Add latest changes from gitlab-org/security/gitlab@14-3-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-09-29 15:57:02 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-09-29 15:57:02 +0300
commit: e0ab280b774e34fcfd6fd031616247714230ca68 (patch)
tree: 472ee2dcef05f242e1b861caa47a0a5179e92f4c /spec/requests
parent: 60b56b48afb89ed1890409b6c425f16549c4d28b (diff)
3 files changed, 25 insertions, 11 deletions
diff --git a/spec/requests/api/import_bitbucket_server_spec.rb b/spec/requests/api/import_bitbucket_server_spec.rb
index 2225f737f36..970416c7444 100644
--- a/spec/requests/api/import_bitbucket_server_spec.rb
+++ b/spec/requests/api/import_bitbucket_server_spec.rb
@@ -28,6 +28,20 @@ RSpec.describe API::ImportBitbucketServer do
         Grape::Endpoint.before_each nil
       end
 
+      it 'rejects requests when Bitbucket Server Importer is disabled' do
+        stub_application_setting(import_sources: nil)
+
+        post api("/import/bitbucket_server", user), params: {
+          bitbucket_server_url: base_uri,
+          bitbucket_server_username: user,
+          personal_access_token: token,
+          bitbucket_server_project: project_key,
+          bitbucket_server_repo: repo_slug
+        }
+
+        expect(response).to have_gitlab_http_status(:forbidden)
+      end
+
       it 'returns 201 response when the project is imported successfully' do
         allow(Gitlab::BitbucketServerImport::ProjectCreator)
           .to receive(:new).with(project_key, repo_slug, anything, repo_slug, user.namespace, user, anything)
diff --git a/spec/requests/git_http_spec.rb b/spec/requests/git_http_spec.rb
index a16f5abf608..d2528600477 100644
--- a/spec/requests/git_http_spec.rb
+++ b/spec/requests/git_http_spec.rb
@@ -61,7 +61,7 @@ RSpec.describe 'Git HTTP requests' do
   shared_examples 'operations are not allowed with expired password' do
     context "when password is expired" do
       it "responds to downloads with status 401 Unauthorized" do
-        user.update!(password_expires_at: 2.days.ago, password_automatically_set: true)
+        user.update!(password_expires_at: 2.days.ago)
 
         download(path, user: user.username, password: user.password) do |response|
           expect(response).to have_gitlab_http_status(:unauthorized)
@@ -69,7 +69,7 @@ RSpec.describe 'Git HTTP requests' do
       end
 
       it "responds to uploads with status 401 Unauthorized" do
-        user.update!(password_expires_at: 2.days.ago, password_automatically_set: true)
+        user.update!(password_expires_at: 2.days.ago)
 
         upload(path, user: user.username, password: user.password) do |response|
           expect(response).to have_gitlab_http_status(:unauthorized)
@@ -614,7 +614,7 @@ RSpec.describe 'Git HTTP requests' do
 
                 context "when password is expired" do
                   it "responds to downloads with status 401 unauthorized" do
-                    user.update!(password_expires_at: 2.days.ago, password_automatically_set: true)
+                    user.update!(password_expires_at: 2.days.ago)
 
                     download(path, **env) do |response|
                       expect(response).to have_gitlab_http_status(:unauthorized)
@@ -697,7 +697,7 @@ RSpec.describe 'Git HTTP requests' do
 
                   context "when password is expired" do
                     it "responds to uploads with status 401 unauthorized" do
-                      user.update!(password_expires_at: 2.days.ago, password_automatically_set: true)
+                      user.update!(password_expires_at: 2.days.ago)
 
                       write_access_token = create(:personal_access_token, user: user, scopes: [:write_repository])
 
@@ -950,7 +950,7 @@ RSpec.describe 'Git HTTP requests' do
 
               context 'when users password is expired' do
                 it 'rejects pulls with 401 unauthorized' do
-                  user.update!(password_expires_at: 2.days.ago, password_automatically_set: true)
+                  user.update!(password_expires_at: 2.days.ago)
 
                   download(path, user: 'gitlab-ci-token', password: build.token) do |response|
                     expect(response).to have_gitlab_http_status(:unauthorized)
@@ -1245,7 +1245,7 @@ RSpec.describe 'Git HTTP requests' do
 
                 context "when password is expired" do
                   it "responds to downloads with status 401 unauthorized" do
-                    user.update!(password_expires_at: 2.days.ago, password_automatically_set: true)
+                    user.update!(password_expires_at: 2.days.ago)
 
                     download(path, **env) do |response|
                       expect(response).to have_gitlab_http_status(:unauthorized)
@@ -1328,7 +1328,7 @@ RSpec.describe 'Git HTTP requests' do
 
                   context "when password is expired" do
                     it "responds to uploads with status 401 unauthorized" do
-                      user.update!(password_expires_at: 2.days.ago, password_automatically_set: true)
+                      user.update!(password_expires_at: 2.days.ago)
 
                       write_access_token = create(:personal_access_token, user: user, scopes: [:write_repository])
 
@@ -1555,7 +1555,7 @@ RSpec.describe 'Git HTTP requests' do
 
               context 'when users password is expired' do
                 it 'rejects pulls with 401 unauthorized' do
-                  user.update!(password_expires_at: 2.days.ago, password_automatically_set: true)
+                  user.update!(password_expires_at: 2.days.ago)
 
                   download(path, user: 'gitlab-ci-token', password: build.token) do |response|
                     expect(response).to have_gitlab_http_status(:unauthorized)
diff --git a/spec/requests/lfs_http_spec.rb b/spec/requests/lfs_http_spec.rb
index 02eb4262690..656ae744ac1 100644
--- a/spec/requests/lfs_http_spec.rb
+++ b/spec/requests/lfs_http_spec.rb
@@ -126,7 +126,7 @@ RSpec.describe 'Git LFS API and storage' do
             it_behaves_like 'LFS http 200 blob response'
 
             context 'when user password is expired' do
-              let_it_be(:user) { create(:user, password_expires_at: 1.minute.ago, password_automatically_set: true)}
+              let_it_be(:user) { create(:user, password_expires_at: 1.minute.ago)}
 
               it_behaves_like 'LFS http 401 response'
             end
@@ -344,7 +344,7 @@ RSpec.describe 'Git LFS API and storage' do
             end
 
             context 'when user password is expired' do
-              let_it_be(:user) { create(:user, password_expires_at: 1.minute.ago, password_automatically_set: true)}
+              let_it_be(:user) { create(:user, password_expires_at: 1.minute.ago)}
 
               let(:role) { :reporter}
 
@@ -958,7 +958,7 @@ RSpec.describe 'Git LFS API and storage' do
               it_behaves_like 'LFS http 200 workhorse response'
 
               context 'when user password is expired' do
-                let_it_be(:user) { create(:user, password_expires_at: 1.minute.ago, password_automatically_set: true) }
+                let_it_be(:user) { create(:user, password_expires_at: 1.minute.ago) }
 
                 it_behaves_like 'LFS http 401 response'
               end
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-09-29 15:57:02 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-09-29 15:57:02 +0300
commit	e0ab280b774e34fcfd6fd031616247714230ca68 (patch)
tree	472ee2dcef05f242e1b861caa47a0a5179e92f4c /spec/requests
parent	60b56b48afb89ed1890409b6c425f16549c4d28b (diff)