Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-pages.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlessio Caiazza <acaiazza@gitlab.com>2019-01-09 14:51:18 +0300
committerAlessio Caiazza <acaiazza@gitlab.com>2019-01-09 14:51:18 +0300
commitf7fd1fa5f93c36f2473ee1b53ba4ee2b21eeac12 (patch)
tree97617d36be44f1859a816838130e1cf8f3c62ac2
parent7ebe62f2f3bb886b24adb8513e78682593a752f2 (diff)
Add acceptance test for subgroups access control
Diffstat
-rw-r--r--acceptance_test.go41
-rw-r--r--shared/pages/group.auth/subgroup/private.project.1/config.json1
-rw-r--r--shared/pages/group.auth/subgroup/private.project.1/public/index.html1
-rw-r--r--shared/pages/group.auth/subgroup/private.project.2/config.json1
-rw-r--r--shared/pages/group.auth/subgroup/private.project.2/public/index.html1
-rw-r--r--shared/pages/group.auth/subgroup/private.project/config.json1
-rw-r--r--shared/pages/group.auth/subgroup/private.project/public/index.html1
7 files changed, 44 insertions, 3 deletions
diff --git a/acceptance_test.go b/acceptance_test.go
index b6a0451c..a0c6b80b 100644
--- a/acceptance_test.go
+++ b/acceptance_test.go
@@ -879,13 +879,13 @@ func TestAccessControl(t *testing.T) {
case "/api/v4/user":
assert.Equal(t, "Bearer abc", r.Header.Get("Authorization"))
w.WriteHeader(http.StatusOK)
- case "/api/v4/projects/1000/pages_access":
+ case "/api/v4/projects/1000/pages_access", "/api/v4/projects/1001/pages_access":
assert.Equal(t, "Bearer abc", r.Header.Get("Authorization"))
w.WriteHeader(http.StatusOK)
- case "/api/v4/projects/2000/pages_access":
+ case "/api/v4/projects/2000/pages_access", "/api/v4/projects/2001/pages_access":
assert.Equal(t, "Bearer abc", r.Header.Get("Authorization"))
w.WriteHeader(http.StatusUnauthorized)
- case "/api/v4/projects/3000/pages_access":
+ case "/api/v4/projects/3000/pages_access", "/api/v4/projects/3001/pages_access":
assert.Equal(t, "Bearer abc", r.Header.Get("Authorization"))
w.WriteHeader(http.StatusUnauthorized)
fmt.Fprint(w, "{\"error\":\"invalid_token\"}")
@@ -947,6 +947,41 @@ func TestAccessControl(t *testing.T) {
http.StatusNotFound,
false,
"no project should redirect to login and then return 404",
+ }, // subgroups
+ {
+ "group.auth.gitlab-example.com",
+ "/subgroup/private.project/",
+ http.StatusOK,
+ false,
+ "[subgroup] project with access",
+ },
+ {
+ "group.auth.gitlab-example.com",
+ "/subgroup/private.project.1/",
+ http.StatusNotFound, // Do not expose project existed
+ false,
+ "[subgroup] project without access",
+ },
+ {
+ "group.auth.gitlab-example.com",
+ "/subgroup/private.project.2/",
+ http.StatusFound,
+ true,
+ "[subgroup] invalid token test should redirect back",
+ },
+ {
+ "group.auth.gitlab-example.com",
+ "/subgroup/nonexistent/",
+ http.StatusNotFound,
+ false,
+ "[subgroup] no project should redirect to login and then return 404",
+ },
+ {
+ "nonexistent.gitlab-example.com",
+ "/subgroup/nonexistent/",
+ http.StatusNotFound,
+ false,
+ "[subgroup] no project should redirect to login and then return 404",
},
}
diff --git a/shared/pages/group.auth/subgroup/private.project.1/config.json b/shared/pages/group.auth/subgroup/private.project.1/config.json
new file mode 100644
index 00000000..bee56003
--- /dev/null
+++ b/shared/pages/group.auth/subgroup/private.project.1/config.json
@@ -0,0 +1 @@
+{ "domains": [], "id": 2001, "access_control": true }
diff --git a/shared/pages/group.auth/subgroup/private.project.1/public/index.html b/shared/pages/group.auth/subgroup/private.project.1/public/index.html
new file mode 100644
index 00000000..c8c6761a
--- /dev/null
+++ b/shared/pages/group.auth/subgroup/private.project.1/public/index.html
@@ -0,0 +1 @@
+private \ No newline at end of file
diff --git a/shared/pages/group.auth/subgroup/private.project.2/config.json b/shared/pages/group.auth/subgroup/private.project.2/config.json
new file mode 100644
index 00000000..7545aed1
--- /dev/null
+++ b/shared/pages/group.auth/subgroup/private.project.2/config.json
@@ -0,0 +1 @@
+{ "domains": [], "id": 3001, "access_control": true }
diff --git a/shared/pages/group.auth/subgroup/private.project.2/public/index.html b/shared/pages/group.auth/subgroup/private.project.2/public/index.html
new file mode 100644
index 00000000..c8c6761a
--- /dev/null
+++ b/shared/pages/group.auth/subgroup/private.project.2/public/index.html
@@ -0,0 +1 @@
+private \ No newline at end of file
diff --git a/shared/pages/group.auth/subgroup/private.project/config.json b/shared/pages/group.auth/subgroup/private.project/config.json
new file mode 100644
index 00000000..a76960d7
--- /dev/null
+++ b/shared/pages/group.auth/subgroup/private.project/config.json
@@ -0,0 +1 @@
+{ "domains": [], "id": 1001, "access_control": true }
diff --git a/shared/pages/group.auth/subgroup/private.project/public/index.html b/shared/pages/group.auth/subgroup/private.project/public/index.html
new file mode 100644
index 00000000..c8c6761a
--- /dev/null
+++ b/shared/pages/group.auth/subgroup/private.project/public/index.html
@@ -0,0 +1 @@
+private \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-21 07:34:29 +0300