diff options
author | Stan Hu <stan@gitlab.com> | 2018-01-04 05:42:52 +0000 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2018-01-16 17:04:38 -0800 |
commit | 1f96512ba189d1eceb01353ca41c1cb6216d32c1 (patch) | |
tree | e838b79b23e24ef042dc189a2112ac7ec10a8190 /spec/controllers/import | |
parent | 8f4b06137577f868ffaa41d10c27aa1e763bc825 (diff) | |
download | gitlab-ce-1f96512ba189d1eceb01353ca41c1cb6216d32c1.tar.gz |
Merge branch 'sh-validate-path-project-import-10-3' into 'security-10-3'
Validate project path in Gitlab import - 10.3 port
See merge request gitlab/gitlabhq!2268
(cherry picked from commit 94c82376d66fc80d46dd2d5eeb5bade408ec6a7e)
2b94a7c2 Validate project path in Gitlab import
Diffstat (limited to 'spec/controllers/import')
-rw-r--r-- | spec/controllers/import/gitlab_projects_controller_spec.rb | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/spec/controllers/import/gitlab_projects_controller_spec.rb b/spec/controllers/import/gitlab_projects_controller_spec.rb new file mode 100644 index 00000000000..8759d3c0b97 --- /dev/null +++ b/spec/controllers/import/gitlab_projects_controller_spec.rb @@ -0,0 +1,38 @@ +require 'spec_helper' + +describe Import::GitlabProjectsController do + set(:namespace) { create(:namespace) } + set(:user) { namespace.owner } + let(:file) { fixture_file_upload(Rails.root + 'spec/fixtures/doc_sample.txt', 'text/plain') } + + before do + sign_in(user) + end + + describe 'POST create' do + context 'with an invalid path' do + it 'redirects with an error' do + post :create, namespace_id: namespace.id, path: '/test', file: file + + expect(flash[:alert]).to start_with('Project could not be imported') + expect(response).to have_gitlab_http_status(302) + end + + it 'redirects with an error when a relative path is used' do + post :create, namespace_id: namespace.id, path: '../test', file: file + + expect(flash[:alert]).to start_with('Project could not be imported') + expect(response).to have_gitlab_http_status(302) + end + end + + context 'with a valid path' do + it 'redirects to the new project path' do + post :create, namespace_id: namespace.id, path: 'test', file: file + + expect(flash[:notice]).to include('is being imported') + expect(response).to have_gitlab_http_status(302) + end + end + end +end |