Commit 4cd4cf67 authored by Patricio Cano's avatar Patricio Cano

Added better tests for the protocol check

parent fd41b8a4
......@@ -11,7 +11,7 @@ describe GitlabAccess do
end
end
subject do
GitlabAccess.new(repo_path, 'key-123', 'wow').tap do |access|
GitlabAccess.new(repo_path, 'key-123', 'wow', 'ssh').tap do |access|
access.stub(exec_cmd: :exec_called)
access.stub(api: api)
end
......@@ -25,6 +25,7 @@ describe GitlabAccess do
it { subject.repo_name.should == repo_name }
it { subject.repo_path.should == repo_path }
it { subject.changes.should == ['wow'] }
it { subject.protocol.should == 'ssh' }
end
describe "#exec" do
......
......@@ -130,6 +130,42 @@ describe GitlabNet, vcr: true do
end
end
context 'ssh access has been disabled' do
it 'should deny pull access for dev.gitlab.org' do
VCR.use_cassette('ssh-access-disabled') do
access = gitlab_net.check_access('git-receive-pack', 'gitlab/gitlabhq.git', 'key-2', changes, 'ssh')
access.allowed?.should be_false
access.message.should eq 'Git access over SSH is not allowed'
end
end
it 'should deny pull access for dev.gitlab.org' do
VCR.use_cassette('ssh-access-disabled') do
access = gitlab_net.check_access('git-receive-pack', 'gitlab/gitlabhq.git', 'key-2', changes, 'ssh')
access.allowed?.should be_false
access.message.should eq 'Git access over SSH is not allowed'
end
end
end
context 'http access has been disabled' do
it 'should deny pull access for dev.gitlab.org' do
VCR.use_cassette('http-access-disabled') do
access = gitlab_net.check_access('git-receive-pack', 'gitlab/gitlabhq.git', 'key-2', changes, 'http')
access.allowed?.should be_false
access.message.should eq 'Git access over HTTP is not allowed'
end
end
it 'should deny pull access for dev.gitlab.org' do
VCR.use_cassette('http-access-disabled') do
access = gitlab_net.check_access('git-receive-pack', 'gitlab/gitlabhq.git', 'key-2', changes, 'http')
access.allowed?.should be_false
access.message.should eq 'Git access over HTTP is not allowed'
end
end
end
context 'ssh key without access to project' do
it 'should deny pull access for dev.gitlab.org' do
VCR.use_cassette("denied-pull") do
......
---
http_interactions:
- request:
method: post
uri: https://dev.gitlab.org/api/v3/internal/allowed
body:
encoding: US-ASCII
string: action=git-receive-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&protocol=http&key_id=2&secret_token=a123
headers:
Accept-Encoding:
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
Accept:
- "*/*"
User-Agent:
- Ruby
Content-Type:
- application/x-www-form-urlencoded
response:
status:
code: 200
message: OK
headers:
Cache-Control:
- no-cache
Content-Length:
- '30'
Content-Type:
- application/json
Date:
- Wed, 22 Jun 2016 01:03:41 GMT
Status:
- 200 OK
Vary:
- Origin
X-Request-Id:
- 55b7af2c-3559-41d2-b301-9b86ad1d8fac
X-Runtime:
- '2.280895'
body:
encoding: UTF-8
string: '{"status": false, "message":"Git access over HTTP is not allowed"}'
http_version:
recorded_at: Wed, 22 Jun 2016 01:03:41 GMT
recorded_with: VCR 2.4.0
\ No newline at end of file
---
http_interactions:
- request:
method: post
uri: https://dev.gitlab.org/api/v3/internal/allowed
body:
encoding: US-ASCII
string: action=git-receive-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&protocol=ssh&key_id=2&secret_token=a123
headers:
Accept-Encoding:
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
Accept:
- "*/*"
User-Agent:
- Ruby
Content-Type:
- application/x-www-form-urlencoded
response:
status:
code: 200
message: OK
headers:
Cache-Control:
- no-cache
Content-Length:
- '30'
Content-Type:
- application/json
Date:
- Wed, 22 Jun 2016 01:01:41 GMT
Status:
- 200 OK
Vary:
- Origin
X-Request-Id:
- 55b7af2c-3559-41d2-b301-9b86ad1d8fac
X-Runtime:
- '2.280895'
body:
encoding: UTF-8
string: '{"status": false, "message":"Git access over SSH is not allowed"}'
http_version:
recorded_at: Wed, 22 Jun 2016 01:01:41 GMT
recorded_with: VCR 2.4.0
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment