diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-04-20 23:50:22 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-04-20 23:50:22 +0000 |
commit | 9dc93a4519d9d5d7be48ff274127136236a3adb3 (patch) | |
tree | 70467ae3692a0e35e5ea56bcb803eb512a10bedb /spec/requests/api/internal | |
parent | 4b0f34b6d759d6299322b3a54453e930c6121ff0 (diff) | |
download | gitlab-ce-9dc93a4519d9d5d7be48ff274127136236a3adb3.tar.gz |
Add latest changes from gitlab-org/gitlab@13-11-stable-eev13.11.0-rc43
Diffstat (limited to 'spec/requests/api/internal')
-rw-r--r-- | spec/requests/api/internal/base_spec.rb | 37 | ||||
-rw-r--r-- | spec/requests/api/internal/kubernetes_spec.rb | 18 |
2 files changed, 44 insertions, 11 deletions
diff --git a/spec/requests/api/internal/base_spec.rb b/spec/requests/api/internal/base_spec.rb index 86999c4adaa..6bedd43e5c4 100644 --- a/spec/requests/api/internal/base_spec.rb +++ b/spec/requests/api/internal/base_spec.rb @@ -644,7 +644,7 @@ RSpec.describe API::Internal::Base do context 'with Project' do it_behaves_like 'storing arguments in the application context' do - let(:expected_params) { { user: key.user.username, project: project.full_path } } + let(:expected_params) { { user: key.user.username, project: project.full_path, caller_id: "POST /api/:version/internal/allowed" } } subject { push(key, project) } end @@ -652,7 +652,7 @@ RSpec.describe API::Internal::Base do context 'with PersonalSnippet' do it_behaves_like 'storing arguments in the application context' do - let(:expected_params) { { user: key.user.username } } + let(:expected_params) { { user: key.user.username, caller_id: "POST /api/:version/internal/allowed" } } subject { push(key, personal_snippet) } end @@ -660,7 +660,7 @@ RSpec.describe API::Internal::Base do context 'with ProjectSnippet' do it_behaves_like 'storing arguments in the application context' do - let(:expected_params) { { user: key.user.username, project: project_snippet.project.full_path } } + let(:expected_params) { { user: key.user.username, project: project_snippet.project.full_path, caller_id: "POST /api/:version/internal/allowed" } } subject { push(key, project_snippet) } end @@ -887,7 +887,7 @@ RSpec.describe API::Internal::Base do context 'project does not exist' do context 'git pull' do it 'returns a 200 response with status: false' do - project.destroy + project.destroy! pull(key, project) @@ -1115,7 +1115,7 @@ RSpec.describe API::Internal::Base do end end - context 'feature flag :user_mode_in_session is enabled' do + context 'application setting :admin_mode is enabled' do context 'with an admin user' do let(:user) { create(:admin) } @@ -1147,9 +1147,9 @@ RSpec.describe API::Internal::Base do end end - context 'feature flag :user_mode_in_session is disabled' do + context 'application setting :admin_mode is disabled' do before do - stub_feature_flags(user_mode_in_session: false) + stub_application_setting(admin_mode: false) end context 'with an admin user' do @@ -1413,6 +1413,29 @@ RSpec.describe API::Internal::Base do end end + describe 'GET /internal/geo_proxy' do + subject { get api('/internal/geo_proxy'), params: { secret_token: secret_token } } + + context 'with valid auth' do + it 'returns empty data' do + subject + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to be_empty + end + end + + context 'with invalid auth' do + let(:secret_token) { 'invalid_token' } + + it 'returns unauthorized' do + subject + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + end + def lfs_auth_project(project) post( api("/internal/lfs_authenticate"), diff --git a/spec/requests/api/internal/kubernetes_spec.rb b/spec/requests/api/internal/kubernetes_spec.rb index 2e13016a0a6..47d0c872eb6 100644 --- a/spec/requests/api/internal/kubernetes_spec.rb +++ b/spec/requests/api/internal/kubernetes_spec.rb @@ -38,16 +38,22 @@ RSpec.describe API::Internal::Kubernetes do end shared_examples 'agent authentication' do - it 'returns 403 if Authorization header not sent' do + it 'returns 401 if Authorization header not sent' do send_request - expect(response).to have_gitlab_http_status(:forbidden) + expect(response).to have_gitlab_http_status(:unauthorized) end - it 'returns 403 if Authorization is for non-existent agent' do + it 'returns 401 if Authorization is for non-existent agent' do send_request(headers: { 'Authorization' => 'Bearer NONEXISTENT' }) - expect(response).to have_gitlab_http_status(:forbidden) + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + + shared_examples 'agent token tracking' do + it 'tracks token usage' do + expect { response }.to change { agent_token.reload.read_attribute(:last_used_at) } end end @@ -101,6 +107,8 @@ RSpec.describe API::Internal::Kubernetes do let(:agent) { agent_token.agent } let(:project) { agent.project } + shared_examples 'agent token tracking' + it 'returns expected data', :aggregate_failures do send_request(headers: { 'Authorization' => "Bearer #{agent_token.token}" }) @@ -169,6 +177,8 @@ RSpec.describe API::Internal::Kubernetes do context 'an agent is found' do let_it_be(:agent_token) { create(:cluster_agent_token) } + shared_examples 'agent token tracking' + context 'project is public' do let(:project) { create(:project, :public) } |