summaryrefslogtreecommitdiff
path: root/spec/controllers
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2021-01-25 23:00:08 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2021-01-25 23:00:08 +0000
commitffd073a49240263b25ef98867bea6cc261bf7909 (patch)
treec43de093fdcd39657e5782c5ce1be79622b74fd8 /spec/controllers
parent0ce33bd2eaa8fe22ad59d7c198bb700f80503db9 (diff)
downloadgitlab-ce-ffd073a49240263b25ef98867bea6cc261bf7909.tar.gz
Add latest changes from gitlab-org/gitlab@13-8-stable-ee
Diffstat (limited to 'spec/controllers')
-rw-r--r--spec/controllers/repositories/lfs_storage_controller_spec.rb68
1 files changed, 60 insertions, 8 deletions
diff --git a/spec/controllers/repositories/lfs_storage_controller_spec.rb b/spec/controllers/repositories/lfs_storage_controller_spec.rb
index e361a7442bb..7ddc5723e2e 100644
--- a/spec/controllers/repositories/lfs_storage_controller_spec.rb
+++ b/spec/controllers/repositories/lfs_storage_controller_spec.rb
@@ -11,24 +11,76 @@ RSpec.describe Repositories::LfsStorageController do
let_it_be(:pat) { create(:personal_access_token, user: user, scopes: ['write_repository']) }
let(:lfs_enabled) { true }
+ let(:params) do
+ {
+ repository_path: "#{project.full_path}.git",
+ oid: '6b9765d3888aaec789e8c309eb05b05c3a87895d6ad70d2264bd7270fff665ac',
+ size: '6725030'
+ }
+ end
before do
stub_config(lfs: { enabled: lfs_enabled })
end
- describe 'PUT #upload_finalize' do
+ describe 'PUT #upload_authorize' do
let(:headers) { workhorse_internal_api_request_header }
let(:extra_headers) { {} }
- let(:uploaded_file) { temp_file }
- let(:params) do
- {
- repository_path: "#{project.full_path}.git",
- oid: '6b9765d3888aaec789e8c309eb05b05c3a87895d6ad70d2264bd7270fff665ac',
- size: '6725030'
- }
+ before do
+ request.headers.merge!(extra_headers)
+ request.headers.merge!(headers)
+ end
+
+ subject do
+ put :upload_authorize, params: params
end
+ context 'with unauthorized roles' do
+ where(:user_role, :expected_status) do
+ :guest | :forbidden
+ :anonymous | :unauthorized
+ end
+
+ with_them do
+ let(:extra_headers) do
+ if user_role == :anonymous
+ {}
+ else
+ { 'HTTP_AUTHORIZATION' => ActionController::HttpAuthentication::Basic.encode_credentials(user.username, pat.token) }
+ end
+ end
+
+ before do
+ project.send("add_#{user_role}", user) unless user_role == :anonymous
+ end
+
+ it_behaves_like 'returning response status', params[:expected_status]
+ end
+ end
+
+ context 'with at least developer role' do
+ let(:extra_headers) { { 'HTTP_AUTHORIZATION' => ActionController::HttpAuthentication::Basic.encode_credentials(user.username, pat.token) } }
+
+ before do
+ project.add_developer(user)
+ end
+
+ it 'sets Workhorse with a max limit' do
+ expect(LfsObjectUploader).to receive(:workhorse_authorize).with(has_length: false, maximum_size: params[:size].to_i).and_call_original
+
+ subject
+
+ expect(response).to have_gitlab_http_status(:ok)
+ end
+ end
+ end
+
+ describe 'PUT #upload_finalize' do
+ let(:headers) { workhorse_internal_api_request_header }
+ let(:extra_headers) { {} }
+ let(:uploaded_file) { temp_file }
+
before do
request.headers.merge!(extra_headers)
request.headers.merge!(headers)