Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/requests/api/maven_packages_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/requests/api/maven_packages_spec.rb')
-rw-r--r--spec/requests/api/maven_packages_spec.rb14
1 files changed, 13 insertions, 1 deletions
diff --git a/spec/requests/api/maven_packages_spec.rb b/spec/requests/api/maven_packages_spec.rb
index b74887762a2..0a23aed109b 100644
--- a/spec/requests/api/maven_packages_spec.rb
+++ b/spec/requests/api/maven_packages_spec.rb
@@ -283,7 +283,7 @@ RSpec.describe API::MavenPackages do
context 'internal project' do
before do
- group.group_member(user).destroy
+ group.group_member(user).destroy!
project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
end
@@ -542,6 +542,18 @@ RSpec.describe API::MavenPackages do
context 'when params from workhorse are correct' do
let(:params) { { file: file_upload } }
+ context 'file size is too large' do
+ it 'rejects the request' do
+ allow_next_instance_of(UploadedFile) do |uploaded_file|
+ allow(uploaded_file).to receive(:size).and_return(project.actual_limits.maven_max_file_size + 1)
+ end
+
+ upload_file_with_token(params)
+
+ expect(response).to have_gitlab_http_status(:bad_request)
+ end
+ end
+
it 'rejects a malicious request' do
put api("/projects/#{project.id}/packages/maven/com/example/my-app/#{version}/%2e%2e%2f.ssh%2fauthorized_keys"), params: params, headers: headers_with_token
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-16 01:01:09 +0300