Extend composer specs to cover group visibility

Extend composer specs to test for auth token from private token param

Extend composer specs to cover group visibility
Extend composer specs to test for auth token from private token param
bcc83ffd · Giorgenes Gelatti · Sean McGivern · ff21e2bb · bcc83ffd · bcc83ffd
Commit bcc83ffd authored Aug 04, 2020 by Giorgenes Gelatti Committed by Sean McGivern Aug 21, 2020
4 changed files
--- a/changelogs/unreleased/232636-add-support-for-fixing-composer-404.yml
+++ b/changelogs/unreleased/232636-add-support-for-fixing-composer-404.yml
+---
+title: Fix composer 404 issues with http auth
+merge_request: 38641
+author:
+type: fixed
--- a/doc/user/packages/composer_repository/index.md
+++ b/doc/user/packages/composer_repository/index.md
@@ -130,11 +130,8 @@ You also need to create a `auth.json` file with your GitLab credentials:

 ```json
 {
-    "http-basic": {
-        "gitlab.com": {
-            "username": "___token___",
-            "password": "<personal_access_token>"
-        }
+    "gitlab-token": {
+       "gitlab.com": "<personal_access_token>"
    }
 }
 ```

--- a/spec/requests/api/composer_packages_spec.rb
+++ b/spec/requests/api/composer_packages_spec.rb
--- a/spec/support/shared_examples/requests/api/composer_packages_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/composer_packages_shared_examples.rb
@@ -16,8 +16,11 @@ RSpec.shared_examples 'Composer package index' do |user_type, status, add_member
      subject

      expect(response).to have_gitlab_http_status(status)
-      expect(response).to match_response_schema('public_api/v4/packages/composer/index')
-      expect(json_response).to eq presenter.root
+
+      if status == :success
+        expect(response).to match_response_schema('public_api/v4/packages/composer/index')
+        expect(json_response).to eq presenter.root
+      end
    end
  end
 end
@@ -87,13 +90,22 @@ RSpec.shared_examples 'process Composer api request' do |user_type, status, add_
  end
 end

-RSpec.shared_context 'Composer auth headers' do |user_role, user_token|
+RSpec.shared_context 'Composer auth headers' do |user_role, user_token, auth_method = :token|
  let(:token) { user_token ? personal_access_token.token : 'wrong' }
-  let(:headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, token) }
+
+  let(:headers) do
+    if user_role == :anonymous
+      {}
+    elsif auth_method == :token
+      { 'Private-Token' => token }
+    else
+      basic_auth_header(user.username, token)
+    end
+  end
 end

-RSpec.shared_context 'Composer api project access' do |project_visibility_level, user_role, user_token|
-  include_context 'Composer auth headers', user_role, user_token do
+RSpec.shared_context 'Composer api project access' do |project_visibility_level, user_role, user_token, auth_method|
+  include_context 'Composer auth headers', user_role, user_token, auth_method do
    before do
      project.update!(visibility_level: Gitlab::VisibilityLevel.const_get(project_visibility_level, false))
    end