git_access_spec.rb 1.61 KB
Newer Older
James Lopez's avatar
James Lopez committed
1 2 3 4 5 6 7
require 'spec_helper'

describe Gitlab::GitAccess do
  set(:user) { create(:user) }

  let(:actor) { user }
  let(:project) { create(:project, :repository) }
8
  let(:protocol) { 'web' }
James Lopez's avatar
James Lopez committed
9 10 11 12
  let(:authentication_abilities) { %i[read_project download_code push_code] }
  let(:redirected_path) { nil }

  let(:access) { described_class.new(actor, project, protocol, authentication_abilities: authentication_abilities, redirected_path: redirected_path) }
13
  subject { access.check('git-receive-pack', '_any') }
James Lopez's avatar
James Lopez committed
14 15 16 17 18 19 20 21 22 23

  context "when in a read-only GitLab instance" do
    before do
      create(:protected_branch, name: 'feature', project: project)
      allow(Gitlab::Database).to receive(:read_only?) { true }
    end

    it 'denies push access' do
      project.add_master(user)

24
      expect { subject }.to raise_unauthorized("You can't push code to a read-only GitLab instance.")
James Lopez's avatar
James Lopez committed
25 26 27
    end

    it 'denies push access with primary present' do
James Lopez's avatar
James Lopez committed
28
      error_message = "You can't push code to a read-only GitLab instance. "\
James Lopez's avatar
James Lopez committed
29
"Please use the Primary node URL: https://localhost:3000/gitlab/#{project.full_path}.git. Documentation: https://docs.gitlab.com/ee/gitlab-geo/using_a_geo_server.html"
James Lopez's avatar
James Lopez committed
30 31 32

      primary_node = create(:geo_node, :primary, url: 'https://localhost:3000/gitlab')
      allow(Gitlab::Geo).to receive(:primary).and_return(primary_node)
33
      allow(Gitlab::Geo).to receive(:secondary_with_primary?).and_return(true)
James Lopez's avatar
James Lopez committed
34 35 36

      project.add_master(user)

37
      expect { subject }.to raise_unauthorized(error_message)
James Lopez's avatar
James Lopez committed
38 39 40 41 42 43 44 45 46
    end
  end

  private

  def raise_unauthorized(message)
    raise_error(Gitlab::GitAccess::UnauthorizedError, message)
  end
end