diff options
author | Mayra Cabrera <mcabrera@gitlab.com> | 2018-03-29 16:56:35 -0600 |
---|---|---|
committer | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-06 21:20:16 -0500 |
commit | 370fc05da7f95bf6621867a71d51493cf3899e25 (patch) | |
tree | 040f676c8c6ccf04d5ebfdbbe064a844affd63f5 /spec/lib/gitlab/git_access_spec.rb | |
parent | db18993f652425b72c4b854e18a002e0ec44b196 (diff) | |
download | gitlab-ce-370fc05da7f95bf6621867a71d51493cf3899e25.tar.gz |
Implement 'read_repo' for DeployTokens
This will allow to download a repo using the token from the DeployToken
Diffstat (limited to 'spec/lib/gitlab/git_access_spec.rb')
-rw-r--r-- | spec/lib/gitlab/git_access_spec.rb | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/spec/lib/gitlab/git_access_spec.rb b/spec/lib/gitlab/git_access_spec.rb index c870997e274..928825c21fa 100644 --- a/spec/lib/gitlab/git_access_spec.rb +++ b/spec/lib/gitlab/git_access_spec.rb @@ -145,6 +145,33 @@ describe Gitlab::GitAccess do expect { push_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:auth_upload]) end end + + context 'when actor is DeployToken' do + context 'when DeployToken is active and belongs to project' do + let(:actor) { create(:deploy_token, :read_repo, project: project) } + + it 'allows pull access' do + expect { pull_access_check }.not_to raise_error + end + end + + context 'when DeployToken has been revoked' do + let(:actor) { create(:deploy_token, :read_repo, project: project) } + + it 'blocks pull access' do + actor.revoke! + expect { pull_access_check }.to raise_not_found + end + end + + context 'when DeployToken does not belong to project' do + let(:actor) { create(:deploy_token, :read_repo) } + + it 'blocks pull access' do + expect { pull_access_check }.to raise_not_found + end + end + end end context 'when actor is nil' do |