Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
969380e7
Commit
969380e7
authored
3 years ago
by
David Fernandez
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add subgroups and user namespaces spec examples
For maven packages API specs Changelog: other
parent
327e6c3e
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
264 additions
and
133 deletions
+264
-133
spec/requests/api/maven_packages_spec.rb
spec/requests/api/maven_packages_spec.rb
+264
-133
No files found.
spec/requests/api/maven_packages_spec.rb
View file @
969380e7
...
@@ -7,7 +7,7 @@ RSpec.describe API::MavenPackages do
...
@@ -7,7 +7,7 @@ RSpec.describe API::MavenPackages do
include_context
'workhorse headers'
include_context
'workhorse headers'
let_it_be_with_refind
(
:package_settings
)
{
create
(
:namespace_package_setting
,
:group
)
}
let_it_be_with_refind
(
:package_settings
)
{
create
(
:namespace_package_setting
,
:group
)
}
let_it_be
(
:group
)
{
package_settings
.
namespace
}
let_it_be
_with_refind
(
:group
)
{
package_settings
.
namespace
}
let_it_be
(
:user
)
{
create
(
:user
)
}
let_it_be
(
:user
)
{
create
(
:user
)
}
let_it_be
(
:project
,
reload:
true
)
{
create
(
:project
,
:public
,
namespace:
group
)
}
let_it_be
(
:project
,
reload:
true
)
{
create
(
:project
,
:public
,
namespace:
group
)
}
let_it_be
(
:package
,
reload:
true
)
{
create
(
:maven_package
,
project:
project
,
name:
project
.
full_path
)
}
let_it_be
(
:package
,
reload:
true
)
{
create
(
:maven_package
,
project:
project
,
name:
project
.
full_path
)
}
...
@@ -39,6 +39,59 @@ RSpec.describe API::MavenPackages do
...
@@ -39,6 +39,59 @@ RSpec.describe API::MavenPackages do
project
.
add_developer
(
user
)
project
.
add_developer
(
user
)
end
end
shared_examples
'handling groups and subgroups for'
do
|
shared_example_name
,
visibilities:
%i[public]
|
context
'within a group'
do
visibilities
.
each
do
|
visibility
|
context
"that is
#{
visibility
}
"
do
before
do
group
.
update!
(
visibility_level:
Gitlab
::
VisibilityLevel
.
level_value
(
visibility
.
to_s
))
end
it_behaves_like
shared_example_name
end
end
end
context
'within a subgroup'
do
let_it_be_with_reload
(
:subgroup
)
{
create
(
:group
,
parent:
group
)
}
before
do
move_project_to_namespace
(
subgroup
)
end
visibilities
.
each
do
|
visibility
|
context
"that is
#{
visibility
}
"
do
before
do
subgroup
.
update!
(
visibility_level:
Gitlab
::
VisibilityLevel
.
level_value
(
visibility
.
to_s
))
group
.
update!
(
visibility_level:
Gitlab
::
VisibilityLevel
.
level_value
(
visibility
.
to_s
))
end
it_behaves_like
shared_example_name
end
end
end
end
shared_examples
'handling groups, subgroups and user namespaces for'
do
|
shared_example_name
,
visibilities:
%i[public]
|
it_behaves_like
'handling groups and subgroups for'
,
shared_example_name
,
visibilities:
visibilities
context
'within a user namespace'
do
before
do
move_project_to_namespace
(
user
.
namespace
)
end
visibilities
.
each
do
|
visibility
|
context
"that is
#{
visibility
}
"
do
before
do
user
.
namespace
.
update!
(
visibility_level:
Gitlab
::
VisibilityLevel
.
level_value
(
visibility
.
to_s
))
end
it_behaves_like
shared_example_name
end
end
end
end
shared_examples
'tracking the file download event'
do
shared_examples
'tracking the file download event'
do
context
'with jar file'
do
context
'with jar file'
do
let_it_be
(
:package_file
)
{
jar_file
}
let_it_be
(
:package_file
)
{
jar_file
}
...
@@ -165,6 +218,7 @@ RSpec.describe API::MavenPackages do
...
