summaryrefslogtreecommitdiff
path: root/spec/requests/api
diff options
context:
space:
mode:
Diffstat (limited to 'spec/requests/api')
-rw-r--r--spec/requests/api/ci/runner/jobs_request_post_spec.rb9
-rw-r--r--spec/requests/api/graphql/usage_trends_measurements_spec.rb (renamed from spec/requests/api/graphql/instance_statistics_measurements_spec.rb)12
-rw-r--r--spec/requests/api/lint_spec.rb19
-rw-r--r--spec/requests/api/npm_instance_packages_spec.rb5
-rw-r--r--spec/requests/api/npm_project_packages_spec.rb95
-rw-r--r--spec/requests/api/rubygem_packages_spec.rb172
6 files changed, 237 insertions, 75 deletions
diff --git a/spec/requests/api/ci/runner/jobs_request_post_spec.rb b/spec/requests/api/ci/runner/jobs_request_post_spec.rb
index 74d8e3f7ae8..3cc27d0e1eb 100644
--- a/spec/requests/api/ci/runner/jobs_request_post_spec.rb
+++ b/spec/requests/api/ci/runner/jobs_request_post_spec.rb
@@ -198,7 +198,12 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do
'when' => 'on_success' }]
end
- let(:expected_features) { { 'trace_sections' => true } }
+ let(:expected_features) do
+ {
+ 'trace_sections' => true,
+ 'failure_reasons' => include('script_failure')
+ }
+ end
it 'picks a job' do
request_job info: { platform: :darwin }
@@ -220,7 +225,7 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do
expect(json_response['artifacts']).to eq(expected_artifacts)
expect(json_response['cache']).to eq(expected_cache)
expect(json_response['variables']).to include(*expected_variables)
- expect(json_response['features']).to eq(expected_features)
+ expect(json_response['features']).to match(expected_features)
end
it 'creates persistent ref' do
diff --git a/spec/requests/api/graphql/instance_statistics_measurements_spec.rb b/spec/requests/api/graphql/usage_trends_measurements_spec.rb
index eb73dc59253..69a3ed7e09c 100644
--- a/spec/requests/api/graphql/instance_statistics_measurements_spec.rb
+++ b/spec/requests/api/graphql/usage_trends_measurements_spec.rb
@@ -2,22 +2,22 @@
require 'spec_helper'
-RSpec.describe 'InstanceStatisticsMeasurements' do
+RSpec.describe 'UsageTrendsMeasurements' do
include GraphqlHelpers
let(:current_user) { create(:user, :admin) }
- let!(:instance_statistics_measurement_1) { create(:instance_statistics_measurement, :project_count, recorded_at: 20.days.ago, count: 5) }
- let!(:instance_statistics_measurement_2) { create(:instance_statistics_measurement, :project_count, recorded_at: 10.days.ago, count: 10) }
+ let!(:usage_trends_measurement_1) { create(:usage_trends_measurement, :project_count, recorded_at: 20.days.ago, count: 5) }
+ let!(:usage_trends_measurement_2) { create(:usage_trends_measurement, :project_count, recorded_at: 10.days.ago, count: 10) }
let(:arguments) { 'identifier: PROJECTS' }
- let(:query) { graphql_query_for(:instanceStatisticsMeasurements, arguments, 'nodes { count identifier }') }
+ let(:query) { graphql_query_for(:UsageTrendsMeasurements, arguments, 'nodes { count identifier }') }
before do
post_graphql(query, current_user: current_user)
end
it 'returns measurement objects' do
- expect(graphql_data.dig('instanceStatisticsMeasurements', 'nodes')).to eq([
+ expect(graphql_data.dig('usageTrendsMeasurements', 'nodes')).to eq([
{ "count" => 10, 'identifier' => 'PROJECTS' },
{ "count" => 5, 'identifier' => 'PROJECTS' }
])
@@ -27,7 +27,7 @@ RSpec.describe 'InstanceStatisticsMeasurements' do
let(:arguments) { %(identifier: PROJECTS, recordedAfter: "#{15.days.ago.to_date}", recordedBefore: "#{5.days.ago.to_date}") }
it 'returns filtered measurement objects' do
- expect(graphql_data.dig('instanceStatisticsMeasurements', 'nodes')).to eq([
+ expect(graphql_data.dig('usageTrendsMeasurements', 'nodes')).to eq([
