diff options
Diffstat (limited to 'spec/lib/api')
| -rw-r--r-- | spec/lib/api/entities/ci/job_request/image_spec.rb | 10 | ||||
| -rw-r--r-- | spec/lib/api/entities/ci/job_request/service_spec.rb | 8 | ||||
| -rw-r--r-- | spec/lib/api/entities/ml/mlflow/run_info_spec.rb | 65 | ||||
| -rw-r--r-- | spec/lib/api/entities/ml/mlflow/run_spec.rb | 21 | ||||
| -rw-r--r-- | spec/lib/api/entities/personal_access_token_with_details_spec.rb | 29 | ||||
| -rw-r--r-- | spec/lib/api/helpers/caching_spec.rb | 9 | ||||
| -rw-r--r-- | spec/lib/api/helpers/packages/dependency_proxy_helpers_spec.rb | 50 | ||||
| -rw-r--r-- | spec/lib/api/helpers/packages_helpers_spec.rb | 44 | ||||
| -rw-r--r-- | spec/lib/api/helpers/pagination_spec.rb | 2 | ||||
| -rw-r--r-- | spec/lib/api/helpers_spec.rb | 89 | ||||
| -rw-r--r-- | spec/lib/api/integrations/slack/events/url_verification_spec.rb | 11 |
11 files changed, 263 insertions, 75 deletions
diff --git a/spec/lib/api/entities/ci/job_request/image_spec.rb b/spec/lib/api/entities/ci/job_request/image_spec.rb index fca3b5d3fa9..14d4a074fce 100644 --- a/spec/lib/api/entities/ci/job_request/image_spec.rb +++ b/spec/lib/api/entities/ci/job_request/image_spec.rb @@ -32,14 +32,4 @@ RSpec.describe API::Entities::Ci::JobRequest::Image do it 'returns the pull policy' do expect(subject[:pull_policy]).to eq(['if-not-present']) end - - context 'when the FF ci_docker_image_pull_policy is disabled' do - before do - stub_feature_flags(ci_docker_image_pull_policy: false) - end - - it 'does not return the pull policy' do - expect(subject).not_to have_key(:pull_policy) - end - end end diff --git a/spec/lib/api/entities/ci/job_request/service_spec.rb b/spec/lib/api/entities/ci/job_request/service_spec.rb index 86f2120c321..11350f7c41b 100644 --- a/spec/lib/api/entities/ci/job_request/service_spec.rb +++ b/spec/lib/api/entities/ci/job_request/service_spec.rb @@ -40,12 +40,4 @@ RSpec.describe API::Entities::Ci::JobRequest::Service do expect(subject[:ports]).to be_nil end end - - context 'when the FF ci_docker_image_pull_policy is disabled' do - before do - stub_feature_flags(ci_docker_image_pull_policy: false) - end - - it { is_expected.not_to have_key(:pull_policy) } - end end diff --git a/spec/lib/api/entities/ml/mlflow/run_info_spec.rb b/spec/lib/api/entities/ml/mlflow/run_info_spec.rb new file mode 100644 index 00000000000..2a6d0825e5c --- /dev/null +++ b/spec/lib/api/entities/ml/mlflow/run_info_spec.rb @@ -0,0 +1,65 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe API::Entities::Ml::Mlflow::RunInfo do + let_it_be(:candidate) { create(:ml_candidates) } + + subject { described_class.new(candidate).as_json } + + context 'when start_time is nil' do + it { expect(subject[:start_time]).to eq(0) } + end + + context 'when start_time is not nil' do + before do + allow(candidate).to receive(:start_time).and_return(1234) + end + + it { expect(subject[:start_time]).to eq(1234) } + end + + describe 'end_time' do + context 'when nil' do + it { is_expected.not_to have_key(:end_time) } + end + + context 'when not nil' do + before do + allow(candidate).to receive(:end_time).and_return(1234) + end + + it { expect(subject[:end_time]).to eq(1234) } + end + end + + describe 'experiment_id' do + it 'is the experiment iid as string' do + expect(subject[:experiment_id]).to eq(candidate.experiment.iid.to_s) + end + end + + describe 'run_id' do + it 'is the iid as string' do + expect(subject[:run_id]).to eq(candidate.iid.to_s) + end + end + + describe 'run_uuid' do + it 'is the iid as string' do + expect(subject[:run_uuid]).to eq(candidate.iid.to_s) + end + end + + describe 'artifact_uri' do + it 'is not implemented' do + expect(subject[:artifact_uri]).to eq('not_implemented') + end + end + + describe 'lifecycle_stage' do + it 'is active' do + expect(subject[:lifecycle_stage]).to eq('active') + end + end +end diff --git a/spec/lib/api/entities/ml/mlflow/run_spec.rb b/spec/lib/api/entities/ml/mlflow/run_spec.rb new file mode 100644 index 00000000000..84234f474f5 --- /dev/null +++ b/spec/lib/api/entities/ml/mlflow/run_spec.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe API::Entities::Ml::Mlflow::Run do + let_it_be(:candidate) { create(:ml_candidates) } + + subject { described_class.new(candidate).as_json } + + it 'has run key' do + expect(subject).to have_key(:run) + end + + it 'has the id' do + expect(subject[:run][:info][:run_id]).to eq(candidate.iid.to_s) + end + + it 'data is empty' do + expect(subject[:run][:data]).to be_empty + end +end diff --git a/spec/lib/api/entities/personal_access_token_with_details_spec.rb b/spec/lib/api/entities/personal_access_token_with_details_spec.rb deleted file mode 100644 index a53d6febba1..00000000000 --- a/spec/lib/api/entities/personal_access_token_with_details_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe API::Entities::PersonalAccessTokenWithDetails do - describe '#as_json' do - let_it_be(:user) { create(:user) } - let_it_be(:token) { create(:personal_access_token, user: user, expires_at: nil) } - - let(:entity) { described_class.new(token) } - - it 'returns token data' do - expect(entity.as_json).to eq({ - id: token.id, - name: token.name, - revoked: false, - created_at: token.created_at, - scopes: ['api'], - user_id: user.id, - last_used_at: nil, - active: true, - expires_at: nil, - expired: false, - expires_soon: false, - revoke_path: Gitlab::Routing.url_helpers.revoke_profile_personal_access_token_path(token) - }) - end - end -end diff --git a/spec/lib/api/helpers/caching_spec.rb b/spec/lib/api/helpers/caching_spec.rb index 38b7b386d5c..828af7b5f91 100644 --- a/spec/lib/api/helpers/caching_spec.rb +++ b/spec/lib/api/helpers/caching_spec.rb @@ -33,10 +33,7 @@ RSpec.describe API::Helpers::Caching, :use_clean_rails_redis_caching do end describe "#present_cached" do - subject do - instance.present_cached(presentable, **kwargs) - end - + let(:method) { :present_cached } let(:kwargs) do { with: presenter, @@ -44,6 +41,10 @@ RSpec.describe API::Helpers::Caching, :use_clean_rails_redis_caching do } end + subject do + instance.public_send(method, presentable, **kwargs) + end + context 'single object' do let_it_be(:presentable) { create(:todo, project: project) } diff --git a/spec/lib/api/helpers/packages/dependency_proxy_helpers_spec.rb b/spec/lib/api/helpers/packages/dependency_proxy_helpers_spec.rb index ae0c0f53acd..aa4b0a137cd 100644 --- a/spec/lib/api/helpers/packages/dependency_proxy_helpers_spec.rb +++ b/spec/lib/api/helpers/packages/dependency_proxy_helpers_spec.rb @@ -8,6 +8,8 @@ RSpec.describe API::Helpers::Packages::DependencyProxyHelpers do describe '#redirect_registry_request' do using RSpec::Parameterized::TableSyntax + let_it_be(:project) { create(:project) } + let(:options) { {} } subject { helper.redirect_registry_request(forward_to_registry, package_type, options) { helper.fallback } } @@ -18,8 +20,8 @@ RSpec.describe API::Helpers::Packages::DependencyProxyHelpers do shared_examples 'executing fallback' do it 'redirects to package registry' do - expect(helper).to receive(:registry_url).never - expect(helper).to receive(:redirect).never + expect(helper).not_to receive(:registry_url) + expect(helper).not_to receive(:redirect) expect(helper).to receive(:fallback).once subject @@ -30,7 +32,7 @@ RSpec.describe API::Helpers::Packages::DependencyProxyHelpers do it 'redirects to package registry', :snowplow do expect(helper).to receive(:registry_url).once expect(helper).to receive(:redirect).once - expect(helper).to receive(:fallback).never + expect(helper).not_to receive(:fallback) subject @@ -38,11 +40,12 @@ RSpec.describe API::Helpers::Packages::DependencyProxyHelpers do end end - %i[npm pypi].each do |forwardable_package_type| + %i[maven npm pypi].each do |forwardable_package_type| context "with #{forwardable_package_type} packages" do include_context 'dependency proxy helpers context' let(:package_type) { forwardable_package_type } + let(:options) { { project: project } } where(:application_setting, :forward_to_registry, :example_name) do true | true | 'executing redirect' @@ -59,17 +62,41 @@ RSpec.describe API::Helpers::Packages::DependencyProxyHelpers do it_behaves_like params[:example_name] end end + + context 'when maven_central_request_forwarding is disabled' do + let(:package_type) { :maven } + let(:options) { { project: project } } + + include_context 'dependency proxy helpers context' + + where(:application_setting, :forward_to_registry) do + true | true + true | false + false | true + false | false + end + + with_them do + before do + stub_feature_flags(maven_central_request_forwarding: false) + allow_fetch_application_setting(attribute: "maven_package_requests_forwarding", return_value: application_setting) + end + + it_behaves_like 'executing fallback' + end + end end context 'with non-forwardable package type' do let(:forward_to_registry) { true } before do + stub_application_setting(maven_package_requests_forwarding: true) stub_application_setting(npm_package_requests_forwarding: true) stub_application_setting(pypi_package_requests_forwarding: true) end - Packages::Package.package_types.keys.without('npm', 'pypi').each do |pkg_type| + Packages::Package.package_types.keys.without('maven', 'npm', 'pypi').each do |pkg_type| context "#{pkg_type}" do let(:package_type) { pkg_type.to_sym } @@ -81,18 +108,21 @@ RSpec.describe API::Helpers::Packages::DependencyProxyHelpers do end describe '#registry_url' do - subject { helper.registry_url(package_type, package_name: 'test') } + subject { helper.registry_url(package_type, options) } - where(:package_type, :expected_result) do - :npm | 'https://registry.npmjs.org/test' - :pypi | 'https://pypi.org/simple/test/' + where(:package_type, :expected_result, :params) do + :maven | 'https://repo.maven.apache.org/maven2/test/123' | { path: 'test', file_name: '123', project: project } + :npm | 'https://registry.npmjs.org/test' | { package_name: 'test' } + :pypi | 'https://pypi.org/simple/test/' | { package_name: 'test' } end with_them do + let(:options) { params } + it { is_expected.to eq(expected_result) } end - Packages::Package.package_types.keys.without('npm', 'pypi').each do |pkg_type| + Packages::Package.package_types.keys.without('maven', 'npm', 'pypi').each do |pkg_type| context "with non-forwardable package type #{pkg_type}" do let(:package_type) { pkg_type } diff --git a/spec/lib/api/helpers/packages_helpers_spec.rb b/spec/lib/api/helpers/packages_helpers_spec.rb index 0c51e25bad9..cd6e718ce98 100644 --- a/spec/lib/api/helpers/packages_helpers_spec.rb +++ b/spec/lib/api/helpers/packages_helpers_spec.rb @@ -5,6 +5,8 @@ require 'spec_helper' RSpec.describe API::Helpers::PackagesHelpers do let_it_be(:helper) { Class.new.include(described_class).new } let_it_be(:project) { create(:project) } + let_it_be(:group) { create(:group) } + let_it_be(:package) { create(:package) } describe 'authorize_packages_access!' do subject { helper.authorize_packages_access!(project) } @@ -17,7 +19,45 @@ RSpec.describe API::Helpers::PackagesHelpers do end end - %i[read_package create_package destroy_package].each do |action| + describe 'authorize_read_package!' do + using RSpec::Parameterized::TableSyntax + + where(:subject, :expected_class) do + ref(:project) | ::Packages::Policies::Project + ref(:group) | ::Packages::Policies::Group + ref(:package) | ::Packages::Package + end + + with_them do + it 'calls authorize! with correct subject' do + expect(helper).to receive(:authorize!).with(:read_package, have_attributes(id: subject.id, class: expected_class)) + + expect(helper.send('authorize_read_package!', subject)).to eq nil + end + end + + context 'with feature flag disabled' do + before do + stub_feature_flags(read_package_policy_rule: false) + end + + where(:subject, :expected_class) do + ref(:project) | ::Project + ref(:group) | ::Group + ref(:package) | ::Packages::Package + end + + with_them do + it 'calls authorize! with correct subject' do + expect(helper).to receive(:authorize!).with(:read_package, have_attributes(id: subject.id, class: expected_class)) + + expect(helper.send('authorize_read_package!', subject)).to eq nil + end + end + end + end + + %i[create_package destroy_package].each do |action| describe "authorize_#{action}!" do subject { helper.send("authorize_#{action}!", project) } @@ -40,7 +80,7 @@ RSpec.describe API::Helpers::PackagesHelpers do context 'with packages enabled' do it "doesn't call not_found!" do - expect(helper).to receive(:not_found!).never + expect(helper).not_to receive(:not_found!) expect(subject).to eq nil end diff --git a/spec/lib/api/helpers/pagination_spec.rb b/spec/lib/api/helpers/pagination_spec.rb index a008c1adeac..ae6af5b540e 100644 --- a/spec/lib/api/helpers/pagination_spec.rb +++ b/spec/lib/api/helpers/pagination_spec.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -require 'spec_helper' +require 'fast_spec_helper' RSpec.describe API::Helpers::Pagination do subject { Class.new.include(described_class).new } diff --git a/spec/lib/api/helpers_spec.rb b/spec/lib/api/helpers_spec.rb index cd41d362d03..f25c75ef93c 100644 --- a/spec/lib/api/helpers_spec.rb +++ b/spec/lib/api/helpers_spec.rb @@ -865,4 +865,93 @@ RSpec.describe API::Helpers do helper.bad_request!('custom reason') end end + + describe '#authenticate_by_gitlab_shell_token!' do + include GitlabShellHelpers + + let(:valid_secret_token) { 'valid' } + let(:invalid_secret_token) { 'invalid' } + let(:headers) { {} } + let(:params) { {} } + + shared_examples 'authorized' do + it 'authorized' do + expect(helper).not_to receive(:unauthorized!) + + helper.authenticate_by_gitlab_shell_token! + end + end + + shared_examples 'unauthorized' do + it 'unauthorized' do + expect(helper).to receive(:unauthorized!) + + helper.authenticate_by_gitlab_shell_token! + end + end + + before do + allow(Gitlab::Shell).to receive(:secret_token).and_return(valid_secret_token) + allow(helper).to receive_messages(params: params, headers: headers, secret_token: valid_secret_token) + end + + context 'when jwt token is not provided' do + it_behaves_like 'unauthorized' + end + + context 'when jwt token is invalid' do + let(:headers) { gitlab_shell_internal_api_request_header(secret_token: invalid_secret_token) } + + it_behaves_like 'unauthorized' + end + + context 'when jwt token issuer is invalid' do + let(:headers) { gitlab_shell_internal_api_request_header(issuer: 'gitlab-workhorse') } + + it_behaves_like 'unauthorized' + end + + context 'when jwt token is valid' do + let(:headers) { gitlab_shell_internal_api_request_header } + + it_behaves_like 'authorized' + end + + context 'when gitlab_shell_jwt_token is disabled' do + let(:valid_secret_token) { +'valid' } # mutable string to use chomp! + let(:invalid_secret_token) { +'invalid' } # mutable string to use chomp! + + before do + stub_feature_flags(gitlab_shell_jwt_token: false) + end + + context 'when shared secret is not provided' do + it_behaves_like 'unauthorized' + end + + context 'when shared secret provided via params' do + let(:params) { { 'secret_token' => valid_secret_token } } + + it_behaves_like 'authorized' + + context 'but it is invalid' do + let(:params) { { 'secret_token' => invalid_secret_token } } + + it_behaves_like 'unauthorized' + end + end + + context 'when shared secret provided via headers' do + let(:headers) { { described_class::GITLAB_SHARED_SECRET_HEADER => Base64.encode64(valid_secret_token) } } + + it_behaves_like 'authorized' + + context 'but it is invalid' do + let(:headers) { { described_class::GITLAB_SHARED_SECRET_HEADER => Base64.encode64(invalid_secret_token) } } + + it_behaves_like 'unauthorized' + end + end + end + end end diff --git a/spec/lib/api/integrations/slack/events/url_verification_spec.rb b/spec/lib/api/integrations/slack/events/url_verification_spec.rb deleted file mode 100644 index 2778f0d708d..00000000000 --- a/spec/lib/api/integrations/slack/events/url_verification_spec.rb +++ /dev/null @@ -1,11 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe API::Integrations::Slack::Events::UrlVerification do - describe '.call' do - it 'returns the challenge' do - expect(described_class.call({ challenge: 'foo' })).to eq({ challenge: 'foo' }) - end - end -end |