pages_domains_spec.rb 16.1 KB
Newer Older
1 2 3
require 'rails_helper'

describe API::PagesDomains do
Rob Watson's avatar
Rob Watson committed
4
  set(:project) { create(:project, path: 'my.project', pages_https_only: false) }
5
  set(:user) { create(:user) }
6
  set(:admin) { create(:admin) }
7

Rob Watson's avatar
Rob Watson committed
8 9 10
  set(:pages_domain) { create(:pages_domain, :without_key, :without_certificate, domain: 'www.domain.test', project: project) }
  set(:pages_domain_secure) { create(:pages_domain, domain: 'ssl.domain.test', project: project) }
  set(:pages_domain_expired) { create(:pages_domain, :with_expired_certificate, domain: 'expired.domain.test', project: project) }
11

Rob Watson's avatar
Rob Watson committed
12 13 14
  let(:pages_domain_params) { build(:pages_domain, :without_key, :without_certificate, domain: 'www.other-domain.test').slice(:domain) }
  let(:pages_domain_secure_params) { build(:pages_domain, domain: 'ssl.other-domain.test', project: project).slice(:domain, :certificate, :key) }
  let(:pages_domain_secure_key_missmatch_params) {build(:pages_domain, :with_trusted_chain, project: project).slice(:domain, :certificate, :key) }
15 16 17 18
  let(:pages_domain_secure_missing_chain_params) {build(:pages_domain, :with_missing_chain, project: project).slice(:certificate) }

  let(:route) { "/projects/#{project.id}/pages/domains" }
  let(:route_domain) { "/projects/#{project.id}/pages/domains/#{pages_domain.domain}" }
19
  let(:route_domain_path) { "/projects/#{project.full_path.gsub('/', '%2F')}/pages/domains/#{pages_domain.domain}" }
20 21 22 23 24 25 26 27
  let(:route_secure_domain) { "/projects/#{project.id}/pages/domains/#{pages_domain_secure.domain}" }
  let(:route_expired_domain) { "/projects/#{project.id}/pages/domains/#{pages_domain_expired.domain}" }
  let(:route_vacant_domain) { "/projects/#{project.id}/pages/domains/www.vacant-domain.test" }

  before do
    allow(Gitlab.config.pages).to receive(:enabled).and_return(true)
  end

28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
  describe 'GET /pages/domains' do
    context 'when pages is disabled' do
      before do
        allow(Gitlab.config.pages).to receive(:enabled).and_return(false)
      end

      it_behaves_like '404 response' do
        let(:request) { get api('/pages/domains', admin) }
      end
    end

    context 'when pages is enabled' do
      context 'when authenticated as an admin' do
        it 'returns paginated all pages domains' do
          get api('/pages/domains', admin)

          expect(response).to have_gitlab_http_status(200)
          expect(response).to match_response_schema('public_api/v4/pages_domain_basics')
          expect(response).to include_pagination_headers
          expect(json_response).to be_an Array
          expect(json_response.size).to eq(3)
          expect(json_response.last).to have_key('domain')
50
          expect(json_response.last).to have_key('project_id')
51 52 53 54 55 56 57 58 59 60 61 62 63 64
          expect(json_response.last).to have_key('certificate_expiration')
          expect(json_response.last['certificate_expiration']['expired']).to be true
          expect(json_response.first).not_to have_key('certificate_expiration')
        end
      end

      context 'when authenticated as a non-member' do
        it_behaves_like '403 response' do
          let(:request) { get api('/pages/domains', user) }
        end
      end
    end
  end

65 66 67 68 69 70
  describe 'GET /projects/:project_id/pages/domains' do
    shared_examples_for 'get pages domains' do
      it 'returns paginated pages domains' do
        get api(route, user)

        expect(response).to have_gitlab_http_status(200)
71
        expect(response).to match_response_schema('public_api/v4/pages_domains')
72 73 74 75 76 77 78 79 80 81 82
        expect(response).to include_pagination_headers
        expect(json_response).to be_an Array
        expect(json_response.size).to eq(3)
        expect(json_response.map { |pages_domain| pages_domain['domain'] }).to include(pages_domain.domain)
        expect(json_response.last).to have_key('domain')
      end
    end

    context 'when pages is disabled' do
      before do
        allow(Gitlab.config.pages).to receive(:enabled).and_return(false)
83
        project.add_maintainer(user)
84 85 86 87 88 89 90
      end

      it_behaves_like '404 response' do
        let(:request) { get api(route, user) }
      end
    end

91
    context 'when user is a maintainer' do
92
      before do
93
        project.add_maintainer(user)
94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141
      end

      it_behaves_like 'get pages domains'
    end

    context 'when user is a developer' do
      before do
        project.add_developer(user)
      end

      it_behaves_like '403 response' do
        let(:request) { get api(route, user) }
      end
    end

    context 'when user is a reporter' do
      before do
        project.add_reporter(user)
      end

      it_behaves_like '403 response' do
        let(:request) { get api(route, user) }
      end
    end

    context 'when user is a guest' do
      before do
        project.add_guest(user)
      end

      it_behaves_like '403 response' do
        let(:request) { get api(route, user) }
      end
    end

    context 'when user is not a member' do
      it_behaves_like '404 response' do
        let(:request) { get api(route, user) }
      end
    end
  end

  describe 'GET /projects/:project_id/pages/domains/:domain' do
    shared_examples_for 'get pages domain' do
      it 'returns pages domain' do
        get api(route_domain, user)

        expect(response).to have_gitlab_http_status(200)
142
        expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
143 144 145 146 147 148 149 150 151 152
        expect(json_response['domain']).to eq(pages_domain.domain)
        expect(json_response['url']).to eq(pages_domain.url)
        expect(json_response['certificate']).to be_nil
      end

      it 'returns pages domain with project path' do
        get api(route_domain_path, user)

        expect(response).to have_gitlab_http_status(200)
        expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
153 154 155 156 157 158 159 160 161
        expect(json_response['domain']).to eq(pages_domain.domain)
        expect(json_response['url']).to eq(pages_domain.url)
        expect(json_response['certificate']).to be_nil
      end

      it 'returns pages domain with a certificate' do
        get api(route_secure_domain, user)

        expect(response).to have_gitlab_http_status(200)
162
        expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
163 164 165 166 167 168 169 170 171 172
        expect(json_response['domain']).to eq(pages_domain_secure.domain)
        expect(json_response['url']).to eq(pages_domain_secure.url)
        expect(json_response['certificate']['subject']).to eq(pages_domain_secure.subject)
        expect(json_response['certificate']['expired']).to be false
      end

      it 'returns pages domain with an expired certificate' do
        get api(route_expired_domain, user)

        expect(response).to have_gitlab_http_status(200)
173
        expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
174 175 176 177 178 179
        expect(json_response['certificate']['expired']).to be true
      end
    end

    context 'when domain is vacant' do
      before do
180
        project.add_maintainer(user)
181 182 183 184 185 186 187
      end

      it_behaves_like '404 response' do
        let(:request) { get api(route_vacant_domain, user) }
      end
    end

188
    context 'when user is a maintainer' do
189
      before do
190
        project.add_maintainer(user)
191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238
      end

      it_behaves_like 'get pages domain'
    end

    context 'when user is a developer' do
      before do
        project.add_developer(user)
      end

      it_behaves_like '403 response' do
        let(:request) { get api(route, user) }
      end
    end

    context 'when user is a reporter' do
      before do
        project.add_reporter(user)
      end

      it_behaves_like '403 response' do
        let(:request) { get api(route, user) }
      end
    end

    context 'when user is a guest' do
      before do
        project.add_guest(user)
      end

      it_behaves_like '403 response' do
        let(:request) { get api(route, user) }
      end
    end

    context 'when user is not a member' do
      it_behaves_like '404 response' do
        let(:request) { get api(route, user) }
      end
    end
  end

  describe 'POST /projects/:project_id/pages/domains' do
    let(:params) { pages_domain_params.slice(:domain) }
    let(:params_secure) { pages_domain_secure_params.slice(:domain, :certificate, :key) }

    shared_examples_for 'post pages domains' do
      it 'creates a new pages domain' do
blackst0ne's avatar
blackst0ne committed
239
        post api(route, user), params: params
240 241 242
        pages_domain = PagesDomain.find_by(domain: json_response['domain'])

        expect(response).to have_gitlab_http_status(201)
243
        expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
244 245 246 247 248 249
        expect(pages_domain.domain).to eq(params[:domain])
        expect(pages_domain.certificate).to be_nil
        expect(pages_domain.key).to be_nil
      end

      it 'creates a new secure pages domain' do
blackst0ne's avatar
blackst0ne committed
250
        post api(route, user), params: params_secure
251 252 253
        pages_domain = PagesDomain.find_by(domain: json_response['domain'])

        expect(response).to have_gitlab_http_status(201)
254
        expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
255 256 257 258 259 260
        expect(pages_domain.domain).to eq(params_secure[:domain])
        expect(pages_domain.certificate).to eq(params_secure[:certificate])
        expect(pages_domain.key).to eq(params_secure[:key])
      end

      it 'fails to create pages domain without key' do
blackst0ne's avatar
blackst0ne committed
261
        post api(route, user), params: pages_domain_secure_params.slice(:domain, :certificate)
262 263 264 265 266

        expect(response).to have_gitlab_http_status(400)
      end

      it 'fails to create pages domain with key missmatch' do
blackst0ne's avatar
blackst0ne committed
267
        post api(route, user), params: pages_domain_secure_key_missmatch_params.slice(:domain, :certificate, :key)
268 269 270 271 272

        expect(response).to have_gitlab_http_status(400)
      end
    end

273
    context 'when user is a maintainer' do
274
      before do
275
        project.add_maintainer(user)
276 277 278 279 280 281 282 283 284 285 286
      end

      it_behaves_like 'post pages domains'
    end

    context 'when user is a developer' do
      before do
        project.add_developer(user)
      end

      it_behaves_like '403 response' do
blackst0ne's avatar
blackst0ne committed
287
        let(:request) { post api(route, user), params: params }
288 289 290 291 292 293 294 295 296
      end
    end

    context 'when user is a reporter' do
      before do
        project.add_reporter(user)
      end

      it_behaves_like '403 response' do
blackst0ne's avatar
blackst0ne committed
297
        let(:request) { post api(route, user), params: params }
298 299 300 301 302 303 304 305 306
      end
    end

    context 'when user is a guest' do
      before do
        project.add_guest(user)
      end

      it_behaves_like '403 response' do
blackst0ne's avatar
blackst0ne committed
307
        let(:request) { post api(route, user), params: params }
308 309 310 311 312
      end
    end

    context 'when user is not a member' do
      it_behaves_like '404 response' do
blackst0ne's avatar
blackst0ne committed
313
        let(:request) { post api(route, user), params: params }
314 315 316 317 318 319 320 321 322 323 324 325 326 327
      end
    end
  end

  describe 'PUT /projects/:project_id/pages/domains/:domain' do
    let(:params_secure) { pages_domain_secure_params.slice(:certificate, :key) }
    let(:params_secure_nokey) { pages_domain_secure_params.slice(:certificate) }

    shared_examples_for 'put pages domain' do
      it 'updates pages domain removing certificate' do
        put api(route_secure_domain, user)
        pages_domain_secure.reload

        expect(response).to have_gitlab_http_status(200)
328
        expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
329 330 331 332 333
        expect(pages_domain_secure.certificate).to be_nil
        expect(pages_domain_secure.key).to be_nil
      end

      it 'updates pages domain adding certificate' do
blackst0ne's avatar
blackst0ne committed
334
        put api(route_domain, user), params: params_secure
335 336 337
        pages_domain.reload

        expect(response).to have_gitlab_http_status(200)
338
        expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
339 340 341 342 343
        expect(pages_domain.certificate).to eq(params_secure[:certificate])
        expect(pages_domain.key).to eq(params_secure[:key])
      end

      it 'updates pages domain with expired certificate' do
blackst0ne's avatar
blackst0ne committed
344
        put api(route_expired_domain, user), params: params_secure
345 346 347
        pages_domain_expired.reload

        expect(response).to have_gitlab_http_status(200)
348
        expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
349 350 351 352 353
        expect(pages_domain_expired.certificate).to eq(params_secure[:certificate])
        expect(pages_domain_expired.key).to eq(params_secure[:key])
      end

      it 'updates pages domain with expired certificate not updating key' do
blackst0ne's avatar
blackst0ne committed
354
        put api(route_secure_domain, user), params: params_secure_nokey
355 356 357
        pages_domain_secure.reload

        expect(response).to have_gitlab_http_status(200)
358
        expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
359 360 361
        expect(pages_domain_secure.certificate).to eq(params_secure_nokey[:certificate])
      end

362 363 364 365 366 367 368 369
      it 'updates certificate source to user_provided if is changed' do
        pages_domain.update!(certificate_source: 'gitlab_provided')

        expect do
          put api(route_domain, user), params: params_secure
        end.to change { pages_domain.reload.certificate_source }.from('gitlab_provided').to('user_provided')
      end

370
      it 'fails to update pages domain adding certificate without key' do
blackst0ne's avatar
blackst0ne committed
371
        put api(route_domain, user), params: params_secure_nokey
372 373 374 375 376

        expect(response).to have_gitlab_http_status(400)
      end

      it 'fails to update pages domain adding certificate with missing chain' do
blackst0ne's avatar
blackst0ne committed
377
        put api(route_domain, user), params: pages_domain_secure_missing_chain_params.slice(:certificate)
378 379 380 381 382

        expect(response).to have_gitlab_http_status(400)
      end

      it 'fails to update pages domain with key missmatch' do
blackst0ne's avatar
blackst0ne committed
383
        put api(route_secure_domain, user), params: pages_domain_secure_key_missmatch_params.slice(:certificate, :key)
384 385 386 387 388 389 390

        expect(response).to have_gitlab_http_status(400)
      end
    end

    context 'when domain is vacant' do
      before do
391
        project.add_maintainer(user)
392 393 394 395 396 397 398
      end

      it_behaves_like '404 response' do
        let(:request) { put api(route_vacant_domain, user) }
      end
    end

399
    context 'when user is a maintainer' do
400
      before do
401
        project.add_maintainer(user)
402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454
      end

      it_behaves_like 'put pages domain'
    end

    context 'when user is a developer' do
      before do
        project.add_developer(user)
      end

      it_behaves_like '403 response' do
        let(:request) { put api(route_domain, user) }
      end
    end

    context 'when user is a reporter' do
      before do
        project.add_reporter(user)
      end

      it_behaves_like '403 response' do
        let(:request) { put api(route_domain, user) }
      end
    end

    context 'when user is a guest' do
      before do
        project.add_guest(user)
      end

      it_behaves_like '403 response' do
        let(:request) { put api(route_domain, user) }
      end
    end

    context 'when user is not a member' do
      it_behaves_like '404 response' do
        let(:request) { put api(route_domain, user) }
      end
    end
  end

  describe 'DELETE /projects/:project_id/pages/domains/:domain' do
    shared_examples_for 'delete pages domain' do
      it 'deletes a pages domain' do
        delete api(route_domain, user)

        expect(response).to have_gitlab_http_status(204)
      end
    end

    context 'when domain is vacant' do
      before do
455
        project.add_maintainer(user)
456 457 458 459 460 461 462
      end

      it_behaves_like '404 response' do
        let(:request) { delete api(route_vacant_domain, user) }
      end
    end

463
    context 'when user is a maintainer' do
464
      before do
465
        project.add_maintainer(user)
466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507
      end

      it_behaves_like 'delete pages domain'
    end

    context 'when user is a developer' do
      before do
        project.add_developer(user)
      end

      it_behaves_like '403 response' do
        let(:request) { delete api(route_domain, user) }
      end
    end

    context 'when user is a reporter' do
      before do
        project.add_reporter(user)
      end

      it_behaves_like '403 response' do
        let(:request) { delete api(route_domain, user) }
      end
    end

    context 'when user is a guest' do
      before do
        project.add_guest(user)
      end

      it_behaves_like '403 response' do
        let(:request) { delete api(route_domain, user) }
      end
    end

    context 'when user is not a member' do
      it_behaves_like '404 response' do
        let(:request) { delete api(route_domain, user) }
      end
    end
  end
end