Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/support
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2023-06-12 21:09:34 +0300
committerGitLab Bot <gitlab-bot@gitlab.com>2023-06-12 21:09:34 +0300
commit949ed51c6d20ba24e1f508cae9a65b86114bff62 (patch)
tree9308fe87e6d61b35eb3b2d101c47e89b9054655f /spec/support
parentc0b17cee8be646588b14db49ad6d91b8cc818f97 (diff)
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/support')
-rw-r--r--spec/support/shared_examples/requests/api/nuget_endpoints_shared_examples.rb100
-rw-r--r--spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb146
2 files changed, 122 insertions, 124 deletions
diff --git a/spec/support/shared_examples/requests/api/nuget_endpoints_shared_examples.rb b/spec/support/shared_examples/requests/api/nuget_endpoints_shared_examples.rb
index 7cafe8bb368..432e67ee21e 100644
--- a/spec/support/shared_examples/requests/api/nuget_endpoints_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/nuget_endpoints_shared_examples.rb
@@ -1,100 +1,40 @@
# frozen_string_literal: true
-RSpec.shared_examples 'handling nuget service requests' do |example_names_with_status: {}|
- anonymous_requests_example_name = example_names_with_status.fetch(:anonymous_requests_example_name, 'process nuget service index request')
- anonymous_requests_status = example_names_with_status.fetch(:anonymous_requests_status, :success)
- guest_requests_example_name = example_names_with_status.fetch(:guest_requests_example_name, 'rejects nuget packages access')
- guest_requests_status = example_names_with_status.fetch(:guest_requests_status, :forbidden)
-
+RSpec.shared_examples 'handling nuget service requests' do
subject { get api(url) }
context 'with valid target' do
using RSpec::Parameterized::TableSyntax
- context 'personal token' do
- where(:visibility_level, :user_role, :member, :user_token, :shared_examples_name, :expected_status) do
- 'PUBLIC' | :developer | true | true | 'process nuget service index request' | :success
- 'PUBLIC' | :guest | true | true | 'process nuget service index request' | :success
- 'PUBLIC' | :developer | true | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :guest | true | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :developer | false | true | 'process nuget service index request' | :success
- 'PUBLIC' | :guest | false | true | 'process nuget service index request' | :success
- 'PUBLIC' | :developer | false | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :guest | false | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :anonymous | false | true | anonymous_requests_example_name | anonymous_requests_status
- 'PRIVATE' | :developer | true | true | 'process nuget service index request' | :success
- 'PRIVATE' | :guest | true | true | guest_requests_example_name | guest_requests_status
- 'PRIVATE' | :developer | true | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :guest | true | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :developer | false | true | 'rejects nuget packages access' | :not_found
- 'PRIVATE' | :guest | false | true | 'rejects nuget packages access' | :not_found
- 'PRIVATE' | :developer | false | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :guest | false | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :anonymous | false | true | 'rejects nuget packages access' | :unauthorized
- end
-
- with_them do
- let(:token) { user_token ? personal_access_token.token : 'wrong' }
- let(:headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, token) }
- let(:snowplow_gitlab_standard_context) { snowplow_context(user_role: user_role) }
-
- subject { get api(url), headers: headers }
-
- before do
- update_visibility_to(Gitlab::VisibilityLevel.const_get(visibility_level, false))
- end
-
- it_behaves_like params[:shared_examples_name], params[:user_role], params[:expected_status], params[:member]
- end
+ where(:visibility_level, :user_role, :member, :shared_examples_name, :expected_status) do
+ 'PUBLIC' | :developer | true | 'process nuget service index request' | :success
+ 'PUBLIC' | :guest | true | 'process nuget service index request' | :success
+ 'PUBLIC' | :developer | false | 'process nuget service index request' | :success
+ 'PUBLIC' | :guest | false | 'process nuget service index request' | :success
+ 'PUBLIC' | :anonymous | false | 'process nuget service index request' | :success
+ 'PRIVATE' | :developer | true | 'process nuget service index request' | :success
+ 'PRIVATE' | :guest | true | 'process nuget service index request' | :success
+ 'PRIVATE' | :developer | false | 'process nuget service index request' | :success
+ 'PRIVATE' | :guest | false | 'process nuget service index request' | :success
+ 'PRIVATE' | :anonymous | false | 'process nuget service index request' | :success
end
- context 'with job token' do
- where(:visibility_level, :user_role, :member, :user_token, :shared_examples_name, :expected_status) do
