summaryrefslogtreecommitdiff
path: root/spec/requests/api/snippets_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/requests/api/snippets_spec.rb')
-rw-r--r--spec/requests/api/snippets_spec.rb136
1 files changed, 96 insertions, 40 deletions
diff --git a/spec/requests/api/snippets_spec.rb b/spec/requests/api/snippets_spec.rb
index 3e30dc537e4..c12c95ae2e0 100644
--- a/spec/requests/api/snippets_spec.rb
+++ b/spec/requests/api/snippets_spec.rb
@@ -3,7 +3,7 @@
require 'spec_helper'
describe API::Snippets do
- let!(:user) { create(:user) }
+ let_it_be(:user) { create(:user) }
describe 'GET /snippets/' do
it 'returns snippets available' do
@@ -90,7 +90,7 @@ describe API::Snippets do
describe 'GET /snippets/:id/raw' do
let_it_be(:author) { create(:user) }
- let_it_be(:snippet) { create(:personal_snippet, :private, author: author) }
+ let_it_be(:snippet) { create(:personal_snippet, :repository, :private, author: author) }
it 'requires authentication' do
get api("/snippets/#{snippet.id}", nil)
@@ -103,7 +103,6 @@ describe API::Snippets do
expect(response).to have_gitlab_http_status(:ok)
expect(response.content_type).to eq 'text/plain'
- expect(response.body).to eq(snippet.content)
end
it 'forces attachment content disposition' do
@@ -134,6 +133,12 @@ describe API::Snippets do
expect(response).to have_gitlab_http_status(:ok)
end
+
+ it_behaves_like 'snippet blob content' do
+ let_it_be(:snippet_with_empty_repo) { create(:personal_snippet, :empty_repo, :private, author: author) }
+
+ subject { get api("/snippets/#{snippet.id}/raw", snippet.author) }
+ end
end
describe 'GET /snippets/:id' do
@@ -155,22 +160,12 @@ describe API::Snippets do
expect(json_response['title']).to eq(private_snippet.title)
expect(json_response['description']).to eq(private_snippet.description)
- expect(json_response['file_name']).to eq(private_snippet.file_name)
+ expect(json_response['file_name']).to eq(private_snippet.file_name_on_repo)
expect(json_response['visibility']).to eq(private_snippet.visibility)
expect(json_response['ssh_url_to_repo']).to eq(private_snippet.ssh_url_to_repo)
expect(json_response['http_url_to_repo']).to eq(private_snippet.http_url_to_repo)
end
- context 'when feature flag :version_snippets is disabled' do
- before do
- stub_feature_flags(version_snippets: false)
-
- get api("/snippets/#{private_snippet.id}", author)
- end
-
- it_behaves_like 'snippet response without repository URLs'
- end
-
it 'shows private snippets to an admin' do
get api("/snippets/#{private_snippet.id}", admin)
@@ -200,7 +195,7 @@ describe API::Snippets do
end
describe 'POST /snippets/' do
- let(:params) do
+ let(:base_params) do
{
title: 'Test Title',
file_name: 'test.rb',
@@ -209,12 +204,14 @@ describe API::Snippets do
visibility: 'public'
}
end
+ let(:params) { base_params.merge(extra_params) }
+ let(:extra_params) { {} }
+
+ subject { post api("/snippets/", user), params: params }
shared_examples 'snippet creation' do
let(:snippet) { Snippet.find(json_response["id"]) }
- subject { post api("/snippets/", user), params: params }
-
it 'creates a new snippet' do
expect do
subject
@@ -240,18 +237,6 @@ describe API::Snippets do
expect(blob.data).to eq params[:content]
end
-
- context 'when feature flag :version_snippets is disabled' do
- it 'does not create snippet repository' do
- stub_feature_flags(version_snippets: false)
-
- expect do
- subject
- end.to change { PersonalSnippet.count }.by(1)
-
- expect(snippet.repository_exists?).to be_falsey
- end
- end
end
context 'with restricted visibility settings' do
@@ -270,7 +255,7 @@ describe API::Snippets do
let(:user) { create(:user, :external) }
it 'does not create a new snippet' do
- post api("/snippets/", user), params: params
+ subject
expect(response).to have_gitlab_http_status(:forbidden)
end
@@ -279,16 +264,44 @@ describe API::Snippets do
it 'returns 400 for missing parameters' do
params.delete(:title)
- post api("/snippets/", user), params: params
+ subject
expect(response).to have_gitlab_http_status(:bad_request)
end
- context 'when the snippet is spam' do
- def create_snippet(snippet_params = {})
- post api('/snippets', user), params: params.merge(snippet_params)
+ it 'returns 400 if content is blank' do
+ params[:content] = ''
+
+ subject
+
+ expect(response).to have_gitlab_http_status(:bad_request)
+ expect(json_response['error']).to eq 'content is empty'
+ end
+
+ it 'returns 400 if title is blank' do
+ params[:title] = ''
+
+ subject
+
+ expect(response).to have_gitlab_http_status(:bad_request)
+ expect(json_response['error']).to eq 'title is empty'
+ end
+
+ context 'when save fails because the repository could not be created' do
+ before do
+ allow_next_instance_of(Snippets::CreateService) do |instance|
+ allow(instance).to receive(:create_repository).and_raise(Snippets::CreateService::CreateRepositoryError)
+ end
end
+ it 'returns 400' do
+ subject
+
+ expect(response).to have_gitlab_http_status(:bad_request)
+ end
+ end
+
+ context 'when the snippet is spam' do
before do
allow_next_instance_of(Spam::AkismetService) do |instance|
allow(instance).to receive(:spam?).and_return(true)
@@ -296,23 +309,25 @@ describe API::Snippets do
end
context 'when the snippet is private' do
+ let(:extra_params) { { visibility: 'private' } }
+
it 'creates the snippet' do
- expect { create_snippet(visibility: 'private') }
- .to change { Snippet.count }.by(1)
+ expect { subject }.to change { Snippet.count }.by(1)
end
end
context 'when the snippet is public' do
+ let(:extra_params) { { visibility: 'public' } }
+
it 'rejects the shippet' do
- expect { create_snippet(visibility: 'public') }
- .not_to change { Snippet.count }
+ expect { subject }.not_to change { Snippet.count }
expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response['message']).to eq({ "error" => "Spam detected" })
end
it 'creates a spam log' do
- expect { create_snippet(visibility: 'public') }
+ expect { subject }
.to log_spam(title: 'Test Title', user_id: user.id, noteable_type: 'PersonalSnippet')
end
end
@@ -320,8 +335,9 @@ describe API::Snippets do
end
describe 'PUT /snippets/:id' do
+ let_it_be(:other_user) { create(:user) }
+
let(:visibility_level) { Snippet::PUBLIC }
- let(:other_user) { create(:user) }
let(:snippet) do
create(:personal_snippet, :repository, author: user, visibility_level: visibility_level)
end
@@ -373,6 +389,20 @@ describe API::Snippets do
expect(response).to have_gitlab_http_status(:bad_request)
end
+ it 'returns 400 if content is blank' do
+ update_snippet(params: { content: '' })
+
+ expect(response).to have_gitlab_http_status(:bad_request)
+ expect(json_response['error']).to eq 'content is empty'
+ end
+
+ it 'returns 400 if title is blank' do
+ update_snippet(params: { title: '' })
+
+ expect(response).to have_gitlab_http_status(:bad_request)
+ expect(json_response['error']).to eq 'title is empty'
+ end
+
it_behaves_like 'update with repository actions' do
let(:snippet_without_repo) { create(:personal_snippet, author: user, visibility_level: visibility_level) }
end
@@ -424,6 +454,32 @@ describe API::Snippets do
end
end
+ context "when admin" do
+ let(:admin) { create(:admin) }
+ let(:token) { create(:personal_access_token, user: admin, scopes: [:sudo]) }
+
+ subject do
+ put api("/snippets/#{snippet.id}", admin, personal_access_token: token), params: { visibility: 'private', sudo: user.id }
+ end
+
+ context 'when sudo is defined' do
+ it 'returns 200 and updates snippet visibility' do
+ expect(snippet.visibility).not_to eq('private')
+
+ subject
+
+ expect(response).to have_gitlab_http_status(:success)
+ expect(json_response["visibility"]).to eq 'private'
+ end
+
+ it 'does not commit data' do
+ expect_any_instance_of(SnippetRepository).not_to receive(:multi_files_action)
+
+ subject
+ end
+ end
+ end
+
def update_snippet(snippet_id: snippet.id, params: {}, requester: user)
put api("/snippets/#{snippet_id}", requester), params: params
end