Reject group-routes as names of child namespaces

author: Bob Van Landuyt <bob@gitlab.com> 2017-04-28 18:09:01 +0200
committer: Bob Van Landuyt <bob@gitlab.com> 2017-05-01 11:14:24 +0200
commit: 08b1bc3489e8d4e6d5786221bad090f16a1c021f (patch)
tree: 17f98937621003472feb6d5717bc5c1facc62964 /spec/validators
parent: 1e14c3c8525c4e9db6f83da6c037ed94205f65f0 (diff)
download: gitlab-ce-08b1bc3489e8d4e6d5786221bad090f16a1c021f.tar.gz
1 files changed, 51 insertions, 25 deletions
diff --git a/spec/validators/dynamic_path_validator_spec.rb b/spec/validators/dynamic_path_validator_spec.rb
index 5053a299bc3..f43b4892456 100644
--- a/spec/validators/dynamic_path_validator_spec.rb
+++ b/spec/validators/dynamic_path_validator_spec.rb
@@ -86,6 +86,16 @@ describe DynamicPathValidator do
     end.uniq
   end
 
+  STARTING_WITH_GROUP = %r{^/groups/\*(group_)?id/}
+  let(:group_routes) do
+    routes_without_format.select do |path|
+      path =~ STARTING_WITH_GROUP
+    end
+  end
+
+  let(:paths_after_group_id) do
+    group_routes.map do |route|
+      route.gsub(STARTING_WITH_GROUP, '').split('/').first
     end.uniq
   end
 
@@ -95,6 +105,12 @@ describe DynamicPathValidator do
     end
   end
 
+  describe 'GROUP_ROUTES' do
+    it "don't contain a second wildcard" do
+      expect(described_class::GROUP_ROUTES).to include(*paths_after_group_id)
+    end
+  end
+
   describe 'WILDCARD_ROUTES' do
     it 'includes all paths that can be used after a namespace/project path' do
       aggregate_failures do
@@ -105,59 +121,69 @@ describe DynamicPathValidator do
     end
   end
 
-  describe '.contains_path_part?' do
-    it 'recognizes a path part' do
-      expect(described_class.contains_path_part?('user/some/path', 'user')).
-        to be_truthy
-    end
+  describe '.without_reserved_wildcard_paths_regex' do
+    subject { described_class.without_reserved_wildcard_paths_regex }
 
-    it 'recognizes a path ending in the path part' do
-      expect(described_class.contains_path_part?('some/path/user', 'user')).
-        to be_truthy
+    it 'rejects paths starting with a reserved top level' do
+      expect(subject).not_to match('dashboard/hello/world')
+      expect(subject).not_to match('dashboard')
     end
 
-    it 'skips partial path matches' do
-      expect(described_class.contains_path_part?('some/user1/path', 'user')).
-        to be_falsy
+    it 'rejects paths containing a wildcard reserved word' do
+      expect(subject).not_to match('hello/edit')
+      expect(subject).not_to match('hello/edit/in-the-middle')
+      expect(subject).not_to match('foo/bar1/refs/master/logs_tree')
     end
 
-    it 'can recognise combined paths' do
-      expect(described_class.contains_path_part?('some/user/admin/path', 'user/admin')).
-        to be_truthy
+    it 'matches valid paths' do
+      expect(subject).to match('parent/child/project-path')
+      expect(subject).to match('/parent/child/project-path')
     end
+  end
 
-    it 'only recognizes full paths' do
-      expect(described_class.contains_path_part?('frontend-fixtures', 's')).
-        to be_falsy
-    end
+  describe '.without_reserved_child_paths_regex' do
+    it 'rejects paths containing a child reserved word' do
+      subject = described_class.without_reserved_child_paths_regex
 
-    it 'handles regex chars gracefully' do
-      expect(described_class.contains_path_part?('frontend-fixtures', '-')).
-        to be_falsy
+      expect(subject).not_to match('hello/group_members')
+      expect(subject).not_to match('hello/activity/in-the-middle')
+      expect(subject).not_to match('foo/bar1/refs/master/logs_tree')
     end
   end
 
   describe ".valid?" do
     it 'is not case sensitive' do
-      expect(described_class.valid?("Users")).to be(false)
+      expect(described_class.valid?("Users")).to be_falsey
     end
 
     it "isn't valid when the top level is reserved" do
       test_path = 'u/should-be-a/reserved-word'
 
-      expect(described_class.valid?(test_path)).to be(false)
+      expect(described_class.valid?(test_path)).to be_falsey
     end
 
     it "isn't valid if any of the path segments is reserved" do
       test_path = 'the-wildcard/wikis/is-not-allowed'
 
-      expect(described_class.valid?(test_path)).to be(false)
+      expect(described_class.valid?(test_path)).to be_falsey
     end
 
     it "is valid if the path doesn't contain reserved words" do
       test_path = 'there-are/no-wildcards/in-this-path'
 
-      expect(described_class.valid?(test_path)).to be(true)
+      expect(described_class.valid?(test_path)).to be_truthy
+    end
+
+    it 'allows allows a child path on the last spot' do
+      test_path = 'there/can-be-a/project-called/labels'
+
+      expect(described_class.valid?(test_path)).to be_truthy
+    end
+
+    it 'rejects a child path somewhere else' do
+      test_path = 'there/can-be-no/labels/group'
+
+      expect(described_class.valid?(test_path)).to be_falsey
     end
   end
 end
author	Bob Van Landuyt <bob@gitlab.com>	2017-04-28 18:09:01 +0200
committer	Bob Van Landuyt <bob@gitlab.com>	2017-05-01 11:14:24 +0200
commit	08b1bc3489e8d4e6d5786221bad090f16a1c021f (patch)
tree	17f98937621003472feb6d5717bc5c1facc62964 /spec/validators
parent	1e14c3c8525c4e9db6f83da6c037ed94205f65f0 (diff)
download	gitlab-ce-08b1bc3489e8d4e6d5786221bad090f16a1c021f.tar.gz