specs for api/internal

4e516433 · Dmitriy Zaporozhets · 2c5e4955 · 4e516433 · 4e516433
Commit 4e516433 authored Feb 26, 2013 by Dmitriy Zaporozhets
Hide whitespace changes
Inline Side-by-side

Showing with 109 additions and 0 deletions

lib/api/internal.rb lib/api/internal.rb +6 -0

spec/requests/api/internal_spec.rb spec/requests/api/internal_spec.rb +103 -0

No files found.
--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@@ -5,6 +5,12 @@ module Gitlab
      #
      # Check if ssh key has access to project code
      #
+      # Params:
+      #   key_id - SSH Key id
+      #   project - project path with namespace
+      #   action - git action (git-upload-pack or git-receive-pack)
+      #   ref - branch name
+      #
      get "/allowed" do
        key = Key.find(params[:key_id])
        project = Project.find_with_namespace(params[:project])

--- a/spec/requests/api/internal_spec.rb
+++ b/spec/requests/api/internal_spec.rb
+require 'spec_helper'
+
+describe Gitlab::API do
+  include ApiHelpers
+
+  let(:user) { create(:user) }
+  let(:key) { create(:key, user: user) }
+  let(:project) { create(:project) }
+
+  describe "GET /internal/check", no_db: true do
+    it do
+      get api("/internal/check")
+
+      response.status.should == 200
+      json_response['api_version'].should == Gitlab::API.version
+    end
+  end
+
+  describe "GET /internal/discover" do
+    it do
+      get(api("/internal/discover"), key_id: key.id)
+
+      response.status.should == 200
+
+      json_response['email'].should == user.email
+    end
+  end
+
+  describe "GET /internal/allowed" do
+    context "access granted" do
+      before do
+        project.team << [user, :developer]
+      end
+
+      context "git pull" do
+        it do
+          get(
+            api("/internal/allowed"),
+            ref: 'master',
+            key_id: key.id,
+            project: project.path_with_namespace,
+            action: 'git-upload-pack'
+          )
+
+          response.status.should == 200
+          response.body.should == 'true'
+        end
+      end
+
+      context "git push" do
+        it do
+          get(
+            api("/internal/allowed"),
+            ref: 'master',
+            key_id: key.id,
+            project: project.path_with_namespace,
+            action: 'git-receive-pack'
+          )
+
+          response.status.should == 200
+          response.body.should == 'true'
+        end
+      end
+    end
+
+    context "access denied" do
+      before do
+        project.team << [user, :guest]
+      end
+
+      context "git pull" do
+        it do
+          get(
+            api("/internal/allowed"),
+            ref: 'master',
+            key_id: key.id,
+            project: project.path_with_namespace,
+            action: 'git-upload-pack'
+          )
+
+          response.status.should == 200
+          response.body.should == 'false'
+        end
+      end
+
+      context "git push" do
+        it do
+          get(
+            api("/internal/allowed"),
+            ref: 'master',
+            key_id: key.id,
+            project: project.path_with_namespace,
+            action: 'git-receive-pack'
+          )
+
+          response.status.should == 200
+          response.body.should == 'false'
+        end
+      end
+    end
+
+  end
+end