Commit e4164106 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Update policy and tests for maven package feature

Signed-off-by: default avatarDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
parent b4e8bca6
......@@ -84,24 +84,22 @@ module EE
rule { can?(:read_issue) }.enable :read_issue_link
rule { can?(:public_access) }.policy do
enable :read_packages
end
rule { can?(:reporter_access) }.policy do
enable :admin_board
enable :read_deploy_board
enable :admin_issue_link
enable :admin_epic_issue
enable :read_packages
enable :read_package
end
rule { can?(:developer_access) }.policy do
enable :admin_board
enable :admin_vulnerability_feedback
enable :write_packages
enable :admin_package
end
rule { can?(:public_access) }.enable :read_package
rule { can?(:developer_access) & security_reports_feature_available }.enable :read_project_security_dashboard
rule { can?(:read_project) }.enable :read_vulnerability_feedback
......
......@@ -80,7 +80,7 @@ module API
end
put ':id/packages/maven/*app_group/:app_name/:app_version/:file_name/authorize', requirements: MAVEN_ENDPOINT_REQUIREMENTS do
not_allowed! unless Gitlab.config.packages.enabled
unauthorized! unless can?(current_user, :write_package, user_project)
unauthorized! unless can?(current_user, :admin_package, user_project)
require_gitlab_workhorse!
Gitlab::Workhorse.verify_api_request!(headers)
......@@ -106,7 +106,7 @@ module API
end
put ':id/packages/maven/*app_group/:app_name/:app_version/:file_name', requirements: MAVEN_ENDPOINT_REQUIREMENTS do
not_allowed! unless Gitlab.config.packages.enabled
unauthorized! unless can?(current_user, :write_package, user_project)
unauthorized! unless can?(current_user, :admin_package, user_project)
require_gitlab_workhorse!
......
......@@ -52,15 +52,13 @@ describe API::MavenPackages do
download_file_with_token(package_file_xml.file_name)
expect(response).to have_gitlab_http_status(400)
expect(response).to have_gitlab_http_status(401)
end
it 'denies download when no private token' do
project.add_guest(user)
download_file(package_file_xml.file_name)
expect(response).to have_gitlab_http_status(400)
expect(response).to have_gitlab_http_status(404)
end
end
......@@ -70,8 +68,8 @@ describe API::MavenPackages do
"#{maven_metadatum.app_version}/#{file_name}"), params, request_headers
end
def download_file_with_token(params = {}, request_headers = headers_with_token)
download_file(params, request_headers)
def download_file_with_token(file_name, params = {}, request_headers = headers_with_token)
download_file(file_name, params, request_headers)
end
end
......@@ -109,7 +107,7 @@ describe API::MavenPackages do
end
def authorize_upload(params = {}, request_headers = headers)
put api("/projects/#{project.id}/packages/maven/com/example/my-app/1-0-SNAPSHOT/maven-metadata.xml/authorize"), params, request_headers
put api("/projects/#{project.id}/packages/maven/com/example/my-app/1.0-SNAPSHOT/maven-metadata.xml/authorize"), params, request_headers
end
def authorize_upload_with_token(params = {}, request_headers = headers_with_token)
......@@ -153,12 +151,12 @@ describe API::MavenPackages do
.and change { Packages::PackageFile.count }.by(1)
expect(response).to have_gitlab_http_status(200)
expect(package_file.original_filename).to eq(file_upload.original_filename)
expect(package_file.file_name).to eq(file_upload.original_filename)
end
end
def upload_file(params = {}, request_headers = headers)
put api("/projects/#{project.id}/packages/maven/com/example/my-app/1-0-SNAPSHOT/maven-metadata.xml"), params, request_headers
put api("/projects/#{project.id}/packages/maven/com/example/my-app/1.0-SNAPSHOT/maven-metadata.xml"), params, request_headers
end
def upload_file_with_token(params = {}, request_headers = headers_with_token)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment