Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/requests/api/deploy_keys_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/requests/api/deploy_keys_spec.rb')
-rw-r--r--spec/requests/api/deploy_keys_spec.rb134
1 files changed, 96 insertions, 38 deletions
diff --git a/spec/requests/api/deploy_keys_spec.rb b/spec/requests/api/deploy_keys_spec.rb
index 15880d920c5..18a9211df3e 100644
--- a/spec/requests/api/deploy_keys_spec.rb
+++ b/spec/requests/api/deploy_keys_spec.rb
@@ -2,7 +2,7 @@
require 'spec_helper'
-RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
+RSpec.describe API::DeployKeys, :aggregate_failures, feature_category: :continuous_delivery do
let_it_be(:user) { create(:user) }
let_it_be(:maintainer) { create(:user) }
let_it_be(:admin) { create(:admin) }
@@ -11,33 +11,29 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
let_it_be(:project3) { create(:project, creator_id: user.id) }
let_it_be(:deploy_key) { create(:deploy_key, public: true) }
let_it_be(:deploy_key_private) { create(:deploy_key, public: false) }
+ let_it_be(:path) { '/deploy_keys' }
+ let_it_be(:project_path) { "/projects/#{project.id}#{path}" }
let!(:deploy_keys_project) do
create(:deploy_keys_project, project: project, deploy_key: deploy_key)
end
describe 'GET /deploy_keys' do
+ it_behaves_like 'GET request permissions for admin mode'
+
context 'when unauthenticated' do
it 'returns authentication error' do
- get api('/deploy_keys')
+ get api(path)
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
- context 'when authenticated as non-admin user' do
- it 'returns a 403 error' do
- get api('/deploy_keys', user)
-
- expect(response).to have_gitlab_http_status(:forbidden)
- end
- end
-
context 'when authenticated as admin' do
- let_it_be(:pat) { create(:personal_access_token, user: admin) }
+ let_it_be(:pat) { create(:personal_access_token, :admin_mode, user: admin) }
def make_api_request(params = {})
- get api('/deploy_keys', personal_access_token: pat), params: params
+ get api(path, personal_access_token: pat), params: params
end
it 'returns all deploy keys' do
@@ -91,14 +87,18 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
describe 'GET /projects/:id/deploy_keys' do
let(:deploy_key) { create(:deploy_key, public: true, user: admin) }
+ it_behaves_like 'GET request permissions for admin mode' do
+ let(:path) { project_path }
+ let(:failed_status_code) { :not_found }
+ end
+
def perform_request
- get api("/projects/#{project.id}/deploy_keys", admin)
+ get api(project_path, admin, admin_mode: true)
end
it 'returns array of ssh keys' do
perform_request
- expect(response).to have_gitlab_http_status(:ok)
expect(response).to include_pagination_headers
expect(json_response).to be_an Array
expect(json_response.first['title']).to eq(deploy_key.title)
@@ -117,31 +117,59 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
end
describe 'GET /projects/:id/deploy_keys/:key_id' do
+ let_it_be(:path) { "#{project_path}/#{deploy_key.id}" }
+ let_it_be(:unfindable_path) { "#{project_path}/404" }
+
+ it_behaves_like 'GET request permissions for admin mode' do
+ let(:failed_status_code) { :not_found }
+ end
+
it 'returns a single key' do
- get api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin)
+ get api(path, admin, admin_mode: true)
- expect(response).to have_gitlab_http_status(:ok)
expect(json_response['title']).to eq(deploy_key.title)
expect(json_response).not_to have_key(:projects_with_write_access)
end
it 'returns 404 Not Found with invalid ID' do
- get api("/projects/#{project.id}/deploy_keys/404", admin)
+ get api(unfindable_path, admin, admin_mode: true)
expect(response).to have_gitlab_http_status(:not_found)
end
+
+ context 'when deploy key has expiry date' do
+ let(:deploy_key) { create(:deploy_key, :expired, public: true) }
+ let(:deploy_keys_project) { create(:deploy_keys_project, project: project, deploy_key: deploy_key) }
+
+ it 'returns expiry date' do
+ get api("#{project_path}/#{deploy_key.id}", admin, admin_mode: true)
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(Time.parse(json_response['expires_at'])).to be_like_time(deploy_key.expires_at)
+ end
+ end
end
describe 'POST /projects/:id/deploy_keys' do
+ around do |example|
+ freeze_time { example.run }
+ end
+
+ it_behaves_like 'POST request permissions for admin mode', :not_found do
+ let(:params) { attributes_for :another_key }
+ let(:path) { project_path }
+ let(:failed_status_code) { :not_found }
+ end
+
it 'does not create an invalid ssh key' do
- post api("/projects/#{project.id}/deploy_keys", admin), params: { title: 'invalid key' }
+ post api(project_path, admin, admin_mode: true), params: { title: 'invalid key' }
expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response['error']).to eq('key is missing')
end
it 'does not create a key without title' do
- post api("/projects/#{project.id}/deploy_keys", admin), params: { key: 'some key' }
+ post api(project_path, admin, admin_mode: true), params: { key: 'some key' }
expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response['error']).to eq('title is missing')
@@ -151,7 +179,7 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
key_attrs = attributes_for :another_key
expect do
- post api("/projects/#{project.id}/deploy_keys", admin), params: key_attrs
+ post api(project_path, admin, admin_mode: true), params: key_attrs
end.to change { project.deploy_keys.count }.by(1)
new_key = project.deploy_keys.last
@@ -161,7 +189,7 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
it 'returns an existing ssh key when attempting to add a duplicate' do
expect do
- post api("/projects/#{project.id}/deploy_keys", admin), params: { key: deploy_key.key, title: deploy_key.title }
+ post api(project_path, admin, admin_mode: true), params: { key: deploy_key.key, title: deploy_key.title }
end.not_to change { project.deploy_keys.count }
expect(response).to have_gitlab_http_status(:created)
@@ -169,7 +197,7 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
it 'joins an existing ssh key to a new project' do
expect do
- post api("/projects/#{project2.id}/deploy_keys", admin), params: { key: deploy_key.key, title: deploy_key.title }
+ post api("/projects/#{project2.id}/deploy_keys", admin, admin_mode: true), params: { key: deploy_key.key, title: deploy_key.title }
end.to change { project2.deploy_keys.count }.by(1)
expect(response).to have_gitlab_http_status(:created)
@@ -178,18 +206,34 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
it 'accepts can_push parameter' do
key_attrs = attributes_for(:another_key).merge(can_push: true)
- post api("/projects/#{project.id}/deploy_keys", admin), params: key_attrs
+ post api(project_path, admin, admin_mode: true), params: key_attrs
expect(response).to have_gitlab_http_status(:created)
expect(json_response['can_push']).to eq(true)
end
+
+ it 'accepts expires_at parameter' do
+ key_attrs = attributes_for(:another_key).merge(expires_at: 2.days.since.iso8601)
+
+ post api(project_path, admin, admin_mode: true), params: key_attrs
+
+ expect(response).to have_gitlab_http_status(:created)
+ expect(Time.parse(json_response['expires_at'])).to be_like_time(2.days.since)
+ end
end
describe 'PUT /projects/:id/deploy_keys/:key_id' do
+ let(:path) { "#{project_path}/#{deploy_key.id}" }
let(:extra_params) { {} }
+ let(:admin_mode) { false }
+
+ it_behaves_like 'PUT request permissions for admin mode' do
+ let(:params) { { title: 'new title', can_push: true } }
+ let(:failed_status_code) { :not_found }
+ end
subject do
- put api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", api_user), params: extra_params
+ put api(path, api_user, admin_mode: admin_mode), params: extra_params
end
context 'with non-admin' do
@@ -204,6 +248,7 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
context 'with admin' do
let(:api_user) { admin }
+ let(:admin_mode) { true }
context 'public deploy key attached to project' do
let(:extra_params) { { title: 'new title', can_push: true } }
@@ -258,9 +303,13 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
context 'public deploy key attached to project' do
let(:extra_params) { { title: 'new title', can_push: true } }
- it 'updates the title of the deploy key' do
- expect { subject }.to change { deploy_key.reload.title }.to 'new title'
- expect(response).to have_gitlab_http_status(:ok)
+ context 'with admin mode on' do
+ let(:admin_mode) { true }
+
+ it 'updates the title of the deploy key' do
+ expect { subject }.to change { deploy_key.reload.title }.to 'new title'
+ expect(response).to have_gitlab_http_status(:ok)
+ end
end
it 'updates can_push of deploy_keys_project' do
@@ -298,18 +347,22 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
deploy_key
end
+ let(:path) { "#{project_path}/#{deploy_key.id}" }
+
+ it_behaves_like 'DELETE request permissions for admin mode' do
+ let(:failed_status_code) { :not_found }
+ end
+
it 'removes existing key from project' do
expect do
- delete api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin)
-
- expect(response).to have_gitlab_http_status(:no_content)
+ delete api(path, admin, admin_mode: true)
end.to change { project.deploy_keys.count }.by(-1)
end
context 'when the deploy key is public' do
it 'does not delete the deploy key' do
expect do
- delete api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin)
+ delete api(path, admin, admin_mode: true)
expect(response).to have_gitlab_http_status(:no_content)
end.not_to change { DeployKey.count }
@@ -322,7 +375,7 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
context 'when the deploy key is only used by this project' do
it 'deletes the deploy key' do
expect do
- delete api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin)
+ delete api(path, admin, admin_mode: true)
expect(response).to have_gitlab_http_status(:no_content)
end.to change { DeployKey.count }.by(-1)
@@ -336,7 +389,7 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
it 'does not delete the deploy key' do
expect do
- delete api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin)
+ delete api(path, admin, admin_mode: true)
expect(response).to have_gitlab_http_status(:no_content)
end.not_to change { DeployKey.count }
@@ -345,26 +398,31 @@ RSpec.describe API::DeployKeys, feature_category: :continuous_delivery do
end
it 'returns 404 Not Found with invalid ID' do
- delete api("/projects/#{project.id}/deploy_keys/404", admin)
+ delete api("#{project_path}/404", admin, admin_mode: true)
expect(response).to have_gitlab_http_status(:not_found)
end
it_behaves_like '412 response' do
- let(:request) { api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin) }
+ let(:request) { api("#{project_path}/#{deploy_key.id}", admin, admin_mode: true) }
end
end
describe 'POST /projects/:id/deploy_keys/:key_id/enable' do
- let(:project2) { create(:project) }
+ let_it_be(:project2) { create(:project) }
+ let_it_be(:path) { "/projects/#{project2.id}/deploy_keys/#{deploy_key.id}/enable" }
+ let_it_be(:params) { {} }
+
+ it_behaves_like 'POST request permissions for admin mode' do
+ let(:failed_status_code) { :not_found }
+ end
context 'when the user can admin the project' do
it 'enables the key' do
expect do
- post api("/projects/#{project2.id}/deploy_keys/#{deploy_key.id}/enable", admin)
+ post api(path, admin, admin_mode: true)
end.to change { project2.deploy_keys.count }.from(0).to(1)
- expect(response).to have_gitlab_http_status(:created)
expect(json_response['id']).to eq(deploy_key.id)
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 00:09:19 +0300