diff options
Diffstat (limited to 'spec/requests/api/ci/runner/jobs_artifacts_spec.rb')
-rw-r--r-- | spec/requests/api/ci/runner/jobs_artifacts_spec.rb | 42 |
1 files changed, 39 insertions, 3 deletions
diff --git a/spec/requests/api/ci/runner/jobs_artifacts_spec.rb b/spec/requests/api/ci/runner/jobs_artifacts_spec.rb index 9369b6aa464..017a12a4a40 100644 --- a/spec/requests/api/ci/runner/jobs_artifacts_spec.rb +++ b/spec/requests/api/ci/runner/jobs_artifacts_spec.rb @@ -127,7 +127,7 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do authorize_artifacts_with_token_in_params end - it_behaves_like 'API::CI::Runner application context metadata', '/api/:version/jobs/:id/artifacts/authorize' do + it_behaves_like 'API::CI::Runner application context metadata', 'POST /api/:version/jobs/:id/artifacts/authorize' do let(:send_request) { subject } end @@ -180,6 +180,18 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do it_behaves_like 'authorizes local file' end end + + context 'when job does not exist anymore' do + before do + allow(job).to receive(:id).and_return(non_existing_record_id) + end + + it 'returns 403 Forbidden' do + subject + + expect(response).to have_gitlab_http_status(:forbidden) + end + end end end @@ -262,7 +274,7 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do end describe 'POST /api/v4/jobs/:id/artifacts' do - it_behaves_like 'API::CI::Runner application context metadata', '/api/:version/jobs/:id/artifacts' do + it_behaves_like 'API::CI::Runner application context metadata', 'POST /api/:version/jobs/:id/artifacts' do let(:send_request) do upload_artifacts(file_upload, headers_with_token) end @@ -321,6 +333,18 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do end end + context 'when job does not exist anymore' do + before do + allow(job).to receive(:id).and_return(non_existing_record_id) + end + + it 'returns 403 Forbidden' do + upload_artifacts(file_upload, headers_with_token) + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + context 'when job is running' do shared_examples 'successful artifacts upload' do it 'updates successfully' do @@ -784,7 +808,7 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do describe 'GET /api/v4/jobs/:id/artifacts' do let(:token) { job.token } - it_behaves_like 'API::CI::Runner application context metadata', '/api/:version/jobs/:id/artifacts' do + it_behaves_like 'API::CI::Runner application context metadata', 'GET /api/:version/jobs/:id/artifacts' do let(:send_request) { download_artifact } end @@ -867,6 +891,18 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do end end + context 'when job does not exist anymore' do + before do + allow(job).to receive(:id).and_return(non_existing_record_id) + end + + it 'responds with 403 Forbidden' do + get api("/jobs/#{job.id}/artifacts"), params: { token: token }, headers: headers + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + def download_artifact(params = {}, request_headers = headers) params = params.merge(token: token) job.reload |