diff options
Diffstat (limited to 'spec/lib/gitlab/http_spec.rb')
-rw-r--r-- | spec/lib/gitlab/http_spec.rb | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/spec/lib/gitlab/http_spec.rb b/spec/lib/gitlab/http_spec.rb index 57e4b4fc74b..133cd3b2f49 100644 --- a/spec/lib/gitlab/http_spec.rb +++ b/spec/lib/gitlab/http_spec.rb @@ -364,4 +364,77 @@ RSpec.describe Gitlab::HTTP do end end end + + describe 'silent mode', feature_category: :geo_replication do + before do + stub_full_request("http://example.org", method: :any) + stub_application_setting(silent_mode_enabled: silent_mode) + end + + context 'when silent mode is enabled' do + let(:silent_mode) { true } + + it 'allows GET requests' do + expect { described_class.get('http://example.org') }.not_to raise_error + end + + it 'allows HEAD requests' do + expect { described_class.head('http://example.org') }.not_to raise_error + end + + it 'allows OPTIONS requests' do + expect { described_class.options('http://example.org') }.not_to raise_error + end + + it 'blocks POST requests' do + expect { described_class.post('http://example.org') }.to raise_error(Gitlab::HTTP::SilentModeBlockedError) + end + + it 'blocks PUT requests' do + expect { described_class.put('http://example.org') }.to raise_error(Gitlab::HTTP::SilentModeBlockedError) + end + + it 'blocks DELETE requests' do + expect { described_class.delete('http://example.org') }.to raise_error(Gitlab::HTTP::SilentModeBlockedError) + end + + it 'logs blocked requests' do + expect(::Gitlab::AppJsonLogger).to receive(:info).with( + message: "Outbound HTTP request blocked", + outbound_http_request_method: 'Net::HTTP::Post', + silent_mode_enabled: true + ) + + expect { described_class.post('http://example.org') }.to raise_error(Gitlab::HTTP::SilentModeBlockedError) + end + end + + context 'when silent mode is disabled' do + let(:silent_mode) { false } + + it 'allows GET requests' do + expect { described_class.get('http://example.org') }.not_to raise_error + end + + it 'allows HEAD requests' do + expect { described_class.head('http://example.org') }.not_to raise_error + end + + it 'allows OPTIONS requests' do + expect { described_class.options('http://example.org') }.not_to raise_error + end + + it 'blocks POST requests' do + expect { described_class.post('http://example.org') }.not_to raise_error + end + + it 'blocks PUT requests' do + expect { described_class.put('http://example.org') }.not_to raise_error + end + + it 'blocks DELETE requests' do + expect { described_class.delete('http://example.org') }.not_to raise_error + end + end + end end |