diff options
Diffstat (limited to 'spec/requests/api/integrations')
-rw-r--r-- | spec/requests/api/integrations/slack/events_spec.rb | 112 |
1 files changed, 0 insertions, 112 deletions
diff --git a/spec/requests/api/integrations/slack/events_spec.rb b/spec/requests/api/integrations/slack/events_spec.rb deleted file mode 100644 index 176e9eded31..00000000000 --- a/spec/requests/api/integrations/slack/events_spec.rb +++ /dev/null @@ -1,112 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe API::Integrations::Slack::Events do - describe 'POST /integrations/slack/events' do - let(:params) { {} } - let(:headers) do - { - ::API::Integrations::Slack::Request::VERIFICATION_TIMESTAMP_HEADER => Time.current.to_i.to_s, - ::API::Integrations::Slack::Request::VERIFICATION_SIGNATURE_HEADER => 'mock_verified_signature' - } - end - - before do - allow(ActiveSupport::SecurityUtils).to receive(:secure_compare) do |signature| - signature == 'mock_verified_signature' - end - - stub_application_setting(slack_app_signing_secret: 'mock_key') - end - - subject { post api('/integrations/slack/events'), params: params, headers: headers } - - shared_examples 'an unauthorized request' do - specify do - subject - - expect(response).to have_gitlab_http_status(:unauthorized) - end - end - - shared_examples 'a successful request that generates a tracked error' do - specify do - expect(Gitlab::ErrorTracking).to receive(:track_exception).once - - subject - - expect(response).to have_gitlab_http_status(:no_content) - expect(response.body).to be_empty - end - end - - context 'when the slack_app_signing_secret setting is not set' do - before do - stub_application_setting(slack_app_signing_secret: nil) - end - - it_behaves_like 'an unauthorized request' - end - - context 'when the timestamp header has expired' do - before do - headers[::API::Integrations::Slack::Request::VERIFICATION_TIMESTAMP_HEADER] = 5.minutes.ago.to_i.to_s - end - - it_behaves_like 'an unauthorized request' - end - - context 'when the timestamp header is missing' do - before do - headers.delete(::API::Integrations::Slack::Request::VERIFICATION_TIMESTAMP_HEADER) - end - - it_behaves_like 'an unauthorized request' - end - - context 'when the signature header is missing' do - before do - headers.delete(::API::Integrations::Slack::Request::VERIFICATION_SIGNATURE_HEADER) - end - - it_behaves_like 'an unauthorized request' - end - - context 'when the signature is not verified' do - before do - headers[::API::Integrations::Slack::Request::VERIFICATION_SIGNATURE_HEADER] = 'unverified_signature' - end - - it_behaves_like 'an unauthorized request' - end - - context 'when type param is missing' do - it_behaves_like 'a successful request that generates a tracked error' - end - - context 'when type param is unknown' do - let(:params) do - { type: 'unknown_type' } - end - - it_behaves_like 'a successful request that generates a tracked error' - end - - context 'when type param is url_verification' do - let(:params) do - { - type: 'url_verification', - challenge: '3eZbrw1aBm2rZgRNFdxV2595E9CY3gmdALWMmHkvFXO7tYXAYM8P' - } - end - - it 'responds in-request with the challenge' do - subject - - expect(response).to have_gitlab_http_status(:ok) - expect(json_response).to eq({ 'challenge' => '3eZbrw1aBm2rZgRNFdxV2595E9CY3gmdALWMmHkvFXO7tYXAYM8P' }) - end - end - end -end |