Remove the check_maven_path_first feature flag

Update the related specs Changelog: other

Remove the check_maven_path_first feature flag
Update the related specs Changelog: other
abee680a · David Fernandez · 15448f95 · 15448f95 · abee680a · abee680a
Commit abee680a authored May 20, 2021 by David Fernandez
3 changed files
--- a/config/feature_flags/development/check_maven_path_first.yml
+++ b/config/feature_flags/development/check_maven_path_first.yml
---
-name: check_maven_path_first
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59241
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/327487
-milestone: '13.11'
-type: development
-group: group::package
-default_enabled: true
--- a/lib/api/maven_packages.rb
+++ b/lib/api/maven_packages.rb
@@ -24,8 +24,6 @@ module API

    helpers do
      def path_exists?(path)
-        # return true when FF disabled so that processing the request is not stopped
-        return true unless Feature.enabled?(:check_maven_path_first, default_enabled: :yaml)
        return false if path.blank?

        Packages::Maven::Metadatum.with_path(path)

--- a/spec/requests/api/maven_packages_spec.rb
+++ b/spec/requests/api/maven_packages_spec.rb
@@ -48,13 +48,9 @@ RSpec.describe API::MavenPackages do
  end

  shared_examples 'rejecting the request for non existing maven path' do |expected_status: :not_found|
-    before do
-      if Feature.enabled?(:check_maven_path_first, default_enabled: :yaml)
-        expect(::Packages::Maven::PackageFinder).not_to receive(:new)
-      end
-    end
-
    it 'rejects the request' do
+      expect(::Packages::Maven::PackageFinder).not_to receive(:new)
+
      subject

      expect(response).to have_gitlab_http_status(expected_status)
@@ -166,153 +162,135 @@ RSpec.describe API::MavenPackages do
  end

  describe 'GET /api/v4/packages/maven/*path/:file_name' do
-    shared_examples 'handling all conditions' do
-      context 'a public project' do
-        subject { download_file(file_name: package_file.file_name) }
+    context 'a public project' do
+      subject { download_file(file_name: package_file.file_name) }

-        it_behaves_like 'tracking the file download event'
+      it_behaves_like 'tracking the file download event'

-        it 'returns the file' do
-          subject
+      it 'returns the file' do
+        subject

-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('application/octet-stream')
-        end
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('application/octet-stream')
+      end

-        it 'returns sha1 of the file' do
-          download_file(file_name: package_file.file_name + '.sha1')
+      it 'returns sha1 of the file' do
+        download_file(file_name: package_file.file_name + '.sha1')

-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('text/plain')
-          expect(response.body).to eq(package_file.file_sha1)
-        end
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('text/plain')
+        expect(response.body).to eq(package_file.file_sha1)
+      end

-        context 'with a non existing maven path' do
-          subject { download_file(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }
+      context 'with a non existing maven path' do
+        subject { download_file(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }

-          it_behaves_like 'rejecting the request for non existing maven path', expected_status: :forbidden
-        end
+        it_behaves_like 'rejecting the request for non existing maven path', expected_status: :forbidden
      end
+    end

-      context 'internal project' do
-        before do
-          project.team.truncate
-          project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
-        end
+    context 'internal project' do
+      before do
+        project.team.truncate
+        project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
+      end

-        subject { download_file_with_token(file_name: package_file.file_name) }
+      subject { download_file_with_token(file_name: package_file.file_name) }

-        it_behaves_like 'tracking the file download event'
+      it_behaves_like 'tracking the file download event'

-        it 'returns the file' do
-          subject
+      it 'returns the file' do
+        subject

-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('application/octet-stream')
-        end
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('application/octet-stream')
+      end

-        it 'denies download when no private token' do
-          download_file(file_name: package_file.file_name)
+      it 'denies download when no private token' do
+        download_file(file_name: package_file.file_name)

-          expect(response).to have_gitlab_http_status(:forbidden)
-        end
+        expect(response).to have_gitlab_http_status(:forbidden)
+      end

-        it_behaves_like 'downloads with a job token'
+      it_behaves_like 'downloads with a job token'

-        it_behaves_like 'downloads with a deploy token'
+      it_behaves_like 'downloads with a deploy token'

-        context 'with a non existing maven path' do
-          subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }
+      context 'with a non existing maven path' do
+        subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }

-          it_behaves_like 'rejecting the request for non existing maven path', expected_status: :forbidden
-        end
+        it_behaves_like 'rejecting the request for non existing maven path', expected_status: :forbidden
      end
+    end

-      context 'private project' do
-        subject { download_file_with_token(file_name: package_file.file_name) }
-
-        before do
-          project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
-        end
-
-        it_behaves_like 'tracking the file download event'
+    context 'private project' do
+      subject { download_file_with_token(file_name: package_file.file_name) }

-        it 'returns the file' do
-          subject
+      before do
+        project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
+      end

-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('application/octet-stream')
-        end
+      it_behaves_like 'tracking the file download event'

-        it 'denies download when not enough permissions' do
-          project.add_guest(user)
+      it 'returns the file' do
+        subject

-          subject
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('application/octet-stream')
+      end

-          expect(response).to have_gitlab_http_status(:forbidden)
-        end
+      it 'denies download when not enough permissions' do
+        project.add_guest(user)

-        it 'denies download when no private token' do
-          download_file(file_name: package_file.file_name)
+        subject

-          expect(response).to have_gitlab_http_status(:forbidden)
-        end
+        expect(response).to have_gitlab_http_status(:forbidden)
+      end

-        it_behaves_like 'downloads with a job token'
+      it 'denies download when no private token' do
+        download_file(file_name: package_file.file_name)

-        it_behaves_like 'downloads with a deploy token'
+        expect(response).to have_gitlab_http_status(:forbidden)
+      end

-        it 'does not allow download by a unauthorized deploy token with same id as a user with access' do
-          unauthorized_deploy_token = create(:deploy_token, read_package_registry: true, write_package_registry: true)
+      it_behaves_like 'downloads with a job token'

-          another_user = create(:user)
-          project.add_developer(another_user)
+      it_behaves_like 'downloads with a deploy token'

-          # We force the id of the deploy token and the user to be the same
-          unauthorized_deploy_token.update!(id: another_user.id)
+      it 'does not allow download by a unauthorized deploy token with same id as a user with access' do
+        unauthorized_deploy_token = create(:deploy_token, read_package_registry: true, write_package_registry: true)

-          download_file(
-            file_name: package_file.file_name,
-            request_headers: { Gitlab::Auth::AuthFinders::DEPLOY_TOKEN_HEADER => unauthorized_deploy_token.token }
-          )
+        another_user = create(:user)
+        project.add_developer(another_user)

-          expect(response).to have_gitlab_http_status(:forbidden)
-        end
+        # We force the id of the deploy token and the user to be the same
+        unauthorized_deploy_token.update!(id: another_user.id)

-        context 'with a non existing maven path' do
-          subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }
+        download_file(
+          file_name: package_file.file_name,
+          request_headers: { Gitlab::Auth::AuthFinders::DEPLOY_TOKEN_HEADER => unauthorized_deploy_token.token }
+        )

-          it_behaves_like 'rejecting the request for non existing maven path', expected_status: :forbidden
-        end
+        expect(response).to have_gitlab_http_status(:forbidden)
      end

-      context 'project name is different from a package name' do
-        before do
-          maven_metadatum.update!(path: "wrong_name/#{package.version}")
-        end
-
-        it 'rejects request' do
-          download_file(file_name: package_file.file_name)
+      context 'with a non existing maven path' do
+        subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }

-          expect(response).to have_gitlab_http_status(:forbidden)
-        end
+        it_behaves_like 'rejecting the request for non existing maven path', expected_status: :forbidden
      end
    end

-    context 'with check_maven_path_first enabled' do
+    context 'project name is different from a package name' do
      before do
-        stub_feature_flags(check_maven_path_first: true)
+        maven_metadatum.update!(path: "wrong_name/#{package.version}")
      end

-      it_behaves_like 'handling all conditions'
-    end
+      it 'rejects request' do
+        download_file(file_name: package_file.file_name)

-    context 'with check_maven_path_first disabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: false)
+        expect(response).to have_gitlab_http_status(:forbidden)
      end
-
-      it_behaves_like 'handling all conditions'
    end

    def download_file(file_name:, params: {}, request_headers: headers, path: maven_metadatum.path)
@@ -329,22 +307,6 @@ RSpec.describe API::MavenPackages do
    let(:url) { "/packages/maven/#{path}/#{package_file.file_name}" }

    it_behaves_like 'processing HEAD requests', instance_level: true
-
-    context 'with check_maven_path_first enabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: true)
-      end
-
-      it_behaves_like 'processing HEAD requests', instance_level: true
-    end
-
-    context 'with check_maven_path_first disabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: false)
-      end
-
-      it_behaves_like 'processing HEAD requests', instance_level: true
-    end
  end

  describe 'GET /api/v4/groups/:id/-/packages/maven/*path/:file_name' do
@@ -353,228 +315,210 @@ RSpec.describe API::MavenPackages do
      group.add_developer(user)
    end

-    shared_examples 'handling all conditions' do
-      context 'a public project' do
-        subject { download_file(file_name: package_file.file_name) }
+    context 'a public project' do
+      subject { download_file(file_name: package_file.file_name) }

-        it_behaves_like 'tracking the file download event'
+      it_behaves_like 'tracking the file download event'

-        it 'returns the file' do
-          subject
+      it 'returns the file' do
+        subject

-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('application/octet-stream')
-        end
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('application/octet-stream')
+      end

-        it 'returns sha1 of the file' do
-          download_file(file_name: package_file.file_name + '.sha1')
+      it 'returns sha1 of the file' do
+        download_file(file_name: package_file.file_name + '.sha1')

-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('text/plain')
-          expect(response.body).to eq(package_file.file_sha1)
-        end
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('text/plain')
+        expect(response.body).to eq(package_file.file_sha1)
+      end

-        context 'with a non existing maven path' do
-          subject { download_file(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }
+      context 'with a non existing maven path' do
+        subject { download_file(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }

-          it_behaves_like 'rejecting the request for non existing maven path'
-        end
+        it_behaves_like 'rejecting the request for non existing maven path'
      end
+    end

-      context 'internal project' do
-        before do
-          group.group_member(user).destroy!
-          project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
-        end
+    context 'internal project' do
+      before do
+        group.group_member(user).destroy!
+        project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
+      end

-        subject { download_file_with_token(file_name: package_file.file_name) }
+      subject { download_file_with_token(file_name: package_file.file_name) }

-        it_behaves_like 'tracking the file download event'
+      it_behaves_like 'tracking the file download event'

-        it 'returns the file' do
-          subject
+      it 'returns the file' do
+        subject

-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('application/octet-stream')
-        end
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('application/octet-stream')
+      end

-        it 'denies download when no private token' do
-          download_file(file_name: package_file.file_name)
+      it 'denies download when no private token' do
+        download_file(file_name: package_file.file_name)

-          expect(response).to have_gitlab_http_status(:not_found)
-        end
+        expect(response).to have_gitlab_http_status(:not_found)
+      end

-        it_behaves_like 'downloads with a job token'
+      it_behaves_like 'downloads with a job token'

-        it_behaves_like 'downloads with a deploy token'
+      it_behaves_like 'downloads with a deploy token'

-        context 'with a non existing maven path' do
-          subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }
+      context 'with a non existing maven path' do
+        subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }

-          it_behaves_like 'rejecting the request for non existing maven path'
-        end
+        it_behaves_like 'rejecting the request for non existing maven path'
      end
+    end

-      context 'private project' do
-        before do
-          project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
-        end
+    context 'private project' do
+      before do
+        project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
+      end

-        subject { download_file_with_token(file_name: package_file.file_name) }
+      subject { download_file_with_token(file_name: package_file.file_name) }

-        it_behaves_like 'tracking the file download event'
+      it_behaves_like 'tracking the file download event'

-        it 'returns the file' do
-          subject
+      it 'returns the file' do
+        subject

-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('application/octet-stream')
-        end
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('application/octet-stream')
+      end

-        it 'denies download when not enough permissions' do
-          group.add_guest(user)
+      it 'denies download when not enough permissions' do
+        group.add_guest(user)

-          subject
+        subject

-          expect(response).to have_gitlab_http_status(:not_found)
-        end
+        expect(response).to have_gitlab_http_status(:not_found)
+      end

-        it 'denies download when no private token' do
-          download_file(file_name: package_file.file_name)
+      it 'denies download when no private token' do
+        download_file(file_name: package_file.file_name)

-          expect(response).to have_gitlab_http_status(:not_found)
-        end
+        expect(response).to have_gitlab_http_status(:not_found)
+      end