@@ -165,6 +218,7 @@ RSpec.describe API::MavenPackages do
context
'a public project'
do
context
'a public project'
do
subject
{
download_file
(
file_name:
package_file
.
file_name
)
}
subject
{
download_file
(
file_name:
package_file
.
file_name
)
}
shared_examples
'getting a file'
do
it_behaves_like
'tracking the file download event'
it_behaves_like
'tracking the file download event'
it
'returns the file'
do
it
'returns the file'
do
...
@@ -189,6 +243,9 @@ RSpec.describe API::MavenPackages do
...
@@ -189,6 +243,9 @@ RSpec.describe API::MavenPackages do
end
end
end
end
it_behaves_like
'handling groups, subgroups and user namespaces for'
,
'getting a file'
end
context
'internal project'
do
context
'internal project'
do
before
do
before
do
project
.
team
.
truncate
project
.
team
.
truncate
...
@@ -197,6 +254,7 @@ RSpec.describe API::MavenPackages do
...
@@ -197,6 +254,7 @@ RSpec.describe API::MavenPackages do
subject
{
download_file_with_token
(
file_name:
package_file
.
file_name
)
}
subject
{
download_file_with_token
(
file_name:
package_file
.
file_name
)
}
shared_examples
'getting a file'
do
it_behaves_like
'tracking the file download event'
it_behaves_like
'tracking the file download event'
it
'returns the file'
do
it
'returns the file'
do
...
@@ -223,6 +281,9 @@ RSpec.describe API::MavenPackages do
...
@@ -223,6 +281,9 @@ RSpec.describe API::MavenPackages do
end
end
end
end
it_behaves_like
'handling groups, subgroups and user namespaces for'
,
'getting a file'
,
visibilities:
%i[public internal]
end
context
'private project'
do
context
'private project'
do
subject
{
download_file_with_token
(
file_name:
package_file
.
file_name
)
}
subject
{
download_file_with_token
(
file_name:
package_file
.
file_name
)
}
...
@@ -230,6 +291,7 @@ RSpec.describe API::MavenPackages do
...
@@ -230,6 +291,7 @@ RSpec.describe API::MavenPackages do
project
.
update!
(
visibility_level:
Gitlab
::
VisibilityLevel
::
PRIVATE
)
project
.
update!
(
visibility_level:
Gitlab
::
VisibilityLevel
::
PRIVATE
)
end
end
shared_examples
'getting a file'
do
it_behaves_like
'tracking the file download event'
it_behaves_like
'tracking the file download event'
it
'returns the file'
do
it
'returns the file'
do
...
@@ -240,12 +302,14 @@ RSpec.describe API::MavenPackages do
...
@@ -240,12 +302,14 @@ RSpec.describe API::MavenPackages do
end
end
it
'denies download when not enough permissions'
do
it
'denies download when not enough permissions'
do
unless
project
.
root_namespace
==
user
.
namespace
project
.
add_guest
(
user
)
project
.
add_guest
(
user
)
subject
subject
expect
(
response
).
to
have_gitlab_http_status
(
:forbidden
)
expect
(
response
).
to
have_gitlab_http_status
(
:forbidden
)
end
end
end
it
'denies download when no private token'
do
it
'denies download when no private token'
do
download_file
(
file_name:
package_file
.
file_name
)
download_file
(
file_name:
package_file
.
file_name
)
...
@@ -281,6 +345,9 @@ RSpec.describe API::MavenPackages do
...
@@ -281,6 +345,9 @@ RSpec.describe API::MavenPackages do
end
end
end
end
it_behaves_like
'handling groups, subgroups and user namespaces for'
,
'getting a file'
,
visibilities:
%i[public internal private]
end
context
'project name is different from a package name'
do
context
'project name is different from a package name'
do
before
do
before
do
maven_metadatum
.
update!
(
path:
"wrong_name/
#{
package
.
version
}
"
)
maven_metadatum
.
update!
(
path:
"wrong_name/
#{
package
.
version
}
"
)
...
@@ -306,9 +373,27 @@ RSpec.describe API::MavenPackages do
...
@@ -306,9 +373,27 @@ RSpec.describe API::MavenPackages do
let
(
:path
)
{
package
.
maven_metadatum
.
path
}
let
(
:path
)
{
package
.
maven_metadatum
.
path
}
let
(
:url
)
{
"/packages/maven/
#{
path
}
/
#{
package_file
.
file_name
}
"
}
let
(
:url
)
{
"/packages/maven/
#{
path
}
/
#{
package_file
.
file_name
}
"
}
shared_examples
'heading a file'
do
it_behaves_like
'processing HEAD requests'
,
instance_level:
true
it_behaves_like
'processing HEAD requests'
,
instance_level:
true
end
end
context
'with check_maven_path_first enabled'
do
before
do
stub_feature_flags
(
check_maven_path_first:
true
)
end
it_behaves_like
'handling groups, subgroups and user namespaces for'
,
'heading a file'
end
context
'with check_maven_path_first disabled'
do
before
do
stub_feature_flags
(
check_maven_path_first:
false
)
end
it_behaves_like
'handling groups, subgroups and user namespaces for'
,
'heading a file'
end
end
describe
'GET /api/v4/groups/:id/-/packages/maven/*path/:file_name'
do
describe
'GET /api/v4/groups/:id/-/packages/maven/*path/:file_name'
do
before
do
before
do
project
.
team
.
truncate
project
.
team
.
truncate
...
@@ -318,6 +403,7 @@ RSpec.describe API::MavenPackages do
...
@@ -318,6 +403,7 @@ RSpec.describe API::MavenPackages do
context
'a public project'
do
context
'a public project'
do
subject
{
download_file
(
file_name:
package_file
.
file_name
)
}
subject
{
download_file
(
file_name:
package_file
.
file_name
)
}
shared_examples
'getting a file for a group'
do
it_behaves_like
'tracking the file download event'
it_behaves_like
'tracking the file download event'
it
'returns the file'
do
it
'returns the file'
do
...
@@ -342,6 +428,9 @@ RSpec.describe API::MavenPackages do
...
@@ -342,6 +428,9 @@ RSpec.describe API::MavenPackages do
end
end
end
end
it_behaves_like
'handling groups and subgroups for'
,
'getting a file for a group'
end
context
'internal project'
do
context
'internal project'
do
before
do
before
do
group
.
group_member
(
user
).
destroy!
group
.
group_member
(
user
).
destroy!
...
@@ -350,6 +439,7 @@ RSpec.describe API::MavenPackages do
...
@@ -350,6 +439,7 @@ RSpec.describe API::MavenPackages do
subject
{
download_file_with_token
(
file_name:
package_file
.
file_name
)
}
subject
{
download_file_with_token
(
file_name:
package_file
.
file_name
)
}
shared_examples
'getting a file for a group'
do
it_behaves_like
'tracking the file download event'
it_behaves_like
'tracking the file download event'
it
'returns the file'
do
it
'returns the file'
do
...
@@ -376,6 +466,9 @@ RSpec.describe API::MavenPackages do
...
@@ -376,6 +466,9 @@ RSpec.describe API::MavenPackages do
end
end
end
end
it_behaves_like
'handling groups and subgroups for'
,
'getting a file for a group'
,
visibilities:
%i[internal public]
end
context
'private project'
do
context
'private project'
do
before
do
before
do
project
.
update!
(
visibility_level:
Gitlab
::
VisibilityLevel
::
PRIVATE
)
project
.
update!
(
visibility_level:
Gitlab
::
VisibilityLevel
::
PRIVATE
)
...
@@ -383,6 +476,7 @@ RSpec.describe API::MavenPackages do
...
@@ -383,6 +476,7 @@ RSpec.describe API::MavenPackages do
subject
{
download_file_with_token
(
file_name:
package_file
.
file_name
)
}
subject
{
download_file_with_token
(
file_name:
package_file
.
file_name
)
}
shared_examples
'getting a file for a group'
do
it_behaves_like
'tracking the file download event'
it_behaves_like
'tracking the file download event'
it
'returns the file'
do
it
'returns the file'
do
...
@@ -441,6 +535,9 @@ RSpec.describe API::MavenPackages do
...
