Commit 232389f4 authored by Robert Speicher's avatar Robert Speicher

Clean up request specs

parent b2a5344a
......@@ -2,20 +2,26 @@ require 'spec_helper'
describe "Admin::Projects" do
describe "GET /admin/projects" do
it { admin_projects_path.should be_allowed_for :admin }
it { admin_projects_path.should be_denied_for :user }
it { admin_projects_path.should be_denied_for :visitor }
subject { admin_projects_path }
it { should be_allowed_for :admin }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /admin/users" do
it { admin_users_path.should be_allowed_for :admin }
it { admin_users_path.should be_denied_for :user }
it { admin_users_path.should be_denied_for :visitor }
subject { admin_users_path }
it { should be_allowed_for :admin }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /admin/hooks" do
it { admin_hooks_path.should be_allowed_for :admin }
it { admin_hooks_path.should be_denied_for :user }
it { admin_hooks_path.should be_denied_for :visitor }
subject { admin_hooks_path }
it { should be_allowed_for :admin }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
end
......@@ -10,13 +10,13 @@ describe Gitlab::API do
describe "GET /issues" do
it "should return authentication error" do
get "#{api_prefix}/issues"
get api("/issues")
response.status.should == 401
end
describe "authenticated GET /issues" do
it "should return an array of issues" do
get "#{api_prefix}/issues?private_token=#{user.private_token}"
get api("/issues", user)
response.status.should == 200
json_response.should be_an Array
json_response.first['title'].should == issue.title
......@@ -26,7 +26,7 @@ describe Gitlab::API do
describe "GET /projects/:id/issues" do
it "should return project issues" do
get "#{api_prefix}/projects/#{project.code}/issues?private_token=#{user.private_token}"
get api("/projects/#{project.code}/issues", user)
response.status.should == 200
json_response.should be_an Array
json_response.first['title'].should == issue.title
......@@ -35,7 +35,7 @@ describe Gitlab::API do
describe "GET /projects/:id/issues/:issue_id" do
it "should return a project issue by id" do
get "#{api_prefix}/projects/#{project.code}/issues/#{issue.id}?private_token=#{user.private_token}"
get api("/projects/#{project.code}/issues/#{issue.id}", user)
response.status.should == 200
json_response['title'].should == issue.title
end
......@@ -43,7 +43,7 @@ describe Gitlab::API do
describe "POST /projects/:id/issues" do
it "should create a new project issue" do
post "#{api_prefix}/projects/#{project.code}/issues?private_token=#{user.private_token}",
post api("/projects/#{project.code}/issues", user),
title: 'new issue', labels: 'label, label2'
response.status.should == 201
json_response['title'].should == 'new issue'
......@@ -54,7 +54,7 @@ describe Gitlab::API do
describe "PUT /projects/:id/issues/:issue_id" do
it "should update a project issue" do
put "#{api_prefix}/projects/#{project.code}/issues/#{issue.id}?private_token=#{user.private_token}",
put api("/projects/#{project.code}/issues/#{issue.id}", user),
title: 'updated title', labels: 'label2', closed: 1
response.status.should == 200
json_response['title'].should == 'updated title'
......@@ -66,7 +66,7 @@ describe Gitlab::API do
describe "DELETE /projects/:id/issues/:issue_id" do
it "should delete a project issue" do
expect {
delete "#{api_prefix}/projects/#{project.code}/issues/#{issue.id}?private_token=#{user.private_token}"
delete api("/projects/#{project.code}/issues/#{issue.id}", user)
}.to change { Issue.count }.by(-1)
end
end
......