- 'PUBLIC' | :developer | true | true | 'process nuget service index request' | :success
- 'PUBLIC' | :guest | true | true | 'process nuget service index request' | :success
- 'PUBLIC' | :developer | true | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :guest | true | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :developer | false | true | 'process nuget service index request' | :success
- 'PUBLIC' | :guest | false | true | 'process nuget service index request' | :success
- 'PUBLIC' | :developer | false | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :guest | false | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :anonymous | false | true | anonymous_requests_example_name | anonymous_requests_status
- 'PRIVATE' | :developer | true | true | 'process nuget service index request' | :success
- 'PRIVATE' | :guest | true | true | guest_requests_example_name | guest_requests_status
- 'PRIVATE' | :developer | true | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :guest | true | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :developer | false | true | 'rejects nuget packages access' | :not_found
- 'PRIVATE' | :guest | false | true | 'rejects nuget packages access' | :not_found
- 'PRIVATE' | :developer | false | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :guest | false | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :anonymous | false | true | 'rejects nuget packages access' | :unauthorized
- end
-
- with_them do
- let(:job) { user_token ? create(:ci_build, project: project, user: user, status: :running) : double(token: 'wrong') }
- let(:headers) { user_role == :anonymous ? {} : job_basic_auth_header(job) }
- let(:snowplow_gitlab_standard_context) { snowplow_context(user_role: user_role) }
-
- subject { get api(url), headers: headers }
+ with_them do
+ let(:snowplow_gitlab_standard_context) { snowplow_context(user_role: :anonymous) }
- before do
- update_visibility_to(Gitlab::VisibilityLevel.const_get(visibility_level, false))
- end
+ subject { get api(url) }
- it_behaves_like params[:shared_examples_name], params[:user_role], params[:expected_status], params[:member]
+ before do
+ update_visibility_to(Gitlab::VisibilityLevel.const_get(visibility_level, false))
end
- end
- end
- it_behaves_like 'deploy token for package GET requests' do
- before do
- update_visibility_to(Gitlab::VisibilityLevel::PRIVATE)
+ it_behaves_like params[:shared_examples_name], params[:user_role], params[:expected_status], params[:member]
end
end
- it_behaves_like 'rejects nuget access with unknown target id'
+ it_behaves_like 'rejects nuget access with unknown target id', not_found_response: :not_found
- it_behaves_like 'rejects nuget access with invalid target id'
+ it_behaves_like 'rejects nuget access with invalid target id', not_found_response: :not_found
end
RSpec.shared_examples 'handling nuget metadata requests with package name' do |example_names_with_status: {}|
diff --git a/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb b/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb
index 3abe545db59..d6a0055700d 100644
--- a/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb
@@ -399,7 +399,7 @@ RSpec.shared_examples 'process empty nuget search request' do |user_type, status
it_behaves_like 'a package tracking event', 'API::NugetPackages', 'search_package'
end
-RSpec.shared_examples 'rejects nuget access with invalid target id' do
+RSpec.shared_examples 'rejects nuget access with invalid target id' do |not_found_response: :unauthorized|
context 'with a target id with invalid integers' do
using RSpec::Parameterized::TableSyntax
@@ -411,7 +411,7 @@ RSpec.shared_examples 'rejects nuget access with invalid target id' do
'%20' | :bad_request
'%2e%2e%2f' | :bad_request
'NaN' | :bad_request
- 00002345 | :unauthorized
+ 00002345 | not_found_response
'anything25' | :bad_request
end
@@ -421,12 +421,12 @@ RSpec.shared_examples 'rejects nuget access with invalid target id' do
end
end
-RSpec.shared_examples 'rejects nuget access with unknown target id' do
+RSpec.shared_examples 'rejects nuget access with unknown target id' do |not_found_response: :unauthorized|
context 'with an unknown target' do
let(:target) { double(id: 1234567890) }
context 'as anonymous' do
- it_behaves_like 'rejects nuget packages access', :anonymous, :unauthorized
+ it_behaves_like 'rejects nuget packages access', :anonymous, not_found_response
end
context 'as authenticated user' do
@@ -441,30 +441,59 @@ RSpec.shared_examples 'nuget authorize upload endpoint' do
using RSpec::Parameterized::TableSyntax
context 'with valid project' do
- where(:visibility_level, :user_role, :member, :user_token, :shared_examples_name, :expected_status) do
- 'PUBLIC' | :developer | true | true | 'process nuget workhorse authorization' | :success
- 'PUBLIC' | :guest | true | true | 'rejects nuget packages access' | :forbidden
- 'PUBLIC' | :developer | true | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :guest | true | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :developer | false | true | 'rejects nuget packages access' | :forbidden
- 'PUBLIC' | :guest | false | true | 'rejects nuget packages access' | :forbidden
- 'PUBLIC' | :developer | false | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :guest | false | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :anonymous | false | true | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :developer | true | true | 'process nuget workhorse authorization' | :success
- 'PRIVATE' | :guest | true | true | 'rejects nuget packages access' | :forbidden
- 'PRIVATE' | :developer | true | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :guest | true | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :developer | false | true | 'rejects nuget packages access' | :not_found
- 'PRIVATE' | :guest | false | true | 'rejects nuget packages access' | :not_found
- 'PRIVATE' | :developer | false | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :guest | false | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :anonymous | false | true | 'rejects nuget packages access' | :unauthorized
+ where(:visibility_level, :user_role, :member, :user_token, :sent_through, :shared_examples_name, :expected_status) do
+ 'PUBLIC' | :developer | true | true | :basic_auth | 'process nuget workhorse authorization' | :success
+ 'PUBLIC' | :guest | true | true | :basic_auth | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :developer | true | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :guest | true | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :developer | false | true | :basic_auth | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :guest | false | true | :basic_auth | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :developer | false | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :guest | false | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :developer | true | true | :basic_auth | 'process nuget workhorse authorization' | :success
+ 'PRIVATE' | :guest | true | true | :basic_auth | 'rejects nuget packages access' | :forbidden
+ 'PRIVATE' | :developer | true | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :guest | true | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :developer | false | true | :basic_auth | 'rejects nuget packages access' | :not_found
+ 'PRIVATE' | :guest | false | true | :basic_auth | 'rejects nuget packages access' | :not_found
+ 'PRIVATE' | :developer | false | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :guest | false | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+
+ 'PUBLIC' | :developer | true | true | :api_key | 'process nuget workhorse authorization' | :success
+ 'PUBLIC' | :guest | true | true | :api_key | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :developer | true | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :guest | true | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :developer | false | true | :api_key | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :guest | false | true | :api_key | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :developer | false | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :guest | false | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :developer | true | true | :api_key | 'process nuget workhorse authorization' | :success
+ 'PRIVATE' | :guest | true | true | :api_key | 'rejects nuget packages access' | :forbidden
+ 'PRIVATE' | :developer | true | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :guest | true | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :developer | false | true | :api_key | 'rejects nuget packages access' | :not_found
+ 'PRIVATE' | :guest | false | true | :api_key | 'rejects nuget packages access' | :not_found
+ 'PRIVATE' | :developer | false | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :guest | false | false | :api_key | 'rejects nuget packages access' | :unauthorized
+
+ 'PUBLIC' | :anonymous | false | true | nil | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :anonymous | false | true | nil | 'rejects nuget packages access' | :unauthorized
end
with_them do
let(:token) { user_token ? personal_access_token.token : 'wrong' }
- let(:user_headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, token) }
+
+ let(:user_headers) do
+ case sent_through
+ when :basic_auth
+ basic_auth_header(user.username, token)
+ when :api_key
+ { 'X-NuGet-ApiKey' => token }
+ else
+ {}
+ end
+ end
+
let(:headers) { user_headers.merge(workhorse_headers) }
before do
@@ -490,30 +519,59 @@ RSpec.shared_examples 'nuget upload endpoint' do |symbol_package: false|
using RSpec::Parameterized::TableSyntax
context 'with valid project' do
- where(:visibility_level, :user_role, :member, :user_token, :shared_examples_name, :expected_status) do
- 'PUBLIC' | :developer | true | true | 'process nuget upload' | :created
- 'PUBLIC' | :guest | true | true | 'rejects nuget packages access' | :forbidden
- 'PUBLIC' | :developer | true | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :guest | true | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :developer | false | true | 'rejects nuget packages access' | :forbidden
- 'PUBLIC' | :guest | false | true | 'rejects nuget packages access' | :forbidden
- 'PUBLIC' | :developer | false | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :guest | false | false | 'rejects nuget packages access' | :unauthorized
- 'PUBLIC' | :anonymous | false | true | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :developer | true | true | 'process nuget upload' | :created
- 'PRIVATE' | :guest | true | true | 'rejects nuget packages access' | :forbidden
- 'PRIVATE' | :developer | true | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :guest | true | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :developer | false | true | 'rejects nuget packages access' | :not_found
- 'PRIVATE' | :guest | false | true | 'rejects nuget packages access' | :not_found
- 'PRIVATE' | :developer | false | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :guest | false | false | 'rejects nuget packages access' | :unauthorized
- 'PRIVATE' | :anonymous | false | true | 'rejects nuget packages access' | :unauthorized
+ where(:visibility_level, :user_role, :member, :user_token, :sent_through, :shared_examples_name, :expected_status) do
+ 'PUBLIC' | :developer | true | true | :basic_auth | 'process nuget upload' | :created
+ 'PUBLIC' | :guest | true | true | :basic_auth | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :developer | true | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :guest | true | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :developer | false | true | :basic_auth | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :guest | false | true | :basic_auth | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :developer | false | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :guest | false | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :developer | true | true | :basic_auth | 'process nuget upload' | :created
+ 'PRIVATE' | :guest | true | true | :basic_auth | 'rejects nuget packages access' | :forbidden
+ 'PRIVATE' | :developer | true | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :guest | true | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :developer | false | true | :basic_auth | 'rejects nuget packages access' | :not_found
+ 'PRIVATE' | :guest | false | true | :basic_auth | 'rejects nuget packages access' | :not_found
+ 'PRIVATE' | :developer | false | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :guest | false | false | :basic_auth | 'rejects nuget packages access' | :unauthorized
+
+ 'PUBLIC' | :developer | true | true | :api_key | 'process nuget upload' | :created
+ 'PUBLIC' | :guest | true | true | :api_key | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :developer | true | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :guest | true | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :developer | false | true | :api_key | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :guest | false | true | :api_key | 'rejects nuget packages access' | :forbidden
+ 'PUBLIC' | :developer | false | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PUBLIC' | :guest | false | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :developer | true | true | :api_key | 'process nuget upload' | :created
+ 'PRIVATE' | :guest | true | true | :api_key | 'rejects nuget packages access' | :forbidden
+ 'PRIVATE' | :developer | true | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :guest | true | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :developer | false | true | :api_key | 'rejects nuget packages access' | :not_found
+ 'PRIVATE' | :guest | false | true | :api_key | 'rejects nuget packages access' | :not_found
+ 'PRIVATE' | :developer | false | false | :api_key | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :guest | false | false | :api_key | 'rejects nuget packages access' | :unauthorized
+
+ 'PUBLIC' | :anonymous | false | true | nil | 'rejects nuget packages access' | :unauthorized
+ 'PRIVATE' | :anonymous | false | true | nil | 'rejects nuget packages access' | :unauthorized
end
with_them do
let(:token) { user_token ? personal_access_token.token : 'wrong' }
- let(:user_headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, token) }
+
+ let(:user_headers) do
+ case sent_through
+ when :basic_auth
+ basic_auth_header(user.username, token)
+ when :api_key
+ { 'X-NuGet-ApiKey' => token }
+ else
+ {}
+ end
+ end
+
let(:headers) { user_headers.merge(workhorse_headers) }
let(:snowplow_gitlab_standard_context) { { project: project, user: user, namespace: project.namespace, property: 'i_package_nuget_user' } }
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-30 14:22:22 +0300