diff options
author | Rémy Coutable <remy@rymai.me> | 2017-11-07 19:28:12 +0100 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2017-11-08 10:58:42 +0100 |
commit | 8820199881b46d5bc3a9508f53a189c5d15b02f4 (patch) | |
tree | ba2bb2ac9c00c48affd2c1d1bbed112363615aa8 | |
parent | 4f06648065ffd06aba5172db087be336af2925a3 (diff) | |
download | gitlab-ce-sh-fix-lfs-write-deploy-keys.tar.gz |
Add a spec for Gitlab::Auth when actor is a deploy key that can pushsh-fix-lfs-write-deploy-keys
Signed-off-by: Rémy Coutable <remy@rymai.me>
-rw-r--r-- | lib/gitlab/auth.rb | 4 | ||||
-rw-r--r-- | spec/lib/gitlab/auth_spec.rb | 4 | ||||
-rw-r--r-- | spec/requests/lfs_http_spec.rb | 47 |
3 files changed, 28 insertions, 27 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 3f981314c80..cbbc51db99e 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -218,9 +218,7 @@ module Gitlab end def full_authentication_abilities - read_authentication_abilities + [ - :push_code, - :create_container_image, + read_write_authentication_abilities + [ :admin_container_image ] end diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb index 265d88dddff..3164d2ebf04 100644 --- a/spec/lib/gitlab/auth_spec.rb +++ b/spec/lib/gitlab/auth_spec.rb @@ -353,9 +353,7 @@ describe Gitlab::Auth do end def full_authentication_abilities - read_authentication_abilities + [ - :push_code, - :create_container_image, + read_write_authentication_abilities + [ :admin_container_image ] end diff --git a/spec/requests/lfs_http_spec.rb b/spec/requests/lfs_http_spec.rb index 52e93e157f1..c597623bc4d 100644 --- a/spec/requests/lfs_http_spec.rb +++ b/spec/requests/lfs_http_spec.rb @@ -654,6 +654,20 @@ describe 'Git LFS API and storage' do } end + shared_examples 'pushes new LFS objects' do + let(:sample_size) { 150.megabytes } + let(:sample_oid) { '91eff75a492a3ed0dfcb544d7f31326bc4014c8551849c192fd1e48d4dd2c897' } + + it 'responds with upload hypermedia link' do + expect(response).to have_gitlab_http_status(200) + expect(json_response['objects']).to be_kind_of(Array) + expect(json_response['objects'].first['oid']).to eq(sample_oid) + expect(json_response['objects'].first['size']).to eq(sample_size) + expect(json_response['objects'].first['actions']['upload']['href']).to eq("#{Gitlab.config.gitlab.url}/#{project.full_path}.git/gitlab-lfs/objects/#{sample_oid}/#{sample_size}") + expect(json_response['objects'].first['actions']['upload']['header']).to eq('Authorization' => authorization) + end + end + describe 'when request is authenticated' do describe 'when user has project push access' do let(:authorization) { authorize_user } @@ -684,27 +698,7 @@ describe 'Git LFS API and storage' do end context 'when pushing a lfs object that does not exist' do - let(:body) do - { - 'operation' => 'upload', - 'objects' => [ - { 'oid' => '91eff75a492a3ed0dfcb544d7f31326bc4014c8551849c192fd1e48d4dd2c897', - 'size' => 1575078 } - ] - } - end - - it 'responds with status 200' do - expect(response).to have_gitlab_http_status(200) - end - - it 'responds with upload hypermedia link' do - expect(json_response['objects']).to be_kind_of(Array) - expect(json_response['objects'].first['oid']).to eq("91eff75a492a3ed0dfcb544d7f31326bc4014c8551849c192fd1e48d4dd2c897") - expect(json_response['objects'].first['size']).to eq(1575078) - expect(json_response['objects'].first['actions']['upload']['href']).to eq("#{Gitlab.config.gitlab.url}/#{project.full_path}.git/gitlab-lfs/objects/91eff75a492a3ed0dfcb544d7f31326bc4014c8551849c192fd1e48d4dd2c897/1575078") - expect(json_response['objects'].first['actions']['upload']['header']).to eq('Authorization' => authorization) - end + it_behaves_like 'pushes new LFS objects' end context 'when pushing one new and one existing lfs object' do @@ -785,6 +779,17 @@ describe 'Git LFS API and storage' do end end end + + context 'when deploy key has project push access' do + let(:key) { create(:deploy_key, can_push: true) } + let(:authorization) { authorize_deploy_key } + + let(:update_user_permissions) do + project.deploy_keys << key + end + + it_behaves_like 'pushes new LFS objects' + end end context 'when user is not authenticated' do |