Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Tatuya Kamada
gitlab-ce
Commits
1954cb80
Commit
1954cb80
authored
Sep 16, 2016
by
Kamil Trzcinski
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Added missing LFS specs
parent
a387ff7b
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
213 additions
and
22 deletions
+213
-22
spec/requests/lfs_http_spec.rb
spec/requests/lfs_http_spec.rb
+213
-22
No files found.
spec/requests/lfs_http_spec.rb
View file @
1954cb80
...
@@ -15,7 +15,6 @@ describe 'Git LFS API and storage' do
...
@@ -15,7 +15,6 @@ describe 'Git LFS API and storage' do
let
(
:authorization
)
{
}
let
(
:authorization
)
{
}
let
(
:sendfile
)
{
}
let
(
:sendfile
)
{
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
project
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
let
(
:sample_oid
)
{
lfs_object
.
oid
}
let
(
:sample_oid
)
{
lfs_object
.
oid
}
let
(
:sample_size
)
{
lfs_object
.
size
}
let
(
:sample_size
)
{
lfs_object
.
size
}
...
@@ -258,15 +257,64 @@ describe 'Git LFS API and storage' do
...
@@ -258,15 +257,64 @@ describe 'Git LFS API and storage' do
it_behaves_like
'responds with a file'
it_behaves_like
'responds with a file'
end
end
context
'when build is authorized'
do
context
'when build is authorized
as
'
do
let
(
:authorization
)
{
authorize_ci_project
}
let
(
:authorization
)
{
authorize_ci_project
}
shared_examples
'can download LFS only from own projects'
do
context
'for own project'
do
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
project
)
}
let
(
:update_permissions
)
do
let
(
:update_permissions
)
do
project
.
team
<<
[
user
,
:reporter
]
project
.
lfs_objects
<<
lfs_object
project
.
lfs_objects
<<
lfs_object
end
end
it_behaves_like
'responds with a file'
it_behaves_like
'responds with a file'
end
end
context
'for other project'
do
let
(
:other_project
)
{
create
(
:empty_project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
other_project
)
}
let
(
:update_permissions
)
do
project
.
lfs_objects
<<
lfs_object
end
it
'rejects downloading code'
do
expect
(
response
).
to
have_http_status
(
other_project_status
)
end
end
end
context
'administrator'
do
let
(
:user
)
{
create
(
:admin
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 403, because administrator does have normally access
let
(
:other_project_status
)
{
403
}
end
end
context
'regular user'
do
let
(
:user
)
{
create
(
:user
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 404, to prevent data leakage about existence of the project
let
(
:other_project_status
)
{
404
}
end
end
context
'does not have user'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 401, to prevent data leakage about existence of the project
let
(
:other_project_status
)
{
401
}
end
end
end
end
end
context
'without required headers'
do
context
'without required headers'
do
...
@@ -445,12 +493,64 @@ describe 'Git LFS API and storage' do
...
@@ -445,12 +493,64 @@ describe 'Git LFS API and storage' do
end
end
end
end
context
'when
CI is authorized
'
do
context
'when
build is authorized as
'
do
let
(
:authorization
)
{
authorize_ci_project
}
let
(
:authorization
)
{
authorize_ci_project
}
let
(
:update_lfs_permissions
)
do
project
.
lfs_objects
<<
lfs_object
end
shared_examples
'can download LFS only from own projects'
do
context
'for own project'
do
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
project
)
}
let
(
:update_user_permissions
)
do
project
.
team
<<
[
user
,
:reporter
]
end
it_behaves_like
'an authorized requests'
it_behaves_like
'an authorized requests'
end
end
context
'for other project'
do
let
(
:other_project
)
{
create
(
:empty_project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
other_project
)
}
it
'rejects downloading code'
do
expect
(
response
).
to
have_http_status
(
other_project_status
)
end
end
end
context
'administrator'
do
let
(
:user
)
{
create
(
:admin
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 403, because administrator does have normally access
let
(
:other_project_status
)
{
403
}
end
end
context
'regular user'
do
let
(
:user
)
{
create
(
:user
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 404, to prevent data leakage about existence of the project
let
(
:other_project_status
)
{
404
}
end
end
context
'does not have user'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
it_behaves_like
'can download LFS only from own projects'
do
# We render 401, to prevent data leakage about existence of the project
let
(
:other_project_status
)
{
401
}
end
end
end
context
'when user is not authenticated'
do
context
'when user is not authenticated'
do
describe
'is accessing public project'
do
describe
'is accessing public project'
do
let
(
:project
)
{
create
(
:project
,
:public
)
}
let
(
:project
)
{
create
(
:project
,
:public
)
}
...
