blob: c3200d2fab1948656a9e5937dc0a7427c2afeed9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
# frozen_string_literal: true
require 'spec_helper'
require_relative '../../config/initializers/1_settings' unless defined?(Settings)
RSpec.describe Settings do
describe '#ldap' do
it 'can be accessed with dot syntax all the way down' do
expect(Gitlab.config.ldap.servers.main.label).to eq('ldap')
end
# Specifically trying to cause this error discovered in EE when removing the
# reassignment of each server element with Settingslogic.
#
# `undefined method `label' for #<Hash:0x007fbd18b59c08>�`
#
it 'can be accessed in a very specific way that breaks without reassigning each element with Settingslogic' do
server_settings = Gitlab.config.ldap.servers['main']
expect(server_settings.label).to eq('ldap')
end
end
describe '#host_without_www' do
context 'URL with protocol' do
it 'returns the host' do
expect(described_class.host_without_www('http://foo.com')).to eq 'foo.com'
expect(described_class.host_without_www('http://www.foo.com')).to eq 'foo.com'
expect(described_class.host_without_www('http://secure.foo.com')).to eq 'secure.foo.com'
expect(described_class.host_without_www('https://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon')).to eq 'gravatar.com'
expect(described_class.host_without_www('https://foo.com')).to eq 'foo.com'
expect(described_class.host_without_www('https://www.foo.com')).to eq 'foo.com'
expect(described_class.host_without_www('https://secure.foo.com')).to eq 'secure.foo.com'
expect(described_class.host_without_www('https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon')).to eq 'secure.gravatar.com'
end
end
context 'URL without protocol' do
it 'returns the host' do
expect(described_class.host_without_www('foo.com')).to eq 'foo.com'
expect(described_class.host_without_www('www.foo.com')).to eq 'foo.com'
expect(described_class.host_without_www('secure.foo.com')).to eq 'secure.foo.com'
expect(described_class.host_without_www('www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon')).to eq 'gravatar.com'
end
context 'URL with user/port' do
it 'returns the host' do
expect(described_class.host_without_www('bob:pass@foo.com:8080')).to eq 'foo.com'
expect(described_class.host_without_www('bob:pass@www.foo.com:8080')).to eq 'foo.com'
expect(described_class.host_without_www('bob:pass@secure.foo.com:8080')).to eq 'secure.foo.com'
expect(described_class.host_without_www('bob:pass@www.gravatar.com:8080/avatar/%{hash}?s=%{size}&d=identicon')).to eq 'gravatar.com'
expect(described_class.host_without_www('http://bob:pass@foo.com:8080')).to eq 'foo.com'
expect(described_class.host_without_www('http://bob:pass@www.foo.com:8080')).to eq 'foo.com'
expect(described_class.host_without_www('http://bob:pass@secure.foo.com:8080')).to eq 'secure.foo.com'
expect(described_class.host_without_www('http://bob:pass@www.gravatar.com:8080/avatar/%{hash}?s=%{size}&d=identicon')).to eq 'gravatar.com'
end
end
end
end
describe "#weak_passwords_digest_set" do
subject { described_class.gitlab.weak_passwords_digest_set }
it 'is a Set' do
expect(subject).to be_kind_of(Set)
end
it 'contains 4500 password digests' do
expect(subject.length).to eq(4500)
end
it 'includes 8 char weak password digest' do
expect(subject).to include(digest("password"))
end
it 'includes 16 char weak password digest' do
expect(subject).to include(digest("progressivehouse"))
end
it 'includes long char weak password digest' do
expect(subject).to include(digest("01234567890123456789"))
end
it 'does not include 7 char weak password digest' do
expect(subject).not_to include(digest("1234567"))
end
it 'does not include plaintext' do
expect(subject).not_to include("password")
end
def digest(plaintext)
Digest::SHA256.base64digest(plaintext)
end
end
end
|
