diff options
Diffstat (limited to 'spec/requests/api/ci')
-rw-r--r-- | spec/requests/api/ci/jobs_spec.rb | 2 | ||||
-rw-r--r-- | spec/requests/api/ci/pipeline_schedules_spec.rb | 40 |
2 files changed, 39 insertions, 3 deletions
diff --git a/spec/requests/api/ci/jobs_spec.rb b/spec/requests/api/ci/jobs_spec.rb index 19ac673308b..41e35de189e 100644 --- a/spec/requests/api/ci/jobs_spec.rb +++ b/spec/requests/api/ci/jobs_spec.rb @@ -556,7 +556,7 @@ RSpec.describe API::Ci::Jobs, feature_category: :continuous_integration do before do allow_next_instance_of(Gitlab::ApplicationRateLimiter::BaseStrategy) do |strategy| - threshold = Gitlab::ApplicationRateLimiter.rate_limits[:jobs_index][:threshold] + threshold = Gitlab::ApplicationRateLimiter.rate_limits[:jobs_index][:threshold].call allow(strategy).to receive(:increment).and_return(threshold + 1) end diff --git a/spec/requests/api/ci/pipeline_schedules_spec.rb b/spec/requests/api/ci/pipeline_schedules_spec.rb index d760e4ddf28..fb67d7cb4fb 100644 --- a/spec/requests/api/ci/pipeline_schedules_spec.rb +++ b/spec/requests/api/ci/pipeline_schedules_spec.rb @@ -176,7 +176,7 @@ RSpec.describe API::Ci::PipelineSchedules, feature_category: :continuous_integra end context 'with public project' do - let_it_be(:project) { create(:project, :repository, :public, public_builds: false) } + let_it_be(:project) { create(:project, :repository, :public, public_builds: true) } it_behaves_like 'request with schedule ownership' it_behaves_like 'request with project permissions' @@ -204,6 +204,30 @@ RSpec.describe API::Ci::PipelineSchedules, feature_category: :continuous_integra expect(json_response).not_to have_key('variables') end end + + context 'when public pipelines are disabled' do + let_it_be(:project) { create(:project, :repository, :public, public_builds: false) } + + context 'authenticated user with no project permissions' do + it 'does not return pipeline_schedule' do + get api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", user) + + expect(response).to have_gitlab_http_status(:not_found) + end + end + + context 'authenticated user with insufficient project permissions' do + before do + project.add_guest(user) + end + + it 'returns pipeline_schedule with no variables' do + get api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", user) + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end end end @@ -294,7 +318,7 @@ RSpec.describe API::Ci::PipelineSchedules, feature_category: :continuous_integra end context 'with public project' do - let_it_be(:project) { create(:project, :repository, :public, public_builds: false) } + let_it_be(:project) { create(:project, :repository, :public, public_builds: true) } it_behaves_like 'request with schedule ownership' it_behaves_like 'request with project permissions' @@ -308,6 +332,18 @@ RSpec.describe API::Ci::PipelineSchedules, feature_category: :continuous_integra expect(response).to return_pipeline_schedule_pipelines_successfully end end + + context 'when public pipelines are disabled' do + let_it_be(:project) { create(:project, :repository, :public, public_builds: false) } + + context 'authenticated user with no project permissions' do + it 'does not return the details of pipelines triggered from the pipeline schedule' do + get api(url, user) + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end end end |