diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-10 15:09:14 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-10 15:09:14 +0300 |
commit | 152b3268d701b54cac9b615a0e29e0e5726bfd99 (patch) | |
tree | deb2e10bd5aa7c5fd54988fb8bc2ca9ec819c0b2 /spec/requests/api | |
parent | 921173681c207356914a35ea3dca1afffeac8b05 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/requests/api')
-rw-r--r-- | spec/requests/api/composer_packages_spec.rb | 46 | ||||
-rw-r--r-- | spec/requests/api/oauth_tokens_spec.rb | 8 |
2 files changed, 51 insertions, 3 deletions
diff --git a/spec/requests/api/composer_packages_spec.rb b/spec/requests/api/composer_packages_spec.rb index 06d4a2c6017..30a831d24fd 100644 --- a/spec/requests/api/composer_packages_spec.rb +++ b/spec/requests/api/composer_packages_spec.rb @@ -222,6 +222,52 @@ RSpec.describe API::ComposerPackages do it_behaves_like 'rejects Composer access with unknown group id' end + describe 'GET /api/v4/group/:id/-/packages/composer/p2/*package_name.json' do + let(:package_name) { 'foobar' } + let(:url) { "/group/#{group.id}/-/packages/composer/p2/#{package_name}.json" } + + subject { get api(url), headers: headers } + + context 'with no packages' do + include_context 'Composer user type', :developer, true do + it_behaves_like 'returning response status', :not_found + end + end + + context 'with valid project' do + let!(:package) { create(:composer_package, :with_metadatum, name: package_name, project: project) } + + where(:project_visibility_level, :user_role, :member, :user_token, :shared_examples_name, :expected_status) do + 'PUBLIC' | :developer | true | true | 'Composer package api request' | :success + 'PUBLIC' | :developer | true | false | 'process Composer api request' | :unauthorized + 'PUBLIC' | :developer | false | true | 'Composer package api request' | :success + 'PUBLIC' | :developer | false | false | 'process Composer api request' | :unauthorized + 'PUBLIC' | :guest | true | true | 'Composer package api request' | :success + 'PUBLIC' | :guest | true | false | 'process Composer api request' | :unauthorized + 'PUBLIC' | :guest | false | true | 'Composer package api request' | :success + 'PUBLIC' | :guest | false | false | 'process Composer api request' | :unauthorized + 'PUBLIC' | :anonymous | false | true | 'Composer package api request' | :success + 'PRIVATE' | :developer | true | true | 'Composer package api request' | :success + 'PRIVATE' | :developer | true | false | 'process Composer api request' | :unauthorized + 'PRIVATE' | :developer | false | true | 'process Composer api request' | :not_found + 'PRIVATE' | :developer | false | false | 'process Composer api request' | :unauthorized + 'PRIVATE' | :guest | true | true | 'process Composer api request' | :not_found + 'PRIVATE' | :guest | true | false | 'process Composer api request' | :unauthorized + 'PRIVATE' | :guest | false | true | 'process Composer api request' | :not_found + 'PRIVATE' | :guest | false | false | 'process Composer api request' | :unauthorized + 'PRIVATE' | :anonymous | false | true | 'process Composer api request' | :not_found + end + + with_them do + include_context 'Composer api group access', params[:project_visibility_level], params[:user_role], params[:user_token] do + it_behaves_like params[:shared_examples_name], params[:user_role], params[:expected_status], params[:member] + end + end + end + + it_behaves_like 'rejects Composer access with unknown group id' + end + describe 'POST /api/v4/projects/:id/packages/composer' do let(:url) { "/projects/#{project.id}/packages/composer" } let(:params) { {} } diff --git a/spec/requests/api/oauth_tokens_spec.rb b/spec/requests/api/oauth_tokens_spec.rb index 52c7408545f..edadfbc3d0c 100644 --- a/spec/requests/api/oauth_tokens_spec.rb +++ b/spec/requests/api/oauth_tokens_spec.rb @@ -27,13 +27,13 @@ RSpec.describe 'OAuth tokens' do context 'when user does not have 2FA enabled' do context 'when no client credentials provided' do - it 'does not create an access token' do + it 'creates an access token' do user = create(:user) request_oauth_token(user) - expect(response).to have_gitlab_http_status(:unauthorized) - expect(json_response['access_token']).to be_nil + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['access_token']).to be_present end end @@ -51,6 +51,8 @@ RSpec.describe 'OAuth tokens' do context 'with invalid credentials' do it 'does not create an access token' do + pending 'Enable this example after https://github.com/doorkeeper-gem/doorkeeper/pull/1488 is merged and released' + user = create(:user) request_oauth_token(user, basic_auth_header(client.uid, 'invalid secret')) |