Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
gitlab-ce
Commits
1954cb80
Commit
1954cb80
authored
Sep 16, 2016
by
Kamil Trzcinski
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Added missing LFS specs
parent
a387ff7b
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
213 additions
and
22 deletions
+213
-22
spec/requests/lfs_http_spec.rb
spec/requests/lfs_http_spec.rb
+213
-22
No files found.
spec/requests/lfs_http_spec.rb
View file @
1954cb80
...
...
@@ -15,7 +15,6 @@ describe 'Git LFS API and storage' do
let
(
:authorization
)
{
}
let
(
:sendfile
)
{
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
project
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
let
(
:sample_oid
)
{
lfs_object
.
oid
}
let
(
:sample_size
)
{
lfs_object
.
size
}
...
...
@@ -258,15 +257,64 @@ describe 'Git LFS API and storage' do
it_behaves_like
'responds with a file'
end
context
'when build is authorized'
do
context
'when build is authorized
as
'
do
let
(
:authorization
)
{
authorize_ci_project
}
shared_examples
'can download LFS only from own projects'
do
context
'for own project'
do
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
project
)
}
let
(
:update_permissions
)
do
project
.
team
<<
[
user
,
:reporter
]
project
.
lfs_objects
<<
lfs_object
end
it_behaves_like
'responds with a file'
end
context
'for other project'
do
let
(
:other_project
)
{
create
(
:empty_project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
other_project
)
}
let
(
:update_permissions
)
do
project
.
lfs_objects
<<
lfs_object
end
it
'rejects downloading code'
do
expect
(
response
).
to
have_http_status
(
other_project_status
)
end
end
end
context
'administrator'
do
let
(
:user
)
{
create
(
:admin
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 403, because administrator does have normally access
let
(
:other_project_status
)
{
403
}
end
end
context
'regular user'
do
let
(
:user
)
{
create
(
:user
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 404, to prevent data leakage about existence of the project
let
(
:other_project_status
)
{
404
}
end
end
context
'does not have user'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 401, to prevent data leakage about existence of the project
let
(
:other_project_status
)
{
401
}
end
end
end
end
context
'without required headers'
do
...
...
@@ -445,12 +493,64 @@ describe 'Git LFS API and storage' do
end
end
context
'when
CI is authorized
'
do
context
'when
build is authorized as
'
do
let
(
:authorization
)
{
authorize_ci_project
}
let
(
:update_lfs_permissions
)
do
project
.
lfs_objects
<<
lfs_object
end
shared_examples
'can download LFS only from own projects'
do
context
'for own project'
do
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
project
)
}
let
(
:update_user_permissions
)
do
project
.
team
<<
[
user
,
:reporter
]
end
it_behaves_like
'an authorized requests'
end
context
'for other project'
do
let
(
:other_project
)
{
create
(
:empty_project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
other_project
)
}
it
'rejects downloading code'
do
expect
(
response
).
to
have_http_status
(
other_project_status
)
end
end
end
context
'administrator'
do
let
(
:user
)
{
create
(
:admin
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 403, because administrator does have normally access
let
(
:other_project_status
)
{
403
}
end
end
context
'regular user'
do
let
(
:user
)
{
create
(
:user
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 404, to prevent data leakage about existence of the project
let
(
:other_project_status
)
{
404
}
end
end
context
'does not have user'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 401, to prevent data leakage about existence of the project
let
(
:other_project_status
)
{
401
}
end
end
end
context
'when user is not authenticated'
do
describe
'is accessing public project'
do
let
(
:project
)
{
create
(
:project
,
:public
)
}
...
...
@@ -597,14 +697,40 @@ describe 'Git LFS API and storage' do
end
end
context
'when
CI
is authorized'
do
context
'when
build
is authorized'
do
let
(
:authorization
)
{
authorize_ci_project
}
context
'build has an user'
do
let
(
:user
)
{
create
(
:user
)
}
context
'tries to push to own project'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it
'responds with 403'
do
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'tries to push to other project'
do
let
(
:other_project
)
{
create
(
:empty_project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
other_project
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it
'responds with 403'
do
expect
(
response
).
to
have_http_status
(
403
)
end
end
end
context
'does not have user'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
it
'responds with 401'
do
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
end
context
'when user is not authenticated'
do
context
'when user has push access'
do
...
...
@@ -623,14 +749,6 @@ describe 'Git LFS API and storage' do
end
end
end
context
'when CI is authorized'
do
let
(
:authorization
)
{
authorize_ci_project
}
it
'responds with status 401'
do
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
describe
'unsupported'
do
...
...
@@ -793,10 +911,51 @@ describe 'Git LFS API and storage' do
end
end
context
'when
CI is authenticat
ed'
do
context
'when
build is authoriz
ed'
do
let
(
:authorization
)
{
authorize_ci_project
}
it_behaves_like
'unauthorized'
context
'build has an user'
do
let
(
:user
)
{
create
(
:user
)
}
context
'tries to push to own project'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
before
do
project
.
team
<<
[
user
,
:developer
]
put_authorize
end
it
'responds with 403'
do
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'tries to push to other project'
do
let
(
:other_project
)
{
create
(
:empty_project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
other_project
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
before
do
put_authorize
end
it
'responds with 404'
do
expect
(
response
).
to
have_http_status
(
404
)
end
end
end
context
'does not have user'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
before
do
put_authorize
end
it
'responds with 401'
do
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
context
'for unauthenticated'
do
...
...
@@ -853,10 +1012,42 @@ describe 'Git LFS API and storage' do
end
end
context
'when
CI is authenticat
ed'
do
context
'when
build is authoriz
ed'
do
let
(
:authorization
)
{
authorize_ci_project
}
it_behaves_like
'unauthorized'
before
do
put_authorize
end
context
'build has an user'
do
let
(
:user
)
{
create
(
:user
)
}
context
'tries to push to own project'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it
'responds with 403'
do
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'tries to push to other project'
do
let
(
:other_project
)
{
create
(
:empty_project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
other_project
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it
'responds with 403'
do
expect
(
response
).
to
have_http_status
(
403
)
end
end
end
context
'does not have user'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
it
'responds with 401'
do
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
context
'for unauthenticated'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment