Merge branch 'fix-internal-api' into 'master'

Fix internal api Fixes #1787 See merge request !1280
author: Dmitriy Zaporozhets <dzaporozhets@gitlab.com> 2014-12-01 15:31:23 +0000
committer: Dmitriy Zaporozhets <dzaporozhets@gitlab.com> 2014-12-01 15:31:23 +0000
commit: 7ff1c0e3f9c6c6098443a6ee49345ed75536f49a (patch)
tree: bd61db837c589e1a65964138e59fb2eaa854ac8c /spec
parent: 27077ab21e56ea1ef2e18488fa2ec5940062f86a (diff)
parent: 612b8806ddc7881421e26a9dbfe465d6445fb3d6 (diff)
download: gitlab-ce-7ff1c0e3f9c6c6098443a6ee49345ed75536f49a.tar.gz
2 files changed, 40 insertions, 3 deletions
diff --git a/spec/lib/gitlab/git_access_spec.rb b/spec/lib/gitlab/git_access_spec.rb
index 1addba55787..66e87e57cbc 100644
--- a/spec/lib/gitlab/git_access_spec.rb
+++ b/spec/lib/gitlab/git_access_spec.rb
@@ -46,6 +46,25 @@ describe Gitlab::GitAccess do
         it { subject.allowed?.should be_false }
       end
     end
+
+    describe 'deploy key permissions' do
+      let(:key) { create(:deploy_key) }
+
+      context 'pull code' do
+        context 'allowed' do
+          before { key.projects << project }
+          subject { access.download_access_check(key, project) }
+
+          it { subject.allowed?.should be_true }
+        end
+
+        context 'denied' do
+          subject { access.download_access_check(key, project) }
+
+          it { subject.allowed?.should be_false }
+        end
+      end
+    end
   end
 
   describe 'push_access_check' do
diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb
index 53b7808d4c3..4faa1f9b964 100644
--- a/spec/requests/api/internal_spec.rb
+++ b/spec/requests/api/internal_spec.rb
@@ -26,7 +26,7 @@ describe API::API, api: true  do
     end
   end
 
-  describe "GET /internal/allowed" do
+  describe "POST /internal/allowed" do
     context "access granted" do
       before do
         project.team << [user, :developer]
@@ -140,7 +140,7 @@ describe API::API, api: true  do
           archive(key, project)
 
           response.status.should == 200
-          response.body.should == 'true'
+          JSON.parse(response.body)["status"].should be_true
         end
       end
 
@@ -149,10 +149,28 @@ describe API::API, api: true  do
           archive(key, project)
 
           response.status.should == 200
-          response.body.should == 'false'
+          JSON.parse(response.body)["status"].should be_false
         end
       end
     end
+
+    context 'project does not exist' do
+      it do
+        pull(key, OpenStruct.new(path_with_namespace: 'gitlab/notexists'))
+
+        response.status.should == 200
+        JSON.parse(response.body)["status"].should be_false
+      end
+    end
+
+    context 'user does not exist' do
+      it do
+        pull(OpenStruct.new(id: 0), project)
+
+        response.status.should == 200
+        JSON.parse(response.body)["status"].should be_false
+      end
+    end
   end
 
   def pull(key, project)
author	Dmitriy Zaporozhets <dzaporozhets@gitlab.com>	2014-12-01 15:31:23 +0000
committer	Dmitriy Zaporozhets <dzaporozhets@gitlab.com>	2014-12-01 15:31:23 +0000
commit	7ff1c0e3f9c6c6098443a6ee49345ed75536f49a (patch)
tree	bd61db837c589e1a65964138e59fb2eaa854ac8c /spec
parent	27077ab21e56ea1ef2e18488fa2ec5940062f86a (diff)
parent	612b8806ddc7881421e26a9dbfe465d6445fb3d6 (diff)
download	gitlab-ce-7ff1c0e3f9c6c6098443a6ee49345ed75536f49a.tar.gz