diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-13 18:08:11 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-13 18:08:11 +0300 |
commit | cb38c5062c623059d311c4e9e37428eacdea95d6 (patch) | |
tree | eefd77089ed22d00ed5247dd84c0b93473cdf9d4 /spec/requests | |
parent | b4d5fdae4298581813f0bd5fec029da91f9dfe05 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/requests')
-rw-r--r-- | spec/requests/api/composer_packages_spec.rb | 6 | ||||
-rw-r--r-- | spec/requests/api/helm_packages_spec.rb | 15 | ||||
-rw-r--r-- | spec/requests/api/maven_packages_spec.rb | 10 | ||||
-rw-r--r-- | spec/requests/api/npm_project_packages_spec.rb | 4 | ||||
-rw-r--r-- | spec/requests/api/nuget_group_packages_spec.rb | 12 | ||||
-rw-r--r-- | spec/requests/api/nuget_project_packages_spec.rb | 11 | ||||
-rw-r--r-- | spec/requests/api/pypi_packages_spec.rb | 30 | ||||
-rw-r--r-- | spec/requests/api/rubygem_packages_spec.rb | 30 | ||||
-rw-r--r-- | spec/requests/api/terraform/modules/v1/packages_spec.rb | 7 |
9 files changed, 103 insertions, 22 deletions
diff --git a/spec/requests/api/composer_packages_spec.rb b/spec/requests/api/composer_packages_spec.rb index 0c726d46a01..2bb2ffa03c4 100644 --- a/spec/requests/api/composer_packages_spec.rb +++ b/spec/requests/api/composer_packages_spec.rb @@ -504,7 +504,11 @@ RSpec.describe API::ComposerPackages, feature_category: :package_registry do include_context 'Composer user type', params[:user_role], params[:member] do if params[:expected_status] == :success let(:snowplow_gitlab_standard_context) do - { project: project, namespace: project.namespace, property: 'i_package_composer_user' } + if user_role == :anonymous || (project_visibility_level == 'PUBLIC' && user_token == false) + { project: project, namespace: project.namespace, property: 'i_package_composer_user' } + else + { project: project, namespace: project.namespace, property: 'i_package_composer_user', user: user } + end end it_behaves_like 'a package tracking event', described_class.name, 'pull_package' diff --git a/spec/requests/api/helm_packages_spec.rb b/spec/requests/api/helm_packages_spec.rb index 584f6e3c7d4..d6afd6f86ff 100644 --- a/spec/requests/api/helm_packages_spec.rb +++ b/spec/requests/api/helm_packages_spec.rb @@ -17,7 +17,15 @@ RSpec.describe API::HelmPackages, feature_category: :package_registry do let_it_be(:package_file2_2) { create(:helm_package_file, package: package2, file_sha256: 'file2', file_name: 'filename2.tgz', channel: 'test', description: 'hello from test channel') } let_it_be(:other_package) { create(:npm_package, project: project) } - let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, property: 'i_package_helm_user' } } + let(:snowplow_gitlab_standard_context) { snowplow_context } + + def snowplow_context(user_role: :developer) + if user_role == :anonymous + { project: project, namespace: project.namespace, property: 'i_package_helm_user' } + else + { project: project, namespace: project.namespace, property: 'i_package_helm_user', user: user } + end + end describe 'GET /api/v4/projects/:id/packages/helm/:channel/index.yaml' do let(:project_id) { project.id } @@ -65,6 +73,7 @@ RSpec.describe API::HelmPackages, feature_category: :package_registry do with_them do let(:headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, personal_access_token.token) } + let(:snowplow_gitlab_standard_context) { snowplow_context(user_role: user_role) } before do project.update!(visibility: visibility.to_s) @@ -75,6 +84,8 @@ RSpec.describe API::HelmPackages, feature_category: :package_registry do end context 'with access to package registry for everyone' do + let(:snowplow_gitlab_standard_context) { snowplow_context(user_role: :anonymous) } + before do project.update!(visibility: Gitlab::VisibilityLevel::PRIVATE) project.project_feature.update!(package_registry_access_level: ProjectFeature::PUBLIC) @@ -116,6 +127,7 @@ RSpec.describe API::HelmPackages, feature_category: :package_registry do with_them do let(:user_headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, personal_access_token.token) } let(:headers) { user_headers.merge(workhorse_headers) } + let(:snowplow_gitlab_standard_context) { snowplow_context(user_role: user_role) } before do project.update_column(:visibility_level, Gitlab::VisibilityLevel.level_value(visibility_level.to_s)) @@ -178,6 +190,7 @@ RSpec.describe API::HelmPackages, feature_category: :package_registry do with_them do let(:user_headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, personal_access_token.token) } let(:headers) { user_headers.merge(workhorse_headers) } + let(:snowplow_gitlab_standard_context) { snowplow_context(user_role: user_role) } before do project.update_column(:visibility_level, Gitlab::VisibilityLevel.level_value(visibility_level.to_s)) diff --git a/spec/requests/api/maven_packages_spec.rb b/spec/requests/api/maven_packages_spec.rb index 20aa660d95b..6c6a5f95aa1 100644 --- a/spec/requests/api/maven_packages_spec.rb +++ b/spec/requests/api/maven_packages_spec.rb @@ -22,7 +22,7 @@ RSpec.describe API::MavenPackages, feature_category: :package_registry do let_it_be(:deploy_token_for_group) { create(:deploy_token, :group, read_package_registry: true, write_package_registry: true) } let_it_be(:group_deploy_token) { create(:group_deploy_token, deploy_token: deploy_token_for_group, group: group) } - let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, property: 'i_package_maven_user' } } + let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, user: user, property: 'i_package_maven_user' } } let(:package_name) { 'com/example/my-app' } let(:headers) { workhorse_headers } @@ -285,6 +285,8 @@ RSpec.describe API::MavenPackages, feature_category: :package_registry do describe 'GET /api/v4/packages/maven/*path/:file_name' do context 'a public project' do + let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, property: 'i_package_maven_user' } } + subject { download_file(file_name: package_file.file_name) } shared_examples 'getting a file' do @@ -451,6 +453,8 @@ RSpec.describe API::MavenPackages, feature_category: :package_registry do it_behaves_like 'forwarding package requests' context 'a public project' do + let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, property: 'i_package_maven_user' } } + subject { download_file(file_name: package_file.file_name) } shared_examples 'getting a file for a group' do @@ -660,6 +664,8 @@ RSpec.describe API::MavenPackages, feature_category: :package_registry do describe 'GET /api/v4/projects/:id/packages/maven/*path/:file_name' do context 'a public project' do + let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, property: 'i_package_maven_user' } } + subject { download_file(file_name: package_file.file_name) } it_behaves_like 'tracking the file download event' @@ -901,8 +907,6 @@ RSpec.describe API::MavenPackages, feature_category: :package_registry do it_behaves_like 'package workhorse uploads' context 'event tracking' do - let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, user: user, property: 'i_package_maven_user' } } - it_behaves_like 'a package tracking event', described_class.name, 'push_package' context 'when the package file fails to be created' do diff --git a/spec/requests/api/npm_project_packages_spec.rb b/spec/requests/api/npm_project_packages_spec.rb index c62c0849776..2f67e1e8eea 100644 --- a/spec/requests/api/npm_project_packages_spec.rb +++ b/spec/requests/api/npm_project_packages_spec.rb @@ -115,6 +115,8 @@ RSpec.describe API::NpmProjectPackages, feature_category: :package_registry do end context 'private project' do + let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, user: user, property: 'i_package_npm_user' } } + before do project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE) end @@ -143,6 +145,8 @@ RSpec.describe API::NpmProjectPackages, feature_category: :package_registry do end context 'internal project' do + let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, user: user, property: 'i_package_npm_user' } } + before do project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL) end diff --git a/spec/requests/api/nuget_group_packages_spec.rb b/spec/requests/api/nuget_group_packages_spec.rb index 4335ad75ab6..facbc01220d 100644 --- a/spec/requests/api/nuget_group_packages_spec.rb +++ b/spec/requests/api/nuget_group_packages_spec.rb @@ -12,8 +12,17 @@ RSpec.describe API::NugetGroupPackages, feature_category: :package_registry do let_it_be(:deploy_token) { create(:deploy_token, :group, read_package_registry: true, write_package_registry: true) } let_it_be(:group_deploy_token) { create(:group_deploy_token, deploy_token: deploy_token, group: group) } - let(:snowplow_gitlab_standard_context) { { namespace: project.group, property: 'i_package_nuget_user' } } let(:target_type) { 'groups' } + let(:snowplow_gitlab_standard_context) { snowplow_context } + let(:target) { subgroup } + + def snowplow_context(user_role: :developer) + if user_role == :anonymous + { namespace: target, property: 'i_package_nuget_user' } + else + { namespace: target, property: 'i_package_nuget_user', user: user } + end + end shared_examples 'handling all