Merge branch 'mk/authorized-push-to-protected-branch-test-qa' into 'master'

Add QA test for authorized push to protected branch

See merge request gitlab-org/gitlab-ce!18696
parents fad97f09 d5f5d147
...@@ -3,7 +3,7 @@ module QA ...@@ -3,7 +3,7 @@ module QA
module Repository module Repository
class Push < Factory::Base class Push < Factory::Base
attr_accessor :file_name, :file_content, :commit_message, attr_accessor :file_name, :file_content, :commit_message,
:branch_name, :new_branch :branch_name, :new_branch, :output
attr_writer :remote_branch attr_writer :remote_branch
...@@ -12,6 +12,10 @@ module QA ...@@ -12,6 +12,10 @@ module QA
project.description = 'Project with repository' project.description = 'Project with repository'
end end
product :output do |factory|
factory.output
end
def initialize def initialize
@file_name = 'file.txt' @file_name = 'file.txt'
@file_content = '# This is test project' @file_content = '# This is test project'
...@@ -58,7 +62,7 @@ module QA ...@@ -58,7 +62,7 @@ module QA
end end
repository.commit(commit_message) repository.commit(commit_message)
repository.push_changes("#{branch_name}:#{remote_branch}") @output = repository.push_changes("#{branch_name}:#{remote_branch}")
end end
end end
end end
......
...@@ -46,7 +46,9 @@ module QA ...@@ -46,7 +46,9 @@ module QA
resource.remote_branch = @branch_name resource.remote_branch = @branch_name
end end
Page::Project::Show.act { wait_for_push } Page::Project::Show.perform do |page|
page.wait { page.has_content?(branch_name) }
end
# The upcoming process will make it access the Protected Branches page, # The upcoming process will make it access the Protected Branches page,
# select the already created branch and protect it according # select the already created branch and protect it according
...@@ -62,13 +64,13 @@ module QA ...@@ -62,13 +64,13 @@ module QA
page.select_branch(branch_name) page.select_branch(branch_name)
if allow_to_push if allow_to_push
page.allow_devs_and_masters_to_push page.allow_devs_and_maintainers_to_push
else else
page.allow_no_one_to_push page.allow_no_one_to_push
end end
if allow_to_merge if allow_to_merge
page.allow_devs_and_masters_to_merge page.allow_devs_and_maintainers_to_merge
else else
page.allow_no_one_to_merge page.allow_no_one_to_merge
end end
...@@ -79,9 +81,13 @@ module QA ...@@ -79,9 +81,13 @@ module QA
page.protect_branch page.protect_branch
# Wait for page load, which resets the expanded sections # Avoid Selenium::WebDriver::Error::StaleElementReferenceError
page.wait(reload: false) do # without sleeping. I.e. this completes fast on fast machines.
!page.has_content?('Collapse') page.refresh
# It is possible for the protected branch row to "disappear" at first
page.wait do
page.has_content?(branch_name)
end end
end end
end end
......
...@@ -7,8 +7,6 @@ module QA ...@@ -7,8 +7,6 @@ module QA
class Repository class Repository
include Scenario::Actable include Scenario::Actable
attr_reader :push_output
def self.perform(*args) def self.perform(*args)
Dir.mktmpdir do |dir| Dir.mktmpdir do |dir|
Dir.chdir(dir) { super } Dir.chdir(dir) { super }
...@@ -71,7 +69,9 @@ module QA ...@@ -71,7 +69,9 @@ module QA
end end
def push_changes(branch = 'master') def push_changes(branch = 'master')
@push_output, _ = run_and_redact_credentials("git push #{@uri} #{branch}") output, _ = run_and_redact_credentials("git push #{@uri} #{branch}")
output
end end
def commits def commits
......
...@@ -13,7 +13,7 @@ module QA ...@@ -13,7 +13,7 @@ module QA
visit current_url visit current_url
end end
def wait(max: 60, time: 1, reload: true) def wait(max: 60, time: 0.1, reload: true)
start = Time.now start = Time.now
while Time.now - start < max while Time.now - start < max
......
...@@ -28,11 +28,9 @@ module QA ...@@ -28,11 +28,9 @@ module QA
def has_subgroup?(name) def has_subgroup?(name)
filter_by_name(name) filter_by_name(name)
wait(reload: false) do page.has_text?(/#{name}|Sorry, no groups or projects matched your search/, wait: 60)
break false if page.has_content?('Sorry, no groups or projects matched your search')
page.has_link?(name) page.has_text?(name, wait: 0)
end
end end
def go_to_new_subgroup def go_to_new_subgroup
......
...@@ -40,7 +40,7 @@ module QA ...@@ -40,7 +40,7 @@ module QA
click_allow(:push, 'No one') click_allow(:push, 'No one')
end end
def allow_devs_and_masters_to_push def allow_devs_and_maintainers_to_push
click_allow(:push, 'Developers + Maintainers') click_allow(:push, 'Developers + Maintainers')
end end
...@@ -48,7 +48,7 @@ module QA ...@@ -48,7 +48,7 @@ module QA
click_allow(:merge, 'No one') click_allow(:merge, 'No one')
end end
def allow_devs_and_masters_to_merge def allow_devs_and_maintainers_to_merge
click_allow(:merge, 'Developers + Maintainers') click_allow(:merge, 'Developers + Maintainers')
end end
...@@ -75,10 +75,6 @@ module QA ...@@ -75,10 +75,6 @@ module QA
within_element(:"allowed_to_#{action}_dropdown") do within_element(:"allowed_to_#{action}_dropdown") do
click_on text click_on text
wait(reload: false) do
has_css?('.is-active')
end
end end
end end
end end
......
...@@ -7,12 +7,6 @@ module QA ...@@ -7,12 +7,6 @@ module QA
resource.name = 'protected-branch-project' resource.name = 'protected-branch-project'
end end
end end
given(:location) do
Page::Project::Show.act do
choose_repository_clone_http
repository_location
end
end
before do before do
Runtime::Browser.visit(:gitlab, Page::Main::Login) Runtime::Browser.visit(:gitlab, Page::Main::Login)
...@@ -26,44 +20,49 @@ module QA ...@@ -26,44 +20,49 @@ module QA
Capybara.execute_script 'localStorage.clear()' Capybara.execute_script 'localStorage.clear()'
end end
scenario 'user is able to protect a branch' do context 'when developers and maintainers are allowed to push to a protected branch' do
protected_branch = Factory::Resource::Branch.fabricate! do |resource| let!(:protected_branch) { create_protected_branch(allow_to_push: true) }
resource.branch_name = branch_name
resource.project = project
resource.allow_to_push = true
resource.protected = true
end
scenario 'user with push rights successfully pushes to the protected branch' do
expect(protected_branch.name).to have_content(branch_name) expect(protected_branch.name).to have_content(branch_name)
expect(protected_branch.push_allowance).to have_content('Developers + Maintainers') expect(protected_branch.push_allowance).to have_content('Developers + Maintainers')
push = push_new_file(branch_name)
expect(push.output).to match(/remote: To create a merge request for protected-branch, visit/)
end
end end
scenario 'users without authorization cannot push to protected branch' do context 'when developers and maintainers are not allowed to push to a protected branch' do
scenario 'user without push rights fails to push to the protected branch' do
create_protected_branch(allow_to_push: false)
push = push_new_file(branch_name)
expect(push.output)
.to match(/remote\: GitLab\: You are not allowed to push code to protected branches on this project/)
expect(push.output)
.to match(/\[remote rejected\] #{branch_name} -> #{branch_name} \(pre-receive hook declined\)/)
end
end
def create_protected_branch(allow_to_push:)
Factory::Resource::Branch.fabricate! do |resource| Factory::Resource::Branch.fabricate! do |resource|
resource.branch_name = branch_name resource.branch_name = branch_name
resource.project = project resource.project = project
resource.allow_to_push = false resource.allow_to_push = allow_to_push
resource.protected = true resource.protected = true
end end
project.visit!
Git::Repository.perform do |repository|
repository.uri = location.uri
repository.use_default_credentials
repository.act do
clone
configure_identity('GitLab QA', 'root@gitlab.com')
checkout('protected-branch')
commit_file('README.md', 'readme content', 'Add a readme')
push_changes('protected-branch')
end end
expect(repository.push_output) def push_new_file(branch)
.to match(/remote\: GitLab\: You are not allowed to push code to protected branches on this project/) Factory::Repository::Push.fabricate! do |resource|
expect(repository.push_output) resource.project = project
.to match(/\[remote rejected\] #{branch_name} -> #{branch_name} \(pre-receive hook declined\)/) resource.file_name = 'new_file.md'
resource.file_content = '# This is a new file'
resource.commit_message = 'Add new_file.md'
resource.branch_name = branch_name
resource.new_branch = false
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment