Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/requests/api/ci/secure_files_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/requests/api/ci/secure_files_spec.rb')
-rw-r--r--spec/requests/api/ci/secure_files_spec.rb153
1 files changed, 108 insertions, 45 deletions
diff --git a/spec/requests/api/ci/secure_files_spec.rb b/spec/requests/api/ci/secure_files_spec.rb
index aa479cb8713..6de6d1ef222 100644
--- a/spec/requests/api/ci/secure_files_spec.rb
+++ b/spec/requests/api/ci/secure_files_spec.rb
@@ -6,15 +6,24 @@ RSpec.describe API::Ci::SecureFiles do
before do
stub_ci_secure_file_object_storage
stub_feature_flags(ci_secure_files: true)
+ stub_feature_flags(ci_secure_files_read_only: false)
end
let_it_be(:maintainer) { create(:user) }
let_it_be(:developer) { create(:user) }
let_it_be(:guest) { create(:user) }
let_it_be(:anonymous) { create(:user) }
+ let_it_be(:unconfirmed) { create(:user, :unconfirmed) }
let_it_be(:project) { create(:project, creator_id: maintainer.id) }
let_it_be(:secure_file) { create(:ci_secure_file, project: project) }
+ let(:file_params) do
+ {
+ file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks'),
+ name: 'upload-keystore.jks'
+ }
+ end
+
before_all do
project.add_maintainer(maintainer)
project.add_developer(developer)
@@ -39,6 +48,43 @@ RSpec.describe API::Ci::SecureFiles do
end
end
+ context 'ci_secure_files_read_only feature flag' do
+ context 'when the flag is enabled' do
+ before do
+ stub_feature_flags(ci_secure_files_read_only: true)
+ end
+
+ it 'returns a 503 when attempting to upload a file' do
+ stub_feature_flags(ci_secure_files_read_only: true)
+
+ expect do
+ post api("/projects/#{project.id}/secure_files", maintainer), params: file_params
+ end.not_to change {project.secure_files.count}
+
+ expect(response).to have_gitlab_http_status(:service_unavailable)
+ end
+
+ it 'returns a 200 when downloading a file' do
+ stub_feature_flags(ci_secure_files_read_only: true)
+
+ get api("/projects/#{project.id}/secure_files", developer)
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(json_response).to be_a(Array)
+ end
+ end
+
+ context 'when the flag is disabled' do
+ it 'returns a 201 when uploading a file when the ci_secure_files_read_only feature flag is disabled' do
+ expect do
+ post api("/projects/#{project.id}/secure_files", maintainer), params: file_params
+ end.to change {project.secure_files.count}.by(1)
+
+ expect(response).to have_gitlab_http_status(:created)
+ end
+ end
+ end
+
context 'authenticated user with admin permissions' do
it 'returns project secure files' do
get api("/projects/#{project.id}/secure_files", maintainer)
@@ -73,6 +119,14 @@ RSpec.describe API::Ci::SecureFiles do
end
end
+ context 'unconfirmed user' do
+ it 'does not return project secure files' do
+ get api("/projects/#{project.id}/secure_files", unconfirmed)
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+ end
+
context 'unauthenticated user' do
it 'does not return project secure files' do
get api("/projects/#{project.id}/secure_files")
@@ -117,6 +171,14 @@ RSpec.describe API::Ci::SecureFiles do
end
end
+ context 'unconfirmed user' do
+ it 'does not return project secure file details' do
+ get api("/projects/#{project.id}/secure_files/#{secure_file.id}", unconfirmed)
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+ end
+
context 'unauthenticated user' do
it 'does not return project secure file details' do
get api("/projects/#{project.id}/secure_files/#{secure_file.id}")
@@ -167,6 +229,14 @@ RSpec.describe API::Ci::SecureFiles do
end
end
+ context 'unconfirmed user' do
+ it 'does not return project secure file details' do
+ get api("/projects/#{project.id}/secure_files/#{secure_file.id}/download", unconfirmed)
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+ end
+
context 'unauthenticated user' do
it 'does not return project secure file details' do
get api("/projects/#{project.id}/secure_files/#{secure_file.id}/download")
@@ -179,14 +249,8 @@ RSpec.describe API::Ci::SecureFiles do
describe 'POST /projects/:id/secure_files' do
context 'authenticated user with admin permissions' do
it 'creates a secure file' do
- params = {
- file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks'),
- name: 'upload-keystore.jks',
- permissions: 'execute'
- }
-
expect do
- post api("/projects/#{project.id}/secure_files", maintainer), params: params
+ post api("/projects/#{project.id}/secure_files", maintainer), params: file_params.merge(permissions: 'execute')
end.to change {project.secure_files.count}.by(1)
expect(response).to have_gitlab_http_status(:created)
@@ -204,26 +268,15 @@ RSpec.describe API::Ci::SecureFiles do
end
it 'creates a secure file with read_only permissions by default' do
- params = {
- file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks'),
- name: 'upload-keystore.jks'
- }
-
expect do
- post api("/projects/#{project.id}/secure_files", maintainer), params: params
+ post api("/projects/#{project.id}/secure_files", maintainer), params: file_params
end.to change {project.secure_files.count}.by(1)
expect(json_response['permissions']).to eq('read_only')
end
it 'uploads and downloads a secure file' do
- post_params = {
- file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks'),
- name: 'upload-keystore.jks',
- permissions: 'read_write'
- }
-
- post api("/projects/#{project.id}/secure_files", maintainer), params: post_params
+ post api("/projects/#{project.id}/secure_files", maintainer), params: file_params
secure_file_id = json_response['id']
@@ -243,12 +296,8 @@ RSpec.describe API::Ci::SecureFiles do
end
it 'returns an error when no file is uploaded' do
- post_params = {
- name: 'upload-keystore.jks'
- }
-
expect do
- post api("/projects/#{project.id}/secure_files", maintainer), params: post_params
+ post api("/projects/#{project.id}/secure_files", maintainer), params: { name: 'upload-keystore.jks' }
end.not_to change { project.secure_files.count }
expect(response).to have_gitlab_http_status(:bad_request)
@@ -256,7 +305,17 @@ RSpec.describe API::Ci::SecureFiles do
end
it 'returns an error when the file name is missing' do
+ expect do
+ post api("/projects/#{project.id}/secure_files", maintainer), params: { file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks') }
+ end.not_to change { project.secure_files.count }
+
+ expect(response).to have_gitlab_http_status(:bad_request)
+ expect(json_response['error']).to eq('name is missing')
+ end
+
+ it 'returns an error when the file name has already been used' do
post_params = {
+ name: secure_file.name,
file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks')
}
@@ -265,18 +324,12 @@ RSpec.describe API::Ci::SecureFiles do
end.not_to change { project.secure_files.count }
expect(response).to have_gitlab_http_status(:bad_request)
- expect(json_response['error']).to eq('name is missing')
+ expect(json_response['message']['name']).to include('has already been taken')
end
it 'returns an error when an unexpected permission is supplied' do
- post_params = {
- file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks'),
- name: 'upload-keystore.jks',
- permissions: 'foo'
- }
-
expect do
- post api("/projects/#{project.id}/secure_files", maintainer), params: post_params
+ post api("/projects/#{project.id}/secure_files", maintainer), params: file_params.merge(permissions: 'foo')
end.not_to change { project.secure_files.count }
expect(response).to have_gitlab_http_status(:bad_request)
@@ -290,13 +343,8 @@ RSpec.describe API::Ci::SecureFiles do
allow(instance).to receive_message_chain(:errors, :messages).and_return(['Error 1', 'Error 2'])
end
- post_params = {
- file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks'),
- name: 'upload-keystore.jks'
- }
-
expect do
- post api("/projects/#{project.id}/secure_files", maintainer), params: post_params
+ post api("/projects/#{project.id}/secure_files", maintainer), params: file_params
end.not_to change { project.secure_files.count }
expect(response).to have_gitlab_http_status(:bad_request)
@@ -307,13 +355,8 @@ RSpec.describe API::Ci::SecureFiles do
allow(instance).to receive_message_chain(:file, :size).and_return(6.megabytes.to_i)
end
- post_params = {
- file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks'),
- name: 'upload-keystore.jks'
- }
-
expect do
- post api("/projects/#{project.id}/secure_files", maintainer), params: post_params
+ post api("/projects/#{project.id}/secure_files", maintainer), params: file_params
end.not_to change { project.secure_files.count }
expect(response).to have_gitlab_http_status(:payload_too_large)
@@ -340,6 +383,16 @@ RSpec.describe API::Ci::SecureFiles do
end
end
+ context 'unconfirmed user' do
+ it 'does not create a secure file' do
+ expect do
+ post api("/projects/#{project.id}/secure_files", unconfirmed)
+ end.not_to change { project.secure_files.count }
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+ end
+
context 'unauthenticated user' do
it 'does not create a secure file' do
expect do
@@ -390,6 +443,16 @@ RSpec.describe API::Ci::SecureFiles do
end
end
+ context 'unconfirmed user' do
+ it 'does not delete the secure_file' do
+ expect do
+ delete api("/projects/#{project.id}/secure_files#{secure_file.id}", unconfirmed)
+ end.not_to change { project.secure_files.count }
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+ end
+
context 'unauthenticated user' do
it 'does not delete the secure_file' do
expect do
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 13:17:42 +0300