diff options
Diffstat (limited to 'spec/requests/groups/observability_controller_spec.rb')
-rw-r--r-- | spec/requests/groups/observability_controller_spec.rb | 218 |
1 files changed, 99 insertions, 119 deletions
diff --git a/spec/requests/groups/observability_controller_spec.rb b/spec/requests/groups/observability_controller_spec.rb index 9be013d4385..a08231fe939 100644 --- a/spec/requests/groups/observability_controller_spec.rb +++ b/spec/requests/groups/observability_controller_spec.rb @@ -8,23 +8,16 @@ RSpec.describe Groups::ObservabilityController do let_it_be(:group) { create(:group) } let_it_be(:user) { create(:user) } - subject do - get group_observability_index_path(group) - response - end + let(:observability_url) { Gitlab::Observability.observability_url } + let(:expected_observability_path) { "/" } - describe 'GET #index' do - context 'when user is not authenticated' do - it 'returns 404' do - expect(subject).to have_gitlab_http_status(:not_found) - end + shared_examples 'observability route request' do + subject do + get path + response end - context 'when observability url is missing' do - before do - allow(described_class).to receive(:observability_url).and_return("") - end - + context 'when user is not authenticated' do it 'returns 404' do expect(subject).to have_gitlab_http_status(:not_found) end @@ -46,6 +39,16 @@ RSpec.describe Groups::ObservabilityController do group.add_developer(user) end + context 'when observability url is missing' do + before do + allow(Gitlab::Observability).to receive(:observability_url).and_return("") + end + + it 'returns 404' do + expect(subject).to have_gitlab_http_status(:not_found) + end + end + it 'returns 200' do expect(subject).to have_gitlab_http_status(:ok) end @@ -55,135 +58,112 @@ RSpec.describe Groups::ObservabilityController do expect(subject).to render_template("layouts/fullscreen") expect(subject).not_to render_template('layouts/nav/breadcrumbs') expect(subject).to render_template("nav/sidebar/_group") + expect(subject).to render_template("groups/observability/observability") end - describe 'iframe' do - subject do - get group_observability_index_path(group) - Nokogiri::HTML.parse(response.body).at_css('iframe#observability-ui-iframe') - end - - it 'sets the iframe src to the proper URL' do - expect(subject.attributes['src'].value).to eq("https://observe.gitlab.com/-/#{group.id}") - end - - it 'when the env is staging, sets the iframe src to the proper URL' do - stub_config_setting(url: Gitlab::Saas.staging_com_url) - expect(subject.attributes['src'].value).to eq("https://staging.observe.gitlab.com/-/#{group.id}") - end - - it 'overrides the iframe src url if specified by OVERRIDE_OBSERVABILITY_URL env' do - stub_env('OVERRIDE_OBSERVABILITY_URL', 'http://foo.test') - - expect(subject.attributes['src'].value).to eq("http://foo.test/-/#{group.id}") - end + it 'renders the js-observability-app element correctly' do + element = Nokogiri::HTML.parse(subject.body).at_css('#js-observability-app') + expect(element.attributes['data-observability-iframe-src'].value).to eq(expected_observability_path) end + end + end - describe 'CSP' do - before do - setup_existing_csp_for_controller(described_class, csp) - end + describe 'GET #dashboards' do + let(:path) { group_observability_dashboards_path(group) } + let(:expected_observability_path) { "#{observability_url}/#{group.id}/" } - subject do - get group_observability_index_path(group) - response.headers['Content-Security-Policy'] - end + it_behaves_like 'observability route request' + end - context 'when there is no CSP config' do - let(:csp) { ActionDispatch::ContentSecurityPolicy.new } + describe 'GET #manage' do + let(:path) { group_observability_manage_path(group) } + let(:expected_observability_path) { "#{observability_url}/#{group.id}/dashboards" } - it 'does not add any csp header' do - expect(subject).to be_blank - end - end + it_behaves_like 'observability route request' + end - context 'when frame-src exists in the CSP config' do - let(:csp) do - ActionDispatch::ContentSecurityPolicy.new do |p| - p.frame_src 'https://something.test' - end - end + describe 'GET #explore' do + let(:path) { group_observability_explore_path(group) } + let(:expected_observability_path) { "#{observability_url}/#{group.id}/explore" } - it 'appends the proper url to frame-src CSP directives' do - expect(subject).to include( - "frame-src https://something.test https://observe.gitlab.com 'self'") - end + it_behaves_like 'observability route request' + end - it 'appends the proper url to frame-src CSP directives when Gilab.staging?' do - stub_config_setting(url: Gitlab::Saas.staging_com_url) + describe 'CSP' do + before do + setup_csp_for_controller(described_class, csp) + end - expect(subject).to include( - "frame-src https://something.test https://staging.observe.gitlab.com 'self'") - end + subject do + get group_observability_dashboards_path(group) + response.headers['Content-Security-Policy'] + end - it 'appends the proper url to frame-src CSP directives when OVERRIDE_OBSERVABILITY_URL is specified' do - stub_env('OVERRIDE_OBSERVABILITY_URL', 'http://foo.test') + context 'when there is no CSP config' do + let(:csp) { ActionDispatch::ContentSecurityPolicy.new } - expect(subject).to include( - "frame-src https://something.test http://foo.test 'self'") - end - end + it 'does not add any csp header' do + expect(subject).to be_blank + end + end - context 'when self is already present in the policy' do - let(:csp) do - ActionDispatch::ContentSecurityPolicy.new do |p| - p.frame_src "'self'" - end - end - - it 'does not append self again' do - expect(subject).to include( - "frame-src 'self' https://observe.gitlab.com;") - end + context 'when frame-src exists in the CSP config' do + let(:csp) do + ActionDispatch::ContentSecurityPolicy.new do |p| + p.frame_src 'https://something.test' end + end - context 'when default-src exists in the CSP config' do - let(:csp) do - ActionDispatch::ContentSecurityPolicy.new do |p| - p.default_src 'https://something.test' - end - end + it 'appends the proper url to frame-src CSP directives' do + expect(subject).to include( + "frame-src https://something.test #{observability_url} 'self'") + end + end - it 'does not change default-src' do - expect(subject).to include( - "default-src https://something.test;") - end + context 'when self is already present in the policy' do + let(:csp) do + ActionDispatch::ContentSecurityPolicy.new do |p| + p.frame_src "'self'" + end + end - it 'appends the proper url to frame-src CSP directives' do - expect(subject).to include( - "frame-src https://something.test https://observe.gitlab.com 'self'") - end + it 'does not append self again' do + expect(subject).to include( + "frame-src 'self' #{observability_url};") + end + end - it 'appends the proper url to frame-src CSP directives when Gilab.staging?' do - stub_config_setting(url: Gitlab::Saas.staging_com_url) + context 'when default-src exists in the CSP config' do + let(:csp) do + ActionDispatch::ContentSecurityPolicy.new do |p| + p.default_src 'https://something.test' + end + end - expect(subject).to include( - "frame-src https://something.test https://staging.observe.gitlab.com 'self'") - end + it 'does not change default-src' do + expect(subject).to include( + "default-src https://something.test;") + end - it 'appends the proper url to frame-src CSP directives when OVERRIDE_OBSERVABILITY_URL is specified' do - stub_env('OVERRIDE_OBSERVABILITY_URL', 'http://foo.test') + it 'appends the proper url to frame-src CSP directives' do + expect(subject).to include( + "frame-src https://something.test #{observability_url} 'self'") + end + end - expect(subject).to include( - "frame-src https://something.test http://foo.test 'self'") - end + context 'when frame-src and default-src exist in the CSP config' do + let(:csp) do + ActionDispatch::ContentSecurityPolicy.new do |p| + p.default_src 'https://something_default.test' + p.frame_src 'https://something.test' end + end - context 'when frame-src and default-src exist in the CSP config' do - let(:csp) do - ActionDispatch::ContentSecurityPolicy.new do |p| - p.default_src 'https://something_default.test' - p.frame_src 'https://something.test' - end - end - - it 'appends to frame-src CSP directives' do - expect(subject).to include( - "frame-src https://something.test https://observe.gitlab.com 'self'") - expect(subject).to include( - "default-src https://something_default.test") - end - end + it 'appends to frame-src CSP directives' do + expect(subject).to include( + "frame-src https://something.test #{observability_url} 'self'") + expect(subject).to include( + "default-src https://something_default.test") end end end |