diff options
| author | Bob Van Landuyt <bob@vanlanduyt.co> | 2018-07-11 17:26:00 +0200 |
|---|---|---|
| committer | Bob Van Landuyt <bob@vanlanduyt.co> | 2018-07-12 12:14:54 +0200 |
| commit | b7ffc097fbb61972e150a6d48cbe9e5194aed11b (patch) | |
| tree | 5ce53ec32d98dadaf58951f8f9b064276b200a41 /spec/requests | |
| parent | 3a77664d1a550cfbedc92068926e4adae9c82b87 (diff) | |
| download | gitlab-ce-b7ffc097fbb61972e150a6d48cbe9e5194aed11b.tar.gz | |
Allow collaboration with forks through the API
These APIs are used by the web IDE.
They need to be on par with git & web access, allowing edits from
maintainers to forks with merge requests that allow access.
Diffstat (limited to 'spec/requests')
| -rw-r--r-- | spec/requests/api/commits_spec.rb | 54 |
1 files changed, 52 insertions, 2 deletions
diff --git a/spec/requests/api/commits_spec.rb b/spec/requests/api/commits_spec.rb index 113703fac38..246947e58a8 100644 --- a/spec/requests/api/commits_spec.rb +++ b/spec/requests/api/commits_spec.rb @@ -514,6 +514,38 @@ describe API::Commits do expect(response).to have_gitlab_http_status(400) end end + + context 'when committing into a fork as a maintainer' do + include_context 'merge request allowing collaboration' + + let(:project_id) { forked_project.id } + + def push_params(branch_name) + { + branch: branch_name, + commit_message: 'Hello world', + actions: [ + { + action: 'create', + file_path: 'foo/bar/baz.txt', + content: 'puts 8' + } + ] + } + end + + it 'allows pushing to the source branch of the merge request' do + post api(url, user), push_params('feature') + + expect(response).to have_gitlab_http_status(:created) + end + + it 'denies pushing to another branch' do + post api(url, user), push_params('other-branch') + + expect(response).to have_gitlab_http_status(:forbidden) + end + end end describe 'GET /projects/:id/repository/commits/:sha/refs' do @@ -1065,11 +1097,29 @@ describe API::Commits do it 'returns 400 if you are not allowed to push to the target branch' do post api(route, current_user), branch: 'feature' - expect(response).to have_gitlab_http_status(400) - expect(json_response['message']).to eq('You are not allowed to push into this branch') + expect(response).to have_gitlab_http_status(:forbidden) + expect(json_response['message']).to match(/You are not allowed to push into this branch/) end end end + + context 'when cherry picking to a fork as a maintainer' do + include_context 'merge request allowing collaboration' + + let(:project_id) { forked_project.id } + + it 'allows access from a maintainer that to the source branch' do + post api(route, user), branch: 'feature' + + expect(response).to have_gitlab_http_status(:created) + end + + it 'denies cherry picking to another branch' do + post api(route, user), branch: 'master' + + expect(response).to have_gitlab_http_status(:forbidden) + end + end end describe 'POST /projects/:id/repository/commits/:sha/comments' do |