endpoints' do describe 'GET /api/v4/groups/:id/-/packages/nuget' do @@ -84,7 +93,6 @@ RSpec.describe API::NugetGroupPackages, feature_category: :package_registry do context 'a group' do let(:target) { group } - let(:snowplow_gitlab_standard_context) { { namespace: target, property: 'i_package_nuget_user' } } it_behaves_like 'handling all endpoints' diff --git a/spec/requests/api/nuget_project_packages_spec.rb b/spec/requests/api/nuget_project_packages_spec.rb index 1e0d35ad451..887dfd4beeb 100644 --- a/spec/requests/api/nuget_project_packages_spec.rb +++ b/spec/requests/api/nuget_project_packages_spec.rb @@ -13,7 +13,15 @@ RSpec.describe API::NugetProjectPackages, feature_category: :package_registry do let(:target) { project } let(:target_type) { 'projects' } - let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, property: 'i_package_nuget_user' } } + let(:snowplow_gitlab_standard_context) { snowplow_context } + + def snowplow_context(user_role: :developer) + if user_role == :anonymous + { project: target, namespace: target.namespace, property: 'i_package_nuget_user' } + else + { project: target, namespace: target.namespace, property: 'i_package_nuget_user', user: user } + end + end shared_examples 'accept get request on private project with access to package registry for everyone' do subject { get api(url) } @@ -149,6 +157,7 @@ RSpec.describe API::NugetProjectPackages, feature_category: :package_registry do with_them do let(:token) { user_token ? personal_access_token.token : 'wrong' } let(:headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, token) } + let(:snowplow_gitlab_standard_context) { snowplow_context(user_role: user_role) } subject { get api(url), headers: headers } diff --git a/spec/requests/api/pypi_packages_spec.rb b/spec/requests/api/pypi_packages_spec.rb index 978d4f72a4a..0b2641b062c 100644 --- a/spec/requests/api/pypi_packages_spec.rb +++ b/spec/requests/api/pypi_packages_spec.rb @@ -14,10 +14,18 @@ RSpec.describe API::PypiPackages, feature_category: :package_registry do let_it_be(:deploy_token) { create(:deploy_token, read_package_registry: true, write_package_registry: true) } let_it_be(:project_deploy_token) { create(:project_deploy_token, deploy_token: deploy_token, project: project) } let_it_be(:job) { create(:ci_build, :running, user: user, project: project) } - let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, property: 'i_package_pypi_user' } } + let(:snowplow_gitlab_standard_context) { snowplow_context } let(:headers) { {} } + def snowplow_context(user_role: :developer) + if user_role == :anonymous + { project: project, namespace: project.namespace, property: 'i_package_pypi_user' } + else + { project: project, namespace: project.namespace, property: 'i_package_pypi_user', user: user } + end + end + context 'simple index API endpoint' do let_it_be(:package) { create(:pypi_package, project: project) } let_it_be(:package2) { create(:pypi_package, project: project) } @@ -26,7 +34,6 @@ RSpec.describe API::PypiPackages, feature_category: :package_registry do describe 'GET /api/v4/groups/:id/-/packages/pypi/simple' do let(:url) { "/groups/#{group.id}/-/packages/pypi/simple" } - let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, property: 'i_package_pypi_user' } } it_behaves_like 'pypi simple index API endpoint' it_behaves_like 'rejects PyPI access with unknown group id' @@ -82,13 +89,13 @@ RSpec.describe API::PypiPackages, feature_category: :package_registry do context 'simple package API endpoint' do let_it_be(:package) { create(:pypi_package, project: project) } - let(:snowplow_gitlab_standard_context) { { project: nil, namespace: group, property: 'i_package_pypi_user' } } subject { get api(url), headers: headers } describe 'GET /api/v4/groups/:id/-/packages/pypi/simple/:package_name' do let(:package_name) { package.name } let(:url) { "/groups/#{group.id}/-/packages/pypi/simple/#{package_name}" } + let(:snowplow_context) { { project: nil, namespace: project.namespace, property: 'i_package_pypi_user' } } it_behaves_like 'pypi simple API endpoint' it_behaves_like 'rejects PyPI access with unknown group id' @@ -126,7 +133,7 @@ RSpec.describe API::PypiPackages, feature_category: :package_registry do describe 'GET /api/v4/projects/:id/packages/pypi/simple/:package_name' do let(:package_name) { package.name } let(:url) { "/projects/#{project.id}/packages/pypi/simple/#{package_name}" } - let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, property: 'i_package_pypi_user' } } + let(:snowplow_context) { { project: project, namespace: project.namespace, property: 'i_package_pypi_user' } } it_behaves_like 'pypi simple API endpoint' it_behaves_like 'rejects PyPI access with unknown project id' @@ -242,6 +249,13 @@ RSpec.describe API::PypiPackages, feature_category: :package_registry do let(:token) { user_token ? personal_access_token.token : 'wrong' } let(:user_headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, token) } let(:headers) { user_headers.merge(workhorse_headers) } + let(:snowplow_gitlab_standard_context) do + if user_role == :anonymous || (visibility_level == :public && !user_token) + { project: project, namespace: project.namespace, property: 'i_package_pypi_user' } + else + { project: project, namespace: project.namespace, property: 'i_package_pypi_user', user: user } + end + end before do project.update_column(:visibility_level, Gitlab::VisibilityLevel.level_value(visibility_level.to_s)) @@ -379,6 +393,14 @@ RSpec.describe API::PypiPackages, feature_category: :package_registry do let_it_be(:package_name) { 'Dummy-Package' } let_it_be(:package) { create(:pypi_package, project: project, name: package_name, version: '1.0.0') } + let(:snowplow_gitlab_standard_context) do + if user_role == :anonymous || (visibility_level == :public && !user_token) + { project: project, namespace: project.namespace, property: 'i_package_pypi_user' } + else + { project: project, namespace: project.namespace, property: 'i_package_pypi_user', user: user } + end + end + subject { get api(url), headers: headers } describe 'GET /api/v4/groups/:id/-/packages/pypi/files/:sha256/*file_identifier' do diff --git a/spec/requests/api/rubygem_packages_spec.rb b/spec/requests/api/rubygem_packages_spec.rb index 34cf6033811..1774b43ccb3 100644 --- a/spec/requests/api/rubygem_packages_spec.rb +++ b/spec/requests/api/rubygem_packages_spec.rb @@ -8,6 +8,14 @@ RSpec.describe API::RubygemPackages, feature_category: :package_registry do using RSpec::Parameterized::TableSyntax let_it_be_with_reload(:project) { create(:project) } + let(:tokens) do + { + personal_access_token: personal_access_token.token, + deploy_token: deploy_token.token, + job_token: job.token + } + end + let_it_be(:personal_access_token) { create(:personal_access_token) } let_it_be(:user) { personal_access_token.user } let_it_be(:job) { create(:ci_build, :running, user: user, project: project) } @@ -15,14 +23,14 @@ RSpec.describe API::RubygemPackages, feature_category: :package_registry do let_it_be(:project_deploy_token) { create(:project_deploy_token, deploy_token: deploy_token, project: project) } let_it_be(:headers) { {} } - let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, user: user, property: 'i_package_rubygems_user' } } + let(:snowplow_gitlab_standard_context) { snowplow_context } - let(:tokens) do - { - personal_access_token: personal_access_token.token, - deploy_token: deploy_token.token, - job_token: job.token - } + def snowplow_context(user_role: :developer) + if user_role == :anonymous + { project: project, namespace: project.namespace, property: 'i_package_rubygems_user' } + else + { project: project, namespace: project.namespace, property: 'i_package_rubygems_user', user: user } + end end shared_examples 'when feature flag is disabled' do @@ -164,7 +172,13 @@ RSpec.describe API::RubygemPackages, feature_category: :package_registry do with_them do let(:token) { valid_token ? tokens[token_type] : 'invalid-token123' } let(:headers) { user_role == :anonymous ? {} : { 'HTTP_AUTHORIZATION' => token } } - let(:snowplow_gitlab_standard_context) { { project: project, namespace: project.namespace, property: 'i_package_rubygems_user' } } + let(:snowplow_gitlab_standard_context) do + if token_type == :deploy_token + snowplow_context.merge(user: deploy_token) + else + snowplow_context(user_role: user_role) + end + end before do project.update_column(:visibility_level, Gitlab::VisibilityLevel.level_value(visibility.to_s)) diff --git a/spec/requests/api/terraform/modules/v1/packages_spec.rb b/spec/requests/api/terraform/modules/v1/packages_spec.rb index 2bd7cb027aa..f479ca25f3c 100644 --- a/spec/requests/api/terraform/modules/v1/packages_spec.rb +++ b/spec/requests/api/terraform/modules/v1/packages_spec.rb @@ -415,12 +415,15 @@ RSpec.describe API::Terraform::Modules::V1::Packages, feature_category: :package with_them do let(:snowplow_gitlab_standard_context) do - { + context = { project: project, - user: user_role == :anonymous ? nil : user, namespace: project.namespace, property: 'i_package_terraform_module_user' } + + context[:user] = user if user_role != :anonymous + + context end before do |