ReadonlyGeo middleware specs

89492c90 · Gabriel Mazetto · b632c8a9 · 89492c90 · 89492c90
Commit 89492c90 authored Feb 02, 2016 by Gabriel Mazetto
Showing with 73 additions and 1 deletion

lib/gitlab/middleware/readonly_geo.rb lib/gitlab/middleware/readonly_geo.rb +1 -1

spec/lib/gitlab/middleware/readonly_geo_spec.rb spec/lib/gitlab/middleware/readonly_geo_spec.rb +72 -0

No files found.
--- a/lib/gitlab/middleware/readonly_geo.rb
+++ b/lib/gitlab/middleware/readonly_geo.rb
@@ -41,7 +41,7 @@ module Gitlab
      end
      def last_visited_url
-        @env['HTTP_REFERER'] || rack_session['user_return_to'] || @app.url_helpers.root_url
+        @env['HTTP_REFERER'] || rack_session['user_return_to'] || Rails.application.routes.url_helpers.root_url
      end
      def route_hash

--- a/spec/lib/gitlab/middleware/readonly_geo_spec.rb
+++ b/spec/lib/gitlab/middleware/readonly_geo_spec.rb
+require 'spec_helper'
+describe Gitlab::Middleware::ReadonlyGeo, lib: true do
+  include Rack::Test::Methods
+  RSpec::Matchers.define :be_a_redirect do
+    match do |response|
+      response.status == 301
+    end
+  end
+  RSpec::Matchers.define :disallow_request do
+    match do |middleware|
+      flash = middleware.send(:rack_flash)
+      flash['alert'] && flash['alert'].include?('You cannot do writing operations')
+    end
+  end
+  let(:rack_stack) do
+    rack = Rack::Builder.new do
+      use ActionDispatch::Session::CacheStore
+      use ActionDispatch::Flash
+      use ActionDispatch::ParamsParser
+    end
+    rack.run(subject)
+    rack.to_app
+  end
+  subject { described_class.new(fake_app) }
+  let(:fake_app) { lambda { |env| [200, { 'Content-Type' => 'text/plain' }, ['OK']] } }
+  let(:request) { @request ||= Rack::MockRequest.new(rack_stack) }
+  context 'when in Gitlab Geo readonly node' do
+    before(:each) { allow(Gitlab::Geo).to receive(:readonly?) { true } }
+    it 'expects PATCH requests to be disallowed' do
+      response = request.patch('/test_request')
+      expect(response).to be_a_redirect
+      expect(subject).to disallow_request
+    end
+    it 'expects PUT requests to be disallowed' do
+      response = request.put('/test_request')
+      expect(response).to be_a_redirect
+      expect(subject).to disallow_request
+    end
+    it 'expects POST requests to be disallowed' do
+      response = request.post('/test_request')
+      expect(response).to be_a_redirect
+      expect(subject).to disallow_request
+    end
+    it 'expects DELETE requests to be disallowed' do
+      response = request.delete('/test_request')
+      expect(response).to be_a_redirect
+      expect(subject).to disallow_request
+    end
+    it 'expects DELETE request to logout to be allowed' do
+      response = request.delete('/users/sign_out')
+      expect(response).not_to be_a_redirect
+      expect(subject).not_to disallow_request
+    end
+  end
+end