1 files changed, 83 insertions, 55 deletions

diff --git a/spec/controllers/projects/commits_controller_spec.rb b/spec/controllers/projects/commits_controller_spec.rb
index a43bdd3ea80..5c72dab698c 100644
--- a/spec/controllers/projects/commits_controller_spec.rb
+++ b/spec/controllers/projects/commits_controller_spec.rb
@@ -5,87 +5,115 @@ describe Projects::CommitsController do
   let(:user) { create(:user) }
 
   before do
-    sign_in(user)
     project.add_maintainer(user)
   end
 
-  describe "GET commits_root" do
-    context "no ref is provided" do
-      it 'should redirect to the default branch of the project' do
-        get(:commits_root,
-            namespace_id: project.namespace,
-            project_id: project)
+  context 'signed in' do
+    before do
+      sign_in(user)
+    end
+
+    describe "GET commits_root" do
+      context "no ref is provided" do
+        it 'should redirect to the default branch of the project' do
+          get(:commits_root,
+              namespace_id: project.namespace,
+              project_id: project)
 
-        expect(response).to redirect_to project_commits_path(project)
+          expect(response).to redirect_to project_commits_path(project)
+        end
       end
     end
-  end
 
-  describe "GET show" do
-    render_views
+    describe "GET show" do
+      render_views
 
-    context 'with file path' do
-      before do
-        get(:show,
-            namespace_id: project.namespace,
-            project_id: project,
-            id: id)
-      end
+      context 'with file path' do
+        before do
+          get(:show,
+              namespace_id: project.namespace,
+              project_id: project,
+              id: id)
+        end
 
-      context "valid branch, valid file" do
-        let(:id) { 'master/README.md' }
+        context "valid branch, valid file" do
+          let(:id) { 'master/README.md' }
 
-        it { is_expected.to respond_with(:success) }
-      end
+          it { is_expected.to respond_with(:success) }
+        end
 
-      context "valid branch, invalid file" do
-        let(:id) { 'master/invalid-path.rb' }
+        context "valid branch, invalid file" do
+          let(:id) { 'master/invalid-path.rb' }
 
-        it { is_expected.to respond_with(:not_found) }
-      end
+          it { is_expected.to respond_with(:not_found) }
+        end
 
-      context "invalid branch, valid file" do
-        let(:id) { 'invalid-branch/README.md' }
+        context "invalid branch, valid file" do
+          let(:id) { 'invalid-branch/README.md' }
 
-        it { is_expected.to respond_with(:not_found) }
+          it { is_expected.to respond_with(:not_found) }
+        end
       end
-    end
 
-    context "when the ref name ends in .atom" do
-      context "when the ref does not exist with the suffix" do
-        before do
-          get(:show,
-              namespace_id: project.namespace,
-              project_id: project,
-              id: "master.atom")
+      context "when the ref name ends in .atom" do
+        context "when the ref does not exist with the suffix" do
+          before do
+            get(:show,
+                namespace_id: project.namespace,
+                project_id: project,
+                id: "master.atom")
+          end
+
+          it "renders as atom" do
+            expect(response).to be_success
+            expect(response.content_type).to eq('application/atom+xml')
+          end
+
+          it 'renders summary with type=html' do
+            expect(response.body).to include('<summary type="html">')
+          end
         end
 
-        it "renders as atom" do
-          expect(response).to be_success
-          expect(response.content_type).to eq('application/atom+xml')
-        end
+        context "when the ref exists with the suffix" do
+          before do
+            commit = project.repository.commit('master')
 
-        it 'renders summary with type=html' do
-          expect(response.body).to include('<summary type="html">')
+            allow_any_instance_of(Repository).to receive(:commit).and_call_original
+            allow_any_instance_of(Repository).to receive(:commit).with('master.atom').and_return(commit)
+
+            get(:show,
+                namespace_id: project.namespace,
+                project_id: project,
+                id: "master.atom")
+          end
+
+          it "renders as HTML" do
+            expect(response).to be_success
+            expect(response.content_type).to eq('text/html')
+          end
         end
       end
+    end
+  end
 
-      context "when the ref exists with the suffix" do
+  context 'token authentication' do
+    context 'public project' do
+      it_behaves_like 'authenticates sessionless user', :show, :atom, public: true do
         before do
-          commit = project.repository.commit('master')
+          public_project = create(:project, :repository, :public)
 
-          allow_any_instance_of(Repository).to receive(:commit).and_call_original
-          allow_any_instance_of(Repository).to receive(:commit).with('master.atom').and_return(commit)
-
-          get(:show,
-              namespace_id: project.namespace,
-              project_id: project,
-              id: "master.atom")
+          default_params.merge!(namespace_id: public_project.namespace, project_id: public_project, id: "master.atom")
         end
+      end
+    end
+
+    context 'private project' do
+      it_behaves_like 'authenticates sessionless user', :show, :atom, public: false do
+        before do
+          private_project = create(:project, :repository, :private)
+          private_project.add_maintainer(user)
 
-        it "renders as HTML" do
-          expect(response).to be_success
-          expect(response.content_type).to eq('text/html')
+          default_params.merge!(namespace_id: private_project.namespace, project_id: private_project, id: "master.atom")
         end
       end
     end