diff options
author | Alessio Caiazza <acaiazza@gitlab.com> | 2019-01-09 14:51:18 +0300 |
---|---|---|
committer | Alessio Caiazza <acaiazza@gitlab.com> | 2019-01-09 14:51:18 +0300 |
commit | f7fd1fa5f93c36f2473ee1b53ba4ee2b21eeac12 (patch) | |
tree | 97617d36be44f1859a816838130e1cf8f3c62ac2 | |
parent | 7ebe62f2f3bb886b24adb8513e78682593a752f2 (diff) |
Add acceptance test for subgroups access control
7 files changed, 44 insertions, 3 deletions
diff --git a/acceptance_test.go b/acceptance_test.go index b6a0451c..a0c6b80b 100644 --- a/acceptance_test.go +++ b/acceptance_test.go @@ -879,13 +879,13 @@ func TestAccessControl(t *testing.T) { case "/api/v4/user": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) - case "/api/v4/projects/1000/pages_access": + case "/api/v4/projects/1000/pages_access", "/api/v4/projects/1001/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) - case "/api/v4/projects/2000/pages_access": + case "/api/v4/projects/2000/pages_access", "/api/v4/projects/2001/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) - case "/api/v4/projects/3000/pages_access": + case "/api/v4/projects/3000/pages_access", "/api/v4/projects/3001/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) fmt.Fprint(w, "{\"error\":\"invalid_token\"}") @@ -947,6 +947,41 @@ func TestAccessControl(t *testing.T) { http.StatusNotFound, false, "no project should redirect to login and then return 404", + }, // subgroups + { + "group.auth.gitlab-example.com", + "/subgroup/private.project/", + http.StatusOK, + false, + "[subgroup] project with access", + }, + { + "group.auth.gitlab-example.com", + "/subgroup/private.project.1/", + http.StatusNotFound, // Do not expose project existed + false, + "[subgroup] project without access", + }, + { + "group.auth.gitlab-example.com", + "/subgroup/private.project.2/", + http.StatusFound, + true, + "[subgroup] invalid token test should redirect back", + }, + { + "group.auth.gitlab-example.com", + "/subgroup/nonexistent/", + http.StatusNotFound, + false, + "[subgroup] no project should redirect to login and then return 404", + }, + { + "nonexistent.gitlab-example.com", + "/subgroup/nonexistent/", + http.StatusNotFound, + false, + "[subgroup] no project should redirect to login and then return 404", }, } diff --git a/shared/pages/group.auth/subgroup/private.project.1/config.json b/shared/pages/group.auth/subgroup/private.project.1/config.json new file mode 100644 index 00000000..bee56003 --- /dev/null +++ b/shared/pages/group.auth/subgroup/private.project.1/config.json @@ -0,0 +1 @@ +{ "domains": [], "id": 2001, "access_control": true } diff --git a/shared/pages/group.auth/subgroup/private.project.1/public/index.html b/shared/pages/group.auth/subgroup/private.project.1/public/index.html new file mode 100644 index 00000000..c8c6761a --- /dev/null +++ b/shared/pages/group.auth/subgroup/private.project.1/public/index.html @@ -0,0 +1 @@ +private
\ No newline at end of file diff --git a/shared/pages/group.auth/subgroup/private.project.2/config.json b/shared/pages/group.auth/subgroup/private.project.2/config.json new file mode 100644 index 00000000..7545aed1 --- /dev/null +++ b/shared/pages/group.auth/subgroup/private.project.2/config.json @@ -0,0 +1 @@ +{ "domains": [], "id": 3001, "access_control": true } diff --git a/shared/pages/group.auth/subgroup/private.project.2/public/index.html b/shared/pages/group.auth/subgroup/private.project.2/public/index.html new file mode 100644 index 00000000..c8c6761a --- /dev/null +++ b/shared/pages/group.auth/subgroup/private.project.2/public/index.html @@ -0,0 +1 @@ +private
\ No newline at end of file diff --git a/shared/pages/group.auth/subgroup/private.project/config.json b/shared/pages/group.auth/subgroup/private.project/config.json new file mode 100644 index 00000000..a76960d7 --- /dev/null +++ b/shared/pages/group.auth/subgroup/private.project/config.json @@ -0,0 +1 @@ +{ "domains": [], "id": 1001, "access_control": true } diff --git a/shared/pages/group.auth/subgroup/private.project/public/index.html b/shared/pages/group.auth/subgroup/private.project/public/index.html new file mode 100644 index 00000000..c8c6761a --- /dev/null +++ b/shared/pages/group.auth/subgroup/private.project/public/index.html @@ -0,0 +1 @@ +private
\ No newline at end of file |