diff options
Diffstat (limited to 'spec/requests/api/internal/base_spec.rb')
-rw-r--r-- | spec/requests/api/internal/base_spec.rb | 139 |
1 files changed, 139 insertions, 0 deletions
diff --git a/spec/requests/api/internal/base_spec.rb b/spec/requests/api/internal/base_spec.rb index 7d219954e9d..873189af397 100644 --- a/spec/requests/api/internal/base_spec.rb +++ b/spec/requests/api/internal/base_spec.rb @@ -120,6 +120,138 @@ RSpec.describe API::Internal::Base do end end + describe 'POST /internal/personal_access_token' do + it 'returns an error message when the key does not exist' do + post api('/internal/personal_access_token'), + params: { + secret_token: secret_token, + key_id: non_existing_record_id + } + + expect(json_response['success']).to be_falsey + expect(json_response['message']).to eq('Could not find the given key') + end + + it 'returns an error message when the key is a deploy key' do + deploy_key = create(:deploy_key) + + post api('/internal/personal_access_token'), + params: { + secret_token: secret_token, + key_id: deploy_key.id + } + + expect(json_response['success']).to be_falsey + expect(json_response['message']).to eq('Deploy keys cannot be used to create personal access tokens') + end + + it 'returns an error message when the user does not exist' do + key_without_user = create(:key, user: nil) + + post api('/internal/personal_access_token'), + params: { + secret_token: secret_token, + key_id: key_without_user.id + } + + expect(json_response['success']).to be_falsey + expect(json_response['message']).to eq('Could not find a user for the given key') + expect(json_response['token']).to be_nil + end + + it 'returns an error message when given an non existent user' do + post api('/internal/personal_access_token'), + params: { + secret_token: secret_token, + user_id: 0 + } + + expect(json_response['success']).to be_falsey + expect(json_response['message']).to eq("Could not find the given user") + end + + it 'returns an error message when no name parameter is received' do + post api('/internal/personal_access_token'), + params: { + secret_token: secret_token, + key_id: key.id + } + + expect(json_response['success']).to be_falsey + expect(json_response['message']).to eq("No token name specified") + end + + it 'returns an error message when no scopes parameter is received' do + post api('/internal/personal_access_token'), + params: { + secret_token: secret_token, + key_id: key.id, + name: 'newtoken' + } + + expect(json_response['success']).to be_falsey + expect(json_response['message']).to eq("No token scopes specified") + end + + it 'returns an error message when expires_at contains an invalid date' do + post api('/internal/personal_access_token'), + params: { + secret_token: secret_token, + key_id: key.id, + name: 'newtoken', + scopes: ['api'], + expires_at: 'invalid-date' + } + + expect(json_response['success']).to be_falsey + expect(json_response['message']).to eq("Invalid token expiry date: 'invalid-date'") + end + + it 'returns an error message when it receives an invalid scope' do + post api('/internal/personal_access_token'), + params: { + secret_token: secret_token, + key_id: key.id, + name: 'newtoken', + scopes: %w(read_api badscope read_repository) + } + + expect(json_response['success']).to be_falsey + expect(json_response['message']).to match(/\AInvalid scope: 'badscope'. Valid scopes are: /) + end + + it 'returns a token without expiry when the expires_at parameter is missing' do + post api('/internal/personal_access_token'), + params: { + secret_token: secret_token, + key_id: key.id, + name: 'newtoken', + scopes: %w(read_api read_repository) + } + + expect(json_response['success']).to be_truthy + expect(json_response['token']).to match(/\A\S{20}\z/) + expect(json_response['scopes']).to match_array(%w(read_api read_repository)) + expect(json_response['expires_at']).to be_nil + end + + it 'returns a token with expiry when it receives a valid expires_at parameter' do + post api('/internal/personal_access_token'), + params: { + secret_token: secret_token, + key_id: key.id, + name: 'newtoken', + scopes: %w(read_api read_repository), + expires_at: '9001-11-17' + } + + expect(json_response['success']).to be_truthy + expect(json_response['token']).to match(/\A\S{20}\z/) + expect(json_response['scopes']).to match_array(%w(read_api read_repository)) + expect(json_response['expires_at']).to eq('9001-11-17') + end + end + describe "POST /internal/lfs_authenticate" do before do project.add_developer(user) @@ -321,6 +453,8 @@ RSpec.describe API::Internal::Base do expect(json_response["status"]).to be_truthy expect(json_response["gl_project_path"]).to eq(project.wiki.full_path) expect(json_response["gl_repository"]).to eq("wiki-#{project.id}") + expect(json_response["gl_key_type"]).to eq("key") + expect(json_response["gl_key_id"]).to eq(key.id) expect(user.reload.last_activity_on).to be_nil end @@ -444,6 +578,8 @@ RSpec.describe API::Internal::Base do expect(json_response["status"]).to be_truthy expect(json_response["gl_repository"]).to eq("project-#{project.id}") expect(json_response["gl_project_path"]).to eq(project.full_path) + expect(json_response["gl_key_type"]).to eq("key") + expect(json_response["gl_key_id"]).to eq(key.id) expect(json_response["gitaly"]).not_to be_nil expect(json_response["gitaly"]["repository"]).not_to be_nil expect(json_response["gitaly"]["repository"]["storage_name"]).to eq(project.repository.gitaly_repository.storage_name) @@ -547,6 +683,7 @@ RSpec.describe API::Internal::Base do } } end + let(:console_messages) { ['informational message'] } let(:custom_action_result) { Gitlab::GitAccessResult::CustomAction.new(payload, console_messages) } @@ -706,6 +843,8 @@ RSpec.describe API::Internal::Base do expect(response).to have_gitlab_http_status(:ok) expect(json_response["status"]).to be_truthy expect(json_response["gitaly"]).not_to be_nil + expect(json_response["gl_key_type"]).to eq("deploy_key") + expect(json_response["gl_key_id"]).to eq(key.id) expect(json_response["gitaly"]["repository"]).not_to be_nil expect(json_response["gitaly"]["repository"]["storage_name"]).to eq(project.repository.gitaly_repository.storage_name) expect(json_response["gitaly"]["repository"]["relative_path"]).to eq(project.repository.gitaly_repository.relative_path) |