Commit eafa1b9f authored by Semyon Pupkov's avatar Semyon Pupkov

Replace project builds permissions spinach with RSpec

https://gitlab.com/gitlab-org/gitlab-ce/issues/23036
parent 6b246360
Feature: Project Builds Permissions
Background:
Given I sign in as a user
And project exists in some group namespace
And project has CI enabled
And project has a recent build
Scenario: I try to visit build details as guest
Given I am member of a project with a guest role
When I visit recent build details page
Then page status code should be 404
Scenario: I try to visit project builds page as guest
Given I am member of a project with a guest role
When I visit project builds page
Then page status code should be 404
Scenario: I try to visit build details of internal project without access to builds
Given The project is internal
And public access for builds is disabled
When I visit recent build details page
Then page status code should be 404
Scenario: I try to visit internal project builds page without access to builds
Given The project is internal
And public access for builds is disabled
When I visit project builds page
Then page status code should be 404
@javascript
Scenario: I try to visit build details of internal project with access to builds
Given The project is internal
And public access for builds is enabled
When I visit recent build details page
Then I see details of a build
And I see build trace
Scenario: I try to visit internal project builds page with access to builds
Given The project is internal
And public access for builds is enabled
When I visit project builds page
Then I see the build
Scenario: I try to download build artifacts as guest
Given I am member of a project with a guest role
And recent build has artifacts available
When I access artifacts download page
Then page status code should be 404
Scenario: I try to download build artifacts as reporter
Given I am member of a project with a reporter role
And recent build has artifacts available
When I access artifacts download page
Then download of build artifacts archive starts
class Spinach::Features::ProjectBuildsPermissions < Spinach::FeatureSteps
include SharedAuthentication
include SharedProject
include SharedBuilds
include SharedPaths
include RepoHelpers
end
...@@ -30,10 +30,6 @@ module SharedBuilds ...@@ -30,10 +30,6 @@ module SharedBuilds
visit project_job_path(@project, @build) visit project_job_path(@project, @build)
end end
step 'I visit project builds page' do
visit project_jobs_path(@project)
end
step 'recent build has artifacts available' do step 'recent build has artifacts available' do
artifacts = Rails.root + 'spec/fixtures/ci_build_artifacts.zip' artifacts = Rails.root + 'spec/fixtures/ci_build_artifacts.zip'
archive = fixture_file_upload(artifacts, 'application/zip') archive = fixture_file_upload(artifacts, 'application/zip')
...@@ -54,25 +50,4 @@ module SharedBuilds ...@@ -54,25 +50,4 @@ module SharedBuilds
expect(page.response_headers['Content-Type']).to eq 'application/zip' expect(page.response_headers['Content-Type']).to eq 'application/zip'
expect(page.response_headers['Content-Transfer-Encoding']).to eq 'binary' expect(page.response_headers['Content-Transfer-Encoding']).to eq 'binary'
end end
step 'I access artifacts download page' do
visit download_project_job_artifacts_path(@project, @build)
end
step 'I see details of a build' do
expect(page).to have_content "Job ##{@build.id}"
end
step 'I see build trace' do
expect(page).to have_css '#build-trace'
end
step 'I see the build' do
page.within('.build') do
expect(page).to have_content "##{@build.id}"
expect(page).to have_content @build.sha[0..7]
expect(page).to have_content @build.ref
expect(page).to have_content @build.name
end
end
end end
...@@ -451,12 +451,4 @@ module SharedPaths ...@@ -451,12 +451,4 @@ module SharedPaths
mr = MergeRequest.find_by(title: title) mr = MergeRequest.find_by(title: title)
project_merge_request_path(mr.target_project, mr) project_merge_request_path(mr.target_project, mr)
end end
# ----------------------------------------
# Errors
# ----------------------------------------
step 'page status code should be 404' do
expect(status_code).to eq 404
end
end end
...@@ -13,11 +13,6 @@ module SharedProject ...@@ -13,11 +13,6 @@ module SharedProject
@project.add_master(@user) @project.add_master(@user)
end end
step "project exists in some group namespace" do
@group = create(:group, name: 'some group')
@project = create(:project, :repository, namespace: @group, public_builds: false)
end
# Create a specific project called "Shop" # Create a specific project called "Shop"
step 'I own project "Shop"' do step 'I own project "Shop"' do
