Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
dc15201c
Commit
dc15201c
authored
8 years ago
by
Horatiu Eugen Vlad
Committed by
Rémy Coutable
8 years ago
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Added git http requests tests for user with LDAP identity
Signed-off-by:
Rémy Coutable
<
remy@rymai.me
>
parent
3b206ccb
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
381 additions
and
324 deletions
+381
-324
spec/requests/git_http_spec.rb
spec/requests/git_http_spec.rb
+333
-324
spec/support/git_http_helpers.rb
spec/support/git_http_helpers.rb
+48
-0
No files found.
spec/requests/git_http_spec.rb
View file @
dc15201c
require
"spec_helper"
describe
'Git HTTP requests'
,
lib:
true
do
include
GitHttpHelpers
include
WorkhorseHelpers
let
(
:user
)
{
create
(
:user
)
}
let
(
:project
)
{
create
(
:project
,
path:
'project.git-project'
)
}
it
"gives WWW-Authenticate hints"
do
clone_get
(
'doesnt/exist.git'
)
expect
(
response
.
header
[
'WWW-Authenticate'
]).
to
start_with
(
'Basic '
)
end
describe
"User with no identities"
do
let
(
:user
)
{
create
(
:user
)
}
let
(
:project
)
{
create
(
:project
,
path:
'project.git-project'
)
}
context
"when the project doesn't exist"
do
context
"when no authentication is provided"
do
it
"responds with status 401 (no project existence information leak)"
do
...
...
@@ -458,51 +460,58 @@ describe 'Git HTTP requests', lib: true do
end
end
end
def
clone_get
(
project
,
options
=
{})
get
"/
#{
project
}
/info/refs"
,
{
service:
'git-upload-pack'
},
auth_env
(
*
options
.
values_at
(
:user
,
:password
,
:spnego_request_token
))
end
de
f
clone_post
(
project
,
options
=
{})
post
"/
#{
project
}
/git-upload-pack"
,
{},
auth_env
(
*
options
.
values_at
(
:user
,
:password
,
:spnego_request_token
))
end
de
scribe
"User with LDAP identity"
do
let
(
:user
)
{
create
(
:omniauth_user
,
extern_uid:
dn
)
}
let
(
:dn
)
{
'uid=john,ou=people,dc=example,dc=com'
}
def
push_get
(
project
,
options
=
{})
get
"/
#{
project
}
/info/refs"
,
{
service:
'git-receive-pack'
},
auth_env
(
*
options
.
values_at
(
:user
,
:password
,
:spnego_request_token
))
before
do
allow
(
Gitlab
::
LDAP
::
Config
).
to
receive
(
:enabled?
).
and_return
(
true
)
allow
(
Gitlab
::
LDAP
::
Authentication
).
to
receive
(
:login
).
and_return
(
nil
)
allow
(
Gitlab
::
LDAP
::
Authentication
).
to
receive
(
:login
).
with
(
user
.
username
,
user
.
password
).
and_return
(
user
)
end
def
push_post
(
project
,
options
=
{})
post
"/
#{
project
}
/git-receive-pack"
,
{},
auth_env
(
*
options
.
values_at
(
:user
,
:password
,
:spnego_request_token
))
context
"when authentication fails"
do
context
"when no authentication is provided"
do
it
"responds with status 401"
do
download
(
'doesnt/exist.git'
)
do
|
response
|
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
def
download
(
project
,
user:
nil
,
password:
nil
,
spnego_request_token:
nil
)
args
=
[
project
,
{
user:
user
,
password:
password
,
spnego_request_token:
spnego_request_token
}]
clone_get
(
*
args
)
yield
response
clone_post
(
*
args
)
yield
response
context
"when username and invalid password are provided"
do
it
"responds with status 401"
do
download
(
'doesnt/exist.git'
,
user:
user
.
username
,
password:
"nope"
)
do
|
response
|
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
end
def
upload
(
project
,
user:
nil
,
password:
nil
,
spnego_request_token:
nil
)
args
=
[
project
,
{
user:
user
,
password:
password
,
spnego_request_token:
spnego_request_token
}]
context
"when authentication succeeds"
do
context
"when the project doesn't exist"
do
it
"responds with status 404"
do
download
(
'/doesnt/exist.git'
,
user:
user
.
username
,
password:
user
.
password
)
do
|
response
|
expect
(
response
).
to
have_http_status
(
404
)
end
end
end
push_get
(
*
args
)
yield
response
context
"when the project exists"
do
let
(
:project
)
{
create
(
:project
,
path:
'project.git-project'
)
}
push_post
(
*
args
)
yield
response
before
do
project
.
team
<<
[
user
,
:master
]
end
def
auth_env
(
user
,
password
,
spnego_request_token
)
env
=
workhorse_internal_api_request_header
if
user
&&
password
env
[
'HTTP_AUTHORIZATION'
]
=
ActionController
::
HttpAuthentication
::
Basic
.
encode_credentials
(
user
,
password
)
elsif
spnego_request_token
en
v
[
'HTTP_AUTHORIZATION'
]
=
"Negotiate
#{
::
Base64
.
strict_encode64
(
'opaque_request_token'
)
}
"
it
"responds with status 200"
do
clone_get
(
path
,
user:
user
.
username
,
password:
user
.
password
)
do
|
response
|
expect
(
response
).
to
have_http_status
(
200
)
end
end
en
d
end
env
end
end
This diff is collapsed.
Click to expand it.
spec/support/git_http_helpers.rb
0 → 100644
View file @
dc15201c
module
GitHttpHelpers
def
clone_get
(
project
,
options
=
{})
get
"/
#{
project
}
/info/refs"
,
{
service:
'git-upload-pack'
},
auth_env
(
*
options
.
values_at
(
:user
,
:password
,
:spnego_request_token
))
end
def
clone_post
(
project
,
options
=
{})
post
"/
#{
project
}
/git-upload-pack"
,
{},
auth_env
(
*
options
.
values_at
(
:user
,
:password
,
:spnego_request_token
))
end
def
push_get
(
project
,
options
=
{})
get
"/
#{
project
}
/info/refs"
,
{
service:
'git-receive-pack'
},
auth_env
(
*
options
.
values_at
(
:user
,
:password
,
:spnego_request_token
))
end
def
push_post
(
project
,
options
=
{})
post
"/
#{
project
}
/git-receive-pack"
,
{},
auth_env
(
*
options
.
values_at
(
:user
,
:password
,
:spnego_request_token
))
end
def
download
(
project
,
user:
nil
,
password:
nil
,
spnego_request_token:
nil
)
args
=
[
project
,
{
user:
user
,
password:
password
,
spnego_request_token:
spnego_request_token
}]
clone_get
(
*
args
)
yield
response
clone_post
(
*
args
)
yield
response
end
def
upload
(
project
,
user:
nil
,
password:
nil
,
spnego_request_token:
nil
)
args
=
[
project
,
{
user:
user
,
password:
password
,
spnego_request_token:
spnego_request_token
}]
push_get
(
*
args
)
yield
response
push_post
(
*
args
)
yield
response
end
def
auth_env
(
user
,
password
,
spnego_request_token
)
env
=
workhorse_internal_api_request_header
if
user
&&
password
env
[
'HTTP_AUTHORIZATION'
]
=
ActionController
::
HttpAuthentication
::
Basic
.
encode_credentials
(
user
,
password
)
elsif
spnego_request_token
env
[
'HTTP_AUTHORIZATION'
]
=
"Negotiate
#{
::
Base64
.
strict_encode64
(
'opaque_request_token'
)
}
"
end
env
end
end
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment