json_response['http_url_to_repo']).to eq(private_snippet.http_url_to_repo) + expect(response).to have_gitlab_http_status(:unauthorized) + end end - it 'shows private snippets to an admin' do - get api("/snippets/#{private_snippet.id}", admin) + context 'with the author' do + let(:user) { author } - expect(response).to have_gitlab_http_status(:ok) - end + it 'returns snippet json' do + subject - it 'hides private snippets from an ordinary user' do - get api("/snippets/#{private_snippet.id}", user) + expect(response).to have_gitlab_http_status(:ok) - expect(response).to have_gitlab_http_status(:not_found) + expect(json_response['title']).to eq(private_snippet.title) + expect(json_response['description']).to eq(private_snippet.description) + expect(json_response['file_name']).to eq(private_snippet.file_name_on_repo) + expect(json_response['files']).to eq(private_snippet.blobs.map { |blob| snippet_blob_file(blob) }) + expect(json_response['visibility']).to eq(private_snippet.visibility) + expect(json_response['ssh_url_to_repo']).to eq(private_snippet.ssh_url_to_repo) + expect(json_response['http_url_to_repo']).to eq(private_snippet.http_url_to_repo) + end end - it 'shows internal snippets to an ordinary user' do - get api("/snippets/#{internal_snippet.id}", user) + context 'with an admin' do + let(:user) { admin } - expect(response).to have_gitlab_http_status(:ok) + it 'shows private snippets to an admin' do + subject + + expect(response).to have_gitlab_http_status(:ok) + end + + it 'returns 404 for invalid snippet id' do + private_snippet.destroy + + subject + + expect(response).to have_gitlab_http_status(:not_found) + expect(json_response['message']).to eq('404 Snippet Not Found') + end end - it 'returns 404 for invalid snippet id' do - private_snippet.destroy + context 'with an internal snippet' do + let(:snippet) { internal_snippet } - get api("/snippets/#{private_snippet.id}", admin) + it 'shows internal snippets to an ordinary user' do + subject - expect(response).to have_gitlab_http_status(:not_found) - expect(json_response['message']).to eq('404 Snippet Not Found') + expect(response).to have_gitlab_http_status(:ok) + end + end + + it_behaves_like 'snippet_multiple_files feature disabled' do + let(:user) { author } end end @@ -221,6 +252,7 @@ describe API::Snippets do expect(json_response['title']).to eq(params[:title]) expect(json_response['description']).to eq(params[:description]) expect(json_response['file_name']).to eq(params[:file_name]) + expect(json_response['files']).to eq(snippet.blobs.map { |blob| snippet_blob_file(blob) }) expect(json_response['visibility']).to eq(params[:visibility]) end @@ -251,6 +283,10 @@ describe API::Snippets do it_behaves_like 'snippet creation' + it_behaves_like 'snippet_multiple_files feature disabled' do + let(:snippet) { Snippet.find(json_response["id"]) } + end + context 'with an external user' do let(:user) { create(:user, :external) } |