@project = Project.find_by(name: "Shop") @project = Project.find_by(name: "Shop")
...@@ -29,18 +24,6 @@ module SharedProject ...@@ -29,18 +24,6 @@ module SharedProject
@project ||= Project.first @project ||= Project.first
end end
# ----------------------------------------
# Project permissions
# ----------------------------------------
step 'I am member of a project with a guest role' do
@project.add_guest(@user)
end
step 'I am member of a project with a reporter role' do
@project.add_reporter(@user)
end
# ---------------------------------------- # ----------------------------------------
# Visibility of archived project # Visibility of archived project
# ---------------------------------------- # ----------------------------------------
...@@ -140,18 +123,6 @@ module SharedProject ...@@ -140,18 +123,6 @@ module SharedProject
create(:label, project: project, title: 'enhancement') create(:label, project: project, title: 'enhancement')
end end
step 'The project is internal' do
@project.update(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
end
step 'public access for builds is enabled' do
@project.update(public_builds: true)
end
step 'public access for builds is disabled' do
@project.update(public_builds: false)
end
def user_owns_project(user_name:, project_name:, visibility: :private) def user_owns_project(user_name:, project_name:, visibility: :private)
user = user_exists(user_name, username: user_name.gsub(/\s/, '').underscore) user = user_exists(user_name, username: user_name.gsub(/\s/, '').underscore)
project = Project.find_by(name: project_name) project = Project.find_by(name: project_name)
......
require 'spec_helper'
describe 'Project Jobs Permissions' do
let(:user) { create(:user) }
let(:group) { create(:group, name: 'some group') }
let(:project) { create(:project, :repository, namespace: group) }
let(:pipeline) { create(:ci_empty_pipeline, project: project, sha: project.commit.sha, ref: 'master') }
let!(:job) { create(:ci_build, :running, :coverage, :trace_artifact, pipeline: pipeline) }
before do
sign_in(user)
project.enable_ci
end
describe 'jobs pages' do
shared_examples 'recent job page details responds with status' do |status|
before do
visit project_job_path(project, job)
end
it { expect(status_code).to eq(status) }
end
shared_examples 'project jobs page responds with status' do |status|
before do
visit project_jobs_path(project)
end
it { expect(status_code).to eq(status) }
end
context 'when public access for jobs is disabled' do
before do
project.update(public_builds: false)
end
context 'when user is a guest' do
before do
project.add_guest(user)
end
it_behaves_like 'recent job page details responds with status', 404
it_behaves_like 'project jobs page responds with status', 404
end
context 'when project is internal' do
before do
project.update(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
end
it_behaves_like 'recent job page details responds with status', 404
it_behaves_like 'project jobs page responds with status', 404
end
end
context 'when public access for jobs is enabled' do
before do
project.update(public_builds: true)
end
context 'when project is internal' do
before do
project.update(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
end
it_behaves_like 'recent job page details responds with status', 200 do
it 'renders job details', :js do
expect(page).to have_content "Job ##{job.id}"
expect(page).to have_css '#build-trace'
end
end
it_behaves_like 'project jobs page responds with status', 200 do
it 'renders job' do
page.within('.build') do
expect(page).to have_content("##{job.id}")
.and have_content(job.sha[0..7])
.and have_content(job.ref)
.and have_content(job.name)
end
end
end
end
end
end
describe 'artifacts page' do
context 'when recent job has artifacts available' do
before do
artifacts = Rails.root.join('spec/fixtures/ci_build_artifacts.zip')
archive = fixture_file_upload(artifacts, 'application/zip')
job.update_attributes(legacy_artifacts_file: archive)
end
context 'when public access for jobs is disabled' do
before do
project.update(public_builds: false)
end
context 'when user with guest role' do
before do
project.add_guest(user)
end
it 'responds with 404 status' do
visit download_project_job_artifacts_path(project, job)
expect(status_code).to eq(404)
end
end
context 'when user with reporter role' do
before do
project.add_reporter(user)
end
it 'starts download artifact' do
visit download_project_job_artifacts_path(project, job)
expect(status_code).to eq(200)
expect(page.response_headers['Content-Type']).to eq 'application/zip'
expect(page.response_headers['Content-Transfer-Encoding']).to eq 'binary'
end
end
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment