diff options
| author | Alessio Caiazza <acaiazza@gitlab.com> | 2019-01-09 14:51:18 +0300 |
|---|---|---|
| committer | Alessio Caiazza <acaiazza@gitlab.com> | 2019-01-09 14:51:18 +0300 |
| commit | f7fd1fa5f93c36f2473ee1b53ba4ee2b21eeac12 (patch) | |
| tree | 97617d36be44f1859a816838130e1cf8f3c62ac2 /acceptance_test.go | |
| parent | 7ebe62f2f3bb886b24adb8513e78682593a752f2 (diff) | |
Add acceptance test for subgroups access control
Diffstat (limited to 'acceptance_test.go')
| -rw-r--r-- | acceptance_test.go | 41 |
1 files changed, 38 insertions, 3 deletions
diff --git a/acceptance_test.go b/acceptance_test.go index b6a0451c..a0c6b80b 100644 --- a/acceptance_test.go +++ b/acceptance_test.go @@ -879,13 +879,13 @@ func TestAccessControl(t *testing.T) { case "/api/v4/user": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) - case "/api/v4/projects/1000/pages_access": + case "/api/v4/projects/1000/pages_access", "/api/v4/projects/1001/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) - case "/api/v4/projects/2000/pages_access": + case "/api/v4/projects/2000/pages_access", "/api/v4/projects/2001/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) - case "/api/v4/projects/3000/pages_access": + case "/api/v4/projects/3000/pages_access", "/api/v4/projects/3001/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) fmt.Fprint(w, "{\"error\":\"invalid_token\"}") @@ -947,6 +947,41 @@ func TestAccessControl(t *testing.T) { http.StatusNotFound, false, "no project should redirect to login and then return 404", + }, // subgroups + { + "group.auth.gitlab-example.com", + "/subgroup/private.project/", + http.StatusOK, + false, + "[subgroup] project with access", + }, + { + "group.auth.gitlab-example.com", + "/subgroup/private.project.1/", + http.StatusNotFound, // Do not expose project existed + false, + "[subgroup] project without access", + }, + { + "group.auth.gitlab-example.com", + "/subgroup/private.project.2/", + http.StatusFound, + true, + "[subgroup] invalid token test should redirect back", + }, + { + "group.auth.gitlab-example.com", + "/subgroup/nonexistent/", + http.StatusNotFound, + false, + "[subgroup] no project should redirect to login and then return 404", + }, + { + "nonexistent.gitlab-example.com", + "/subgroup/nonexistent/", + http.StatusNotFound, + false, + "[subgroup] no project should redirect to login and then return 404", }, } |