summaryrefslogtreecommitdiff
path: root/spec/controllers
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2021-01-06 19:15:29 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2021-01-06 19:15:29 +0000
commit19e2b7faf7439992f9d91f4b053d25d956f3e83a (patch)
tree4e30cf5778759a4d99f34d681dacfa0928120e17 /spec/controllers
parentbc82bff16f0c095533a78b1ca894f8ac3b92b2dc (diff)
downloadgitlab-ce-19e2b7faf7439992f9d91f4b053d25d956f3e83a.tar.gz
Add latest changes from gitlab-org/security/gitlab@13-7-stable-ee
Diffstat (limited to 'spec/controllers')
-rw-r--r--spec/controllers/projects/raw_controller_spec.rb12
-rw-r--r--spec/controllers/projects/repositories_controller_spec.rb12
2 files changed, 24 insertions, 0 deletions
diff --git a/spec/controllers/projects/raw_controller_spec.rb b/spec/controllers/projects/raw_controller_spec.rb
index dfe7ba34e6d..b1c3c1c0276 100644
--- a/spec/controllers/projects/raw_controller_spec.rb
+++ b/spec/controllers/projects/raw_controller_spec.rb
@@ -250,6 +250,18 @@ RSpec.describe Projects::RawController do
expect(response.cache_control[:no_store]).to be_nil
end
+ context 'when a public project has private repo' do
+ let(:project) { create(:project, :public, :repository, :repository_private) }
+ let(:user) { create(:user, maintainer_projects: [project]) }
+
+ it 'does not set public caching header' do
+ sign_in user
+ request_file
+
+ expect(response.header['Cache-Control']).to include('max-age=60, private')
+ end
+ end
+
context 'when If-None-Match header is set' do
it 'returns a 304 status' do
request_file
diff --git a/spec/controllers/projects/repositories_controller_spec.rb b/spec/controllers/projects/repositories_controller_spec.rb
index e7f4a8a1422..e6327a72a68 100644
--- a/spec/controllers/projects/repositories_controller_spec.rb
+++ b/spec/controllers/projects/repositories_controller_spec.rb
@@ -137,6 +137,18 @@ RSpec.describe Projects::RepositoriesController do
expect(response.header['ETag']).to be_present
expect(response.header['Cache-Control']).to include('max-age=60, public')
end
+
+ context 'and repo is private' do
+ let(:project) { create(:project, :repository, :public, :repository_private) }
+
+ it 'sets appropriate caching headers' do
+ get_archive
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(response.header['ETag']).to be_present
+ expect(response.header['Cache-Control']).to include('max-age=60, private')
+ end
+ end
end
context 'when ref is a commit SHA' do