1 files changed, 149 insertions, 0 deletions

diff --git a/spec/services/import/gitlab_projects/file_acquisition_strategies/remote_file_spec.rb b/spec/services/import/gitlab_projects/file_acquisition_strategies/remote_file_spec.rb
new file mode 100644
index 00000000000..8565299b9b7
--- /dev/null
+++ b/spec/services/import/gitlab_projects/file_acquisition_strategies/remote_file_spec.rb
@@ -0,0 +1,149 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe ::Import::GitlabProjects::FileAcquisitionStrategies::RemoteFile, :aggregate_failures do
+  let(:remote_url) { 'https://external.file.path/file.tar.gz' }
+  let(:params) { { remote_import_url: remote_url } }
+
+  subject { described_class.new(params: params) }
+
+  before do
+    stub_headers_for(remote_url, {
+      'content-length' => 10.gigabytes,
+      'content-type' => 'application/gzip'
+    })
+  end
+
+  describe 'validation' do
+    it { expect(subject).to be_valid }
+
+    context 'file_url validation' do
+      let(:remote_url) { 'ftp://invalid.url/file.tar.gz' }
+
+      it 'validates the file_url scheme' do
+        expect(subject).not_to be_valid
+        expect(subject.errors.full_messages)
+          .to include("File url is blocked: Only allowed schemes are https")
+      end
+
+      context 'when localhost urls are not allowed' do
+        let(:remote_url) { 'https://localhost:3000/file.tar.gz' }
+
+        it 'validates the file_url' do
+          stub_application_setting(allow_local_requests_from_web_hooks_and_services: false)
+
+          expect(subject).not_to be_valid
+          expect(subject.errors.full_messages)
+            .to include("File url is blocked: Requests to localhost are not allowed")
+        end
+      end
+    end
+
+    context 'when import_project_from_remote_file_s3 is enabled' do
+      before do
+        stub_feature_flags(import_project_from_remote_file_s3: true)
+      end
+
+      context 'when the HTTP request fail to recover the headers' do
+        it 'adds the error message' do
+          expect(Gitlab::HTTP)
+            .to receive(:head)
+            .and_raise(StandardError, 'request invalid')
+
+          expect(subject).not_to be_valid
+          expect(subject.errors.full_messages)
+            .to include('Failed to retrive headers: request invalid')
+        end
+      end
+
+      it 'validates the remote content-length' do
+        stub_headers_for(remote_url, { 'content-length' => 11.gigabytes })
+
+        expect(subject).not_to be_valid
+        expect(subject.errors.full_messages)
+          .to include('Content length is too big (should be at most 10 GB)')
+      end
+
+      it 'validates the remote content-type' do
+        stub_headers_for(remote_url, { 'content-type' => 'unknown' })
+
+        expect(subject).not_to be_valid
+        expect(subject.errors.full_messages)
+          .to include("Content type 'unknown' not allowed. (Allowed: application/gzip, application/x-tar, application/x-gzip)")
+      end
+
+      context 'when trying to import from AWS S3' do
+        it 'adds an error suggesting to use `projects/remote-import-s3`' do
+          stub_headers_for(
+            remote_url,
+            'Server' => 'AmazonS3',
+            'x-amz-request-id' => 'some-id'
+          )
+
+          expect(subject).not_to be_valid
+          expect(subject.errors.full_messages)
+            .to include('To import from AWS S3 use `projects/remote-import-s3`')
+        end
+      end
+    end
+
+    context 'when import_project_from_remote_file_s3 is disabled' do
+      before do
+        stub_feature_flags(import_project_from_remote_file_s3: false)
+      end
+
+      context 'when trying to import from AWS S3' do
+        it 'does not validate the remote content-length or content-type' do
+          stub_headers_for(
+            remote_url,
+            'Server' => 'AmazonS3',
+            'x-amz-request-id' => 'some-id',
+            'content-length' => 11.gigabytes,
+            'content-type' => 'unknown'
+          )
+
+          expect(subject).to be_valid
+        end
+      end
+
+      context 'when NOT trying to import from AWS S3' do
+        it 'validates content-length and content-type' do
+          stub_headers_for(
+            remote_url,
+            'Server' => 'NOT AWS S3',
+            'content-length' => 11.gigabytes,
+            'content-type' => 'unknown'
+          )
+
+          expect(subject).not_to be_valid
+
+          expect(subject.errors.full_messages)
+            .to include("Content type 'unknown' not allowed. (Allowed: application/gzip, application/x-tar, application/x-gzip)")
+          expect(subject.errors.full_messages)
+            .to include('Content length is too big (should be at most 10 GB)')
+        end
+      end
+    end
+  end
+
+  describe '#project_params' do
+    it 'returns import_export_upload in the params' do
+      subject = described_class.new(params: { remote_import_url: remote_url })
+
+      expect(subject.project_params).to match(
+        import_export_upload: an_instance_of(::ImportExportUpload)
+      )
+      expect(subject.project_params[:import_export_upload]).to have_attributes(
+        remote_import_url: remote_url
+      )
+    end
+  end
+
+  def stub_headers_for(url, headers = {})
+    allow(Gitlab::HTTP)
+      .to receive(:head)
+      .with(remote_url, timeout: 1.second)
+      .and_return(double(headers: headers)) # rubocop: disable RSpec/VerifiedDoubles
+  end
+end