Commit 3968b07d authored by Grzegorz Bizon's avatar Grzegorz Bizon

Add tests for serialization entities, add user entity

parent c315332b
class CommitEntity < API::Entities::RepoCommit class CommitEntity < API::Entities::RepoCommit
include RequestAwareEntity include RequestAwareEntity
expose :author, using: API::Entities::UserBasic expose :author, using: UserEntity
expose :commit_url do |commit| expose :commit_url do |commit|
@urls.namespace_project_tree_url( @urls.namespace_project_tree_url(
......
...@@ -20,7 +20,7 @@ class DeploymentEntity < Grape::Entity ...@@ -20,7 +20,7 @@ class DeploymentEntity < Grape::Entity
expose :tag expose :tag
expose :last? expose :last?
expose :user, using: API::Entities::UserBasic expose :user, using: UserEntity
expose :commit, using: CommitEntity expose :commit, using: CommitEntity
expose :deployable, using: BuildEntity expose :deployable, using: BuildEntity
expose :manual_actions, using: BuildEntity expose :manual_actions, using: BuildEntity
......
class UserEntity < API::Entities::UserBasic
end
...@@ -14,6 +14,11 @@ describe BuildEntity do ...@@ -14,6 +14,11 @@ describe BuildEntity do
expect(subject).to include(:build_url, :retry_url) expect(subject).to include(:build_url, :retry_url)
expect(subject).not_to include(:play_url) expect(subject).not_to include(:play_url)
end end
it 'does not contain sensitive information' do
expect(subject).not_to include(/token/)
expect(subject).not_to include(/variables/)
end
end end
context 'when build is a manual action' do context 'when build is a manual action' do
......
require 'spec_helper'
describe CommitEntity do
let(:entity) do
described_class.new(commit, request: request)
end
let(:request) { double('request') }
let(:project) { create(:project) }
let(:commit) { project.commit }
subject { entity.as_json }
before do
allow(request).to receive(:project).and_return(project)
end
context 'when commit author is a user' do
before do
create(:user, email: commit.author_email)
end
it 'contains information about user' do
expect(subject.fetch(:author)).not_to be_nil
end
end
context 'when commit author is not a user' do
it 'does not contain author details' do
expect(subject.fetch(:author)).to be_nil
end
end
it 'contains commit URL' do
expect(subject).to include(:commit_url)
end
it 'needs to receive project in the request' do
expect(request).to receive(:project)
.and_return(project)
subject
end
end
require 'spec_helper'
describe UserEntity do
let(:entity) { described_class.new(user) }
let(:user) { create(:user) }
subject { entity.as_json }
it 'exposes user name and login' do
expect(subject).to include(:username, :name)
end
it 'does not expose passwords' do
expect(subject).not_to include(/password/)
end
it 'does not expose tokens' do
expect(subject).not_to include(/token/)
end
it 'does not expose 2FA OTPs' do
expect(subject).not_to include(/otp/)
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment