Better route matching for read-only detection

author: Ash McKenzie <amckenzie@gitlab.com> 2018-06-13 12:20:10 +1000
committer: Ash McKenzie <amckenzie@gitlab.com> 2018-07-02 17:29:04 +1000
commit: 26bea57883f01ef304465a93d3a8a9b611abc178 (patch)
tree: 5ea377dcbd7b3e3dc5318256d1707ec58a0b5dfb /spec
parent: 3cf683629e62fa4810512b20f4f54140591829ef (diff)
download: gitlab-ce-26bea57883f01ef304465a93d3a8a9b611abc178.tar.gz
1 files changed, 19 insertions, 16 deletions
diff --git a/spec/lib/gitlab/middleware/read_only_spec.rb b/spec/lib/gitlab/middleware/read_only_spec.rb
index 39ec2f37a83..5c398bc2063 100644
--- a/spec/lib/gitlab/middleware/read_only_spec.rb
+++ b/spec/lib/gitlab/middleware/read_only_spec.rb
@@ -2,6 +2,7 @@ require 'spec_helper'
 
 describe Gitlab::Middleware::ReadOnly do
   include Rack::Test::Methods
+  using RSpec::Parameterized::TableSyntax
 
   RSpec::Matchers.define :be_a_redirect do
     match do |response|
@@ -117,39 +118,41 @@ describe Gitlab::Middleware::ReadOnly do
     context 'whitelisted requests' do
       it 'expects a POST internal request to be allowed' do
         expect(Rails.application.routes).not_to receive(:recognize_path)
-
         response = request.post("/api/#{API::API.version}/internal")
 
         expect(response).not_to be_a_redirect
         expect(subject).not_to disallow_request
       end
 
-      it 'expects a POST LFS request to batch URL to be allowed' do
-        expect(Rails.application.routes).to receive(:recognize_path).and_call_original
-        response = request.post('/root/rouge.git/info/lfs/objects/batch')
+      it 'expects requests to sidekiq admin to be allowed' do
+        response = request.post('/admin/sidekiq')
 
         expect(response).not_to be_a_redirect
         expect(subject).not_to disallow_request
-      end
 
-      it 'expects a POST request to git-upload-pack URL to be allowed' do
-        expect(Rails.application.routes).to receive(:recognize_path).and_call_original
-        response = request.post('/root/rouge.git/git-upload-pack')
+        response = request.get('/admin/sidekiq')
 
         expect(response).not_to be_a_redirect
         expect(subject).not_to disallow_request
       end
 
-      it 'expects requests to sidekiq admin to be allowed' do
-        response = request.post('/admin/sidekiq')
-
-        expect(response).not_to be_a_redirect
-        expect(subject).not_to disallow_request
+      where(:description, :path) do
+        'LFS request to batch'        | '/root/rouge.git/info/lfs/objects/batch'
+        'LFS request to locks verify' | '/root/rouge.git/info/lfs/locks/verify'
+        'LFS request to locks create' | '/root/rouge.git/info/lfs/locks'
+        'LFS request to locks unlock' | '/root/rouge.git/info/lfs/locks/1/unlock'
+        'request to git-upload-pack'  | '/root/rouge.git/git-upload-pack'
+        'request to git-receive-pack' | '/root/rouge.git/git-receive-pack'
+      end
 
-        response = request.get('/admin/sidekiq')
+      with_them do
+        it "expects a POST #{description} URL to be allowed" do
+          expect(Rails.application.routes).to receive(:recognize_path).and_call_original
+          response = request.post(path)
 
-        expect(response).not_to be_a_redirect
-        expect(subject).not_to disallow_request
+          expect(response).not_to be_a_redirect
+          expect(subject).not_to disallow_request
+        end
       end
     end
   end
author	Ash McKenzie <amckenzie@gitlab.com>	2018-06-13 12:20:10 +1000
committer	Ash McKenzie <amckenzie@gitlab.com>	2018-07-02 17:29:04 +1000
commit	26bea57883f01ef304465a93d3a8a9b611abc178 (patch)
tree	5ea377dcbd7b3e3dc5318256d1707ec58a0b5dfb /spec
parent	3cf683629e62fa4810512b20f4f54140591829ef (diff)
download	gitlab-ce-26bea57883f01ef304465a93d3a8a9b611abc178.tar.gz