diff options
Diffstat (limited to 'spec/requests/api/groups_spec.rb')
-rw-r--r-- | spec/requests/api/groups_spec.rb | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb index 6b949962e53..f2876ddee1b 100644 --- a/spec/requests/api/groups_spec.rb +++ b/spec/requests/api/groups_spec.rb @@ -991,6 +991,23 @@ RSpec.describe API::Groups, feature_category: :groups_and_projects do end end + context 'updating the `enabled_git_access_protocol` attribute' do + %w[ssh http all].each do |protocol| + context "with #{protocol}" do + subject do + put api("/groups/#{group1.id}", user1), params: { enabled_git_access_protocol: protocol } + end + + it 'updates the attribute', :aggregate_failures do + subject + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['enabled_git_access_protocol']).to eq(protocol) + end + end + end + end + context 'malicious group name' do subject { put api("/groups/#{group1.id}", user1), params: { name: "<SCRIPT>alert('DOUBLE-ATTACK!')</SCRIPT>" } } @@ -2058,6 +2075,19 @@ RSpec.describe API::Groups, feature_category: :groups_and_projects do end end + context 'when creating a group with `enabled_git_access_protocol' do + let(:params) { attributes_for_group_api enabled_git_access_protocol: 'all' } + + subject { post api("/groups", user3), params: params } + + it 'creates group with the specified Git access protocol', :aggregate_failures do + subject + + expect(response).to have_gitlab_http_status(:created) + expect(json_response['enabled_git_access_protocol']).to eq(nil) + end + end + it "does not create group, duplicate", :aggregate_failures do post api("/groups", user3), params: { name: 'Duplicate Test', path: group2.path } |