summaryrefslogtreecommitdiff
path: root/spec/requests/api/internal
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2021-04-20 23:50:22 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2021-04-20 23:50:22 +0000
commit9dc93a4519d9d5d7be48ff274127136236a3adb3 (patch)
tree70467ae3692a0e35e5ea56bcb803eb512a10bedb /spec/requests/api/internal
parent4b0f34b6d759d6299322b3a54453e930c6121ff0 (diff)
downloadgitlab-ce-9dc93a4519d9d5d7be48ff274127136236a3adb3.tar.gz
Add latest changes from gitlab-org/gitlab@13-11-stable-eev13.11.0-rc43
Diffstat (limited to 'spec/requests/api/internal')
-rw-r--r--spec/requests/api/internal/base_spec.rb37
-rw-r--r--spec/requests/api/internal/kubernetes_spec.rb18
2 files changed, 44 insertions, 11 deletions
diff --git a/spec/requests/api/internal/base_spec.rb b/spec/requests/api/internal/base_spec.rb
index 86999c4adaa..6bedd43e5c4 100644
--- a/spec/requests/api/internal/base_spec.rb
+++ b/spec/requests/api/internal/base_spec.rb
@@ -644,7 +644,7 @@ RSpec.describe API::Internal::Base do
context 'with Project' do
it_behaves_like 'storing arguments in the application context' do
- let(:expected_params) { { user: key.user.username, project: project.full_path } }
+ let(:expected_params) { { user: key.user.username, project: project.full_path, caller_id: "POST /api/:version/internal/allowed" } }
subject { push(key, project) }
end
@@ -652,7 +652,7 @@ RSpec.describe API::Internal::Base do
context 'with PersonalSnippet' do
it_behaves_like 'storing arguments in the application context' do
- let(:expected_params) { { user: key.user.username } }
+ let(:expected_params) { { user: key.user.username, caller_id: "POST /api/:version/internal/allowed" } }
subject { push(key, personal_snippet) }
end
@@ -660,7 +660,7 @@ RSpec.describe API::Internal::Base do
context 'with ProjectSnippet' do
it_behaves_like 'storing arguments in the application context' do
- let(:expected_params) { { user: key.user.username, project: project_snippet.project.full_path } }
+ let(:expected_params) { { user: key.user.username, project: project_snippet.project.full_path, caller_id: "POST /api/:version/internal/allowed" } }
subject { push(key, project_snippet) }
end
@@ -887,7 +887,7 @@ RSpec.describe API::Internal::Base do
context 'project does not exist' do
context 'git pull' do
it 'returns a 200 response with status: false' do
- project.destroy
+ project.destroy!
pull(key, project)
@@ -1115,7 +1115,7 @@ RSpec.describe API::Internal::Base do
end
end
- context 'feature flag :user_mode_in_session is enabled' do
+ context 'application setting :admin_mode is enabled' do
context 'with an admin user' do
let(:user) { create(:admin) }
@@ -1147,9 +1147,9 @@ RSpec.describe API::Internal::Base do
end
end
- context 'feature flag :user_mode_in_session is disabled' do
+ context 'application setting :admin_mode is disabled' do
before do
- stub_feature_flags(user_mode_in_session: false)
+ stub_application_setting(admin_mode: false)
end
context 'with an admin user' do
@@ -1413,6 +1413,29 @@ RSpec.describe API::Internal::Base do
end
end
+ describe 'GET /internal/geo_proxy' do
+ subject { get api('/internal/geo_proxy'), params: { secret_token: secret_token } }
+
+ context 'with valid auth' do
+ it 'returns empty data' do
+ subject
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(json_response).to be_empty
+ end
+ end
+
+ context 'with invalid auth' do
+ let(:secret_token) { 'invalid_token' }
+
+ it 'returns unauthorized' do
+ subject
+
+ expect(response).to have_gitlab_http_status(:unauthorized)
+ end
+ end
+ end
+
def lfs_auth_project(project)
post(
api("/internal/lfs_authenticate"),
diff --git a/spec/requests/api/internal/kubernetes_spec.rb b/spec/requests/api/internal/kubernetes_spec.rb
index 2e13016a0a6..47d0c872eb6 100644
--- a/spec/requests/api/internal/kubernetes_spec.rb
+++ b/spec/requests/api/internal/kubernetes_spec.rb
@@ -38,16 +38,22 @@ RSpec.describe API::Internal::Kubernetes do
end
shared_examples 'agent authentication' do
- it 'returns 403 if Authorization header not sent' do
+ it 'returns 401 if Authorization header not sent' do
send_request
- expect(response).to have_gitlab_http_status(:forbidden)
+ expect(response).to have_gitlab_http_status(:unauthorized)
end
- it 'returns 403 if Authorization is for non-existent agent' do
+ it 'returns 401 if Authorization is for non-existent agent' do
send_request(headers: { 'Authorization' => 'Bearer NONEXISTENT' })
- expect(response).to have_gitlab_http_status(:forbidden)
+ expect(response).to have_gitlab_http_status(:unauthorized)
+ end
+ end
+
+ shared_examples 'agent token tracking' do
+ it 'tracks token usage' do
+ expect { response }.to change { agent_token.reload.read_attribute(:last_used_at) }
end
end
@@ -101,6 +107,8 @@ RSpec.describe API::Internal::Kubernetes do
let(:agent) { agent_token.agent }
let(:project) { agent.project }
+ shared_examples 'agent token tracking'
+
it 'returns expected data', :aggregate_failures do
send_request(headers: { 'Authorization' => "Bearer #{agent_token.token}" })
@@ -169,6 +177,8 @@ RSpec.describe API::Internal::Kubernetes do
context 'an agent is found' do
let_it_be(:agent_token) { create(:cluster_agent_token) }
+ shared_examples 'agent token tracking'
+
context 'project is public' do
let(:project) { create(:project, :public) }