@@ -597,14 +697,40 @@ describe 'Git LFS API and storage' do
...
@@ -597,14 +697,40 @@ describe 'Git LFS API and storage' do
end
end
end
end
context
'when
CI
is authorized'
do
context
'when
build
is authorized'
do
let
(
:authorization
)
{
authorize_ci_project
}
let
(
:authorization
)
{
authorize_ci_project
}
context
'build has an user'
do
let
(
:user
)
{
create
(
:user
)
}
context
'tries to push to own project'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it
'responds with 403'
do
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'tries to push to other project'
do
let
(
:other_project
)
{
create
(
:empty_project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
other_project
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it
'responds with 403'
do
expect
(
response
).
to
have_http_status
(
403
)
end
end
end
context
'does not have user'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
it
'responds with 401'
do
it
'responds with 401'
do
expect
(
response
).
to
have_http_status
(
401
)
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
end
end
end
end
context
'when user is not authenticated'
do
context
'when user is not authenticated'
do
context
'when user has push access'
do
context
'when user has push access'
do
...
@@ -623,14 +749,6 @@ describe 'Git LFS API and storage' do
...
@@ -623,14 +749,6 @@ describe 'Git LFS API and storage' do
end
end
end
end
end
end
context
'when CI is authorized'
do
let
(
:authorization
)
{
authorize_ci_project
}
it
'responds with status 401'
do
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
end
describe
'unsupported'
do
describe
'unsupported'
do
...
@@ -793,10 +911,51 @@ describe 'Git LFS API and storage' do
...
@@ -793,10 +911,51 @@ describe 'Git LFS API and storage' do
end
end
end
end
context
'when
CI is authenticat
ed'
do
context
'when
build is authoriz
ed'
do
let
(
:authorization
)
{
authorize_ci_project
}
let
(
:authorization
)
{
authorize_ci_project
}
it_behaves_like
'unauthorized'
context
'build has an user'
do
let
(
:user
)
{
create
(
:user
)
}
context
'tries to push to own project'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
before
do
project
.
team
<<
[
user
,
:developer
]
put_authorize
end
it
'responds with 403'
do
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'tries to push to other project'
do
let
(
:other_project
)
{
create
(
:empty_project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
other_project
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
before
do
put_authorize
end
it
'responds with 404'
do
expect
(
response
).
to
have_http_status
(
404
)
end
end
end
context
'does not have user'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
before
do
put_authorize
end
it
'responds with 401'
do
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
end
context
'for unauthenticated'
do
context
'for unauthenticated'
do
...
@@ -853,10 +1012,42 @@ describe 'Git LFS API and storage' do
...
@@ -853,10 +1012,42 @@ describe 'Git LFS API and storage' do
end
end
end
end
context
'when
CI is authenticat
ed'
do
context
'when
build is authoriz
ed'
do
let
(
:authorization
)
{
authorize_ci_project
}
let
(
:authorization
)
{
authorize_ci_project
}
it_behaves_like
'unauthorized'
before
do
put_authorize
end
context
'build has an user'
do
let
(
:user
)
{
create
(
:user
)
}
context
'tries to push to own project'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it
'responds with 403'
do
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'tries to push to other project'
do
let
(
:other_project
)
{
create
(
:empty_project
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
other_project
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
,
user:
user
)
}
it
'responds with 403'
do
expect
(
response
).
to
have_http_status
(
403
)
end
end
end
context
'does not have user'
do
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
it
'responds with 401'
do
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
end
context
'for unauthenticated'
do
context
'for unauthenticated'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment