diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-14 00:08:55 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-14 00:08:55 +0300 |
commit | a5650b86b5a809d3b7c754afd5ff5671e9bcc584 (patch) | |
tree | 6a53414f01dae4b5716a94c8d33136616c8b3eb1 /spec/requests | |
parent | e689e858ede41a34b1e9132eba6a602632e6885e (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/requests')
-rw-r--r-- | spec/requests/api/admin/ci/variables_spec.rb | 210 | ||||
-rw-r--r-- | spec/requests/api/graphql/gitlab_schema_spec.rb | 2 | ||||
-rw-r--r-- | spec/requests/api/graphql_spec.rb | 2 |
3 files changed, 212 insertions, 2 deletions
diff --git a/spec/requests/api/admin/ci/variables_spec.rb b/spec/requests/api/admin/ci/variables_spec.rb new file mode 100644 index 00000000000..bc2f0ba50a2 --- /dev/null +++ b/spec/requests/api/admin/ci/variables_spec.rb @@ -0,0 +1,210 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe ::API::Admin::Ci::Variables do + let_it_be(:admin) { create(:admin) } + let_it_be(:user) { create(:user) } + + describe 'GET /admin/ci/variables' do + let!(:variable) { create(:ci_instance_variable) } + + it 'returns instance-level variables for admins', :aggregate_failures do + get api('/admin/ci/variables', admin) + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to be_a(Array) + end + + it 'does not return instance-level variables for regular users' do + get api('/admin/ci/variables', user) + + expect(response).to have_gitlab_http_status(:forbidden) + end + + it 'does not return instance-level variables for unauthorized users' do + get api('/admin/ci/variables') + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + + describe 'GET /admin/ci/variables/:key' do + let!(:variable) { create(:ci_instance_variable) } + + it 'returns instance-level variable details for admins', :aggregate_failures do + get api("/admin/ci/variables/#{variable.key}", admin) + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['value']).to eq(variable.value) + expect(json_response['protected']).to eq(variable.protected?) + expect(json_response['variable_type']).to eq(variable.variable_type) + end + + it 'responds with 404 Not Found if requesting non-existing variable' do + get api('/admin/ci/variables/non_existing_variable', admin) + + expect(response).to have_gitlab_http_status(:not_found) + end + + it 'does not return instance-level variable details for regular users' do + get api("/admin/ci/variables/#{variable.key}", user) + + expect(response).to have_gitlab_http_status(:forbidden) + end + + it 'does not return instance-level variable details for unauthorized users' do + get api("/admin/ci/variables/#{variable.key}") + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + + describe 'POST /admin/ci/variables' do + context 'authorized user with proper permissions' do + let!(:variable) { create(:ci_instance_variable) } + + it 'creates variable for admins', :aggregate_failures do + expect do + post api('/admin/ci/variables', admin), + params: { + key: 'TEST_VARIABLE_2', + value: 'PROTECTED_VALUE_2', + protected: true, + masked: true + } + end.to change { ::Ci::InstanceVariable.count }.by(1) + + expect(response).to have_gitlab_http_status(:created) + expect(json_response['key']).to eq('TEST_VARIABLE_2') + expect(json_response['value']).to eq('PROTECTED_VALUE_2') + expect(json_response['protected']).to be_truthy + expect(json_response['masked']).to be_truthy + expect(json_response['variable_type']).to eq('env_var') + end + + it 'creates variable with optional attributes', :aggregate_failures do + expect do + post api('/admin/ci/variables', admin), + params: { + variable_type: 'file', + key: 'TEST_VARIABLE_2', + value: 'VALUE_2' + } + end.to change { ::Ci::InstanceVariable.count }.by(1) + + expect(response).to have_gitlab_http_status(:created) + expect(json_response['key']).to eq('TEST_VARIABLE_2') + expect(json_response['value']).to eq('VALUE_2') + expect(json_response['protected']).to be_falsey + expect(json_response['masked']).to be_falsey + expect(json_response['variable_type']).to eq('file') + end + + it 'does not allow to duplicate variable key' do + expect do + post api('/admin/ci/variables', admin), + params: { key: variable.key, value: 'VALUE_2' } + end.not_to change { ::Ci::InstanceVariable.count } + + expect(response).to have_gitlab_http_status(:bad_request) + end + end + + context 'authorized user with invalid permissions' do + it 'does not create variable' do + post api('/admin/ci/variables', user) + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + context 'unauthorized user' do + it 'does not create variable' do + post api('/admin/ci/variables') + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + end + + describe 'PUT /admin/ci/variables/:key' do + let!(:variable) { create(:ci_instance_variable) } + + context 'authorized user with proper permissions' do + it 'updates variable data', :aggregate_failures do + put api("/admin/ci/variables/#{variable.key}", admin), + params: { + variable_type: 'file', + value: 'VALUE_1_UP', + protected: true, + masked: true + } + + expect(response).to have_gitlab_http_status(:ok) + expect(variable.reload.value).to eq('VALUE_1_UP') + expect(variable.reload).to be_protected + expect(json_response['variable_type']).to eq('file') + expect(json_response['masked']).to be_truthy + end + + it 'responds with 404 Not Found if requesting non-existing variable' do + put api('/admin/ci/variables/non_existing_variable', admin) + + expect(response).to have_gitlab_http_status(:not_found) + end + end + + context 'authorized user with invalid permissions' do + it 'does not update variable' do + put api("/admin/ci/variables/#{variable.key}", user) + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + context 'unauthorized user' do + it 'does not update variable' do + put api("/admin/ci/variables/#{variable.key}") + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + end + + describe 'DELETE /admin/ci/variables/:key' do + let!(:variable) { create(:ci_instance_variable) } + + context 'authorized user with proper permissions' do + it 'deletes variable' do + expect do + delete api("/admin/ci/variables/#{variable.key}", admin) + + expect(response).to have_gitlab_http_status(:no_content) + end.to change { ::Ci::InstanceVariable.count }.by(-1) + end + + it 'responds with 404 Not Found if requesting non-existing variable' do + delete api('/admin/ci/variables/non_existing_variable', admin) + + expect(response).to have_gitlab_http_status(:not_found) + end + end + + context 'authorized user with invalid permissions' do + it 'does not delete variable' do + delete api("/admin/ci/variables/#{variable.key}", user) + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + context 'unauthorized user' do + it 'does not delete variable' do + delete api("/admin/ci/variables/#{variable.key}") + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + end +end diff --git a/spec/requests/api/graphql/gitlab_schema_spec.rb b/spec/requests/api/graphql/gitlab_schema_spec.rb index cf409ea6c2d..266c98d6f08 100644 --- a/spec/requests/api/graphql/gitlab_schema_spec.rb +++ b/spec/requests/api/graphql/gitlab_schema_spec.rb @@ -190,7 +190,7 @@ describe 'GitlabSchema configurations' do variables: {}.to_s, complexity: 181, depth: 13, - duration: 7 + duration_s: 7 } expect_any_instance_of(Gitlab::Graphql::QueryAnalyzers::LoggerAnalyzer).to receive(:duration).and_return(7) diff --git a/spec/requests/api/graphql_spec.rb b/spec/requests/api/graphql_spec.rb index 783dd730dd9..f5c7a820abe 100644 --- a/spec/requests/api/graphql_spec.rb +++ b/spec/requests/api/graphql_spec.rb @@ -9,7 +9,7 @@ describe 'GraphQL' do context 'logging' do shared_examples 'logging a graphql query' do let(:expected_params) do - { query_string: query, variables: variables.to_s, duration: anything, depth: 1, complexity: 1 } + { query_string: query, variables: variables.to_s, duration_s: anything, depth: 1, complexity: 1 } end it 'logs a query with the expected params' do |