diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-09-20 21:06:35 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-09-20 21:06:35 +0300 |
| commit | 2b3007dc9603b847b15f69bc980847be3b9fa6d1 (patch) | |
| tree | 26e7556dd285fb593ffa335b689e66fb8022d936 /spec | |
| parent | 434a995573f6e5cad4e4742af8d1d83d719f39ca (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/lib/gitlab/middleware/read_only_spec.rb | 7 | ||||
| -rw-r--r-- | spec/requests/api/graphql/read_only_spec.rb | 57 |
2 files changed, 64 insertions, 0 deletions
diff --git a/spec/lib/gitlab/middleware/read_only_spec.rb b/spec/lib/gitlab/middleware/read_only_spec.rb index d2c8f4ab0bd..c7e9b38e3ca 100644 --- a/spec/lib/gitlab/middleware/read_only_spec.rb +++ b/spec/lib/gitlab/middleware/read_only_spec.rb @@ -103,6 +103,13 @@ describe Gitlab::Middleware::ReadOnly do expect(subject).not_to disallow_request end + it 'expects a graphql request to be allowed' do + response = request.post("/api/graphql") + + expect(response).not_to be_redirect + expect(subject).not_to disallow_request + end + context 'sidekiq admin requests' do where(:mounted_at) do [ diff --git a/spec/requests/api/graphql/read_only_spec.rb b/spec/requests/api/graphql/read_only_spec.rb new file mode 100644 index 00000000000..1d28a71258d --- /dev/null +++ b/spec/requests/api/graphql/read_only_spec.rb @@ -0,0 +1,57 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'Requests on a read-only node' do + include GraphqlHelpers + + before do + allow(Gitlab::Database).to receive(:read_only?) { true } + end + + context 'mutations' do + let(:current_user) { note.author } + let!(:note) { create(:note) } + + let(:mutation) do + variables = { + id: GitlabSchema.id_from_object(note).to_s + } + + graphql_mutation(:destroy_note, variables) + end + + def mutation_response + graphql_mutation_response(:destroy_note) + end + + it 'disallows the query' do + post_graphql_mutation(mutation, current_user: current_user) + + expect(json_response['errors'].first['message']).to eq(Mutations::BaseMutation::ERROR_MESSAGE) + end + + it 'does not destroy the Note' do + expect do + post_graphql_mutation(mutation, current_user: current_user) + end.not_to change { Note.count } + end + end + + context 'read-only queries' do + let(:current_user) { create(:user) } + let(:project) { create(:project, :repository) } + + before do + project.add_developer(current_user) + end + + it 'allows the query' do + query = graphql_query_for('project', 'fullPath' => project.full_path) + + post_graphql(query, current_user: current_user) + + expect(graphql_data['project']).not_to be_nil + end + end +end |