diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-17 11:59:07 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-17 11:59:07 +0000 |
commit | 8b573c94895dc0ac0e1d9d59cf3e8745e8b539ca (patch) | |
tree | 544930fb309b30317ae9797a9683768705d664c4 /spec/lib/gitlab/checks | |
parent | 4b1de649d0168371549608993deac953eb692019 (diff) | |
download | gitlab-ce-8b573c94895dc0ac0e1d9d59cf3e8745e8b539ca.tar.gz |
Add latest changes from gitlab-org/gitlab@13-7-stable-eev13.7.0-rc42
Diffstat (limited to 'spec/lib/gitlab/checks')
-rw-r--r-- | spec/lib/gitlab/checks/diff_check_spec.rb | 21 | ||||
-rw-r--r-- | spec/lib/gitlab/checks/push_check_spec.rb | 21 | ||||
-rw-r--r-- | spec/lib/gitlab/checks/snippet_check_spec.rb | 40 |
3 files changed, 69 insertions, 13 deletions
diff --git a/spec/lib/gitlab/checks/diff_check_spec.rb b/spec/lib/gitlab/checks/diff_check_spec.rb index 2cca0aed9c6..f4daafb1d0e 100644 --- a/spec/lib/gitlab/checks/diff_check_spec.rb +++ b/spec/lib/gitlab/checks/diff_check_spec.rb @@ -7,7 +7,6 @@ RSpec.describe Gitlab::Checks::DiffCheck do describe '#validate!' do let(:owner) { create(:user) } - let!(:lock) { create(:lfs_file_lock, user: owner, project: project, path: 'README') } before do allow(project.repository).to receive(:new_commits).and_return( @@ -28,13 +27,27 @@ RSpec.describe Gitlab::Checks::DiffCheck do end context 'with LFS enabled' do + let!(:lock) { create(:lfs_file_lock, user: owner, project: project, path: 'README') } + before do allow(project).to receive(:lfs_enabled?).and_return(true) end context 'when change is sent by a different user' do - it 'raises an error if the user is not allowed to update the file' do - expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, "The path 'README' is locked in Git LFS by #{lock.user.name}") + context 'when diff check with paths rpc feature flag is true' do + it 'raises an error if the user is not allowed to update the file' do + expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, "The path 'README' is locked in Git LFS by #{lock.user.name}") + end + end + + context 'when diff check with paths rpc feature flag is false' do + before do + stub_feature_flags(diff_check_with_paths_changed_rpc: false) + end + + it 'raises an error if the user is not allowed to update the file' do + expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, "The path 'README' is locked in Git LFS by #{lock.user.name}") + end end end @@ -53,6 +66,8 @@ RSpec.describe Gitlab::Checks::DiffCheck do expect_any_instance_of(Commit).to receive(:raw_deltas).and_call_original + stub_feature_flags(diff_check_with_paths_changed_rpc: false) + subject.validate! end diff --git a/spec/lib/gitlab/checks/push_check_spec.rb b/spec/lib/gitlab/checks/push_check_spec.rb index 45ab13cf0cf..262438256b4 100644 --- a/spec/lib/gitlab/checks/push_check_spec.rb +++ b/spec/lib/gitlab/checks/push_check_spec.rb @@ -18,5 +18,26 @@ RSpec.describe Gitlab::Checks::PushCheck do expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, 'You are not allowed to push code to this project.') end end + + context 'when using a DeployKeyAccess instance' do + let(:deploy_key) { create(:deploy_key) } + let(:user_access) { Gitlab::DeployKeyAccess.new(deploy_key, container: project) } + + context 'when the deploy key cannot push to the targetted branch' do + it 'raises an error' do + allow(user_access).to receive(:can_push_to_branch?).and_return(false) + + expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, 'You are not allowed to push code to this project.') + end + end + + context 'when the deploy key can push to the targetted branch' do + it 'is valid' do + allow(user_access).to receive(:can_push_to_branch?).and_return(true) + + expect { subject.validate! }.not_to raise_error + end + end + end end end diff --git a/spec/lib/gitlab/checks/snippet_check_spec.rb b/spec/lib/gitlab/checks/snippet_check_spec.rb index 037de8e9369..89417aaca4d 100644 --- a/spec/lib/gitlab/checks/snippet_check_spec.rb +++ b/spec/lib/gitlab/checks/snippet_check_spec.rb @@ -9,19 +9,30 @@ RSpec.describe Gitlab::Checks::SnippetCheck do let(:user_access) { Gitlab::UserAccessSnippet.new(user, snippet: snippet) } let(:default_branch) { snippet.default_branch } + let(:branch_name) { default_branch } + let(:creation) { false } + let(:deletion) { false } - subject { Gitlab::Checks::SnippetCheck.new(changes, default_branch: default_branch, logger: logger) } + subject { Gitlab::Checks::SnippetCheck.new(changes, default_branch: default_branch, root_ref: snippet.repository.root_ref, logger: logger) } describe '#validate!' do it 'does not raise any error' do expect { subject.validate! }.not_to raise_error end + shared_examples 'raises and logs error' do + specify do + expect(Gitlab::ErrorTracking).to receive(:log_exception).with(instance_of(Gitlab::GitAccess::ForbiddenError), default_branch: default_branch, branch_name: branch_name, creation: creation, deletion: deletion) + + expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, 'You can not create or delete branches.') + end + end + context 'trying to delete the branch' do let(:newrev) { '0000000000000000000000000000000000000000' } - it 'raises an error' do - expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, 'You can not create or delete branches.') + it_behaves_like 'raises and logs error' do + let(:deletion) { true } end end @@ -29,14 +40,23 @@ RSpec.describe Gitlab::Checks::SnippetCheck do let(:oldrev) { '0000000000000000000000000000000000000000' } let(:ref) { 'refs/heads/feature' } - it 'raises an error' do - expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, 'You can not create or delete branches.') + it_behaves_like 'raises and logs error' do + let(:creation) { true } + let(:branch_name) { 'feature' } end - context "when branch is 'master'" do - let(:ref) { 'refs/heads/master' } + context 'when branch is the same as the default branch' do + let(:ref) { "refs/heads/#{default_branch}" } - it "allows the operation" do + it 'allows the operation' do + expect { subject.validate! }.not_to raise_error + end + end + + context 'when snippet has an empty repo' do + let_it_be(:snippet) { create(:personal_snippet, :empty_repo) } + + it 'allows the operation' do expect { subject.validate! }.not_to raise_error end end @@ -45,8 +65,8 @@ RSpec.describe Gitlab::Checks::SnippetCheck do context 'when default_branch is nil' do let(:default_branch) { nil } - it 'raises an error' do - expect { subject.validate! }.to raise_error(Gitlab::GitAccess::ForbiddenError, 'You can not create or delete branches.') + it_behaves_like 'raises and logs error' do + let(:branch_name) { 'master' } end end end |