diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-31 18:17:06 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-31 18:17:06 +0000 |
commit | 4747b1ebc408204ff9ac4e6b9afa1d97fcf8c91a (patch) | |
tree | 1a7cf972d18990f46fadee34dae9676b7016f7c9 /spec | |
parent | ccab6fb4df8bc12220334618e56d911c4d0e447c (diff) | |
download | gitlab-ce-4747b1ebc408204ff9ac4e6b9afa1d97fcf8c91a.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec')
-rw-r--r-- | spec/controllers/admin/clusters_controller_spec.rb | 8 | ||||
-rw-r--r-- | spec/controllers/groups/clusters_controller_spec.rb | 6 | ||||
-rw-r--r-- | spec/controllers/projects/clusters_controller_spec.rb | 6 | ||||
-rw-r--r-- | spec/db/schema_spec.rb | 1 | ||||
-rw-r--r-- | spec/factories/clusters/applications/helm.rb | 4 | ||||
-rw-r--r-- | spec/factories/clusters/clusters.rb | 1 | ||||
-rw-r--r-- | spec/frontend/sidebar/components/move/move_issue_button_spec.js | 4 | ||||
-rw-r--r-- | spec/helpers/broadcast_messages_helper_spec.rb | 20 | ||||
-rw-r--r-- | spec/models/clusters/applications/ingress_spec.rb | 120 | ||||
-rw-r--r-- | spec/models/clusters/cluster_spec.rb | 36 | ||||
-rw-r--r-- | spec/requests/api/lint_spec.rb | 280 | ||||
-rw-r--r-- | spec/requests/api/protected_branches_spec.rb | 100 |
12 files changed, 246 insertions, 340 deletions
diff --git a/spec/controllers/admin/clusters_controller_spec.rb b/spec/controllers/admin/clusters_controller_spec.rb index 8e62aeed7d0..cb310c7b7f9 100644 --- a/spec/controllers/admin/clusters_controller_spec.rb +++ b/spec/controllers/admin/clusters_controller_spec.rb @@ -259,14 +259,6 @@ RSpec.describe Admin::ClustersController, feature_category: :kubernetes_manageme expect(response).to have_gitlab_http_status(:ok) expect(response).to match_response_schema('cluster_status') end - - it 'invokes schedule_status_update on each application' do - expect_next_instance_of(Clusters::Applications::Ingress) do |instance| - expect(instance).to receive(:schedule_status_update) - end - - get_cluster_status - end end describe 'security' do diff --git a/spec/controllers/groups/clusters_controller_spec.rb b/spec/controllers/groups/clusters_controller_spec.rb index 01ea7101f2e..c020aeedf1c 100644 --- a/spec/controllers/groups/clusters_controller_spec.rb +++ b/spec/controllers/groups/clusters_controller_spec.rb @@ -322,12 +322,6 @@ RSpec.describe Groups::ClustersController, feature_category: :kubernetes_managem expect(response).to have_gitlab_http_status(:ok) expect(response).to match_response_schema('cluster_status') end - - it 'invokes schedule_status_update on each application' do - expect_any_instance_of(Clusters::Applications::Ingress).to receive(:schedule_status_update) - - go - end end describe 'security' do diff --git a/spec/controllers/projects/clusters_controller_spec.rb b/spec/controllers/projects/clusters_controller_spec.rb index d16e5eea2e9..236e1845d3f 100644 --- a/spec/controllers/projects/clusters_controller_spec.rb +++ b/spec/controllers/projects/clusters_controller_spec.rb @@ -358,12 +358,6 @@ RSpec.describe Projects::ClustersController, feature_category: :kubernetes_manag expect(response).to have_gitlab_http_status(:ok) expect(response).to match_response_schema('cluster_status') end - - it 'invokes schedule_status_update on each application' do - expect_any_instance_of(Clusters::Applications::Ingress).to receive(:schedule_status_update) - - go - end end describe 'security' do diff --git a/spec/db/schema_spec.rb b/spec/db/schema_spec.rb index ca0d54abca7..f73edeed3c3 100644 --- a/spec/db/schema_spec.rb +++ b/spec/db/schema_spec.rb @@ -207,7 +207,6 @@ RSpec.describe 'Database schema', feature_category: :database do 'Ci::Processable' => %w[failure_reason], 'Ci::Runner' => %w[access_level], 'Ci::Stage' => %w[status], - 'Clusters::Applications::Ingress' => %w[ingress_type], 'Clusters::Cluster' => %w[platform_type provider_type], 'CommitStatus' => %w[failure_reason], 'GenericCommitStatus' => %w[failure_reason], diff --git a/spec/factories/clusters/applications/helm.rb b/spec/factories/clusters/applications/helm.rb index 67cd0de5c4f..4cf7023b5aa 100644 --- a/spec/factories/clusters/applications/helm.rb +++ b/spec/factories/clusters/applications/helm.rb @@ -93,9 +93,5 @@ FactoryBot.define do helm_installed { false } end end - - factory :clusters_applications_ingress, class: 'Clusters::Applications::Ingress' do - cluster factory: %i(cluster with_installed_helm provided_by_gcp) - end end end diff --git a/spec/factories/clusters/clusters.rb b/spec/factories/clusters/clusters.rb index 0525b569e50..e50240aee7e 100644 --- a/spec/factories/clusters/clusters.rb +++ b/spec/factories/clusters/clusters.rb @@ -92,7 +92,6 @@ FactoryBot.define do trait :with_all_applications do application_helm factory: %i(clusters_applications_helm installed) - application_ingress factory: %i(clusters_applications_ingress installed) end trait :with_domain do diff --git a/spec/frontend/sidebar/components/move/move_issue_button_spec.js b/spec/frontend/sidebar/components/move/move_issue_button_spec.js index eb5e23c6047..e2f5414056a 100644 --- a/spec/frontend/sidebar/components/move/move_issue_button_spec.js +++ b/spec/frontend/sidebar/components/move/move_issue_button_spec.js @@ -71,10 +71,6 @@ describe('MoveIssueButton', () => { }); }; - afterEach(() => { - fakeApollo = null; - }); - it('renders the project select dropdown', () => { createComponent(); diff --git a/spec/helpers/broadcast_messages_helper_spec.rb b/spec/helpers/broadcast_messages_helper_spec.rb index e0bdb09f257..8d2245c820f 100644 --- a/spec/helpers/broadcast_messages_helper_spec.rb +++ b/spec/helpers/broadcast_messages_helper_spec.rb @@ -157,4 +157,24 @@ RSpec.describe BroadcastMessagesHelper, feature_category: :onboarding do expect(single_broadcast_message['ends_at']).to eq('2020-01-02T00:00:00Z') end end + + describe '#broadcast_message_data' do + let(:starts_at) { 1.day.ago } + let(:ends_at) { 1.day.from_now } + let(:message) { build(:broadcast_message, id: non_existing_record_id, starts_at: starts_at, ends_at: ends_at) } + + it 'returns the expected message data attributes' do + keys = [ + :id, :message, :broadcast_type, :theme, :dismissable, :target_access_levels, :messages_path, + :preview_path, :target_path, :starts_at, :ends_at, :target_access_level_options + ] + + expect(broadcast_message_data(message).keys).to match(keys) + end + + it 'has the correct iso formatted date', time_travel_to: '2020-01-01 00:00:00 +0000' do + expect(broadcast_message_data(message)[:starts_at]).to eq('2019-12-31T00:00:00Z') + expect(broadcast_message_data(message)[:ends_at]).to eq('2020-01-02T00:00:00Z') + end + end end diff --git a/spec/models/clusters/applications/ingress_spec.rb b/spec/models/clusters/applications/ingress_spec.rb deleted file mode 100644 index 99be2ed8ee8..00000000000 --- a/spec/models/clusters/applications/ingress_spec.rb +++ /dev/null @@ -1,120 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe Clusters::Applications::Ingress do - let(:ingress) { create(:clusters_applications_ingress) } - - before do - allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_in) - allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_async) - end - - it_behaves_like 'having unique enum values' - - include_examples 'cluster application core specs', :clusters_applications_ingress - include_examples 'cluster application status specs', :clusters_applications_ingress - include_examples 'cluster application version specs', :clusters_applications_ingress - include_examples 'cluster application helm specs', :clusters_applications_ingress - include_examples 'cluster application initial status specs' - - describe 'default values' do - it { expect(subject.ingress_type).to eq("nginx") } - it { expect(subject.version).to eq(described_class::VERSION) } - end - - describe '#make_installed!' do - before do - application.make_installed! - end - - let(:application) { create(:clusters_applications_ingress, :installing) } - - it 'schedules a ClusterWaitForIngressIpAddressWorker' do - expect(ClusterWaitForIngressIpAddressWorker).to have_received(:perform_in) - .with(Clusters::Applications::Ingress::FETCH_IP_ADDRESS_DELAY, 'ingress', application.id) - end - end - - describe '#schedule_status_update' do - let(:application) { create(:clusters_applications_ingress, :installed) } - - before do - application.schedule_status_update - end - - it 'schedules a ClusterWaitForIngressIpAddressWorker' do - expect(ClusterWaitForIngressIpAddressWorker).to have_received(:perform_async) - .with('ingress', application.id) - end - - context 'when the application is not installed' do - let(:application) { create(:clusters_applications_ingress, :installing) } - - it 'does not schedule a ClusterWaitForIngressIpAddressWorker' do - expect(ClusterWaitForIngressIpAddressWorker).not_to have_received(:perform_async) - end - end - - context 'when there is already an external_ip' do - let(:application) { create(:clusters_applications_ingress, :installed, external_ip: '111.222.222.111') } - - it 'does not schedule a ClusterWaitForIngressIpAddressWorker' do - expect(ClusterWaitForIngressIpAddressWorker).not_to have_received(:perform_in) - end - end - - context 'when there is already an external_hostname' do - let(:application) { create(:clusters_applications_ingress, :installed, external_hostname: 'localhost.localdomain') } - - it 'does not schedule a ClusterWaitForIngressIpAddressWorker' do - expect(ClusterWaitForIngressIpAddressWorker).not_to have_received(:perform_in) - end - end - end - - describe '#install_command' do - subject { ingress.install_command } - - it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::V3::InstallCommand) } - - it 'is initialized with ingress arguments' do - expect(subject.name).to eq('ingress') - expect(subject.chart).to eq('ingress/nginx-ingress') - expect(subject.version).to eq('1.40.2') - expect(subject).to be_rbac - expect(subject.files).to eq(ingress.files) - end - - context 'on a non rbac enabled cluster' do - before do - ingress.cluster.platform_kubernetes.abac! - end - - it { is_expected.not_to be_rbac } - end - - context 'application failed to install previously' do - let(:ingress) { create(:clusters_applications_ingress, :errored, version: 'nginx') } - - it 'is initialized with the locked version' do - expect(subject.version).to eq('1.40.2') - end - end - end - - describe '#files' do - let(:application) { ingress } - let(:values) { subject[:'values.yaml'] } - - subject { application.files } - - it 'includes ingress valid keys in values' do - expect(values).to include('image') - expect(values).to include('repository') - expect(values).to include('stats') - expect(values).to include('podAnnotations') - expect(values).to include('clusterIP') - end - end -end diff --git a/spec/models/clusters/cluster_spec.rb b/spec/models/clusters/cluster_spec.rb index 578b09740a5..f1d4a91f289 100644 --- a/spec/models/clusters/cluster_spec.rb +++ b/spec/models/clusters/cluster_spec.rb @@ -24,7 +24,6 @@ feature_category: :kubernetes_management do it { is_expected.to have_one(:platform_kubernetes) } it { is_expected.to have_one(:integration_prometheus) } it { is_expected.to have_one(:application_helm) } - it { is_expected.to have_one(:application_ingress) } it { is_expected.to have_many(:kubernetes_namespaces) } it { is_expected.to have_one(:cluster_project) } it { is_expected.to have_many(:deployment_clusters) } @@ -34,8 +33,6 @@ feature_category: :kubernetes_management do it { is_expected.to delegate_method(:status).to(:provider) } it { is_expected.to delegate_method(:status_reason).to(:provider) } - it { is_expected.to delegate_method(:external_ip).to(:application_ingress).with_prefix } - it { is_expected.to delegate_method(:external_hostname).to(:application_ingress).with_prefix } it { is_expected.to respond_to :project } it { is_expected.to be_namespace_per_environment } @@ -711,10 +708,9 @@ feature_category: :kubernetes_management do context 'when applications are created' do let!(:helm) { create(:clusters_applications_helm, cluster: cluster) } - let!(:ingress) { create(:clusters_applications_ingress, cluster: cluster) } it 'returns a list of created applications' do - is_expected.to contain_exactly(helm, ingress) + is_expected.to contain_exactly(helm) end end end @@ -1502,34 +1498,4 @@ feature_category: :kubernetes_management do end end end - - describe '#application_ingress_available?' do - subject(:application_ingress_available?) { cluster.application_ingress_available? } - - before do - allow(cluster).to receive(:application_ingress).and_return(application_ingress) - end - - context 'without application_ingress' do - let(:application_ingress) {} - - it { is_expected.to eq(false) } - end - - context 'with application_ingress' do - let(:application_ingress) { instance_double(Clusters::Applications::Ingress, available?: available?) } - - context 'with available? set to true' do - let(:available?) { true } - - it { is_expected.to eq(true) } - end - - context 'with available? set to false' do - let(:available?) { false } - - it { is_expected.to eq(false) } - end - end - end end diff --git a/spec/requests/api/lint_spec.rb b/spec/requests/api/lint_spec.rb index 3f131862a41..bc535e7e38a 100644 --- a/spec/requests/api/lint_spec.rb +++ b/spec/requests/api/lint_spec.rb @@ -4,168 +4,139 @@ require 'spec_helper' RSpec.describe API::Lint, feature_category: :pipeline_composition do describe 'POST /ci/lint' do - context 'when signup settings are disabled' do - before do - Gitlab::CurrentSettings.signup_enabled = false - end + it 'responds with a 410' do + user = create(:user) - context 'when unauthenticated' do - it 'returns authentication error' do - post api('/ci/lint'), params: { content: 'content' } + post api('/ci/lint', user), params: { content: "test_job:\n script: ls" } - expect(response).to have_gitlab_http_status(:unauthorized) - end - end - - context 'when authenticated' do - let_it_be(:api_user) { create(:user) } - - it 'returns authorized' do - post api('/ci/lint', api_user), params: { content: 'content' } + expect(response).to have_gitlab_http_status(:gone) + end - expect(response).to have_gitlab_http_status(:ok) - end + context 'when ci_remove_post_lint is disabled' do + before do + stub_feature_flags(ci_remove_post_lint: false) end - context 'when authenticated as external user' do - let(:project) { create(:project) } - let(:api_user) { create(:user, :external) } - - context 'when reporter in a project' do - before do - project.add_reporter(api_user) - end + context 'when signup settings are disabled' do + before do + Gitlab::CurrentSettings.signup_enabled = false + end - it 'returns authorization failure' do - post api('/ci/lint', api_user), params: { content: 'content' } + context 'when unauthenticated' do + it 'returns authentication error' do + post api('/ci/lint'), params: { content: 'content' } expect(response).to have_gitlab_http_status(:unauthorized) end end - context 'when developer in a project' do - before do - project.add_developer(api_user) - end + context 'when authenticated' do + let_it_be(:api_user) { create(:user) } - it 'returns authorization success' do + it 'returns authorized' do post api('/ci/lint', api_user), params: { content: 'content' } expect(response).to have_gitlab_http_status(:ok) end end - end - end - context 'when signup is enabled and not limited' do - before do - Gitlab::CurrentSettings.signup_enabled = true - stub_application_setting(domain_allowlist: [], email_restrictions_enabled: false, require_admin_approval_after_user_signup: false) - end + context 'when authenticated as external user' do + let(:project) { create(:project) } + let(:api_user) { create(:user, :external) } - context 'when unauthenticated' do - it 'returns authorized success' do - post api('/ci/lint'), params: { content: 'content' } + context 'when reporter in a project' do + before do + project.add_reporter(api_user) + end - expect(response).to have_gitlab_http_status(:ok) - end - end + it 'returns authorization failure' do + post api('/ci/lint', api_user), params: { content: 'content' } - context 'when authenticated' do - let_it_be(:api_user) { create(:user) } + expect(response).to have_gitlab_http_status(:unauthorized) + end + end - it 'returns authentication success' do - post api('/ci/lint', api_user), params: { content: 'content' } + context 'when developer in a project' do + before do + project.add_developer(api_user) + end - expect(response).to have_gitlab_http_status(:ok) + it 'returns authorization success' do + post api('/ci/lint', api_user), params: { content: 'content' } + + expect(response).to have_gitlab_http_status(:ok) + end + end end end - end - context 'when limited signup is enabled' do - before do - stub_application_setting(domain_allowlist: ['www.gitlab.com']) - Gitlab::CurrentSettings.signup_enabled = true - end + context 'when signup is enabled and not limited' do + before do + Gitlab::CurrentSettings.signup_enabled = true + stub_application_setting(domain_allowlist: [], email_restrictions_enabled: false, require_admin_approval_after_user_signup: false) + end - context 'when unauthenticated' do - it 'returns unauthorized' do - post api('/ci/lint'), params: { content: 'content' } + context 'when unauthenticated' do + it 'returns authorized success' do + post api('/ci/lint'), params: { content: 'content' } - expect(response).to have_gitlab_http_status(:unauthorized) + expect(response).to have_gitlab_http_status(:ok) + end end - end - context 'when authenticated' do - let_it_be(:api_user) { create(:user) } + context 'when authenticated' do + let_it_be(:api_user) { create(:user) } - it 'returns authentication success' do - post api('/ci/lint', api_user), params: { content: 'content' } + it 'returns authentication success' do + post api('/ci/lint', api_user), params: { content: 'content' } - expect(response).to have_gitlab_http_status(:ok) + expect(response).to have_gitlab_http_status(:ok) + end end end - end - context 'when authenticated' do - let_it_be(:api_user) { create(:user) } - - context 'with valid .gitlab-ci.yml content' do - let(:yaml_content) do - File.read(Rails.root.join('spec/support/gitlab_stubs/gitlab_ci.yml')) + context 'when limited signup is enabled' do + before do + stub_application_setting(domain_allowlist: ['www.gitlab.com']) + Gitlab::CurrentSettings.signup_enabled = true end - it 'passes validation without warnings or errors' do - post api('/ci/lint', api_user), params: { content: yaml_content } + context 'when unauthenticated' do + it 'returns unauthorized' do + post api('/ci/lint'), params: { content: 'content' } - expect(response).to have_gitlab_http_status(:ok) - expect(json_response).to be_an Hash - expect(json_response['status']).to eq('valid') - expect(json_response['warnings']).to match_array([]) - expect(json_response['errors']).to match_array([]) - expect(json_response['includes']).to eq([]) + expect(response).to have_gitlab_http_status(:unauthorized) + end end - it 'outputs expanded yaml content' do - post api('/ci/lint', api_user), params: { content: yaml_content, include_merged_yaml: true } - - expect(response).to have_gitlab_http_status(:ok) - expect(json_response).to have_key('merged_yaml') - end + context 'when authenticated' do + let_it_be(:api_user) { create(:user) } - it 'outputs jobs' do - post api('/ci/lint', api_user), params: { content: yaml_content, include_jobs: true } + it 'returns authentication success' do + post api('/ci/lint', api_user), params: { content: 'content' } - expect(response).to have_gitlab_http_status(:ok) - expect(json_response).to have_key('jobs') + expect(response).to have_gitlab_http_status(:ok) + end end end - context 'with valid .gitlab-ci.yml with warnings' do - let(:yaml_content) { { job: { script: 'ls', rules: [{ when: 'always' }] } }.to_yaml } - - it 'passes validation but returns warnings' do - post api('/ci/lint', api_user), params: { content: yaml_content } - - expect(response).to have_gitlab_http_status(:ok) - expect(json_response['status']).to eq('valid') - expect(json_response['warnings']).not_to be_empty - expect(json_response['errors']).to match_array([]) - end - end + context 'when authenticated' do + let_it_be(:api_user) { create(:user) } - context 'with an invalid .gitlab-ci.yml' do - context 'with invalid syntax' do - let(:yaml_content) { 'invalid content' } + context 'with valid .gitlab-ci.yml content' do + let(:yaml_content) do + File.read(Rails.root.join('spec/support/gitlab_stubs/gitlab_ci.yml')) + end - it 'responds with errors about invalid syntax' do + it 'passes validation without warnings or errors' do post api('/ci/lint', api_user), params: { content: yaml_content } expect(response).to have_gitlab_http_status(:ok) - expect(json_response['status']).to eq('invalid') - expect(json_response['warnings']).to eq([]) - expect(json_response['errors']).to eq(['Invalid configuration format']) - expect(json_response['includes']).to eq(nil) + expect(json_response).to be_an Hash + expect(json_response['status']).to eq('valid') + expect(json_response['warnings']).to match_array([]) + expect(json_response['errors']).to match_array([]) + expect(json_response['includes']).to eq([]) end it 'outputs expanded yaml content' do @@ -183,41 +154,84 @@ RSpec.describe API::Lint, feature_category: :pipeline_composition do end end - context 'with invalid configuration' do - let(:yaml_content) { '{ image: "image:1.0", services: ["postgres"] }' } + context 'with valid .gitlab-ci.yml with warnings' do + let(:yaml_content) { { job: { script: 'ls', rules: [{ when: 'always' }] } }.to_yaml } - it 'responds with errors about invalid configuration' do + it 'passes validation but returns warnings' do post api('/ci/lint', api_user), params: { content: yaml_content } expect(response).to have_gitlab_http_status(:ok) - expect(json_response['status']).to eq('invalid') - expect(json_response['warnings']).to eq([]) - expect(json_response['errors']).to eq(['jobs config should contain at least one visible job']) - expect(json_response['includes']).to eq([]) + expect(json_response['status']).to eq('valid') + expect(json_response['warnings']).not_to be_empty + expect(json_response['errors']).to match_array([]) end + end - it 'outputs expanded yaml content' do - post api('/ci/lint', api_user), params: { content: yaml_content, include_merged_yaml: true } + context 'with an invalid .gitlab-ci.yml' do + context 'with invalid syntax' do + let(:yaml_content) { 'invalid content' } - expect(response).to have_gitlab_http_status(:ok) - expect(json_response).to have_key('merged_yaml') + it 'responds with errors about invalid syntax' do + post api('/ci/lint', api_user), params: { content: yaml_content } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['status']).to eq('invalid') + expect(json_response['warnings']).to eq([]) + expect(json_response['errors']).to eq(['Invalid configuration format']) + expect(json_response['includes']).to eq(nil) + end + + it 'outputs expanded yaml content' do + post api('/ci/lint', api_user), params: { content: yaml_content, include_merged_yaml: true } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to have_key('merged_yaml') + end + + it 'outputs jobs' do + post api('/ci/lint', api_user), params: { content: yaml_content, include_jobs: true } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to have_key('jobs') + end end - it 'outputs jobs' do - post api('/ci/lint', api_user), params: { content: yaml_content, include_jobs: true } + context 'with invalid configuration' do + let(:yaml_content) { '{ image: "image:1.0", services: ["postgres"] }' } - expect(response).to have_gitlab_http_status(:ok) - expect(json_response).to have_key('jobs') + it 'responds with errors about invalid configuration' do + post api('/ci/lint', api_user), params: { content: yaml_content } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['status']).to eq('invalid') + expect(json_response['warnings']).to eq([]) + expect(json_response['errors']).to eq(['jobs config should contain at least one visible job']) + expect(json_response['includes']).to eq([]) + end + + it 'outputs expanded yaml content' do + post api('/ci/lint', api_user), params: { content: yaml_content, include_merged_yaml: true } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to have_key('merged_yaml') + end + + it 'outputs jobs' do + post api('/ci/lint', api_user), params: { content: yaml_content, include_jobs: true } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to have_key('jobs') + end end end - end - context 'without the content parameter' do - it 'responds with validation error about missing content' do - post api('/ci/lint', api_user) + context 'without the content parameter' do + it 'responds with validation error about missing content' do + post api('/ci/lint', api_user) - expect(response).to have_gitlab_http_status(:bad_request) - expect(json_response['error']).to eq('content is missing') + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response['error']).to eq('content is missing') + end end end end diff --git a/spec/requests/api/protected_branches_spec.rb b/spec/requests/api/protected_branches_spec.rb index 463893afd13..622e57edf6a 100644 --- a/spec/requests/api/protected_branches_spec.rb +++ b/spec/requests/api/protected_branches_spec.rb @@ -5,6 +5,7 @@ require 'spec_helper' RSpec.describe API::ProtectedBranches, feature_category: :source_code_management do let_it_be_with_reload(:project) { create(:project, :repository) } let_it_be(:maintainer) { create(:user) } + let_it_be(:developer) { create(:user) } let_it_be(:guest) { create(:user) } let(:protected_name) { 'feature' } @@ -16,12 +17,14 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management before_all do project.add_maintainer(maintainer) + project.add_developer(developer) project.add_guest(guest) end describe "GET /projects/:id/protected_branches" do let(:params) { {} } let(:route) { "/projects/#{project.id}/protected_branches" } + let(:expected_branch_names) { project.protected_branches.map { |x| x['name'] } } shared_examples_for 'protected branches' do it 'returns the protected branches' do @@ -39,9 +42,7 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management let(:user) { maintainer } context 'when search param is not present' do - it_behaves_like 'protected branches' do - let(:expected_branch_names) { project.protected_branches.map { |x| x['name'] } } - end + it_behaves_like 'protected branches' end context 'when search param is present' do @@ -53,6 +54,12 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management end end + context 'when authenticated as a developer' do + let(:user) { developer } + + it_behaves_like 'protected branches' + end + context 'when authenticated as a guest' do let(:user) { guest } @@ -105,6 +112,12 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management end end + context 'when authenticated as a developer' do + let(:user) { developer } + + it_behaves_like 'protected branch' + end + context 'when authenticated as a guest' do let(:user) { guest } @@ -243,10 +256,20 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management end end + context 'when authenticated as a developer' do + let(:user) { developer } + + it "returns a 403 error" do + post post_endpoint, params: { name: branch_name } + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + context 'when authenticated as a guest' do let(:user) { guest } - it "returns a 403 error if guest" do + it "returns a 403 error" do post post_endpoint, params: { name: branch_name } expect(response).to have_gitlab_http_status(:forbidden) @@ -295,6 +318,16 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management end end + context 'when authenticated as a developer' do + let(:user) { developer } + + it "returns a 403 error" do + patch api(route, user), params: { allow_force_push: true } + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + context 'when authenticated as a guest' do let(:user) { guest } @@ -307,42 +340,65 @@ RSpec.describe API::ProtectedBranches, feature_category: :source_code_management end describe "DELETE /projects/:id/protected_branches/unprotect/:branch" do - let(:user) { maintainer } let(:delete_endpoint) { api("/projects/#{project.id}/protected_branches/#{branch_name}", user) } - it "unprotects a single branch" do - delete delete_endpoint + context "when authenticated as a maintainer" do + let(:user) { maintainer } + + it "unprotects a single branch" do + delete delete_endpoint - expect(response).to have_gitlab_http_status(:no_content) - end + expect(response).to have_gitlab_http_status(:no_content) + end - it_behaves_like '412 response' do - let(:request) { delete_endpoint } - end + it_behaves_like '412 response' do + let(:request) { delete_endpoint } + end - it "returns 404 if branch does not exist" do - delete api("/projects/#{project.id}/protected_branches/barfoo", user) + it "returns 404 if branch does not exist" do + delete api("/projects/#{project.id}/protected_branches/barfoo", user) - expect(response).to have_gitlab_http_status(:not_found) + expect(response).to have_gitlab_http_status(:not_found) + end + + context 'when a policy restricts rule deletion' do + it "prevents deletion of the protected branch rule" do + disallow(:destroy_protected_branch, protected_branch) + + delete delete_endpoint + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + context 'when branch has a wildcard in its name' do + let(:protected_name) { 'feature*' } + + it "unprotects a wildcard branch" do + delete delete_endpoint + + expect(response).to have_gitlab_http_status(:no_content) + end + end end - context 'when a policy restricts rule deletion' do - it "prevents deletion of the protected branch rule" do - disallow(:destroy_protected_branch, protected_branch) + context 'when authenticated as a developer' do + let(:user) { developer } + it "returns a 403 error" do delete delete_endpoint expect(response).to have_gitlab_http_status(:forbidden) end end - context 'when branch has a wildcard in its name' do - let(:protected_name) { 'feature*' } + context 'when authenticated as a guest' do + let(:user) { guest } - it "unprotects a wildcard branch" do + it "returns a 403 error" do delete delete_endpoint - expect(response).to have_gitlab_http_status(:no_content) + expect(response).to have_gitlab_http_status(:forbidden) end end end |