summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGrzegorz Bizon <grzesiek.bizon@gmail.com>2016-03-01 20:32:30 +0100
committerGrzegorz Bizon <grzesiek.bizon@gmail.com>2016-03-01 20:32:30 +0100
commit8b02d962abd47e9e9c3bbd51bdd285bbb476b8d1 (patch)
tree1fc7db08bd80d5e9112620849b9bf518b4736402
parent6be22dbbe3b1f7bc8c396a98a83f5c5b51a4bbca (diff)
downloadgitlab-ce-fix/deprecated-ci-badge-permissions.tar.gz
Do not require authentication for CI status badgefix/deprecated-ci-badge-permissions
This changes only deprecated CI badge that we keep for backwards compatibility. See !3030#note_4041498.
-rw-r--r--app/controllers/ci/projects_controller.rb1
-rw-r--r--spec/controllers/ci/projects_controller_spec.rb23
2 files changed, 11 insertions, 13 deletions
diff --git a/app/controllers/ci/projects_controller.rb b/app/controllers/ci/projects_controller.rb
index 471cebc82f6..081e01a75e0 100644
--- a/app/controllers/ci/projects_controller.rb
+++ b/app/controllers/ci/projects_controller.rb
@@ -19,7 +19,6 @@ module Ci
#
def badge
return render_404 unless @project
- authenticate_user! unless @project.public?
image = Ci::ImageForBuildService.new.execute(@project, params)
send_file image.path, filename: image.name, disposition: 'inline', type:"image/svg+xml"
diff --git a/spec/controllers/ci/projects_controller_spec.rb b/spec/controllers/ci/projects_controller_spec.rb
index 569ed7c0f6b..db0748f323f 100644
--- a/spec/controllers/ci/projects_controller_spec.rb
+++ b/spec/controllers/ci/projects_controller_spec.rb
@@ -9,6 +9,14 @@ describe Ci::ProjectsController do
# Specs for *deprecated* CI badge
#
describe '#badge' do
+ shared_examples 'badge provider' do
+ it 'shows badge' do
+ expect(response.status).to eq 200
+ expect(response.headers)
+ .to include('Content-Type' => 'image/svg+xml')
+ end
+ end
+
context 'user not signed in' do
before { get(:badge, id: ci_id) }
@@ -22,18 +30,12 @@ describe Ci::ProjectsController do
context 'project is public' do
let(:visibility) { :public }
-
- it 'is available without authentication' do
- expect(response.status).to eq 200
- end
+ it_behaves_like 'badge provider'
end
context 'project is private' do
let(:visibility) { :private }
-
- it 'requires authentication' do
- expect(response.status).to eq 302
- end
+ it_behaves_like 'badge provider'
end
end
@@ -44,10 +46,7 @@ describe Ci::ProjectsController do
context 'private is internal' do
let(:visibility) { :internal }
-
- it 'shows badge to signed in user' do
- expect(response.status).to eq 200
- end
+ it_behaves_like 'badge provider'
end
end
end