Commit 7c359b2f authored by Sanad Liaquat's avatar Sanad Liaquat

Merge branch 'qa-shl-e2e-test-api-and-ssh-ip-address-restriction' into 'master'

Add e2e specs for ip restricted access via API and SSH

Closes gitlab-org/quality/testcases#806

See merge request gitlab-org/gitlab!32760
parents cebd8df7 c9626f9c
......@@ -9,8 +9,11 @@ module QA
attr_accessor :project_name
attr_writer :wait_for_push
attribute :group
attribute :project do
Project.fabricate! do |resource|
resource.group = group if @group
resource.name = project_name
resource.description = 'Project with repository'
end
......@@ -24,6 +27,7 @@ module QA
@new_branch = true
@project_name = 'project-with-code'
@wait_for_push = true
@group = nil
end
def repository_http_uri
......
......@@ -32,38 +32,110 @@ module QA
page.visit Runtime::Scenario.gitlab_address
set_ip_address_restriction_to(ip_address)
Flow::Login.sign_in(as: @user)
end
context 'when restricted by another ip address' do
let(:ip_address) { get_next_ip_address(fetch_current_ip_address) }
it 'denies access' do
@group.sandbox.visit!
expect(page).to have_text('Page Not Found')
page.go_back
context 'via the UI' do
it 'denies access' do
Flow::Login.sign_in(as: @user)
@group.sandbox.visit!
expect(page).to have_text('Page Not Found')
page.go_back
@group.visit!
expect(page).to have_text('Page Not Found')
page.go_back
@group.visit!
expect(page).to have_text('Page Not Found')
page.go_back
end
end
context 'via the API' do
before do
@api_client ||= Runtime::API::Client.new(:gitlab, user: @user)
end
it 'denies access' do
request = create_request("/groups/#{@sandbox_group.id}")
response = get request.url
expect(response.code).to eq(404)
request = create_request("/groups/#{@group.id}")
response = get request.url
expect(response.code).to eq(404)
end
end
# Note: If you run this test against GDK make sure you've enabled sshd
# See: https://gitlab.com/gitlab-org/gitlab-qa/blob/master/docs/run_qa_against_gdk.md
context 'via the SSH' do
let(:key) { Resource::SSHKey.fabricate_via_api! }
it 'denies access' do
Flow::Login.sign_in
expect { push_a_project_with_ssh_key(key) }.to raise_error(QA::Git::Repository::RepositoryCommandError, /fatal: Could not read from remote repository/)
end
end
end
context 'when restricted by user\'s ip address' do
let(:ip_address) { fetch_current_ip_address }
it 'allows access' do
@group.sandbox.visit!
expect(page).to have_text(@group.sandbox.path)
context 'via the UI' do
it 'allows access' do
Flow::Login.sign_in(as: @user)
@group.sandbox.visit!
expect(page).to have_text(@group.sandbox.path)
@group.visit!
expect(page).to have_text(@group.path)
@group.visit!
expect(page).to have_text(@group.path)
end
end
context 'via the API' do
before do
@api_client ||= Runtime::API::Client.new(:gitlab, user: @user)
end
it 'allows access' do
request = create_request("/groups/#{@sandbox_group.id}")
response = get request.url
expect(response.code).to eq(200)
request = create_request("/groups/#{@group.id}")
response = get request.url
expect(response.code).to eq(200)
end
end
# Note: If you run this test against GDK make sure you've enabled sshd
# See: https://gitlab.com/gitlab-org/gitlab-qa/blob/master/docs/run_qa_against_gdk.md
context 'via the SSH' do
let(:key) { Resource::SSHKey.fabricate_via_api! }
it 'allows access' do
Flow::Login.sign_in
expect { push_a_project_with_ssh_key(key) }.not_to raise_error
end
end
end
private
def push_a_project_with_ssh_key(key)
Resource::Repository::ProjectPush.fabricate! do |push|
push.group = @sandbox_group
push.ssh_key = key
push.file_name = 'README.md'
push.file_content = '# Test Use SSH Key'
push.commit_message = 'Add README.md'
end
end
def set_ip_address_restriction_to(ip_address)
Flow::Login.while_signed_in_as_admin do
@group.sandbox.visit!
......@@ -102,6 +174,10 @@ module QA
end
end
end
def create_request(api_endpoint)
Runtime::API::Request.new(@api_client, api_endpoint)
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment