diff options
| author | Kamil Trzciński <ayufan@ayufan.eu> | 2018-02-28 20:36:55 +0100 |
|---|---|---|
| committer | Kamil Trzciński <ayufan@ayufan.eu> | 2018-02-28 20:36:55 +0100 |
| commit | 965dc28691e2d70b7040e28d90ccbc3721a9e416 (patch) | |
| tree | 84258f35b72f2e7ce6a7198db66032df4ad5aadb /spec/requests/api | |
| parent | e3fafa7632e038927085cf8c8228c93be44b36bd (diff) | |
| parent | 7fabc892f251740dbd9a4755baede662e6854870 (diff) | |
| download | gitlab-ce-965dc28691e2d70b7040e28d90ccbc3721a9e416.tar.gz | |
Merge commit '7fabc892f251740dbd9a4755baede662e6854870' into object-storage-ee-to-ce-backport
Diffstat (limited to 'spec/requests/api')
| -rw-r--r-- | spec/requests/api/circuit_breakers_spec.rb | 2 | ||||
| -rw-r--r-- | spec/requests/api/groups_spec.rb | 150 | ||||
| -rw-r--r-- | spec/requests/api/helpers_spec.rb | 46 | ||||
| -rw-r--r-- | spec/requests/api/internal_spec.rb | 54 | ||||
| -rw-r--r-- | spec/requests/api/jobs_spec.rb | 21 | ||||
| -rw-r--r-- | spec/requests/api/merge_requests_spec.rb | 8 | ||||
| -rw-r--r-- | spec/requests/api/namespaces_spec.rb | 123 | ||||
| -rw-r--r-- | spec/requests/api/notes_spec.rb | 124 | ||||
| -rw-r--r-- | spec/requests/api/pages_domains_spec.rb | 47 | ||||
| -rw-r--r-- | spec/requests/api/projects_spec.rb | 8 | ||||
| -rw-r--r-- | spec/requests/api/protected_branches_spec.rb | 36 | ||||
| -rw-r--r-- | spec/requests/api/runner_spec.rb | 15 | ||||
| -rw-r--r-- | spec/requests/api/runners_spec.rb | 134 | ||||
| -rw-r--r-- | spec/requests/api/services_spec.rb | 21 | ||||
| -rw-r--r-- | spec/requests/api/settings_spec.rb | 10 | ||||
| -rw-r--r-- | spec/requests/api/users_spec.rb | 8 | ||||
| -rw-r--r-- | spec/requests/api/v3/builds_spec.rb | 2 | ||||
| -rw-r--r-- | spec/requests/api/v3/merge_requests_spec.rb | 2 | ||||
| -rw-r--r-- | spec/requests/api/v3/projects_spec.rb | 2 | ||||
| -rw-r--r-- | spec/requests/api/v3/settings_spec.rb | 4 |
20 files changed, 738 insertions, 79 deletions
diff --git a/spec/requests/api/circuit_breakers_spec.rb b/spec/requests/api/circuit_breakers_spec.rb index 3b858c40fd6..fe76f057115 100644 --- a/spec/requests/api/circuit_breakers_spec.rb +++ b/spec/requests/api/circuit_breakers_spec.rb @@ -47,7 +47,7 @@ describe API::CircuitBreakers do describe 'DELETE circuit_breakers/repository_storage' do it 'clears all circuit_breakers' do - expect(Gitlab::Git::Storage::CircuitBreaker).to receive(:reset_all!) + expect(Gitlab::Git::Storage::FailureInfo).to receive(:reset_all!) delete api('/circuit_breakers/repository_storage', admin) diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb index 780dbce6488..554723d6b1e 100644 --- a/spec/requests/api/groups_spec.rb +++ b/spec/requests/api/groups_spec.rb @@ -401,6 +401,20 @@ describe API::Groups do expect(response).to have_gitlab_http_status(404) end + + it 'avoids N+1 queries' do + get api("/groups/#{group1.id}/projects", admin) + + control_count = ActiveRecord::QueryRecorder.new do + get api("/groups/#{group1.id}/projects", admin) + end.count + + create(:project, namespace: group1) + + expect do + get api("/groups/#{group1.id}/projects", admin) + end.not_to exceed_query_limit(control_count) + end end context 'when using group path in URL' do @@ -427,6 +441,142 @@ describe API::Groups do end end + describe 'GET /groups/:id/subgroups', :nested_groups do + let!(:subgroup1) { create(:group, parent: group1) } + let!(:subgroup2) { create(:group, :private, parent: group1) } + let!(:subgroup3) { create(:group, :private, parent: group2) } + + context 'when unauthenticated' do + it 'returns only public subgroups' do + get api("/groups/#{group1.id}/subgroups") + + expect(response).to have_gitlab_http_status(200) + expect(response).to include_pagination_headers + expect(json_response).to be_an Array + expect(json_response.length).to eq(1) + expect(json_response.first['id']).to eq(subgroup1.id) + expect(json_response.first['parent_id']).to eq(group1.id) + end + + it 'returns 404 for a private group' do + get api("/groups/#{group2.id}/subgroups") + + expect(response).to have_gitlab_http_status(404) + end + end + + context 'when authenticated as user' do + context 'when user is not member of a public group' do + it 'returns no subgroups for the public group' do + get api("/groups/#{group1.id}/subgroups", user2) + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to be_an Array + expect(json_response.length).to eq(0) + end + + context 'when using all_available in request' do + it 'returns public subgroups' do + get api("/groups/#{group1.id}/subgroups", user2), all_available: true + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to be_an Array + expect(json_response.length).to eq(1) + expect(json_response[0]['id']).to eq(subgroup1.id) + expect(json_response[0]['parent_id']).to eq(group1.id) + end + end + end + + context 'when user is not member of a private group' do + it 'returns 404 for the private group' do + get api("/groups/#{group2.id}/subgroups", user1) + + expect(response).to have_gitlab_http_status(404) + end + end + + context 'when user is member of public group' do + before do + group1.add_guest(user2) + end + + it 'returns private subgroups' do + get api("/groups/#{group1.id}/subgroups", user2) + + expect(response).to have_gitlab_http_status(200) + expect(response).to include_pagination_headers + expect(json_response).to be_an Array + expect(json_response.length).to eq(2) + private_subgroups = json_response.select { |group| group['visibility'] == 'private' } + expect(private_subgroups.length).to eq(1) + expect(private_subgroups.first['id']).to eq(subgroup2.id) + expect(private_subgroups.first['parent_id']).to eq(group1.id) + end + + context 'when using statistics in request' do + it 'does not include statistics' do + get api("/groups/#{group1.id}/subgroups", user2), statistics: true + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to be_an Array + expect(json_response.first).not_to include 'statistics' + end + end + end + + context 'when user is member of private group' do + before do + group2.add_guest(user1) + end + + it 'returns subgroups' do + get api("/groups/#{group2.id}/subgroups", user1) + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to be_an Array + expect(json_response.length).to eq(1) + expect(json_response.first['id']).to eq(subgroup3.id) + expect(json_response.first['parent_id']).to eq(group2.id) + end + end + end + + context 'when authenticated as admin' do + it 'returns private subgroups of a public group' do + get api("/groups/#{group1.id}/subgroups", admin) + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to be_an Array + expect(json_response.length).to eq(2) + end + + it 'returns subgroups of a private group' do + get api("/groups/#{group2.id}/subgroups", admin) + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to be_an Array + expect(json_response.length).to eq(1) + end + + it 'does not include statistics by default' do + get api("/groups/#{group1.id}/subgroups", admin) + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to be_an Array + expect(json_response.first).not_to include('statistics') + end + + it 'includes statistics if requested' do + get api("/groups/#{group1.id}/subgroups", admin), statistics: true + + expect(response).to have_gitlab_http_status(200) + expect(json_response).to be_an Array + expect(json_response.first).to include('statistics') + end + end + end + describe "POST /groups" do context "when authenticated as user without group permissions" do it "does not create group" do diff --git a/spec/requests/api/helpers_spec.rb b/spec/requests/api/helpers_spec.rb index 6c0996c543d..0462f494e15 100644 --- a/spec/requests/api/helpers_spec.rb +++ b/spec/requests/api/helpers_spec.rb @@ -11,7 +11,6 @@ describe API::Helpers do let(:admin) { create(:admin) } let(:key) { create(:key, user: user) } - let(:params) { {} } let(:csrf_token) { SecureRandom.base64(ActionController::RequestForgeryProtection::AUTHENTICITY_TOKEN_LENGTH) } let(:env) do { @@ -19,10 +18,13 @@ describe API::Helpers do 'rack.session' => { _csrf_token: csrf_token }, - 'REQUEST_METHOD' => 'GET' + 'REQUEST_METHOD' => 'GET', + 'CONTENT_TYPE' => 'text/plain;charset=utf-8' } end let(:header) { } + let(:request) { Grape::Request.new(env)} + let(:params) { request.params } before do allow_any_instance_of(self.class).to receive(:options).and_return({}) @@ -37,6 +39,10 @@ describe API::Helpers do raise Exception.new("#{status} - #{message}") end + def set_param(key, value) + request.update_param(key, value) + end + describe ".current_user" do subject { current_user } @@ -132,13 +138,13 @@ describe API::Helpers do let(:personal_access_token) { create(:personal_access_token, user: user) } it "returns a 401 response for an invalid token" do - env[API::APIGuard::PRIVATE_TOKEN_HEADER] = 'invalid token' + env[Gitlab::Auth::UserAuthFinders::PRIVATE_TOKEN_HEADER] = 'invalid token' expect { current_user }.to raise_error /401/ end it "returns a 403 response for a user without access" do - env[API::APIGuard::PRIVATE_TOKEN_HEADER] = personal_access_token.token + env[Gitlab::Auth::UserAuthFinders::PRIVATE_TOKEN_HEADER] = personal_access_token.token allow_any_instance_of(Gitlab::UserAccess).to receive(:allowed?).and_return(false) expect { current_user }.to raise_error /403/ @@ -146,35 +152,35 @@ describe API::Helpers do it 'returns a 403 response for a user who is blocked' do user.block! - env[API::APIGuard::PRIVATE_TOKEN_HEADER] = personal_access_token.token + env[Gitlab::Auth::UserAuthFinders::PRIVATE_TOKEN_HEADER] = personal_access_token.token expect { current_user }.to raise_error /403/ end it "sets current_user" do - env[API::APIGuard::PRIVATE_TOKEN_HEADER] = personal_access_token.token + env[Gitlab::Auth::UserAuthFinders::PRIVATE_TOKEN_HEADER] = personal_access_token.token expect(current_user).to eq(user) end it "does not allow tokens without the appropriate scope" do personal_access_token = create(:personal_access_token, user: user, scopes: ['read_user']) - env[API::APIGuard::PRIVATE_TOKEN_HEADER] = personal_access_token.token + env[Gitlab::Auth::UserAuthFinders::PRIVATE_TOKEN_HEADER] = personal_access_token.token - expect { current_user }.to raise_error API::APIGuard::InsufficientScopeError + expect { current_user }.to raise_error Gitlab::Auth::InsufficientScopeError end it 'does not allow revoked tokens' do personal_access_token.revoke! - env[API::APIGuard::PRIVATE_TOKEN_HEADER] = personal_access_token.token + env[Gitlab::Auth::UserAuthFinders::PRIVATE_TOKEN_HEADER] = personal_access_token.token - expect { current_user }.to raise_error API::APIGuard::RevokedError + expect { current_user }.to raise_error Gitlab::Auth::RevokedError end it 'does not allow expired tokens' do personal_access_token.update_attributes!(expires_at: 1.day.ago) - env[API::APIGuard::PRIVATE_TOKEN_HEADER] = personal_access_token.token + env[Gitlab::Auth::UserAuthFinders::PRIVATE_TOKEN_HEADER] = personal_access_token.token - expect { current_user }.to raise_error API::APIGuard::ExpiredError + expect { current_user }.to raise_error Gitlab::Auth::ExpiredError end end end @@ -350,7 +356,7 @@ describe API::Helpers do context 'when using param' do context 'when providing username' do before do - params[API::Helpers::SUDO_PARAM] = user.username + set_param(API::Helpers::SUDO_PARAM, user.username) end it_behaves_like 'successful sudo' @@ -358,7 +364,7 @@ describe API::Helpers do context 'when providing user ID' do before do - params[API::Helpers::SUDO_PARAM] = user.id.to_s + set_param(API::Helpers::SUDO_PARAM, user.id.to_s) end it_behaves_like 'successful sudo' @@ -368,7 +374,7 @@ describe API::Helpers do context 'when user does not exist' do before do - params[API::Helpers::SUDO_PARAM] = 'nonexistent' + set_param(API::Helpers::SUDO_PARAM, 'nonexistent') end it 'raises an error' do @@ -382,11 +388,11 @@ describe API::Helpers do token.scopes = %w[api] token.save! - params[API::Helpers::SUDO_PARAM] = user.id.to_s + set_param(API::Helpers::SUDO_PARAM, user.id.to_s) end it 'raises an error' do - expect { current_user }.to raise_error API::APIGuard::InsufficientScopeError + expect { current_user }.to raise_error Gitlab::Auth::InsufficientScopeError end end end @@ -396,7 +402,7 @@ describe API::Helpers do token.user = user token.save! - params[API::Helpers::SUDO_PARAM] = user.id.to_s + set_param(API::Helpers::SUDO_PARAM, user.id.to_s) end it 'raises an error' do @@ -420,7 +426,7 @@ describe API::Helpers do context 'passed as param' do before do - params[API::APIGuard::PRIVATE_TOKEN_PARAM] = token.token + set_param(Gitlab::Auth::UserAuthFinders::PRIVATE_TOKEN_PARAM, token.token) end it_behaves_like 'sudo' @@ -428,7 +434,7 @@ describe API::Helpers do context 'passed as header' do before do - env[API::APIGuard::PRIVATE_TOKEN_HEADER] = token.token + env[Gitlab::Auth::UserAuthFinders::PRIVATE_TOKEN_HEADER] = token.token end it_behaves_like 'sudo' diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb index d919899282d..67e1539cbc3 100644 --- a/spec/requests/api/internal_spec.rb +++ b/spec/requests/api/internal_spec.rb @@ -203,18 +203,44 @@ describe API::Internal do end context 'with env passed as a JSON' do - it 'sets env in RequestStore' do - expect(Gitlab::Git::Env).to receive(:set).with({ - 'GIT_OBJECT_DIRECTORY' => 'foo', - 'GIT_ALTERNATE_OBJECT_DIRECTORIES' => 'bar' - }) + context 'when relative path envs are not set' do + it 'sets env in RequestStore' do + expect(Gitlab::Git::Env).to receive(:set).with({ + 'GIT_OBJECT_DIRECTORY' => 'foo', + 'GIT_ALTERNATE_OBJECT_DIRECTORIES' => 'bar' + }) + + push(key, project.wiki, env: { + GIT_OBJECT_DIRECTORY: 'foo', + GIT_ALTERNATE_OBJECT_DIRECTORIES: 'bar' + }.to_json) - push(key, project.wiki, env: { - GIT_OBJECT_DIRECTORY: 'foo', - GIT_ALTERNATE_OBJECT_DIRECTORIES: 'bar' - }.to_json) + expect(response).to have_gitlab_http_status(200) + end + end - expect(response).to have_gitlab_http_status(200) + context 'when relative path envs are set' do + it 'sets env in RequestStore' do + obj_dir_relative = './objects' + alt_obj_dirs_relative = ['./alt-objects-1', './alt-objects-2'] + repo_path = project.wiki.repository.path_to_repo + + expect(Gitlab::Git::Env).to receive(:set).with({ + 'GIT_OBJECT_DIRECTORY' => File.join(repo_path, obj_dir_relative), + 'GIT_ALTERNATE_OBJECT_DIRECTORIES' => alt_obj_dirs_relative.map { |d| File.join(repo_path, d) }, + 'GIT_OBJECT_DIRECTORY_RELATIVE' => obj_dir_relative, + 'GIT_ALTERNATE_OBJECT_DIRECTORIES_RELATIVE' => alt_obj_dirs_relative + }) + + push(key, project.wiki, env: { + GIT_OBJECT_DIRECTORY: 'foo', + GIT_ALTERNATE_OBJECT_DIRECTORIES: 'bar', + GIT_OBJECT_DIRECTORY_RELATIVE: obj_dir_relative, + GIT_ALTERNATE_OBJECT_DIRECTORIES_RELATIVE: alt_obj_dirs_relative + }.to_json) + + expect(response).to have_gitlab_http_status(200) + end end end @@ -243,9 +269,8 @@ describe API::Internal do end context "git pull" do - context "gitaly disabled" do + context "gitaly disabled", :disable_gitaly do it "has the correct payload" do - allow(Gitlab::GitalyClient).to receive(:feature_enabled?).with(:ssh_upload_pack).and_return(false) pull(key, project) expect(response).to have_gitlab_http_status(200) @@ -259,7 +284,6 @@ describe API::Internal do context "gitaly enabled" do it "has the correct payload" do - allow(Gitlab::GitalyClient).to receive(:feature_enabled?).with(:ssh_upload_pack).and_return(true) pull(key, project) expect(response).to have_gitlab_http_status(200) @@ -278,9 +302,8 @@ describe API::Internal do end context "git push" do - context "gitaly disabled" do + context "gitaly disabled", :disable_gitaly do it "has the correct payload" do - allow(Gitlab::GitalyClient).to receive(:feature_enabled?).with(:ssh_receive_pack).and_return(false) push(key, project) expect(response).to have_gitlab_http_status(200) @@ -294,7 +317,6 @@ describe API::Internal do context "gitaly enabled" do it "has the correct payload" do - allow(Gitlab::GitalyClient).to receive(:feature_enabled?).with(:ssh_receive_pack).and_return(true) push(key, project) expect(response).to have_gitlab_http_status(200) diff --git a/spec/requests/api/jobs_spec.rb b/spec/requests/api/jobs_spec.rb index 8bb3d5ffb03..a435945fea2 100644 --- a/spec/requests/api/jobs_spec.rb +++ b/spec/requests/api/jobs_spec.rb @@ -527,7 +527,11 @@ describe API::Jobs do end describe 'POST /projects/:id/jobs/:job_id/erase' do + let(:role) { :master } + before do + project.team << [user, role] + post api("/projects/#{project.id}/jobs/#{job.id}/erase", user) end @@ -556,6 +560,23 @@ describe API::Jobs do expect(response).to have_gitlab_http_status(403) end end + + context 'when a developer erases a build' do + let(:role) { :developer } + let(:job) { create(:ci_build, :trace, :artifacts, :success, project: project, pipeline: pipeline, user: owner) } + + context 'when the build was created by the developer' do + let(:owner) { user } + + it { expect(response).to have_gitlab_http_status(201) } + end + + context 'when the build was created by the other' do + let(:owner) { create(:user) } + + it { expect(response).to have_gitlab_http_status(403) } + end + end end describe 'POST /projects/:id/jobs/:job_id/artifacts/keep' do diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb index a928ba79a4d..91616da6d9a 100644 --- a/spec/requests/api/merge_requests_spec.rb +++ b/spec/requests/api/merge_requests_spec.rb @@ -172,15 +172,15 @@ describe API::MergeRequests do context "when authenticated" do it 'avoids N+1 queries' do - control_count = ActiveRecord::QueryRecorder.new do + control = ActiveRecord::QueryRecorder.new do get api("/projects/#{project.id}/merge_requests", user) - end.count + end create(:merge_request, state: 'closed', milestone: milestone1, author: user, assignee: user, source_project: project, target_project: project, title: "Test", created_at: base_time) expect do get api("/projects/#{project.id}/merge_requests", user) - end.not_to exceed_query_limit(control_count) + end.not_to exceed_query_limit(control) end it "returns an array of all merge_requests" do @@ -628,7 +628,7 @@ describe API::MergeRequests do context 'forked projects' do let!(:user2) { create(:user) } - let!(:forked_project) { fork_project(project, user2) } + let!(:forked_project) { fork_project(project, user2, repository: true) } let!