diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-11-18 13:16:36 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-11-18 13:16:36 +0000 |
| commit | 311b0269b4eb9839fa63f80c8d7a58f32b8138a0 (patch) | |
| tree | 07e7870bca8aed6d61fdcc810731c50d2c40af47 /spec/support/shared_examples/requests | |
| parent | 27909cef6c4170ed9205afa7426b8d3de47cbb0c (diff) | |
| download | gitlab-ce-311b0269b4eb9839fa63f80c8d7a58f32b8138a0.tar.gz | |
Add latest changes from gitlab-org/gitlab@14-5-stable-eev14.5.0-rc42
Diffstat (limited to 'spec/support/shared_examples/requests')
12 files changed, 356 insertions, 341 deletions
diff --git a/spec/support/shared_examples/requests/api/debian_common_shared_examples.rb b/spec/support/shared_examples/requests/api/debian_common_shared_examples.rb new file mode 100644 index 00000000000..e0225070986 --- /dev/null +++ b/spec/support/shared_examples/requests/api/debian_common_shared_examples.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +RSpec.shared_examples 'rejects Debian access with unknown container id' do |anonymous_status, auth_method| + context 'with an unknown container' do + let(:container) { double(id: non_existing_record_id) } + + context 'as anonymous' do + it_behaves_like 'Debian packages GET request', anonymous_status, nil + end + + context 'as authenticated user' do + include_context 'Debian repository auth headers', :not_a_member, auth_method do + it_behaves_like 'Debian packages GET request', :not_found, nil + end + end + end +end diff --git a/spec/support/shared_examples/requests/api/debian_distributions_shared_examples.rb b/spec/support/shared_examples/requests/api/debian_distributions_shared_examples.rb new file mode 100644 index 00000000000..5cd63c33936 --- /dev/null +++ b/spec/support/shared_examples/requests/api/debian_distributions_shared_examples.rb @@ -0,0 +1,192 @@ +# frozen_string_literal: true + +RSpec.shared_examples 'Debian distributions GET request' do |status, body = nil| + and_body = body.nil? ? '' : ' and expected body' + + it "returns #{status}#{and_body}" do + subject + + expect(response).to have_gitlab_http_status(status) + + unless body.nil? + expect(response.body).to match(body) + end + end +end + +RSpec.shared_examples 'Debian distributions PUT request' do |status, body| + and_body = body.nil? ? '' : ' and expected body' + + if status == :success + it 'updates distribution', :aggregate_failures do + expect(::Packages::Debian::UpdateDistributionService).to receive(:new).with(distribution, api_params.except(:codename)).and_call_original + + expect { subject } + .to not_change { Packages::Debian::GroupDistribution.all.count + Packages::Debian::ProjectDistribution.all.count } + .and not_change { Packages::Debian::GroupComponent.all.count + Packages::Debian::ProjectComponent.all.count } + .and not_change { Packages::Debian::GroupArchitecture.all.count + Packages::Debian::ProjectArchitecture.all.count } + + expect(response).to have_gitlab_http_status(status) + expect(response.media_type).to eq('application/json') + + unless body.nil? + expect(response.body).to match(body) + end + end + else + it "returns #{status}#{and_body}", :aggregate_failures do + subject + + expect(response).to have_gitlab_http_status(status) + + unless body.nil? + expect(response.body).to match(body) + end + end + end +end + +RSpec.shared_examples 'Debian distributions DELETE request' do |status, body| + and_body = body.nil? ? '' : ' and expected body' + + if status == :success + it 'updates distribution', :aggregate_failures do + expect { subject } + .to change { Packages::Debian::GroupDistribution.all.count + Packages::Debian::ProjectDistribution.all.count }.by(-1) + .and change { Packages::Debian::GroupComponent.all.count + Packages::Debian::ProjectComponent.all.count }.by(-1) + .and change { Packages::Debian::GroupArchitecture.all.count + Packages::Debian::ProjectArchitecture.all.count }.by(-2) + + expect(response).to have_gitlab_http_status(status) + expect(response.media_type).to eq('application/json') + + unless body.nil? + expect(response.body).to match(body) + end + end + else + it "returns #{status}#{and_body}", :aggregate_failures do + subject + + expect(response).to have_gitlab_http_status(status) + + unless body.nil? + expect(response.body).to match(body) + end + end + end +end + +RSpec.shared_examples 'Debian distributions POST request' do |status, body| + and_body = body.nil? ? '' : ' and expected body' + + if status == :created + it 'creates distribution', :aggregate_failures do + expect(::Packages::Debian::CreateDistributionService).to receive(:new).with(container, user, api_params).and_call_original + + expect { subject } + .to change { Packages::Debian::GroupDistribution.all.count + Packages::Debian::ProjectDistribution.all.count }.by(1) + .and change { Packages::Debian::GroupComponent.all.count + Packages::Debian::ProjectComponent.all.count }.by(1) + .and change { Packages::Debian::GroupArchitecture.all.count + Packages::Debian::ProjectArchitecture.all.count }.by(2) + + expect(response).to have_gitlab_http_status(status) + expect(response.media_type).to eq('application/json') + + unless body.nil? + expect(response.body).to match(body) + end + end + else + it "returns #{status}#{and_body}", :aggregate_failures do + subject + + expect(response).to have_gitlab_http_status(status) + + unless body.nil? + expect(response.body).to match(body) + end + end + end +end + +RSpec.shared_examples 'Debian distributions read endpoint' do |desired_behavior, success_status, success_body| + context 'with valid container' do + using RSpec::Parameterized::TableSyntax + + where(:visibility_level, :user_type, :auth_method, :expected_status, :expected_body) do + :public | :guest | :private_token | success_status | success_body + :public | :not_a_member | :private_token | success_status | success_body + :public | :anonymous | :private_token | success_status | success_body + :public | :invalid_token | :private_token | :unauthorized | nil + :private | :developer | :private_token | success_status | success_body + :private | :developer | :basic | :not_found | nil + :private | :guest | :private_token | :forbidden | nil + :private | :not_a_member | :private_token | :not_found | nil + :private | :anonymous | :private_token | :not_found | nil + :private | :invalid_token | :private_token | :unauthorized | nil + end + + with_them do + include_context 'Debian repository access', params[:visibility_level], params[:user_type], params[:auth_method] do + it_behaves_like "Debian distributions #{desired_behavior} request", params[:expected_status], params[:expected_body] + end + end + end + + it_behaves_like 'rejects Debian access with unknown container id', :not_found, :private_token +end + +RSpec.shared_examples 'Debian distributions write endpoint' do |desired_behavior, success_status, success_body| + context 'with valid container' do + using RSpec::Parameterized::TableSyntax + + where(:visibility_level, :user_type, :auth_method, :expected_status, :expected_body) do + :public | :developer | :private_token | success_status | success_body + :public | :developer | :basic | :unauthorized | nil + :public | :guest | :private_token | :forbidden | nil + :public | :not_a_member | :private_token | :forbidden | nil + :public | :anonymous | :private_token | :unauthorized | nil + :public | :invalid_token | :private_token | :unauthorized | nil + :private | :developer | :private_token | success_status | success_body + :private | :guest | :private_token | :forbidden | nil + :private | :not_a_member | :private_token | :not_found | nil + :private | :anonymous | :private_token | :not_found | nil + :private | :invalid_token | :private_token | :unauthorized | nil + end + + with_them do + include_context 'Debian repository access', params[:visibility_level], params[:user_type], params[:auth_method] do + it_behaves_like "Debian distributions #{desired_behavior} request", params[:expected_status], params[:expected_body] + end + end + end + + it_behaves_like 'rejects Debian access with unknown container id', :not_found, :private_token +end + +RSpec.shared_examples 'Debian distributions maintainer write endpoint' do |desired_behavior, success_status, success_body| + context 'with valid container' do + using RSpec::Parameterized::TableSyntax + + where(:visibility_level, :user_type, :auth_method, :expected_status, :expected_body) do + :public | :maintainer | :private_token | success_status | success_body + :public | :maintainer | :basic | :unauthorized | nil + :public | :developer | :private_token | :forbidden | nil + :public | :not_a_member | :private_token | :forbidden | nil + :public | :anonymous | :private_token | :unauthorized | nil + :public | :invalid_token | :private_token | :unauthorized | nil + :private | :maintainer | :private_token | success_status | success_body + :private | :developer | :private_token | :forbidden | nil + :private | :not_a_member | :private_token | :not_found | nil + :private | :anonymous | :private_token | :not_found | nil + :private | :invalid_token | :private_token | :unauthorized | nil + end + + with_them do + include_context 'Debian repository access', params[:visibility_level], params[:user_type], params[:auth_method] do + it_behaves_like "Debian distributions #{desired_behavior} request", params[:expected_status], params[:expected_body] + end + end + end + + it_behaves_like 'rejects Debian access with unknown container id', :not_found, :private_token +end diff --git a/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb b/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb index a3ed74085fb..2fd5e6a5f91 100644 --- a/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb @@ -1,127 +1,6 @@ # frozen_string_literal: true -RSpec.shared_context 'Debian repository shared context' do |container_type, can_freeze| - include_context 'workhorse headers' - - before do - stub_feature_flags(debian_packages: true, debian_group_packages: true) - end - - let_it_be(:private_container, freeze: can_freeze) { create(container_type, :private) } - let_it_be(:public_container, freeze: can_freeze) { create(container_type, :public) } - let_it_be(:user, freeze: true) { create(:user) } - let_it_be(:personal_access_token, freeze: true) { create(:personal_access_token, user: user) } - - let_it_be(:private_distribution, freeze: true) { create("debian_#{container_type}_distribution", :with_file, container: private_container, codename: 'existing-codename') } - let_it_be(:private_component, freeze: true) { create("debian_#{container_type}_component", distribution: private_distribution, name: 'existing-component') } - let_it_be(:private_architecture_all, freeze: true) { create("debian_#{container_type}_architecture", distribution: private_distribution, name: 'all') } - let_it_be(:private_architecture, freeze: true) { create("debian_#{container_type}_architecture", distribution: private_distribution, name: 'existing-arch') } - let_it_be(:private_component_file) { create("debian_#{container_type}_component_file", component: private_component, architecture: private_architecture) } - - let_it_be(:public_distribution, freeze: true) { create("debian_#{container_type}_distribution", :with_file, container: public_container, codename: 'existing-codename') } - let_it_be(:public_component, freeze: true) { create("debian_#{container_type}_component", distribution: public_distribution, name: 'existing-component') } - let_it_be(:public_architecture_all, freeze: true) { create("debian_#{container_type}_architecture", distribution: public_distribution, name: 'all') } - let_it_be(:public_architecture, freeze: true) { create("debian_#{container_type}_architecture", distribution: public_distribution, name: 'existing-arch') } - let_it_be(:public_component_file) { create("debian_#{container_type}_component_file", component: public_component, architecture: public_architecture) } - - if container_type == :group - let_it_be(:private_project) { create(:project, :private, group: private_container) } - let_it_be(:public_project) { create(:project, :public, group: public_container) } - let_it_be(:private_project_distribution) { create(:debian_project_distribution, container: private_project, codename: 'existing-codename') } - let_it_be(:public_project_distribution) { create(:debian_project_distribution, container: public_project, codename: 'existing-codename') } - - let(:project) { { private: private_project, public: public_project }[visibility_level] } - else - let_it_be(:private_project) { private_container } - let_it_be(:public_project) { public_container } - let_it_be(:private_project_distribution) { private_distribution } - let_it_be(:public_project_distribution) { public_distribution } - end - - let_it_be(:private_package) { create(:debian_package, project: private_project, published_in: private_project_distribution) } - let_it_be(:public_package) { create(:debian_package, project: public_project, published_in: public_project_distribution) } - - let(:visibility_level) { :public } - - let(:distribution) { { private: private_distribution, public: public_distribution }[visibility_level] } - let(:architecture) { { private: private_architecture, public: public_architecture }[visibility_level] } - let(:component) { { private: private_component, public: public_component }[visibility_level] } - let(:component_file) { { private: private_component_file, public: public_component_file }[visibility_level] } - let(:package) { { private: private_package, public: public_package }[visibility_level] } - let(:letter) { package.name[0..2] == 'lib' ? package.name[0..3] : package.name[0] } - - let(:method) { :get } - - let(:workhorse_params) do - if method == :put - file_upload = fixture_file_upload("spec/fixtures/packages/debian/#{file_name}") - { file: file_upload } - else - {} - end - end - - let(:api_params) { workhorse_params } - - let(:auth_headers) { {} } - let(:wh_headers) do - if method == :put - workhorse_headers - else - {} - end - end - - let(:headers) { auth_headers.merge(wh_headers) } - - let(:send_rewritten_field) { true } - - subject do - if method == :put - workhorse_finalize( - api(url), - method: method, - file_key: :file, - params: api_params, - headers: headers, - send_rewritten_field: send_rewritten_field - ) - else - send method, api(url), headers: headers, params: api_params - end - end -end - -RSpec.shared_context 'with file_name' do |file_name| - let(:file_name) { file_name } -end - -RSpec.shared_context 'Debian repository auth headers' do |user_role, user_token, auth_method = :token| - let(:token) { user_token ? personal_access_token.token : 'wrong' } - - let(:auth_headers) do - if user_role == :anonymous - {} - elsif auth_method == :token - { 'Private-Token' => token } - else - basic_auth_header(user.username, token) - end - end -end - -RSpec.shared_context 'Debian repository access' do |visibility_level, user_role, add_member, user_token, auth_method| - include_context 'Debian repository auth headers', user_role, user_token, auth_method do - let(:containers) { { private: private_container, public: public_container } } - let(:container) { containers[visibility_level] } - - before do - container.send("add_#{user_role}", user) if add_member && user_role != :anonymous - end - end -end - -RSpec.shared_examples 'Debian repository GET request' do |status, body = nil| +RSpec.shared_examples 'Debian packages GET request' do |status, body = nil| and_body = body.nil? ? '' : ' and expected body' it "returns #{status}#{and_body}" do @@ -135,7 +14,7 @@ RSpec.shared_examples 'Debian repository GET request' do |status, body = nil| end end -RSpec.shared_examples 'Debian repository upload request' do |status, body = nil| +RSpec.shared_examples 'Debian packages upload request' do |status, body = nil| and_body = body.nil? ? '' : ' and expected body' if status == :created @@ -175,7 +54,7 @@ RSpec.shared_examples 'Debian repository upload request' do |status, body = nil| end end -RSpec.shared_examples 'Debian repository upload authorize request' do |status, body = nil| +RSpec.shared_examples 'Debian packages upload authorize request' do |status, body = nil| and_body = body.nil? ? '' : ' and expected body' if status == :created @@ -221,237 +100,57 @@ RSpec.shared_examples 'Debian repository upload authorize request' do |status, b end end -RSpec.shared_examples 'Debian repository POST distribution request' do |status, body| - and_body = body.nil? ? '' : ' and expected body' - - if status == :created - it 'creates distribution', :aggregate_failures do - expect(::Packages::Debian::CreateDistributionService).to receive(:new).with(container, user, api_params).and_call_original - - expect { subject } - .to change { Packages::Debian::GroupDistribution.all.count + Packages::Debian::ProjectDistribution.all.count }.by(1) - .and change { Packages::Debian::GroupComponent.all.count + Packages::Debian::ProjectComponent.all.count }.by(1) - .and change { Packages::Debian::GroupArchitecture.all.count + Packages::Debian::ProjectArchitecture.all.count }.by(2) - - expect(response).to have_gitlab_http_status(status) - expect(response.media_type).to eq('application/json') - - unless body.nil? - expect(response.body).to match(body) - end - end - else - it "returns #{status}#{and_body}", :aggregate_failures do - subject - - expect(response).to have_gitlab_http_status(status) - - unless body.nil? - expect(response.body).to match(body) - end - end - end -end - -RSpec.shared_examples 'Debian repository PUT distribution request' do |status, body| - and_body = body.nil? ? '' : ' and expected body' - - if status == :success - it 'updates distribution', :aggregate_failures do - expect(::Packages::Debian::UpdateDistributionService).to receive(:new).with(distribution, api_params.except(:codename)).and_call_original - - expect { subject } - .to not_change { Packages::Debian::GroupDistribution.all.count + Packages::Debian::ProjectDistribution.all.count } - .and not_change { Packages::Debian::GroupComponent.all.count + Packages::Debian::ProjectComponent.all.count } - .and not_change { Packages::Debian::GroupArchitecture.all.count + Packages::Debian::ProjectArchitecture.all.count } - - expect(response).to have_gitlab_http_status(status) - expect(response.media_type).to eq('application/json') - - unless body.nil? - expect(response.body).to match(body) - end - end - else - it "returns #{status}#{and_body}", :aggregate_failures do - subject - - expect(response).to have_gitlab_http_status(status) - - unless body.nil? - expect(response.body).to match(body) - end - end - end -end - -RSpec.shared_examples 'Debian repository DELETE distribution request' do |status, body| - and_body = body.nil? ? '' : ' and expected body' - - if status == :success - it 'updates distribution', :aggregate_failures do - expect { subject } - .to change { Packages::Debian::GroupDistribution.all.count + Packages::Debian::ProjectDistribution.all.count }.by(-1) - .and change { Packages::Debian::GroupComponent.all.count + Packages::Debian::ProjectComponent.all.count }.by(-1) - .and change { Packages::Debian::GroupArchitecture.all.count + Packages::Debian::ProjectArchitecture.all.count }.by(-2) - - expect(response).to have_gitlab_http_status(status) - expect(response.media_type).to eq('application/json') - - unless body.nil? - expect(response.body).to match(body) - end - end - else - it "returns #{status}#{and_body}", :aggregate_failures do - subject - - expect(response).to have_gitlab_http_status(status) - - unless body.nil? - expect(response.body).to match(body) - end - end - end -end - -RSpec.shared_examples 'rejects Debian access with unknown container id' do |hidden_status| - context 'with an unknown container' do - let(:container) { double(id: non_existing_record_id) } - - context 'as anonymous' do - it_behaves_like 'Debian repository GET request', hidden_status, nil - end - - context 'as authenticated user' do - subject { get api(url), headers: basic_auth_header(user.username, personal_access_token.token) } - - it_behaves_like 'Debian repository GET request', :not_found, nil - end - end -end - -RSpec.shared_examples 'Debian repository read endpoint' do |desired_behavior, success_status, success_body, authenticate_non_public: true| - hidden_status = if authenticate_non_public - :unauthorized - else - :not_found - end - - context 'with valid container' do - using RSpec::Parameterized::TableSyntax - - where(:visibility_level, :user_role, :member, :user_token, :expected_status, :expected_body) do - :public | :developer | true | true | success_status | success_body - :public | :guest | true | true | success_status | success_body - :public | :developer | true | false | :unauthorized | nil - :public | :guest | true | false | :unauthorized | nil - :public | :developer | false | true | success_status | success_body - :public | :guest | false | true | success_status | success_body - :public | :developer | false | false | :unauthorized | nil - :public | :guest | false | false | :unauthorized | nil - :public | :anonymous | false | true | success_status | success_body - :private | :developer | true | true | success_status | success_body - :private | :guest | true | true | :forbidden | nil - :private | :developer | true | false | :unauthorized | nil - :private | :guest | true | false | :unauthorized | nil - :private | :developer | false | true | :not_found | nil - :private | :guest | false | true | :not_found | nil - :private | :developer | false | false | :unauthorized | nil - :private | :guest | false | false | :unauthorized | nil - :private | :anonymous | false | true | hidden_status | nil - end - - with_them do - include_context 'Debian repository access', params[:visibility_level], params[:user_role], params[:member], params[:user_token], :basic do - it_behaves_like "Debian repository #{desired_behavior}", params[:expected_status], params[:expected_body] - end - end - end - - it_behaves_like 'rejects Debian access with unknown container id', hidden_status -end - -RSpec.shared_examples 'Debian repository write endpoint' do |desired_behavior, success_status, success_body, authenticate_non_public: true| - hidden_status = if authenticate_non_public - :unauthorized - else - :not_found - end - +RSpec.shared_examples 'Debian packages read endpoint' do |desired_behavior, success_status, success_body| context 'with valid container' do using RSpec::Parameterized::TableSyntax - where(:visibility_level, :user_role, :member, :user_token, :expected_status, :expected_body) do - :public | :developer | true | true | success_status | success_body - :public | :guest | true | true | :forbidden | nil - :public | :developer | true | false | :unauthorized | nil - :public | :guest | true | false | :unauthorized | nil - :public | :developer | false | true | :forbidden | nil - :public | :guest | false | true | :forbidden | nil - :public | :developer | false | false | :unauthorized | nil - :public | :guest | false | false | :unauthorized | nil - :public | :anonymous | false | true | :unauthorized | nil - :private | :developer | true | true | success_status | success_body - :private | :guest | true | true | :forbidden | nil - :private | :developer | true | false | :unauthorized | nil - :private | :guest | true | false | :unauthorized | nil - :private | :developer | false | true | :not_found | nil - :private | :guest | false | true | :not_found | nil - :private | :developer | false | false | :unauthorized | nil - :private | :guest | false | false | :unauthorized | nil - :private | :anonymous | false | true | hidden_status | nil + where(:visibility_level, :user_type, :auth_method, :expected_status, :expected_body) do + :public | :guest | :basic | success_status | success_body + :public | :not_a_member | :basic | success_status | success_body + :public | :anonymous | :basic | success_status | success_body + :public | :invalid_token | :basic | :unauthorized | nil + :private | :developer | :basic | success_status | success_body + :private | :developer | :private_token | :unauthorized | nil + :private | :guest | :basic | :forbidden | nil + :private | :not_a_member | :basic | :not_found | nil + :private | :anonymous | :basic | :unauthorized | nil + :private | :invalid_token | :basic | :unauthorized | nil end with_them do - include_context 'Debian repository access', params[:visibility_level], params[:user_role], params[:member], params[:user_token], :basic do - it_behaves_like "Debian repository #{desired_behavior}", params[:expected_status], params[:expected_body] + include_context 'Debian repository access', params[:visibility_level], params[:user_type], params[:auth_method] do + it_behaves_like "Debian packages #{desired_behavior} request", params[:expected_status], params[:expected_body] end end end - it_behaves_like 'rejects Debian access with unknown container id', hidden_status + it_behaves_like 'rejects Debian access with unknown container id', :unauthorized, :basic end -RSpec.shared_examples 'Debian repository maintainer write endpoint' do |desired_behavior, success_status, success_body, authenticate_non_public: true| - hidden_status = if authenticate_non_public - :unauthorized - else - :not_found - end - +RSpec.shared_examples 'Debian packages write endpoint' do |desired_behavior, success_status, success_body| context 'with valid container' do using RSpec::Parameterized::TableSyntax - where(:visibility_level, :user_role, :member, :user_token, :expected_status, :expected_body) do - :public | :maintainer | true | true | success_status | success_body - :public | :developer | true | true | :forbidden | nil - :public | :guest | true | true | :forbidden | nil - :public | :maintainer | true | false | :unauthorized | nil - :public | :guest | true | false | :unauthorized | nil - :public | :maintainer | false | true | :forbidden | nil - :public | :guest | false | true | :forbidden | nil - :public | :maintainer | false | false | :unauthorized | nil - :public | :guest | false | false | :unauthorized | nil - :public | :anonymous | false | true | :unauthorized | nil - :private | :maintainer | true | true | success_status | success_body - :private | :developer | true | true | :forbidden | nil - :private | :guest | true | true | :forbidden | nil - :private | :maintainer | true | false | :unauthorized | nil - :private | :guest | true | false | :unauthorized | nil - :private | :maintainer | false | true | :not_found | nil - :private | :guest | false | true | :not_found | nil - :private | :maintainer | false | false | :unauthorized | nil - :private | :guest | false | false | :unauthorized | nil - :private | :anonymous | false | true | hidden_status | nil + where(:visibility_level, :user_type, :auth_method, :expected_status, :expected_body) do + :public | :developer | :basic | success_status | success_body + :public | :developer | :private_token | :unauthorized | nil + :public | :guest | :basic | :forbidden | nil + :public | :not_a_member | :basic | :forbidden | nil + :public | :anonymous | :basic | :unauthorized | nil + :public | :invalid_token | :basic | :unauthorized | nil + :private | :developer | :basic | success_status | success_body + :private | :guest | :basic | :forbidden | nil + :private | :not_a_member | :basic | :not_found | nil + :private | :anonymous | :basic | :unauthorized | nil + :private | :invalid_token | :basic | :unauthorized | nil end with_them do - include_context 'Debian repository access', params[:visibility_level], params[:user_role], params[:member], params[:user_token], :basic do - it_behaves_like "Debian repository #{desired_behavior}", params[:expected_status], params[:expected_body] + include_context 'Debian repository access', params[:visibility_level], params[:user_type], params[:auth_method] do + it_behaves_like "Debian packages #{desired_behavior} request", params[:expected_status], params[:expected_body] end end end - it_behaves_like 'rejects Debian access with unknown container id', hidden_status + it_behaves_like 'rejects Debian access with unknown container id', :unauthorized, :basic end diff --git a/spec/support/shared_examples/requests/api/graphql/mutations/destroy_list_shared_examples.rb b/spec/support/shared_examples/requests/api/graphql/mutations/destroy_list_shared_examples.rb index 0cec67ff541..dca152223fb 100644 --- a/spec/support/shared_examples/requests/api/graphql/mutations/destroy_list_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/graphql/mutations/destroy_list_shared_examples.rb @@ -28,7 +28,7 @@ RSpec.shared_examples 'board lists destroy request' do it 'returns an error' do subject - expect(graphql_errors.first['message']).to include("The resource that you are attempting to access does not exist or you don't have permission to perform this action") + expect(graphql_errors.first['message']).to include(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR) end end diff --git a/spec/support/shared_examples/requests/api/graphql/packages/package_details_shared_examples.rb b/spec/support/shared_examples/requests/api/graphql/packages/package_details_shared_examples.rb index 41a61ba5fd7..d576a5874fd 100644 --- a/spec/support/shared_examples/requests/api/graphql/packages/package_details_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/graphql/packages/package_details_shared_examples.rb @@ -2,12 +2,26 @@ RSpec.shared_examples 'a package detail' do it_behaves_like 'a working graphql query' do - it 'matches the JSON schema' do - expect(package_details).to match_schema('graphql/packages/package_details') + it_behaves_like 'matching the package details schema' + end + + context 'with pipelines' do + let_it_be(:build_info1) { create(:package_build_info, :with_pipeline, package: package) } + let_it_be(:build_info2) { create(:package_build_info, :with_pipeline, package: package) } + let_it_be(:build_info3) { create(:package_build_info, :with_pipeline, package: package) } + + it_behaves_like 'a working graphql query' do + it_behaves_like 'matching the package details schema' end end end +RSpec.shared_examples 'matching the package details schema' do + it 'matches the JSON schema' do + expect(package_details).to match_schema('graphql/packages/package_details') + end +end + RSpec.shared_examples 'a package with files' do it 'has the right amount of files' do expect(package_files_response.length).to be(package.package_files.length) diff --git a/spec/support/shared_examples/requests/api/notes_shared_examples.rb b/spec/support/shared_examples/requests/api/notes_shared_examples.rb index 40799688144..0434d0beb7e 100644 --- a/spec/support/shared_examples/requests/api/notes_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/notes_shared_examples.rb @@ -281,7 +281,7 @@ RSpec.shared_examples 'noteable API' do |parent_type, noteable_type, id_name| end end - context 'when request exceeds the rate limit' do + context 'when request exceeds the rate limit', :freeze_time, :clean_gitlab_redis_rate_limiting do before do stub_application_setting(notes_create_limit: 1) allow(::Gitlab::ApplicationRateLimiter).to receive(:increment).and_return(2) diff --git a/spec/support/shared_examples/requests/api/npm_packages_shared_examples.rb b/spec/support/shared_examples/requests/api/npm_packages_shared_examples.rb index 2af7b616659..19677e92001 100644 --- a/spec/support/shared_examples/requests/api/npm_packages_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/npm_packages_shared_examples.rb @@ -8,6 +8,8 @@ RSpec.shared_examples 'handling get metadata requests' do |scope: :project| let_it_be(:package_dependency_link3) { create(:packages_dependency_link, package: package, dependency_type: :bundleDependencies) } let_it_be(:package_dependency_link4) { create(:packages_dependency_link, package: package, dependency_type: :peerDependencies) } + let_it_be(:package_metadatum) { create(:npm_metadatum, package: package) } + let(:headers) { {} } subject { get(url, headers: headers) } @@ -39,6 +41,19 @@ RSpec.shared_examples 'handling get metadata requests' do |scope: :project| # query count can slightly change between the examples so we're using a custom threshold expect { get(url, headers: headers) }.not_to exceed_query_limit(control).with_threshold(4) end + + context 'with packages_npm_abbreviated_metadata disabled' do + before do + stub_feature_flags(packages_npm_abbreviated_metadata: false) + end + + it 'calls the presenter without including metadata' do + expect(::Packages::Npm::PackagePresenter) + .to receive(:new).with(anything, anything, include_metadata: false).and_call_original + + subject + end + end end shared_examples 'reject metadata request' do |status:| diff --git a/spec/support/shared_examples/requests/api/pypi_packages_shared_examples.rb b/spec/support/shared_examples/requests/api/pypi_packages_shared_examples.rb index ed6d9ed43c8..06c51add438 100644 --- a/spec/support/shared_examples/requests/api/pypi_packages_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/pypi_packages_shared_examples.rb @@ -167,7 +167,7 @@ end RSpec.shared_examples 'rejects PyPI access with unknown project id' do context 'with an unknown project' do - let(:project) { OpenStruct.new(id: 1234567890) } + let(:project) { double('access', id: 1234567890) } it_behaves_like 'unknown PyPI scope id' end @@ -175,7 +175,7 @@ end RSpec.shared_examples 'rejects PyPI access with unknown group id' do context 'with an unknown project' do - let(:group) { OpenStruct.new(id: 1234567890) } + let(:group) { double('access', id: 1234567890) } it_behaves_like 'unknown PyPI scope id' end diff --git a/spec/support/shared_examples/requests/api/status_shared_examples.rb b/spec/support/shared_examples/requests/api/status_shared_examples.rb index 8207190b1dc..40843ccbd15 100644 --- a/spec/support/shared_examples/requests/api/status_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/status_shared_examples.rb @@ -76,3 +76,32 @@ RSpec.shared_examples '412 response' do end end end + +RSpec.shared_examples '422 response' do + let(:message) { nil } + + before do + # Fires the request + request + end + + it 'returns 422' do + expect(response).to have_gitlab_http_status(:unprocessable_entity) + expect(json_response).to be_an Object + + if message.present? + expect(json_response['message']).to eq(message) + end + end +end + +RSpec.shared_examples '503 response' do + before do + # Fires the request + request + end + + it 'returns 503' do + expect(response).to have_gitlab_http_status(:service_unavailable) + end +end diff --git a/spec/support/shared_examples/requests/applications_controller_shared_examples.rb b/spec/support/shared_examples/requests/applications_controller_shared_examples.rb new file mode 100644 index 00000000000..8f852d42c2c --- /dev/null +++ b/spec/support/shared_examples/requests/applications_controller_shared_examples.rb @@ -0,0 +1,44 @@ +# frozen_string_literal: true + +RSpec.shared_examples 'applications controller - GET #show' do + describe 'GET #show' do + it 'renders template' do + get show_path + + expect(response).to render_template :show + end + + context 'when application is viewed after being created' do + before do + create_application + end + + it 'sets `@created` instance variable to `true`' do + get show_path + + expect(assigns[:created]).to eq(true) + end + end + + context 'when application is reviewed' do + it 'sets `@created` instance variable to `false`' do + get show_path + + expect(assigns[:created]).to eq(false) + end + end + end +end + +RSpec.shared_examples 'applications controller - POST #create' do + it "sets `#{OauthApplications::CREATED_SESSION_KEY}` session key to `true`" do + create_application + + expect(session[OauthApplications::CREATED_SESSION_KEY]).to eq(true) + end +end + +def create_application + create_params = attributes_for(:application, trusted: true, confidential: false, scopes: ['api']) + post create_path, params: { doorkeeper_application: create_params } +end diff --git a/spec/support/shared_examples/requests/self_monitoring_shared_examples.rb b/spec/support/shared_examples/requests/self_monitoring_shared_examples.rb index ff87fc5d8df..f8a752a5673 100644 --- a/spec/support/shared_examples/requests/self_monitoring_shared_examples.rb +++ b/spec/support/shared_examples/requests/self_monitoring_shared_examples.rb @@ -39,6 +39,10 @@ end # let(:status_api) { status_create_self_monitoring_project_admin_application_settings_path } # subject { post create_self_monitoring_project_admin_application_settings_path } RSpec.shared_examples 'triggers async worker, returns sidekiq job_id with response accepted' do + before do + allow(worker_class).to receive(:with_status).and_return(worker_class) + end + it 'returns sidekiq job_id of expected length' do subject diff --git a/spec/support/shared_examples/requests/snippet_shared_examples.rb b/spec/support/shared_examples/requests/snippet_shared_examples.rb index dae3a3e74be..b13c4da0bed 100644 --- a/spec/support/shared_examples/requests/snippet_shared_examples.rb +++ b/spec/support/shared_examples/requests/snippet_shared_examples.rb @@ -86,6 +86,7 @@ RSpec.shared_examples 'snippet blob content' do expect(response.header[Gitlab::Workhorse::DETECT_HEADER]).to eq 'true' expect(response.header[Gitlab::Workhorse::SEND_DATA_HEADER]).to start_with('git-blob:') + expect(response.parsed_body).to be_empty end context 'when snippet repository is empty' do |