diff options
Diffstat (limited to 'spec/services/import/gitlab_projects/file_acquisition_strategies/remote_file_spec.rb')
-rw-r--r-- | spec/services/import/gitlab_projects/file_acquisition_strategies/remote_file_spec.rb | 149 |
1 files changed, 149 insertions, 0 deletions
diff --git a/spec/services/import/gitlab_projects/file_acquisition_strategies/remote_file_spec.rb b/spec/services/import/gitlab_projects/file_acquisition_strategies/remote_file_spec.rb new file mode 100644 index 00000000000..8565299b9b7 --- /dev/null +++ b/spec/services/import/gitlab_projects/file_acquisition_strategies/remote_file_spec.rb @@ -0,0 +1,149 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe ::Import::GitlabProjects::FileAcquisitionStrategies::RemoteFile, :aggregate_failures do + let(:remote_url) { 'https://external.file.path/file.tar.gz' } + let(:params) { { remote_import_url: remote_url } } + + subject { described_class.new(params: params) } + + before do + stub_headers_for(remote_url, { + 'content-length' => 10.gigabytes, + 'content-type' => 'application/gzip' + }) + end + + describe 'validation' do + it { expect(subject).to be_valid } + + context 'file_url validation' do + let(:remote_url) { 'ftp://invalid.url/file.tar.gz' } + + it 'validates the file_url scheme' do + expect(subject).not_to be_valid + expect(subject.errors.full_messages) + .to include("File url is blocked: Only allowed schemes are https") + end + + context 'when localhost urls are not allowed' do + let(:remote_url) { 'https://localhost:3000/file.tar.gz' } + + it 'validates the file_url' do + stub_application_setting(allow_local_requests_from_web_hooks_and_services: false) + + expect(subject).not_to be_valid + expect(subject.errors.full_messages) + .to include("File url is blocked: Requests to localhost are not allowed") + end + end + end + + context 'when import_project_from_remote_file_s3 is enabled' do + before do + stub_feature_flags(import_project_from_remote_file_s3: true) + end + + context 'when the HTTP request fail to recover the headers' do + it 'adds the error message' do + expect(Gitlab::HTTP) + .to receive(:head) + .and_raise(StandardError, 'request invalid') + + expect(subject).not_to be_valid + expect(subject.errors.full_messages) + .to include('Failed to retrive headers: request invalid') + end + end + + it 'validates the remote content-length' do + stub_headers_for(remote_url, { 'content-length' => 11.gigabytes }) + + expect(subject).not_to be_valid + expect(subject.errors.full_messages) + .to include('Content length is too big (should be at most 10 GB)') + end + + it 'validates the remote content-type' do + stub_headers_for(remote_url, { 'content-type' => 'unknown' }) + + expect(subject).not_to be_valid + expect(subject.errors.full_messages) + .to include("Content type 'unknown' not allowed. (Allowed: application/gzip, application/x-tar, application/x-gzip)") + end + + context 'when trying to import from AWS S3' do + it 'adds an error suggesting to use `projects/remote-import-s3`' do + stub_headers_for( + remote_url, + 'Server' => 'AmazonS3', + 'x-amz-request-id' => 'some-id' + ) + + expect(subject).not_to be_valid + expect(subject.errors.full_messages) + .to include('To import from AWS S3 use `projects/remote-import-s3`') + end + end + end + + context 'when import_project_from_remote_file_s3 is disabled' do + before do + stub_feature_flags(import_project_from_remote_file_s3: false) + end + + context 'when trying to import from AWS S3' do + it 'does not validate the remote content-length or content-type' do + stub_headers_for( + remote_url, + 'Server' => 'AmazonS3', + 'x-amz-request-id' => 'some-id', + 'content-length' => 11.gigabytes, + 'content-type' => 'unknown' + ) + + expect(subject).to be_valid + end + end + + context 'when NOT trying to import from AWS S3' do + it 'validates content-length and content-type' do + stub_headers_for( + remote_url, + 'Server' => 'NOT AWS S3', + 'content-length' => 11.gigabytes, + 'content-type' => 'unknown' + ) + + expect(subject).not_to be_valid + + expect(subject.errors.full_messages) + .to include("Content type 'unknown' not allowed. (Allowed: application/gzip, application/x-tar, application/x-gzip)") + expect(subject.errors.full_messages) + .to include('Content length is too big (should be at most 10 GB)') + end + end + end + end + + describe '#project_params' do + it 'returns import_export_upload in the params' do + subject = described_class.new(params: { remote_import_url: remote_url }) + + expect(subject.project_params).to match( + import_export_upload: an_instance_of(::ImportExportUpload) + ) + expect(subject.project_params[:import_export_upload]).to have_attributes( + remote_import_url: remote_url + ) + end + end + + def stub_headers_for(url, headers = {}) + allow(Gitlab::HTTP) + .to receive(:head) + .with(remote_url, timeout: 1.second) + .and_return(double(headers: headers)) # rubocop: disable RSpec/VerifiedDoubles + end +end |