(:unrelated_project) { create(:project, namespace: create(:user).namespace, creator_id: user2.id) } before do diff --git a/spec/requests/api/namespaces_spec.rb b/spec/requests/api/namespaces_spec.rb index e60716d46d7..98102fcd6a7 100644 --- a/spec/requests/api/namespaces_spec.rb +++ b/spec/requests/api/namespaces_spec.rb @@ -91,4 +91,127 @@ describe API::Namespaces do end end end + + describe 'GET /namespaces/:id' do + let(:owned_group) { group1 } + let(:user2) { create(:user) } + + shared_examples 'can access namespace' do + it 'returns namespace details' do + get api("/namespaces/#{namespace_id}", request_actor) + + expect(response).to have_gitlab_http_status(200) + + expect(json_response['id']).to eq(requested_namespace.id) + expect(json_response['path']).to eq(requested_namespace.path) + expect(json_response['name']).to eq(requested_namespace.name) + end + end + + shared_examples 'namespace reader' do + let(:requested_namespace) { owned_group } + + before do + owned_group.add_owner(request_actor) + end + + context 'when namespace exists' do + context 'when requested by ID' do + context 'when requesting group' do + let(:namespace_id) { owned_group.id } + + it_behaves_like 'can access namespace' + end + + context 'when requesting personal namespace' do + let(:namespace_id) { request_actor.namespace.id } + let(:requested_namespace) { request_actor.namespace } + + it_behaves_like 'can access namespace' + end + end + + context 'when requested by path' do + context 'when requesting group' do + let(:namespace_id) { owned_group.path } + + it_behaves_like 'can access namespace' + end + + context 'when requesting personal namespace' do + let(:namespace_id) { request_actor.namespace.path } + let(:requested_namespace) { request_actor.namespace } + + it_behaves_like 'can access namespace' + end + end + end + + context "when namespace doesn't exist" do + it 'returns not-found' do + get api('/namespaces/9999', request_actor) + + expect(response).to have_gitlab_http_status(404) + end + end + end + + context 'when unauthenticated' do + it 'returns authentication error' do + get api("/namespaces/#{group1.id}") + + expect(response).to have_gitlab_http_status(401) + end + end + + context 'when authenticated as regular user' do + let(:request_actor) { user } + + context 'when requested namespace is not owned by user' do + context 'when requesting group' do + it 'returns not-found' do + get api("/namespaces/#{group2.id}", request_actor) + + expect(response).to have_gitlab_http_status(404) + end + end + + context 'when requesting personal namespace' do + it 'returns not-found' do + get api("/namespaces/#{user2.namespace.id}", request_actor) + + expect(response).to have_gitlab_http_status(404) + end + end + end + + context 'when requested namespace is owned by user' do + it_behaves_like 'namespace reader' + end + end + + context 'when authenticated as admin' do + let(:request_actor) { admin } + + context 'when requested namespace is not owned by user' do + context 'when requesting group' do + let(:namespace_id) { group2.id } + let(:requested_namespace) { group2 } + + it_behaves_like 'can access namespace' + end + + context 'when requesting personal namespace' do + let(:namespace_id) { user2.namespace.id } + let(:requested_namespace) { user2.namespace } + + it_behaves_like 'can access namespace' + end + end + + context 'when requested namespace is owned by user' do + it_behaves_like 'namespace reader' + end + end + end end diff --git a/spec/requests/api/notes_spec.rb b/spec/requests/api/notes_spec.rb index 784070db173..3bfb4c5506f 100644 --- a/spec/requests/api/notes_spec.rb +++ b/spec/requests/api/notes_spec.rb @@ -34,6 +34,48 @@ describe API::Notes do describe "GET /projects/:id/noteable/:noteable_id/notes" do context "when noteable is an Issue" do + context 'sorting' do + before do + create_list(:note, 3, noteable: issue, project: project, author: user) + end + + it 'sorts by created_at in descending order by default' do + get api("/projects/#{project.id}/issues/#{issue.iid}/notes", user) + + response_dates = json_response.map { |noteable| noteable['created_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort.reverse) + end + + it 'sorts by ascending order when requested' do + get api("/projects/#{project.id}/issues/#{issue.iid}/notes?sort=asc", user) + + response_dates = json_response.map { |noteable| noteable['created_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort) + end + + it 'sorts by updated_at in descending order when requested' do + get api("/projects/#{project.id}/issues/#{issue.iid}/notes?order_by=updated_at", user) + + response_dates = json_response.map { |noteable| noteable['updated_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort.reverse) + end + + it 'sorts by updated_at in ascending order when requested' do + get api("/projects/#{project.id}/issues/#{issue.iid}/notes??order_by=updated_at&sort=asc", user) + + response_dates = json_response.map { |noteable| noteable['updated_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort) + end + end + it "returns an array of issue notes" do get api("/projects/#{project.id}/issues/#{issue.iid}/notes", user) @@ -85,6 +127,47 @@ describe API::Notes do end context "when noteable is a Snippet" do + context 'sorting' do + before do + create_list(:note, 3, noteable: snippet, project: project, author: user) + end + + it 'sorts by created_at in descending order by default' do + get api("/projects/#{project.id}/snippets/#{snippet.id}/notes", user) + + response_dates = json_response.map { |noteable| noteable['created_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort.reverse) + end + + it 'sorts by ascending order when requested' do + get api("/projects/#{project.id}/snippets/#{snippet.id}/notes?sort=asc", user) + + response_dates = json_response.map { |noteable| noteable['created_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort) + end + + it 'sorts by updated_at in descending order when requested' do + get api("/projects/#{project.id}/snippets/#{snippet.id}/notes?order_by=updated_at", user) + + response_dates = json_response.map { |noteable| noteable['updated_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort.reverse) + end + + it 'sorts by updated_at in ascending order when requested' do + get