@@ -441,6 +535,9 @@ RSpec.describe API::MavenPackages do
it_behaves_like
'rejecting the request for non existing maven path'
it_behaves_like
'rejecting the request for non existing maven path'
end
end
end
end
end
it_behaves_like
'handling groups and subgroups for'
,
'getting a file for a group'
,
visibilities:
%i[private internal public]
context
'with a reporter from a subgroup accessing the root group'
do
context
'with a reporter from a subgroup accessing the root group'
do
let_it_be
(
:root_group
)
{
create
(
:group
,
:private
)
}
let_it_be
(
:root_group
)
{
create
(
:group
,
:private
)
}
...
@@ -534,7 +631,21 @@ RSpec.describe API::MavenPackages do
...
@@ -534,7 +631,21 @@ RSpec.describe API::MavenPackages do
let
(
:path
)
{
package
.
maven_metadatum
.
path
}
let
(
:path
)
{
package
.
maven_metadatum
.
path
}
let
(
:url
)
{
"/groups/
#{
group
.
id
}
/-/packages/maven/
#{
path
}
/
#{
package_file
.
file_name
}
"
}
let
(
:url
)
{
"/groups/
#{
group
.
id
}
/-/packages/maven/
#{
path
}
/
#{
package_file
.
file_name
}
"
}
it_behaves_like
'processing HEAD requests'
context
'with check_maven_path_first enabled'
do
before
do
stub_feature_flags
(
check_maven_path_first:
true
)
end
it_behaves_like
'handling groups and subgroups for'
,
'processing HEAD requests'
end
context
'with check_maven_path_first disabled'
do
before
do
stub_feature_flags
(
check_maven_path_first:
false
)
end
it_behaves_like
'handling groups and subgroups for'
,
'processing HEAD requests'
end
end
end
describe
'GET /api/v4/projects/:id/packages/maven/*path/:file_name'
do
describe
'GET /api/v4/projects/:id/packages/maven/*path/:file_name'
do
...
@@ -620,9 +731,23 @@ RSpec.describe API::MavenPackages do
...
@@ -620,9 +731,23 @@ RSpec.describe API::MavenPackages do
let
(
:path
)
{
package
.
maven_metadatum
.
path
}
let
(
:path
)
{
package
.
maven_metadatum
.
path
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/packages/maven/
#{
path
}
/
#{
package_file
.
file_name
}
"
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/packages/maven/
#{
path
}
/
#{
package_file
.
file_name
}
"
}
context
'with check_maven_path_first enabled'
do
before
do
stub_feature_flags
(
check_maven_path_first:
true
)
end
it_behaves_like
'processing HEAD requests'
it_behaves_like
'processing HEAD requests'
end
end
context
'with check_maven_path_first disabled'
do
before
do
stub_feature_flags
(
check_maven_path_first:
false
)
end
it_behaves_like
'processing HEAD requests'
end
end
describe
'PUT /api/v4/projects/:id/packages/maven/*path/:file_name/authorize'
do
describe
'PUT /api/v4/projects/:id/packages/maven/*path/:file_name/authorize'
do
it
'rejects a malicious request'
do
it
'rejects a malicious request'
do
put
api
(
"/projects/
#{
project
.
id
}
/packages/maven/com/example/my-app/
#{
version
}
/%2e%2e%2F.ssh%2Fauthorized_keys/authorize"
),
headers:
headers_with_token
put
api
(
"/projects/
#{
project
.
id
}
/packages/maven/com/example/my-app/
#{
version
}
/%2e%2e%2F.ssh%2Fauthorized_keys/authorize"
),
headers:
headers_with_token
...
@@ -918,4 +1043,10 @@ RSpec.describe API::MavenPackages do
...
@@ -918,4 +1043,10 @@ RSpec.describe API::MavenPackages do
upload_file
(
params:
params
,
request_headers:
request_headers
,
file_extension:
file_extension
)
upload_file
(
params:
params
,
request_headers:
request_headers
,
file_extension:
file_extension
)
end
end
end
end
def
move_project_to_namespace
(
namespace
)
project
.
update!
(
namespace:
namespace
)
package
.
update!
(
name:
project
.
full_path
)
maven_metadatum
.
update!
(
path:
"
#{
package
.
name
}
/
#{
package
.
version
}
"
)
end
end
end
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment