diff options
Diffstat (limited to 'spec/requests/api/maven_packages_spec.rb')
-rw-r--r-- | spec/requests/api/maven_packages_spec.rb | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/spec/requests/api/maven_packages_spec.rb b/spec/requests/api/maven_packages_spec.rb index b74887762a2..0a23aed109b 100644 --- a/spec/requests/api/maven_packages_spec.rb +++ b/spec/requests/api/maven_packages_spec.rb @@ -283,7 +283,7 @@ RSpec.describe API::MavenPackages do context 'internal project' do before do - group.group_member(user).destroy + group.group_member(user).destroy! project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL) end @@ -542,6 +542,18 @@ RSpec.describe API::MavenPackages do context 'when params from workhorse are correct' do let(:params) { { file: file_upload } } + context 'file size is too large' do + it 'rejects the request' do + allow_next_instance_of(UploadedFile) do |uploaded_file| + allow(uploaded_file).to receive(:size).and_return(project.actual_limits.maven_max_file_size + 1) + end + + upload_file_with_token(params) + + expect(response).to have_gitlab_http_status(:bad_request) + end + end + it 'rejects a malicious request' do put api("/projects/#{project.id}/packages/maven/com/example/my-app/#{version}/%2e%2e%2f.ssh%2fauthorized_keys"), params: params, headers: headers_with_token |