api("/projects/#{project.id}/snippets/#{snippet.id}/notes??order_by=updated_at&sort=asc", user) + + response_dates = json_response.map { |noteable| noteable['updated_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort) + end + end it "returns an array of snippet notes" do get api("/projects/#{project.id}/snippets/#{snippet.id}/notes", user) @@ -108,6 +191,47 @@ describe API::Notes do end context "when noteable is a Merge Request" do + context 'sorting' do + before do + create_list(:note, 3, noteable: merge_request, project: project, author: user) + end + + it 'sorts by created_at in descending order by default' do + get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/notes", user) + + response_dates = json_response.map { |noteable| noteable['created_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort.reverse) + end + + it 'sorts by ascending order when requested' do + get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/notes?sort=asc", user) + + response_dates = json_response.map { |noteable| noteable['created_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort) + end + + it 'sorts by updated_at in descending order when requested' do + get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/notes?order_by=updated_at", user) + + response_dates = json_response.map { |noteable| noteable['updated_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort.reverse) + end + + it 'sorts by updated_at in ascending order when requested' do + get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/notes??order_by=updated_at&sort=asc", user) + + response_dates = json_response.map { |noteable| noteable['updated_at'] } + + expect(json_response.length).to eq(4) + expect(response_dates).to eq(response_dates.sort) + end + end it "returns an array of merge_requests notes" do get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/notes", user) diff --git a/spec/requests/api/pages_domains_spec.rb b/spec/requests/api/pages_domains_spec.rb index d13b3a958c9..d412b045e9f 100644 --- a/spec/requests/api/pages_domains_spec.rb +++ b/spec/requests/api/pages_domains_spec.rb @@ -3,6 +3,7 @@ require 'rails_helper' describe API::PagesDomains do set(:project) { create(:project) } set(:user) { create(:user) } + set(:admin) { create(:admin) } set(:pages_domain) { create(:pages_domain, domain: 'www.domain.test', project: project) } set(:pages_domain_secure) { create(:pages_domain, :with_certificate, :with_key, domain: 'ssl.domain.test', project: project) } @@ -23,12 +24,49 @@ describe API::PagesDomains do allow(Gitlab.config.pages).to receive(:enabled).and_return(true) end + describe 'GET /pages/domains' do + context 'when pages is disabled' do + before do + allow(Gitlab.config.pages).to receive(:enabled).and_return(false) + end + + it_behaves_like '404 response' do + let(:request) { get api('/pages/domains', admin) } + end + end + + context 'when pages is enabled' do + context 'when authenticated as an admin' do + it 'returns paginated all pages domains' do + get api('/pages/domains', admin) + + expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/pages_domain_basics') + expect(response).to include_pagination_headers + expect(json_response).to be_an Array + expect(json_response.size).to eq(3) + expect(json_response.last).to have_key('domain') + expect(json_response.last).to have_key('certificate_expiration') + expect(json_response.last['certificate_expiration']['expired']).to be true + expect(json_response.first).not_to have_key('certificate_expiration') + end + end + + context 'when authenticated as a non-member' do + it_behaves_like '403 response' do + let(:request) { get api('/pages/domains', user) } + end + end + end + end + describe 'GET /projects/:project_id/pages/domains' do shared_examples_for 'get pages domains' do it 'returns paginated pages domains' do get api(route, user) expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/pages_domains') expect(response).to include_pagination_headers expect(json_response).to be_an Array expect(json_response.size).to eq(3) @@ -99,6 +137,7 @@ describe API::PagesDomains do get api(route_domain, user) expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/pages_domain/detail') expect(json_response['domain']).to eq(pages_domain.domain) expect(json_response['url']).to eq(pages_domain.url) expect(json_response['certificate']).to be_nil @@ -108,6 +147,7 @@ describe API::PagesDomains do get api(route_secure_domain, user) expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/pages_domain/detail') expect(json_response['domain']).to eq(pages_domain_secure.domain) expect(json_response['url']).to eq(pages_domain_secure.url) expect(json_response['certificate']['subject']).to eq(pages_domain_secure.subject) @@ -118,6 +158,7 @@ describe API::PagesDomains do get api(route_expired_domain, user) expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/pages_domain/detail') expect(json_response['certificate']['expired']).to be true end end @@ -187,6 +228,7 @@ describe API::PagesDomains do pages_domain = PagesDomain.find_by(domain: json_response['domain']) expect(response).to have_gitlab_http_status(201) + expect(response).to match_response_schema('public_api/v4/pages_domain/detail') expect(pages_domain.domain).to eq(params[:domain]) expect(pages_domain.certificate).to be_nil expect(pages_domain.key).to be_nil @@ -197,6 +239,7 @@ describe API::PagesDomains do pages_domain = PagesDomain.find_by(domain: json_response['domain']) expect(response).to have_gitlab_http_status(201) + expect(response).to match_response_schema('public_api/v4/pages_domain/detail') expect(pages_domain.domain).to eq(params_secure[:domain]) expect(pages_domain.certificate).to eq(params_secure[:certificate]) expect(pages_domain.key).to eq(params_secure[:key]) @@ -270,6 +313,7 @@ describe API::PagesDomains do pages_domain_secure.reload expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/pages_domain/detail') expect(pages_domain_secure.certificate).to be_nil expect(pages_domain_secure.key).to be_nil end @@ -279,6 +323,7 @@ describe API::PagesDomains do pages_domain.reload expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/pages_domain/detail') expect(pages_domain.certificate).to eq(params_secure[:certificate]) expect(pages_domain.key).to eq(params_secure[:key]) end @@ -288,6 +333,7 @@ describe API::PagesDomains do pages_domain_expired.reload expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/pages_domain/detail') expect(pages_domain_expired.certificate).to eq(params_secure[:certificate]) expect(pages_domain_expired.key).to eq(params_secure[:key]) end @@ -297,6 +343,7 @@ describe API::PagesDomains do pages_domain_secure.reload expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/pages_domain/detail') expect(pages_domain_secure.certificate).to eq(params_secure_nokey[:certificate]) end diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb index abe367d4e11..a41345da05b 100644 --- a/spec/requests/api/projects_spec.rb +++ b/spec/requests/api/projects_spec.rb @@ -50,6 +50,12 @@ describe API::Projects do expect(json_response).to be_an Array expect(json_response.map { |p| p['id'] }).to contain_exactly(*projects.map(&:id)) end + + it 'returns the proper security headers' do + get api('/projects', current_user), filter + + expect(response).to include_security_headers + end end shared_examples_for 'projects response without N + 1 queries' do @@ -431,6 +437,7 @@ describe API::Projects do project.each_pair do |k, v| next if %i[has_external_issue_tracker issues_enabled merge_requests_enabled wiki_enabled].include?(k) + expect(json_response[k.to_s]).to eq(v) end @@ -637,6 +644,7 @@ describe API::Projects do expect(response).to have_gitlab_http_status(201) project.each_pair do |k, v| next if %i[has_external_issue_tracker path].include?(k) + expect(json_response[k.to_s]).to eq(v) end end diff --git a/spec/requests/api/protected_branches_spec.rb b/spec/requests/api/protected_branches_spec.rb index 07d7f96bd70..10e6a3c07c8 100644 --- a/spec/requests/api/protected_branches_spec.rb +++ b/spec/requests/api/protected_branches_spec.rb @@ -95,6 +95,12 @@ describe API::ProtectedBranches do describe 'POST /projects/:id/protected_branches' do let(:branch_name) { 'new_branch' } + let(:post_endpoint) { api("/projects/#{project.id}/protected_branches", user) } + + def expect_protection_to_be_successful + expect(response).to have_gitlab_http_status(201) + expect(json_response['name']).to eq(branch_name) + end context 'when authenticated as a master' do before do @@ -102,7 +108,7 @@ describe API::ProtectedBranches do end it 'protects a single branch' do - post api("/projects/#{project.id}/protected_branches", user), name: branch_name + post post_endpoint, name: branch_name expect(response).to have_gitlab_http_status(201) expect(json_response['name']).to eq(branch_name) @@ -111,8 +117,7 @@ describe API::ProtectedBranches do end it 'protects a single branch and developers can push' do - post api("/projects/#{project.id}/protected_branches", user), - name: branch_name, push_access_level: 30 + post post_endpoint, name: branch_name, push_access_level: 30 expect(response).to have_gitlab_http_status(201) expect(json_response['name']).to eq(branch_name) @@ -121,8 +126,7 @@ describe API::ProtectedBranches do end it 'protects a single branch and developers can merge' do - post api("/projects/#{project.id}/protected_branches", user), - name: branch_name, merge_access_level: 30 + post post_endpoint, name: branch_name, merge_access_level: 30 expect(response).to have_gitlab_http_status(201) expect(json_response['name']).to eq(branch_name) @@ -131,8 +135,7 @@ describe API::ProtectedBranches do end it 'protects a single branch and developers can push and merge' do - post api("/projects/#{project.id}/protected_branches", user), - name: branch_name, push_access_level: 30, merge_access_level: 30 + post post_endpoint, name: branch_name, push_access_level: 30, merge_access_level: 30 expect(response).to have_gitlab_http_status(201) expect(json_response['name']).to eq(branch_name) @@ -141,8 +144,7 @@ describe API::ProtectedBranches do end it 'protects a single branch and no one can push' do - post api("/projects/#{project.id}/protected_branches", user), - name: branch_name, push_access_level: 0 + post post_endpoint, name: branch_name, push_access_level: 0 expect(response).to have_gitlab_http_status(201) expect(json_response['name']).to eq(branch_name) @@ -151,8 +153,7 @@ describe API::ProtectedBranches do end it 'protects a single branch and no one can merge' do - post api("/projects/#{project.id}/protected_branches", user), - name: branch_name, merge_access_level: 0 + post post_endpoint, name: branch_name, merge_access_level: 0 expect(response).to have_gitlab_http_status(201) expect(json_response['name']).to eq(branch_name) @@ -161,8 +162,7 @@ describe API::ProtectedBranches do end it 'protects a single branch and no one can push or merge' do - post api("/projects/#{project.id}/protected_branches", user), - name: branch_name, push_access_level: 0, merge_access_level: 0 + post post_endpoint, name: branch_name, push_access_level: 0, merge_access_level: 0 expect(response).to have_gitlab_http_status(201) expect(json_response['name']).to eq(branch_name) @@ -171,7 +171,8 @@ describe API::ProtectedBranches do end it 'returns a 409 error if the same branch is protected twice' do - post api("/projects/#{project.id}/protected_branches", user), name: protected_name + post post_endpoint, name: protected_name + expect(response).to have_gitlab_http_status(409) end @@ -179,10 +180,9 @@ describe API::ProtectedBranches do let(:branch_name) { 'feature/*' } it "protects multiple branches with a wildcard in the name" do - post api("/projects/#{project.id}/protected_branches", user), name: branch_name + post post_endpoint, name: branch_name - expect(response).to have_gitlab_http_status(201) - expect(json_response['name']).to eq(branch_name) + expect_protection_to_be_successful expect(json_response['push_access_levels'][0]['access_level']).to eq(Gitlab::Access::MASTER) expect(json_response['merge_access_levels'][0]['access_level']).to eq(Gitlab::Access::MASTER) end @@ -195,7 +195,7 @@ describe API::ProtectedBranches do end it "returns a 403 error if guest" do - post api("/projects/#{project.id}/protected_branches/", user), name: branch_name + post post_endpoint, name: branch_name expect(response).to have_gitlab_http_status(403) end diff --git a/spec/requests/api/runner_spec.rb b/spec/requests/api/runner_spec.rb index 671b988ec91..3406b17401f 100644 --- a/spec/requests/api/runner_spec.rb +++ b/spec/requests/api/runner_spec.rb @@ -947,7 +947,7 @@ describe API::Runner do context 'when artifacts are being stored inside of tmp path' do before do # by configuring this path we allow to pass temp file from any path - allow(ArtifactUploader).to receive(:artifacts_upload_path).and_return('/') + allow(JobArtifactUploader).to receive(:artifacts_upload_path).and_return('/') end context 'when job has been erased' do @@ -987,15 +987,6 @@ describe API::Runner do it_behaves_like 'successful artifacts upload' end - context 'when updates artifact' do - before do - upload_artifacts(file_upload2, headers_with_token) - upload_artifacts(file_upload, headers_with_token) - end - - it_behaves_like 'successful artifacts upload' - end - context 'when using runners token' do it 'responds with forbidden' do upload_artifacts(file_upload, headers.merge(API::Helpers::Runner::JOB_TOKEN_HEADER => job.project.runners_token)) @@ -1108,7 +1099,7 @@ describe API::Runner do expect(response).to have_gitlab_http_status(201) expect(stored_artifacts_file.original_filename).to eq(artifacts.original_filename) expect(stored_metadata_file.original_filename).to eq(metadata.original_filename) - expect(stored_artifacts_size).to eq(71759) + expect(stored_artifacts_size).to eq(72821) end end @@ -1133,7 +1124,7 @@ describe API::Runner do # by configuring this path we allow to pass file from @tmpdir only # but all temporary files are stored in system tmp directory @tmpdir = Dir.mktmpdir - allow(ArtifactUploader).to receive(:artifacts_upload_path).and_return(@tmpdir) + allow(JobArtifactUploader).to receive(:artifacts_upload_path).and_return(@tmpdir) end after do diff --git a/spec/requests/api/runners_spec.rb b/spec/requests/api/runners_spec.rb index fe38a7b3251..ec5cad4f4fd 100644 --- a/spec/requests/api/runners_spec.rb +++ b/spec/requests/api/runners_spec.rb @@ -354,6 +354,140 @@ describe API::Runners do end end + describe 'GET /runners/:id/jobs' do + set(:job_1) { create(:ci_build) } + let!(:job_2) { create(:ci_build, :running, runner: shared_runner, project: project) } + let!(:job_3) { create(:ci_build, :failed, runner: shared_runner, project: project) } + let!(:job_4) { create(:ci_build, :running, runner: specific_runner, project: project) } + let!(:job_5) { create(:ci_build, :failed, runner: specific_runner, project: project) } + + context 'admin user' do + context 'when runner exists' do + context 'when runner is shared' do + it 'return jobs' do + get api("/runners/#{shared_runner.id}/jobs", admin) + + expect(response).to have_gitlab_http_status(200) + expect(response).to include_pagination_headers + + expect(json_response).to be_an(Array) + expect(json_response.length).to eq(2) + end + end + + context 'when runner is specific' do + it 'return jobs' do + get api("/runners/#{specific_runner.id}/jobs", admin) + + expect(response).to have_gitlab_http_status(200) + expect(response).to include_pagination_headers + + expect(json_response).to be_an(Array) + expect(json_response.length).to eq(2) + end + end + + context 'when valid status is provided' do + it 'return filtered jobs' do + get api("/runners/#{specific_runner.id}/jobs?status=failed", admin) + + expect(response).to have_gitlab_http_status(200) + expect(response).to include_pagination_headers + + expect(json_response).to be_an(Array) + expect(json_response.length).to eq(1) + expect(json_response.first).to include('id' => job_5.id) + end + end + + context 'when invalid status is provided' do + it 'return 400' do + get api("/runners/#{specific_runner.id}/jobs?status=non-existing", admin) + + expect(response).to have_gitlab_http_status(400) + end + end + end + + context "when runner doesn't exist" do + it 'returns 404' do + get api('/runners/9999/jobs', admin) + + expect(response).to have_gitlab_http_status(404) + end + end + end + + context "runner project's administrative user" do + context 'when runner exists' do + context 'when runner is shared' do + it 'returns 403' do + get api("/runners/#{shared_runner.id}/jobs", user) + + expect(response).to have_gitlab_http_status(403) + end + end + + context 'when runner is specific' do + it 'return jobs' do + get api("/runners/#{specific_runner.id}/jobs", user) + + expect(response).to have_gitlab_http_status(200) + expect(response).to include_pagination_headers + + expect(json_response).to be_an(Array) + expect(json_response.length).to eq(2) + end + end + + context 'when valid status is provided' do + it 'return filtered jobs' do + get api("/runners/#{specific_runner.id}/jobs?status=failed", user) + + expect(response).to have_gitlab_http_status(200) + expect(response).to include_pagination_headers + + expect(json_response).to be_an(Array) + expect(json_response.length).to eq(1) + expect(json_response.first).to include('id' => job_5.id) + end + end + + context 'when invalid status is provided' do + it 'return 400' do + get api("/runners/#{specific_runner.id}/jobs?status=non-existing", user) + + expect(response).to have_gitlab_http_status(400) + end + end + end + + context "when runner doesn't exist" do + it 'returns 404' do + get api('/runners/9999/jobs', user) + + expect(response).to have_gitlab_http_status(404) + end + end + end + + context 'other authorized user' do + it 'does not return jobs' do + get api("/runners/#{specific_runner.id}/jobs", user2) + + expect(response).to have_gitlab_http_status(403) + end + end + + context 'unauthorized user' do + it 'does not return jobs' do + get api("/runners/#{specific_runner.id}/jobs") + + expect(response).to have_gitlab_http_status(401) + end + end + end + describe 'GET /projects/:id/runners' do context 'authorized user with master privileges' do it "returns project's runners" do diff --git a/spec/requests/api/services_spec.rb b/spec/requests/api/services_spec.rb index dfe48e45d49..ba697e2b305 100644 --- a/spec/requests/api/services_spec.rb +++ b/spec/requests/api/services_spec.rb @@ -175,4 +175,25 @@ describe API::Services do end end end + + describe 'Mattermost service' do + let(:service_name) { 'mattermost' } + let(:params) do + { webhook: 'https://hook.example.com', username: 'username' } + end + + before do + project.create_mattermost_service( + active: true, + properties: params + ) + end + + it 'accepts a username for update' do + put api("/projects/#{project.id}/services/mattermost", user), params.merge(username: 'new_username') + + expect(response).to have_gitlab_http_status(200) + expect(json_response['properties']['username']).to eq('new_username') + end + end end diff --git a/spec/requests/api/settings_spec.rb b/spec/requests/api/settings_spec.rb index 5d3e78dd7c8..015d4b9a491 100644 --- a/spec/requests/api/settings_spec.rb +++ b/spec/requests/api/settings_spec.rb @@ -10,7 +10,7 @@ describe API::Settings, 'Settings' do expect(response).to have_gitlab_http_status(200) expect(json_response).to be_an Hash expect(json_response['default_projects_limit']).to eq(42) - expect(json_response['password_authentication_enabled']).to be_truthy + expect(json_response['password_authentication_enabled_for_web']).to be_truthy expect(json_response['repository_storages']).to eq(['default']) expect(json_response['koding_enabled']).to be_falsey expect(json_response['koding_url']).to be_nil @@ -37,7 +37,7 @@ describe API::Settings, 'Settings' do it "updates application settings" do put api("/application/settings", admin), default_projects_limit: 3, - password_authentication_enabled: false, + password_authentication_enabled_for_web: false, repository_storages: ['custom'], koding_enabled: true, koding_url: 'http://koding.example.com', @@ -54,11 +54,11 @@ describe API::Settings, 'Settings' do dsa_key_restriction: 2048, ecdsa_key_restriction: 384, ed25519_key_restriction: 256, - circuitbreaker_failure_wait_time: 2 + circuitbreaker_check_interval: 2 expect(response).to have_gitlab_http_status(200) expect(json_response['default_projects_limit']).to eq(3) - expect(json_response['password_authentication_enabled']).to be_falsey + expect(json_response['password_authentication_enabled_for_web']).to be_falsey expect(json_response['repository_storages']).to eq(['custom']) expect(json_response['koding_enabled']).to be_truthy expect(json_response['koding_url']).to eq('http://koding.example.com') @@ -75,7 +75,7 @@ describe API::Settings, 'Settings' do expect(json_response['dsa_key_restriction']).to eq(2048) expect(json_response['ecdsa_key_restriction']).to eq(384) expect(json_response['ed25519_key_restriction']).to eq(256) - expect(json_response['circuitbreaker_failure_wait_time']).to eq(2) + expect(json_response['circuitbreaker_check_interval']).to eq(2) end end diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index 2aeae6f9ec7..2428e63e149 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -510,6 +510,14 @@ describe API::Users do expect(user.reload.notification_email).to eq('new@email.com') end + it 'skips reconfirmation when requested' do + put api("/users/#{user.id}", admin), { skip_reconfirmation: true } + + user.reload + + expect(user.confirmed_at).to be_present + end + it 'updates user with his own username' do put api("/users/#{user.id}", admin), username: user.username diff --git a/spec/requests/api/v3/builds_spec.rb b/spec/requests/api/v3/builds_spec.rb index 3b7d99b84b0..266ae654227 100644 --- a/spec/requests/api/v3/builds_spec.rb +++ b/spec/requests/api/v3/builds_spec.rb @@ -435,6 +435,8 @@ describe API::V3::Builds do describe 'POST /projects/:id/builds/:build_id/erase' do before do + project.add_master(user) + post v3_api("/projects/#{project.id}/builds/#{build.id}/erase", user) end diff --git a/spec/requests/api/v3/merge_requests_spec.rb b/spec/requests/api/v3/merge_requests_spec.rb index 91897e5ee01..2e2b9449429 100644 --- a/spec/requests/api/v3/merge_requests_spec.rb +++ b/spec/requests/api/v3/merge_requests_spec.rb @@ -314,7 +314,7 @@ describe API::MergeRequests do context 'forked projects' do let!(:user2) { create(:user) } - let!(:forked_project) { fork_project(project, user2) } + let!(:forked_project) { fork_project(project, user2, repository: true) } let!(:unrelated_project) { create(:project, namespace: create(:user).namespace, creator_id: user2.id) } before do diff --git a/spec/requests/api/v3/projects_spec.rb b/spec/requests/api/v3/projects_spec.rb index f62ad747c73..27288b98d1c 100644 --- a/spec/requests/api/v3/projects_spec.rb +++ b/spec/requests/api/v3/projects_spec.rb @@ -404,6 +404,7 @@ describe API::V3::Projects do project.each_pair do |k, v| next if %i[has_external_issue_tracker issues_enabled merge_requests_enabled wiki_enabled].include?(k) + expect(json_response[k.to_s]).to eq(v) end @@ -547,6 +548,7 @@ describe API::V3::Projects do expect(response).to have_gitlab_http_status(201) project.each_pair do |k, v| next if %i[has_external_issue_tracker path].include?(k) + expect(json_response[k.to_s]).to eq(v) end end diff --git a/spec/requests/api/v3/settings_spec.rb b/spec/requests/api/v3/settings_spec.rb index 25fa0a8aabd..985bfbfa09c 100644 --- a/spec/requests/api/v3/settings_spec.rb +++ b/spec/requests/api/v3/settings_spec.rb @@ -28,11 +28,11 @@ describe API::V3::Settings, 'Settings' do it "updates application settings" do put v3_api("/application/settings", admin), - default_projects_limit: 3, password_authentication_enabled: false, repository_storage: 'custom', koding_enabled: true, koding_url: 'http://koding.example.com', + default_projects_limit: 3, password_authentication_enabled_for_web: false, repository_storage: 'custom', koding_enabled: true, koding_url: 'http://koding.example.com', plantuml_enabled: true, plantuml_url: 'http://plantuml.example.com' expect(response).to have_gitlab_http_status(200) expect(json_response['default_projects_limit']).to eq(3) - expect(json_response['password_authentication_enabled']).to be_falsey + expect(json_response['password_authentication_enabled_for_web']).to be_falsey expect(json_response['repository_storage']).to eq('custom') expect(json_response['repository_storages']).to eq(['custom']) expect(json_response['koding_enabled']).to be_truthy |