summaryrefslogtreecommitdiff
path: root/spec/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'spec/controllers')
-rw-r--r--spec/controllers/oauth/authorizations_controller_spec.rb14
-rw-r--r--spec/controllers/projects/raw_controller_spec.rb12
-rw-r--r--spec/controllers/projects/repositories_controller_spec.rb12
3 files changed, 38 insertions, 0 deletions
diff --git a/spec/controllers/oauth/authorizations_controller_spec.rb b/spec/controllers/oauth/authorizations_controller_spec.rb
index 23d472f6853..f811f13def8 100644
--- a/spec/controllers/oauth/authorizations_controller_spec.rb
+++ b/spec/controllers/oauth/authorizations_controller_spec.rb
@@ -95,6 +95,20 @@ RSpec.describe Oauth::AuthorizationsController do
subject { post :create, params: params }
include_examples 'OAuth Authorizations require confirmed user'
+
+ context 'when application is confidential' do
+ before do
+ application.update(confidential: true)
+ params[:response_type] = 'token'
+ end
+
+ it 'does not allow the implicit flow' do
+ subject
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(response).to render_template('doorkeeper/authorizations/error')
+ end
+ end
end
describe 'DELETE #destroy' do
diff --git a/spec/controllers/projects/raw_controller_spec.rb b/spec/controllers/projects/raw_controller_spec.rb
index dfe7ba34e6d..b1c3c1c0276 100644
--- a/spec/controllers/projects/raw_controller_spec.rb
+++ b/spec/controllers/projects/raw_controller_spec.rb
@@ -250,6 +250,18 @@ RSpec.describe Projects::RawController do
expect(response.cache_control[:no_store]).to be_nil
end
+ context 'when a public project has private repo' do
+ let(:project) { create(:project, :public, :repository, :repository_private) }
+ let(:user) { create(:user, maintainer_projects: [project]) }
+
+ it 'does not set public caching header' do
+ sign_in user
+ request_file
+
+ expect(response.header['Cache-Control']).to include('max-age=60, private')
+ end
+ end
+
context 'when If-None-Match header is set' do
it 'returns a 304 status' do
request_file
diff --git a/spec/controllers/projects/repositories_controller_spec.rb b/spec/controllers/projects/repositories_controller_spec.rb
index e7f4a8a1422..e6327a72a68 100644
--- a/spec/controllers/projects/repositories_controller_spec.rb
+++ b/spec/controllers/projects/repositories_controller_spec.rb
@@ -137,6 +137,18 @@ RSpec.describe Projects::RepositoriesController do
expect(response.header['ETag']).to be_present
expect(response.header['Cache-Control']).to include('max-age=60, public')
end
+
+ context 'and repo is private' do
+ let(:project) { create(:project, :repository, :public, :repository_private) }
+
+ it 'sets appropriate caching headers' do
+ get_archive
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(response.header['ETag']).to be_present
+ expect(response.header['Cache-Control']).to include('max-age=60, private')
+ end
+ end
end
context 'when ref is a commit SHA' do
View Lorry Controller Status