......@@ -10,13 +10,13 @@ describe Gitlab::API do
describe "GET /projects" do
it "should return authentication error" do
get "#{api_prefix}/projects"
get api("/projects")
response.status.should == 401
end
describe "authenticated GET /projects" do
it "should return an array of projects" do
get "#{api_prefix}/projects?private_token=#{user.private_token}"
get api("/projects", user)
response.status.should == 200
json_response.should be_an Array
json_response.first['name'].should == project.name
......@@ -27,20 +27,20 @@ describe Gitlab::API do
describe "GET /projects/:id" do
it "should return a project by id" do
get "#{api_prefix}/projects/#{project.id}?private_token=#{user.private_token}"
get api("/projects/#{project.id}", user)
response.status.should == 200
json_response['name'].should == project.name
json_response['owner']['email'].should == user.email
end
it "should return a project by code name" do
get "#{api_prefix}/projects/#{project.code}?private_token=#{user.private_token}"
get api("/projects/#{project.code}", user)
response.status.should == 200
json_response['name'].should == project.name
end
it "should return a 404 error if not found" do
get "#{api_prefix}/projects/42?private_token=#{user.private_token}"
get api("/projects/42", user)
response.status.should == 404
json_response['message'].should == '404 Not found'
end
......@@ -48,7 +48,7 @@ describe Gitlab::API do
describe "GET /projects/:id/repository/branches" do
it "should return an array of project branches" do
get "#{api_prefix}/projects/#{project.code}/repository/branches?private_token=#{user.private_token}"
get api("/projects/#{project.code}/repository/branches", user)
response.status.should == 200
json_response.should be_an Array
json_response.first['name'].should == project.repo.heads.sort_by(&:name).first.name
......@@ -57,7 +57,7 @@ describe Gitlab::API do
describe "GET /projects/:id/repository/branches/:branch" do
it "should return the branch information for a single branch" do
get "#{api_prefix}/projects/#{project.code}/repository/branches/new_design?private_token=#{user.private_token}"
get api("/projects/#{project.code}/repository/branches/new_design", user)
response.status.should == 200
json_response['name'].should == 'new_design'
......@@ -67,7 +67,7 @@ describe Gitlab::API do
describe "GET /projects/:id/repository/tags" do
it "should return an array of project tags" do
get "#{api_prefix}/projects/#{project.code}/repository/tags?private_token=#{user.private_token}"
get api("/projects/#{project.code}/repository/tags", user)
response.status.should == 200
json_response.should be_an Array
json_response.first['name'].should == project.repo.tags.sort_by(&:name).reverse.first.name
......@@ -76,7 +76,7 @@ describe Gitlab::API do
describe "GET /projects/:id/snippets/:snippet_id" do
it "should return a project snippet" do
get "#{api_prefix}/projects/#{project.code}/snippets/#{snippet.id}?private_token=#{user.private_token}"
get api("/projects/#{project.code}/snippets/#{snippet.id}", user)
response.status.should == 200
json_response['title'].should == snippet.title
end
......@@ -84,7 +84,7 @@ describe Gitlab::API do
describe "POST /projects/:id/snippets" do
it "should create a new project snippet" do
post "#{api_prefix}/projects/#{project.code}/snippets?private_token=#{user.private_token}",
post api("/projects/#{project.code}/snippets", user),
title: 'api test', file_name: 'sample.rb', code: 'test'
response.status.should == 201
json_response['title'].should == 'api test'
......@@ -93,7 +93,7 @@ describe Gitlab::API do
describe "PUT /projects/:id/snippets" do
it "should update an existing project snippet" do
put "#{api_prefix}/projects/#{project.code}/snippets/#{snippet.id}?private_token=#{user.private_token}",
put api("/projects/#{project.code}/snippets/#{snippet.id}", user),
code: 'updated code'
response.status.should == 200
json_response['title'].should == 'example'
......@@ -104,34 +104,31 @@ describe Gitlab::API do
describe "DELETE /projects/:id/snippets/:snippet_id" do
it "should delete existing project snippet" do
expect {
delete "#{api_prefix}/projects/#{project.code}/snippets/#{snippet.id}?private_token=#{user.private_token}"
delete api("/projects/#{project.code}/snippets/#{snippet.id}", user)
}.to change { Snippet.count }.by(-1)
end
end
describe "GET /projects/:id/snippets/:snippet_id/raw" do
it "should get a raw project snippet" do
get "#{api_prefix}/projects/#{project.code}/snippets/#{snippet.id}/raw?private_token=#{user.private_token}"
get api("/projects/#{project.code}/snippets/#{snippet.id}/raw", user)
response.status.should == 200
end
end
describe "GET /projects/:id/:sha/blob" do
it "should get the raw file contents" do
get "#{api_prefix}/projects/#{project.code}/repository/commits/master/blob?filepath=README.md&private_token=#{user.private_token}"
get api("/projects/#{project.code}/repository/commits/master/blob?filepath=README.md", user)
response.status.should == 200
end
it "should return 404 for invalid branch_name" do
get "#{api_prefix}/projects/#{project.code}/repository/commits/invalid_branch_name/blob?filepath=README.md&private_token=#{user.private_token}"
get api("/projects/#{project.code}/repository/commits/invalid_branch_name/blob?filepath=README.md", user)
response.status.should == 404
end
it "should return 404 for invalid file" do
get "#{api_prefix}/projects/#{project.code}/repository/commits/master/blob?filepath=README.invalid&private_token=#{user.private_token}"
get api("/projects/#{project.code}/repository/commits/master/blob?filepath=README.invalid", user)
response.status.should == 404
end
end
......
......@@ -7,13 +7,13 @@ describe Gitlab::API do
describe "GET /users" do
it "should return authentication error" do
get "#{api_prefix}/users"
get api("/users")
response.status.should == 401
end
describe "authenticated GET /users" do
it "should return an array of users" do
get "#{api_prefix}/users?private_token=#{user.private_token}"
get api("/users", user)
response.status.should == 200
json_response.should be_an Array
json_response.first['email'].should == user.email
......@@ -23,7 +23,7 @@ describe Gitlab::API do
describe "GET /users/:id" do
it "should return a user by id" do
get "#{api_prefix}/users/#{user.id}?private_token=#{user.private_token}"
get api("/users/#{user.id}", user)
response.status.should == 200
json_response['email'].should == user.email
end
......@@ -31,7 +31,7 @@ describe Gitlab::API do
describe "GET /user" do
it "should return current user" do
get "#{api_prefix}/user?private_token=#{user.private_token}"
get api("/user", user)
response.status.should == 200
json_response['email'].should == user.email
end
......
......@@ -11,24 +11,30 @@ describe "Users Security" do
end
describe "GET /keys" do
it { keys_path.should be_allowed_for @u1 }
it { keys_path.should be_allowed_for :admin }
it { keys_path.should be_allowed_for :user }
it { keys_path.should be_denied_for :visitor }
subject { keys_path }
it { should be_allowed_for @u1 }
it { should be_allowed_for :admin }
it { should be_allowed_for :user }
it { should be_denied_for :visitor }
end
describe "GET /profile" do
it { profile_path.should be_allowed_for @u1 }
it { profile_path.should be_allowed_for :admin }
it { profile_path.should be_allowed_for :user }
it { profile_path.should be_denied_for :visitor }
subject { profile_path }
it { should be_allowed_for @u1 }
it { should be_allowed_for :admin }
it { should be_allowed_for :user }
it { should be_denied_for :visitor }
end
describe "GET /profile/password" do
it { profile_password_path.should be_allowed_for @u1 }
it { profile_password_path.should be_allowed_for :admin }
it { profile_password_path.should be_allowed_for :user }
it { profile_password_path.should be_denied_for :visitor }
subject { profile_password_path }
it { should be_allowed_for @u1 }
it { should be_allowed_for :admin }
it { should be_allowed_for :user }
it { should be_denied_for :visitor }
end
end
end
......@@ -26,64 +26,76 @@ describe "Application access" do
end
describe "GET /project_code" do
it { project_path(@project).should be_allowed_for @u1 }
it { project_path(@project).should be_allowed_for @u3 }
it { project_path(@project).should be_denied_for :admin }
it { project_path(@project).should be_denied_for @u2 }
it { project_path(@project).should be_denied_for :user }
it { project_path(@project).should be_denied_for :visitor }
subject { project_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/master/tree" do
it { tree_project_ref_path(@project, @project.root_ref).should be_allowed_for @u1 }
it { tree_project_ref_path(@project, @project.root_ref).should be_allowed_for @u3 }
it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :admin }
it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for @u2 }
it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :user }
it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :visitor }
subject { tree_project_ref_path(@project, @project.root_ref) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/commits" do
it { project_commits_path(@project).should be_allowed_for @u1 }
it { project_commits_path(@project).should be_allowed_for @u3 }
it { project_commits_path(@project).should be_denied_for :admin }
it { project_commits_path(@project).should be_denied_for @u2 }
it { project_commits_path(@project).should be_denied_for :user }
it { project_commits_path(@project).should be_denied_for :visitor }
subject { project_commits_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/commit" do
it { project_commit_path(@project, @project.commit.id).should be_allowed_for @u1 }
it { project_commit_path(@project, @project.commit.id).should be_allowed_for @u3 }
it { project_commit_path(@project, @project.commit.id).should be_denied_for :admin }
it { project_commit_path(@project, @project.commit.id).should be_denied_for @u2 }
it { project_commit_path(@project, @project.commit.id).should be_denied_for :user }
it { project_commit_path(@project, @project.commit.id).should be_denied_for :visitor }
subject { project_commit_path(@project, @project.commit.id) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/team" do
it { team_project_path(@project).should be_allowed_for @u1 }
it { team_project_path(@project).should be_allowed_for @u3 }
it { team_project_path(@project).should be_denied_for :admin }
it { team_project_path(@project).should be_denied_for @u2 }
it { team_project_path(@project).should be_denied_for :user }
it { team_project_path(@project).should be_denied_for :visitor }
subject { team_project_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/wall" do
it { wall_project_path(@project).should be_allowed_for @u1 }
it { wall_project_path(@project).should be_allowed_for @u3 }
it { wall_project_path(@project).should be_denied_for :admin }
it { wall_project_path(@project).should be_denied_for @u2 }
it { wall_project_path(@project).should be_denied_for :user }
it { wall_project_path(@project).should be_denied_for :visitor }
subject { wall_project_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/blob" do
before do
@commit = @project.commit
@path = @commit.tree.contents.select { |i| i.is_a?(Grit::Blob)}.first.name
@blob_path = blob_project_ref_path(@project, @commit.id, path: @path)
commit = @project.commit
path = commit.tree.contents.select { |i| i.is_a?(Grit::Blob)}.first.name
@blob_path = blob_project_ref_path(@project, commit.id, path: path)
end
it { @blob_path.should be_allowed_for @u1 }
......@@ -95,93 +107,113 @@ describe "Application access" do
end
describe "GET /project_code/edit" do
it { edit_project_path(@project).should be_allowed_for @u1 }
it { edit_project_path(@project).should be_denied_for @u3 }
it { edit_project_path(@project).should be_denied_for :admin }
it { edit_project_path(@project).should be_denied_for @u2 }
it { edit_project_path(@project).should be_denied_for :user }
it { edit_project_path(@project).should be_denied_for :visitor }
subject { edit_project_path(@project) }
it { should be_allowed_for @u1 }
it { should be_denied_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/deploy_keys" do
it { project_deploy_keys_path(@project).should be_allowed_for @u1 }
it { project_deploy_keys_path(@project).should be_denied_for @u3 }
it { project_deploy_keys_path(@project).should be_denied_for :admin }
it { project_deploy_keys_path(@project).should be_denied_for @u2 }
it { project_deploy_keys_path(@project).should be_denied_for :user }
it { project_deploy_keys_path(@project).should be_denied_for :visitor }
subject { project_deploy_keys_path(@project) }
it { should be_allowed_for @u1 }
it { should be_denied_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/issues" do
it { project_issues_path(@project).should be_allowed_for @u1 }
it { project_issues_path(@project).should be_allowed_for @u3 }
it { project_issues_path(@project).should be_denied_for :admin }
it { project_issues_path(@project).should be_denied_for @u2 }
it { project_issues_path(@project).should be_denied_for :user }
it { project_issues_path(@project).should be_denied_for :visitor }
subject { project_issues_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/snippets" do
it { project_snippets_path(@project).should be_allowed_for @u1 }
it { project_snippets_path(@project).should be_allowed_for @u3 }
it { project_snippets_path(@project).should be_denied_for :admin }
it { project_snippets_path(@project).should be_denied_for @u2 }
it { project_snippets_path(@project).should be_denied_for :user }
it { project_snippets_path(@project).should be_denied_for :visitor }
subject { project_snippets_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/merge_requests" do
it { project_merge_requests_path(@project).should be_allowed_for @u1 }
it { project_merge_requests_path(@project).should be_allowed_for @u3 }
it { project_merge_requests_path(@project).should be_denied_for :admin }
it { project_merge_requests_path(@project).should be_denied_for @u2 }
it { project_merge_requests_path(@project).should be_denied_for :user }
it { project_merge_requests_path(@project).should be_denied_for :visitor }
subject { project_merge_requests_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/repository" do
it { project_repository_path(@project).should be_allowed_for @u1 }
it { project_repository_path(@project).should be_allowed_for @u3 }
it { project_repository_path(@project).should be_denied_for :admin }
it { project_repository_path(@project).should be_denied_for @u2 }
it { project_repository_path(@project).should be_denied_for :user }
it { project_repository_path(@project).should be_denied_for :visitor }
subject { project_repository_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/repository/branches" do
it { branches_project_repository_path(@project).should be_allowed_for @u1 }
it { branches_project_repository_path(@project).should be_allowed_for @u3 }
it { branches_project_repository_path(@project).should be_denied_for :admin }
it { branches_project_repository_path(@project).should be_denied_for @u2 }
it { branches_project_repository_path(@project).should be_denied_for :user }
it { branches_project_repository_path(@project).should be_denied_for :visitor }
subject { branches_project_repository_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/repository/tags" do
it { tags_project_repository_path(@project).should be_allowed_for @u1 }
it { tags_project_repository_path(@project).should be_allowed_for @u3 }
it { tags_project_repository_path(@project).should be_denied_for :admin }
it { tags_project_repository_path(@project).should be_denied_for @u2 }
it { tags_project_repository_path(@project).should be_denied_for :user }
it { tags_project_repository_path(@project).should be_denied_for :visitor }
subject { tags_project_repository_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/hooks" do
it { project_hooks_path(@project).should be_allowed_for @u1 }
it { project_hooks_path(@project).should be_allowed_for @u3 }
it { project_hooks_path(@project).should be_denied_for :admin }
it { project_hooks_path(@project).should be_denied_for @u2 }
it { project_hooks_path(@project).should be_denied_for :user }
it { project_hooks_path(@project).should be_denied_for :visitor }
subject { project_hooks_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
describe "GET /project_code/files" do
it { files_project_path(@project).should be_allowed_for @u1 }
it { files_project_path(@project).should be_allowed_for @u3 }
it { files_project_path(@project).should be_denied_for :admin }
it { files_project_path(@project).should be_denied_for @u2 }
it { files_project_path(@project).should be_denied_for :user }
it { files_project_path(@project).should be_denied_for :visitor }
subject { files_project_path(@project) }
it { should be_allowed_for @u1 }
it { should be_allowed_for @u3 }
it { should be_denied_for :admin }
it { should be_denied_for @u2 }
it { should be_denied_for :user }
it { should be_denied_for :visitor }
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment