Commit fa143f10 authored by Matija Čupić's avatar Matija Čupić

Extract jobs_spec EE specific specs

parent 4805a0b1
...@@ -11,62 +11,125 @@ describe API::Jobs do ...@@ -11,62 +11,125 @@ describe API::Jobs do
ref: project.default_branch) ref: project.default_branch)
end end
let!(:job) { create(:ci_build, :success, pipeline: pipeline) } let(:developer) { create(:user) }
let(:user) { create(:user) } let(:download_headers) do
let(:api_user) { user } { 'Content-Transfer-Encoding' => 'binary',
let(:reporter) { create(:project_member, :reporter, project: project).user } 'Content-Disposition' =>
let(:cross_project_pipeline_enabled) { true } %Q(attachment; filename="#{job.artifacts_file.filename}"; filename*=UTF-8''#{job.artifacts_file.filename}) }
end
before do before do
stub_licensed_features(cross_project_pipelines: cross_project_pipeline_enabled) project.add_developer(developer)
project.add_developer(user)
end end
describe 'GET /projects/:id/jobs/:job_id/artifacts' do describe 'GET /projects/:id/jobs/:job_id/artifacts' do
shared_examples 'downloads artifact' do let(:job) { create(:ci_build, :artifacts, pipeline: pipeline, user: api_user) }
let(:download_headers) do
{ 'Content-Transfer-Encoding' => 'binary', context 'when using job_token to authenticate' do
'Content-Disposition' => 'attachment; filename="ci_build_artifacts.zip"; filename*=UTF-8\'\'ci_build_artifacts.zip' } subject do
get api("/projects/#{project.id}/jobs/#{job.id}/artifacts"), params: { job_token: job.token }
end end
context 'when cross-project pipelines are enabled' do
before do
stub_licensed_features(cross_project_pipelines: true)
end
context 'user is developer' do
let(:api_user) { developer }
it 'returns specific job artifacts' do it 'returns specific job artifacts' do
subject
expect(response).to have_gitlab_http_status(200) expect(response).to have_gitlab_http_status(200)
expect(response.headers.to_h).to include(download_headers) expect(response.headers.to_h).to include(download_headers)
expect(response.body).to match_file(job.artifacts_file.file.file) expect(response.body).to match_file(job.artifacts_file.file.file)
end end
end end
context 'authorized by job_token' do context 'when anonymous user is accessing private artifacts' do
let(:api_user) { nil }
it 'hides artifacts and rejects request' do
subject
expect(project).to be_private
expect(response).to have_gitlab_http_status(404)
end
end
end
context 'when cross-project pipeline are disabled' do
let(:api_user) { developer }
it 'disallows access to the artifacts' do
subject
expect(response).to have_gitlab_http_status(404)
end
end
end
end
describe 'GET /projects/:id/artifacts/:ref_name/download?job=name' do
let(:job) { create(:ci_build, :artifacts, pipeline: pipeline, user: api_user) } let(:job) { create(:ci_build, :artifacts, pipeline: pipeline, user: api_user) }
context 'when using job_token to authenticate' do
subject do
get api("/projects/#{project.id}/jobs/artifacts/#{pipeline.ref}/download"), params: { job: job.name, job_token: job.token }
end
context 'when cross-project pipelines are enabled' do
before do before do
get api("/projects/#{project.id}/jobs/#{job.id}/artifacts"), params: { job_token: job.token } stub_licensed_features(cross_project_pipelines: true)
end end
context 'user is developer' do context 'when user is developer' do
let(:api_user) { user } let(:api_user) { developer }
it_behaves_like 'downloads artifact' before do
job.success
end end
context 'when anonymous user is accessing private artifacts' do context 'when artifacts are stored locally' do
let(:api_user) { nil } it 'returns specific job artifacts' do
subject
it 'hides artifacts and rejects request' do expect(response).to have_gitlab_http_status(200)
expect(project).to be_private expect(response.headers.to_h).to include(download_headers)
expect(response).to have_gitlab_http_status(404) expect(response.body).to match_file(job.artifacts_file.file.file)
end end
end end
context 'feature is disabled for EES' do context 'when artifacts are stored remotely' do
let(:api_user) { user } let(:job) { create(:ci_build, pipeline: pipeline, user: api_user) }
let(:cross_project_pipeline_enabled) { false }
before do
stub_artifacts_object_storage
job.job_artifacts << create(:ci_job_artifact, :archive, :remote_store)
end
subject { get api("/projects/#{project.id}/jobs/#{job.id}/artifacts", api_user) }
it 'returns location redirect' do
subject
expect(response).to have_gitlab_http_status(:found)
end
end
end
context 'when user is admin, but not member' do
let(:api_user) { create(:admin) }
it 'does not allow to see that artfiact is present' do
subject
it 'disallows access to the artifacts' do
expect(response).to have_gitlab_http_status(404) expect(response).to have_gitlab_http_status(404)
end end
end end
end end
end end
end
end end
...@@ -50,7 +50,6 @@ describe API::Jobs do ...@@ -50,7 +50,6 @@ describe API::Jobs do
let(:guest) { create(:project_member, :guest, project: project).user } let(:guest) { create(:project_member, :guest, project: project).user }
before do before do
stub_licensed_features(cross_project_pipelines: true)
project.add_developer(user) project.add_developer(user)
end end
...@@ -647,29 +646,6 @@ describe API::Jobs do ...@@ -647,29 +646,6 @@ describe API::Jobs do
it_behaves_like 'a valid file' it_behaves_like 'a valid file'
end end
context 'when using job_token to authenticate' do
before do
pipeline.reload
pipeline.update(ref: 'master',
sha: project.commit('master').sha)
get api("/projects/#{project.id}/jobs/artifacts/master/download"), params: { job: job.name, job_token: job.token }
end
context 'when user is reporter' do
it_behaves_like 'a valid file'
end
context 'when user is admin, but not member' do
let(:api_user) { create(:admin) }
let(:job) { create(:ci_build, :artifacts, pipeline: pipeline, user: api_user) }
it 'does not allow to see that artfiact is present' do
expect(response).to have_gitlab_http_status(404)
end
end
end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment