diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-01 12:08:00 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-01 12:08:00 +0000 |
| commit | 1a0d6dbdc2ac3047f4953a359ef27ba6e26074ae (patch) | |
| tree | ddb78a8a0d1350dc767f049a21e0f7d37edaa82c /spec/requests/api | |
| parent | b11f7057d067885619ee3e513751f180b2e8ad85 (diff) | |
| download | gitlab-ce-1a0d6dbdc2ac3047f4953a359ef27ba6e26074ae.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/requests/api')
| -rw-r--r-- | spec/requests/api/merge_requests_spec.rb | 46 | ||||
| -rw-r--r-- | spec/requests/api/runner_spec.rb | 13 | ||||
| -rw-r--r-- | spec/requests/api/terraform/state_spec.rb | 97 |
3 files changed, 138 insertions, 18 deletions
diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb index 5440e187ba9..403e182ad99 100644 --- a/spec/requests/api/merge_requests_spec.rb +++ b/spec/requests/api/merge_requests_spec.rb @@ -526,12 +526,48 @@ describe API::MergeRequests do expect_response_contain_exactly(merge_request3.id) end - it 'returns an array of merge requests authored by the given user' do - merge_request3 = create(:merge_request, :simple, author: user2, assignees: [user], source_project: project2, target_project: project2, source_branch: 'other-branch') + context 'filter by author' do + let(:user3) { create(:user) } + let(:project) { create(:project, :public, :repository, creator: user3, namespace: user3.namespace, only_allow_merge_if_pipeline_succeeds: false) } + let!(:merge_request3) do + create(:merge_request, :simple, author: user3, assignees: [user3], source_project: project, target_project: project, source_branch: 'other-branch') + end - get api('/merge_requests', user), params: { author_id: user2.id, scope: :all } + context 'when only `author_id` is passed' do + it 'returns an array of merge requests authored by the given user' do + get api('/merge_requests', user), params: { + author_id: user3.id, + scope: :all + } - expect_response_contain_exactly(merge_request3.id) + expect_response_contain_exactly(merge_request3.id) + end + end + + context 'when only `author_username` is passed' do + it 'returns an array of merge requests authored by the given user(by `author_username`)' do + get api('/merge_requests', user), params: { + author_username: user3.username, + scope: :all + } + + expect_response_contain_exactly(merge_request3.id) + end + end + + context 'when both `author_id` and `author_username` are passed' do + it 'returns a 400' do + get api('/merge_requests', user), params: { + author_id: user.id, + author_username: user2.username, + scope: :all + } + + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response['error']).to eq( + 'author_id, author_username are mutually exclusive') + end + end end it 'returns an array of merge requests assigned to the given user' do @@ -1525,7 +1561,7 @@ describe API::MergeRequests do it "returns 400 when target_branch is missing" do post api("/projects/#{forked_project.id}/merge_requests", user2), - params: { title: 'Test merge_request', target_branch: "master", author: user2, target_project_id: project.id } + params: { title: 'Test merge_request', source_branch: "master", author: user2, target_project_id: project.id } expect(response).to have_gitlab_http_status(:bad_request) end diff --git a/spec/requests/api/runner_spec.rb b/spec/requests/api/runner_spec.rb index d05d886bf85..a67c1a48ad4 100644 --- a/spec/requests/api/runner_spec.rb +++ b/spec/requests/api/runner_spec.rb @@ -1349,19 +1349,6 @@ describe API::Runner, :clean_gitlab_redis_shared_state do expect(response.header['X-GitLab-Trace-Update-Interval']).to eq('30') end end - - context 'when feature flag runner_job_trace_update_interval_header is disabled' do - before do - stub_feature_flags(runner_job_trace_update_interval_header: { enabled: false }) - end - - it 'does not return X-GitLab-Trace-Update-Interval header' do - patch_the_trace - - expect(response).to have_gitlab_http_status(:accepted) - expect(response.header).not_to have_key 'X-GitLab-Trace-Update-Interval' - end - end end context 'when Runner makes a force-patch' do diff --git a/spec/requests/api/terraform/state_spec.rb b/spec/requests/api/terraform/state_spec.rb new file mode 100644 index 00000000000..b0a963db684 --- /dev/null +++ b/spec/requests/api/terraform/state_spec.rb @@ -0,0 +1,97 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe API::Terraform::State do + def auth_header_for(user) + auth_header = ActionController::HttpAuthentication::Basic.encode_credentials( + user.username, + create(:personal_access_token, user: user).token + ) + { 'HTTP_AUTHORIZATION' => auth_header } + end + + let!(:project) { create(:project) } + let(:developer) { create(:user) } + let(:maintainer) { create(:user) } + let(:state_name) { 'state' } + + before do + project.add_maintainer(maintainer) + end + + describe 'GET /projects/:id/terraform/state/:name' do + it 'returns 401 if user is not authenticated' do + headers = { 'HTTP_AUTHORIZATION' => 'failing_token' } + get api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: headers + + expect(response).to have_gitlab_http_status(:unauthorized) + end + + it 'returns terraform state belonging to a project of given state name' do + get api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: auth_header_for(maintainer) + + expect(response).to have_gitlab_http_status(:not_implemented) + expect(response.body).to eq('not implemented') + end + + it 'returns not found if the project does not exists' do + get api("/projects/0000/terraform/state/#{state_name}"), headers: auth_header_for(maintainer) + + expect(response).to have_gitlab_http_status(:not_found) + end + + it 'returns forbidden if the user cannot access the state' do + project.add_developer(developer) + get api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: auth_header_for(developer) + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + describe 'POST /projects/:id/terraform/state/:name' do + context 'when terraform state with a given name is already present' do + it 'updates the state' do + post api("/projects/#{project.id}/terraform/state/#{state_name}"), + params: '{ "instance": "example-instance" }', + headers: { 'Content-Type' => 'text/plain' }.merge(auth_header_for(maintainer)) + + expect(response).to have_gitlab_http_status(:not_implemented) + expect(response.body).to eq('not implemented') + end + + it 'returns forbidden if the user cannot access the state' do + project.add_developer(developer) + get api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: auth_header_for(developer) + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + context 'when there is no terraform state of a given name' do + it 'creates a new state' do + post api("/projects/#{project.id}/terraform/state/example2"), + headers: auth_header_for(maintainer), + params: '{ "database": "example-database" }' + + expect(response).to have_gitlab_http_status(:not_implemented) + expect(response.body).to eq('not implemented') + end + end + end + + describe 'DELETE /projects/:id/terraform/state/:name' do + it 'deletes the state' do + delete api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: auth_header_for(maintainer) + + expect(response).to have_gitlab_http_status(:not_implemented) + end + + it 'returns forbidden if the user cannot access the state' do + project.add_developer(developer) + get api("/projects/#{project.id}/terraform/state/#{state_name}"), headers: auth_header_for(developer) + + expect(response).to have_gitlab_http_status(:forbidden) + end + end +end |