summaryrefslogtreecommitdiff
path: root/spec/requests/api
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-04-01 12:08:00 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-04-01 12:08:00 +0000
commit1a0d6dbdc2ac3047f4953a359ef27ba6e26074ae (patch)
treeddb78a8a0d1350dc767f049a21e0f7d37edaa82c /spec/requests/api
parentb11f7057d067885619ee3e513751f180b2e8ad85 (diff)
downloadgitlab-ce-1a0d6dbdc2ac3047f4953a359ef27ba6e26074ae.tar.gz
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/requests/api')
-rw-r--r--spec/requests/api/merge_requests_spec.rb46
-rw-r--r--spec/requests/api/runner_spec.rb13
-rw-r--r--spec/requests/api/terraform/state_spec.rb97
3 files changed, 138 insertions, 18 deletions
diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb
index 5440e187ba9..403e182ad99 100644
--- a/spec/requests/api/merge_requests_spec.rb
+++ b/spec/requests/api/merge_requests_spec.rb
@@ -526,12 +526,48 @@ describe API::MergeRequests do
expect_response_contain_exactly(merge_request3.id)
end
- it 'returns an array of merge requests authored by the given user' do
- merge_request3 = create(:merge_request, :simple, author: user2, assignees: [user], source_project: project2, target_project: project2, source_branch: 'other-branch')
+ context 'filter by author' do
+ let(:user3) { create(:user) }
+ let(:project) { create(:project, :public, :repository, creator: user3, namespace: user3.namespace, only_allow_merge_if_pipeline_succeeds: false) }
+ let!(:merge_request3) do
+ create(:merge_request, :simple, author: user3, assignees: [user3], source_project: project, target_project: project, source_branch: 'other-branch')
+ end
- get api('/merge_requests', user), params: { author_id: user2.id, scope: :all }
+ context 'when only `author_id` is passed' do
+ it 'returns an array of merge requests authored by the given user' do
+ get api('/merge_requests', user), params: {
+ author_id: user3.id,
+ scope: :all
+ }
- expect_response_contain_exactly(merge_request3.id)
+ expect_response_contain_exactly(merge_request3.id)
+ end
+ end
+
+ context 'when only `author_username` is passed' do
+ it 'returns an array of merge requests authored by the given user(by `author_username`)' do
+ get api('/merge_requests', user), params: {
+ author_username: user3.username,
+ scope: :all
+ }
+
+ expect_response_contain_exactly(merge_request3.id)
+ end
+ end
+
+ context 'when both `author_id` and `author_username` are passed' do
+ it 'returns a 400' do
+ get api('/merge_requests', user), params: {
+ author_id: user.id,
+ author_username: user2.username,
+ scope: :all
+ }
+
+ expect(response).to have_gitlab_http_status(:bad_request)
+ expect(json_response['error']).to eq(
+ 'author_id, author_username are mutually exclusive')
+ end
+ end
end
it 'returns an array of merge requests assigned to the given user' do
@@ -1525,7 +1561,7 @@ describe API::MergeRequests do
it "returns 400 when target_branch is missing" do
post api("/projects/#{forked_project.id}/merge_requests", user2),
- params: { title: 'Test merge_request', target_branch: "master", author: user2, target_project_id: project.id }
+ params: { title: 'Test merge_request', source_branch: "master", author: user2, target_project_id: project.id }
expect(response).to have_gitlab_http_status(:bad_request)
end
diff --git a/spec/requests/api/runner_spec.rb b/spec/requests/api/runner_spec.rb
index d05d886bf85..a67c1a48ad4 100644
--- a/spec/requests/api/runner_spec.rb
+++ b/spec/requests/api/runner_spec.rb
@@ -1349,19 +1349,6 @@ describe API::Runner, :clean_gitlab_redis_shared_state do
expect(response.header['X-GitLab-Trace-Update-Interval']).to eq('30')
end
end
-
- context 'when feature flag runner_job_trace_update_interval_header is disabled' do
- before do
- stub_feature_flags(runner_job_trace_update_interval_header: { enabled: false })
- end
-
- it 'does not return X-GitLab-Trace-Update-Interval header' do
- patch_the_trace
-
- expect(response).to have_gitlab_http_status(:accepted)
- expect(response.header).not_to have_key 'X-GitLab-Trace-Update-Interval'
- end
- end
end
context 'when Runner makes a force-patch' do
diff --git a/spec/requests/api/terraform/state_spec.rb b/spec/requests/api/terraform/state_spec.rb
new file mode 100644
index 00000000000..b0a963db684
--- /dev/null
+++ b/spec/requests/api/terraform/state_spec.rb
@@ -0,0 +1,97 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe API::Terraform::State do
+ def auth_header_for(user)
+ auth_header = ActionController::HttpAuthentication::Basic.encode_credentials(
+ user.username,
+ create(:personal_access_token, user: user).token
+ )
+ { 'HTTP_AUTHORIZATION' => auth_header }
+ end
+
+ let!(:project) { create(:project) }
+ let(:developer) { create(:user) }
+ let(:maintainer) { create(:user) }
+ let(:state_name) { 'state' }
+
+ before do
+ project.add_maintainer(maintainer)
+ end
+
+ describe 'GET /projects/:id/terraform/state/:name' do
+ it 'returns 401 if user is not authenticated' do
+ headers = { 'HTTP_AUTHORIZATION' => 'failing_token' }
+ get api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: headers
+
+ expect(response).to have_gitlab_http_status(:unauthorized)
+ end
+
+ it 'returns terraform state belonging to a project of given state name' do
+ get api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: auth_header_for(maintainer)
+
+ expect(response).to have_gitlab_http_status(:not_implemented)
+ expect(response.body).to eq('not implemented')
+ end
+
+ it 'returns not found if the project does not exists' do
+ get api("/projects/0000/terraform/state/#{state_name}"), headers: auth_header_for(maintainer)
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+
+ it 'returns forbidden if the user cannot access the state' do
+ project.add_developer(developer)
+ get api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: auth_header_for(developer)
+
+ expect(response).to have_gitlab_http_status(:forbidden)
+ end
+ end
+
+ describe 'POST /projects/:id/terraform/state/:name' do
+ context 'when terraform state with a given name is already present' do
+ it 'updates the state' do
+ post api("/projects/#{project.id}/terraform/state/#{state_name}"),
+ params: '{ "instance": "example-instance" }',
+ headers: { 'Content-Type' => 'text/plain' }.merge(auth_header_for(maintainer))
+
+ expect(response).to have_gitlab_http_status(:not_implemented)
+ expect(response.body).to eq('not implemented')
+ end
+
+ it 'returns forbidden if the user cannot access the state' do
+ project.add_developer(developer)
+ get api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: auth_header_for(developer)
+
+ expect(response).to have_gitlab_http_status(:forbidden)
+ end
+ end
+
+ context 'when there is no terraform state of a given name' do
+ it 'creates a new state' do
+ post api("/projects/#{project.id}/terraform/state/example2"),
+ headers: auth_header_for(maintainer),
+ params: '{ "database": "example-database" }'
+
+ expect(response).to have_gitlab_http_status(:not_implemented)
+ expect(response.body).to eq('not implemented')
+ end
+ end
+ end
+
+ describe 'DELETE /projects/:id/terraform/state/:name' do
+ it 'deletes the state' do
+ delete api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: auth_header_for(maintainer)
+
+ expect(response).to have_gitlab_http_status(:not_implemented)
+ end
+
+ it 'returns forbidden if the user cannot access the state' do
+ project.add_developer(developer)
+ get api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: auth_header_for(developer)
+
+ expect(response).to have_gitlab_http_status(:forbidden)
+ end
+ end
+end