-        it_behaves_like 'downloads with a job token'
+      it_behaves_like 'downloads with a job token'

-        it_behaves_like 'downloads with a deploy token'
+      it_behaves_like 'downloads with a deploy token'

-        context 'with a non existing maven path' do
-          subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }
+      context 'with a non existing maven path' do
+        subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }

-          it_behaves_like 'rejecting the request for non existing maven path'
-        end
+        it_behaves_like 'rejecting the request for non existing maven path'
+      end

-        context 'with group deploy token' do
-          subject { download_file_with_token(file_name: package_file.file_name, request_headers: group_deploy_token_headers) }
+      context 'with group deploy token' do
+        subject { download_file_with_token(file_name: package_file.file_name, request_headers: group_deploy_token_headers) }

-          it 'returns the file' do
-            subject
+        it 'returns the file' do
+          subject

-            expect(response).to have_gitlab_http_status(:ok)
-            expect(response.media_type).to eq('application/octet-stream')
-          end
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(response.media_type).to eq('application/octet-stream')
+        end

-          it 'returns the file with only write_package_registry scope' do
-            deploy_token_for_group.update!(read_package_registry: false)
+        it 'returns the file with only write_package_registry scope' do
+          deploy_token_for_group.update!(read_package_registry: false)

-            subject
+          subject

-            expect(response).to have_gitlab_http_status(:ok)
-            expect(response.media_type).to eq('application/octet-stream')
-          end
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(response.media_type).to eq('application/octet-stream')
+        end

-          context 'with a non existing maven path' do
-            subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3', request_headers: group_deploy_token_headers) }
+        context 'with a non existing maven path' do
+          subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3', request_headers: group_deploy_token_headers) }

-            it_behaves_like 'rejecting the request for non existing maven path'
-          end
+          it_behaves_like 'rejecting the request for non existing maven path'
        end
+      end

-        context 'with a reporter from a subgroup accessing the root group' do
-          let_it_be(:root_group) { create(:group, :private) }
-          let_it_be(:group) { create(:group, :private, parent: root_group) }
+      context 'with a reporter from a subgroup accessing the root group' do
+        let_it_be(:root_group) { create(:group, :private) }
+        let_it_be(:group) { create(:group, :private, parent: root_group) }

-          subject { download_file_with_token(file_name: package_file.file_name, request_headers: headers_with_token, group_id: root_group.id) }
+        subject { download_file_with_token(file_name: package_file.file_name, request_headers: headers_with_token, group_id: root_group.id) }

-          before do
-            project.update!(namespace: group)
-            group.add_reporter(user)
-          end
+        before do
+          project.update!(namespace: group)
+          group.add_reporter(user)
+        end

-          it 'returns the file' do
-            subject
+        it 'returns the file' do
+          subject

-            expect(response).to have_gitlab_http_status(:ok)
-            expect(response.media_type).to eq('application/octet-stream')
-          end
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(response.media_type).to eq('application/octet-stream')
+        end

-          context 'with a non existing maven path' do
-            subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3', request_headers: headers_with_token, group_id: root_group.id) }
+        context 'with a non existing maven path' do
+          subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3', request_headers: headers_with_token, group_id: root_group.id) }

-            it_behaves_like 'rejecting the request for non existing maven path'
-          end
+          it_behaves_like 'rejecting the request for non existing maven path'
        end
      end
+    end

-      context 'maven metadata file' do
-        let_it_be(:sub_group1) { create(:group, parent: group) }
-        let_it_be(:sub_group2)   { create(:group, parent: group) }
-        let_it_be(:project1) { create(:project, :private, group: sub_group1) }
-        let_it_be(:project2) { create(:project, :private, group: sub_group2) }
-        let_it_be(:project3) { create(:project, :private, group: sub_group1) }
-        let_it_be(:package_name) { 'foo' }
-        let_it_be(:package1) { create(:maven_package, project: project1, name: package_name, version: nil) }
-        let_it_be(:package_file1) { create(:package_file, :xml, package: package1, file_name: 'maven-metadata.xml') }
-        let_it_be(:package2) { create(:maven_package, project: project2, name: package_name, version: nil) }
-        let_it_be(:package_file2) { create(:package_file, :xml, package: package2, file_name: 'maven-metadata.xml') }
-        let_it_be(:package3) { create(:maven_package, project: project3, name: package_name, version: nil) }
-        let_it_be(:package_file3) { create(:package_file, :xml, package: package3, file_name: 'maven-metadata.xml') }
+    context 'maven metadata file' do
+      let_it_be(:sub_group1) { create(:group, parent: group) }
+      let_it_be(:sub_group2)   { create(:group, parent: group) }
+      let_it_be(:project1) { create(:project, :private, group: sub_group1) }
+      let_it_be(:project2) { create(:project, :private, group: sub_group2) }
+      let_it_be(:project3) { create(:project, :private, group: sub_group1) }
+      let_it_be(:package_name) { 'foo' }
+      let_it_be(:package1) { create(:maven_package, project: project1, name: package_name, version: nil) }
+      let_it_be(:package_file1) { create(:package_file, :xml, package: package1, file_name: 'maven-metadata.xml') }
+      let_it_be(:package2) { create(:maven_package, project: project2, name: package_name, version: nil) }
+      let_it_be(:package_file2) { create(:package_file, :xml, package: package2, file_name: 'maven-metadata.xml') }
+      let_it_be(:package3) { create(:maven_package, project: project3, name: package_name, version: nil) }
+      let_it_be(:package_file3) { create(:package_file, :xml, package: package3, file_name: 'maven-metadata.xml') }

-        let(:maven_metadatum) { package3.maven_metadatum }
+      let(:maven_metadatum) { package3.maven_metadatum }

-        subject { download_file_with_token(file_name: package_file3.file_name) }
+      subject { download_file_with_token(file_name: package_file3.file_name) }

-        before do
-          sub_group1.add_developer(user)
-          sub_group2.add_developer(user)
-          # the package with the most recently published file should be returned
-          create(:package_file, :xml, package: package2)
-        end
+      before do
+        sub_group1.add_developer(user)
+        sub_group2.add_developer(user)
+        # the package with the most recently published file should be returned
+        create(:package_file, :xml, package: package2)
+      end

-        context 'in multiple versionless packages' do
-          it 'downloads the file' do
-            expect(::Packages::PackageFileFinder)
-              .to receive(:new).with(package2, 'maven-metadata.xml').and_call_original
+      context 'in multiple versionless packages' do
+        it 'downloads the file' do
+          expect(::Packages::PackageFileFinder)
+            .to receive(:new).with(package2, 'maven-metadata.xml').and_call_original

-            subject
-          end
+          subject
        end
+      end

-        context 'in multiple snapshot packages' do
-          before do
-            version = '1.0.0-SNAPSHOT'
-            [package1, package2, package3].each do |pkg|
-              pkg.update!(version: version)
-
-              pkg.maven_metadatum.update!(path: "#{pkg.name}/#{pkg.version}")
-            end
-          end
-
-          it 'downloads the file' do
-            expect(::Packages::PackageFileFinder)
-              .to receive(:new).with(package3, 'maven-metadata.xml').and_call_original
+      context 'in multiple snapshot packages' do
+        before do
+          version = '1.0.0-SNAPSHOT'
+          [package1, package2, package3].each do |pkg|
+            pkg.update!(version: version)

-            subject
+            pkg.maven_metadatum.update!(path: "#{pkg.name}/#{pkg.version}")
          end
        end
-      end
-    end

-    context 'with check_maven_path_first enabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: true)
-      end
-
-      it_behaves_like 'handling all conditions'
-    end
+        it 'downloads the file' do
+          expect(::Packages::PackageFileFinder)
+            .to receive(:new).with(package3, 'maven-metadata.xml').and_call_original

-    context 'with check_maven_path_first disabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: false)
+          subject
+        end
      end
-
-      it_behaves_like 'handling all conditions'
    end

    def download_file(file_name:, params: {}, request_headers: headers, path: maven_metadatum.path, group_id: group.id)
@@ -590,108 +534,76 @@ RSpec.describe API::MavenPackages do
    let(:path) { package.maven_metadatum.path }
    let(:url) { "/groups/#{group.id}/-/packages/maven/#{path}/#{package_file.file_name}" }

-    context 'with check_maven_path_first enabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: true)
-      end
-
-      it_behaves_like 'processing HEAD requests'
-    end
-
-    context 'with check_maven_path_first disabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: false)
-      end
-
-      it_behaves_like 'processing HEAD requests'
-    end
+    it_behaves_like 'processing HEAD requests'
  end

  describe 'GET /api/v4/projects/:id/packages/maven/*path/:file_name' do
-    shared_examples 'handling all conditions' do
-      context 'a public project' do
-        subject { download_file(file_name: package_file.file_name) }
+    context 'a public project' do
+      subject { download_file(file_name: package_file.file_name) }

-        it_behaves_like 'tracking the file download event'
+      it_behaves_like 'tracking the file download event'

-        it 'returns the file' do
-          subject
-
-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('application/octet-stream')
-        end
-
-        it 'returns sha1 of the file' do
-          download_file(file_name: package_file.file_name + '.sha1')
-
-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('text/plain')
-          expect(response.body).to eq(package_file.file_sha1)
-        end
-
-        context 'with a non existing maven path' do
-          subject { download_file(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }
+      it 'returns the file' do
+        subject

-          it_behaves_like 'rejecting the request for non existing maven path'
-        end
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('application/octet-stream')
      end

-      context 'private project' do
-        before do
-          project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
-        end
+      it 'returns sha1 of the file' do
+        download_file(file_name: package_file.file_name + '.sha1')

-        subject { download_file_with_token(file_name: package_file.file_name) }
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('text/plain')
+        expect(response.body).to eq(package_file.file_sha1)
+      end

-        it_behaves_like 'tracking the file download event'
+      context 'with a non existing maven path' do
+        subject { download_file(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }

-        it 'returns the file' do
-          subject
+        it_behaves_like 'rejecting the request for non existing maven path'
+      end
+    end

-          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.media_type).to eq('application/octet-stream')
-        end
+    context 'private project' do
+      before do
+        project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
+      end

-        it 'denies download when not enough permissions' do
-          project.add_guest(user)
+      subject { download_file_with_token(file_name: package_file.file_name) }

-          subject
+      it_behaves_like 'tracking the file download event'

-          expect(response).to have_gitlab_http_status(:forbidden)
-        end
+      it 'returns the file' do
+        subject

-        it 'denies download when no private token' do
-          download_file(file_name: package_file.file_name)
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response.media_type).to eq('application/octet-stream')
+      end

-          expect(response).to have_gitlab_http_status(:not_found)
-        end
+      it 'denies download when not enough permissions' do
+        project.add_guest(user)

-        it_behaves_like 'downloads with a job token'
+        subject

-        it_behaves_like 'downloads with a deploy token'
+        expect(response).to have_gitlab_http_status(:forbidden)
+      end

-        context 'with a non existing maven path' do
-          subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }
+      it 'denies download when no private token' do
+        download_file(file_name: package_file.file_name)

-          it_behaves_like 'rejecting the request for non existing maven path'
-        end
+        expect(response).to have_gitlab_http_status(:not_found)
      end
-    end

-    context 'with check_maven_path_first enabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: true)
-      end
+      it_behaves_like 'downloads with a job token'

-      it_behaves_like 'handling all conditions'
-    end
+      it_behaves_like 'downloads with a deploy token'

-    context 'with check_maven_path_first disabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: false)
-      end
+      context 'with a non existing maven path' do
+        subject { download_file_with_token(file_name: package_file.file_name, path: 'foo/bar/1.2.3') }

-      it_behaves_like 'handling all conditions'
+        it_behaves_like 'rejecting the request for non existing maven path'
+      end
    end

    def download_file(file_name:, params: {}, request_headers: headers, path: maven_metadatum.path)
@@ -708,21 +620,7 @@ RSpec.describe API::MavenPackages do
    let(:path) { package.maven_metadatum.path }
    let(:url) { "/projects/#{project.id}/packages/maven/#{path}/#{package_file.file_name}" }

-    context 'with check_maven_path_first enabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: true)
-      end
-
-      it_behaves_like 'processing HEAD requests'
-    end
-
-    context 'with check_maven_path_first disabled' do
-      before do
-        stub_feature_flags(check_maven_path_first: false)
-      end
-
-      it_behaves_like 'processing HEAD requests'
-    end
+    it_behaves_like 'processing HEAD requests'
  end

  describe 'PUT /api/v4/projects/:id/packages/maven/*path/:file_name/authorize' do