{ "count" => 10, 'identifier' => 'PROJECTS' }
])
end
diff --git a/spec/requests/api/lint_spec.rb b/spec/requests/api/lint_spec.rb
index 2316e702c3e..b5bf697e9e3 100644
--- a/spec/requests/api/lint_spec.rb
+++ b/spec/requests/api/lint_spec.rb
@@ -5,7 +5,9 @@ require 'spec_helper'
RSpec.describe API::Lint do
describe 'POST /ci/lint' do
context 'when signup settings are disabled' do
- Gitlab::CurrentSettings.signup_enabled = false
+ before do
+ Gitlab::CurrentSettings.signup_enabled = false
+ end
context 'when unauthenticated' do
it 'returns authentication error' do
@@ -16,22 +18,25 @@ RSpec.describe API::Lint do
end
context 'when authenticated' do
- it 'returns unauthorized error' do
- post api('/ci/lint'), params: { content: 'content' }
+ let_it_be(:api_user) { create(:user) }
+ it 'returns authorized' do
+ post api('/ci/lint', api_user), params: { content: 'content' }
- expect(response).to have_gitlab_http_status(:unauthorized)
+ expect(response).to have_gitlab_http_status(:ok)
end
end
end
context 'when signup settings are enabled' do
- Gitlab::CurrentSettings.signup_enabled = true
+ before do
+ Gitlab::CurrentSettings.signup_enabled = true
+ end
context 'when unauthenticated' do
- it 'returns authentication error' do
+ it 'returns authorized success' do
post api('/ci/lint'), params: { content: 'content' }
- expect(response).to have_gitlab_http_status(:unauthorized)
+ expect(response).to have_gitlab_http_status(:ok)
end
end
diff --git a/spec/requests/api/npm_instance_packages_spec.rb b/spec/requests/api/npm_instance_packages_spec.rb
index 70c76067a6e..698885ddcf4 100644
--- a/spec/requests/api/npm_instance_packages_spec.rb
+++ b/spec/requests/api/npm_instance_packages_spec.rb
@@ -3,6 +3,11 @@
require 'spec_helper'
RSpec.describe API::NpmInstancePackages do
+ # We need to create a subgroup with the same name as the hosting group.
+ # It has to be created first to exhibit this bug: https://gitlab.com/gitlab-org/gitlab/-/issues/321958
+ let_it_be(:another_namespace) { create(:group, :public) }
+ let_it_be(:similarly_named_group) { create(:group, :public, parent: another_namespace, name: 'test-group') }
+
include_context 'npm api setup'
describe 'GET /api/v4/packages/npm/*package_name' do
diff --git a/spec/requests/api/npm_project_packages_spec.rb b/spec/requests/api/npm_project_packages_spec.rb
index 7ea238c0607..e64b5ddc374 100644
--- a/spec/requests/api/npm_project_packages_spec.rb
+++ b/spec/requests/api/npm_project_packages_spec.rb
@@ -30,7 +30,7 @@ RSpec.describe API::NpmProjectPackages do
end
describe 'GET /api/v4/projects/:id/packages/npm/*package_name/-/*file_name' do
- let_it_be(:package_file) { package.package_files.first }
+ let(:package_file) { package.package_files.first }
let(:headers) { {} }
let(:url) { api("/projects/#{project.id}/packages/npm/#{package.name}/-/#{package_file.file_name}") }
@@ -127,24 +127,6 @@ RSpec.describe API::NpmProjectPackages do
context 'when params are correct' do
context 'invalid package record' do
- context 'unscoped package' do
- let(:package_name) { 'my_unscoped_package' }
- let(:params) { upload_params(package_name: package_name) }
-
- it_behaves_like 'handling invalid record with 400 error'
-
- context 'with empty versions' do
- let(:params) { upload_params(package_name: package_name).merge!(versions: {}) }
-
- it 'throws a 400 error' do
- expect { upload_package_with_token(package_name, params) }
- .not_to change { project.packages.count }
-
- expect(response).to have_gitlab_http_status(:bad_request)
- end
- end
- end
-
context 'invalid package name' do
let(:package_name) { "@#{group.path}/my_inv@@lid_package_name" }
let(:params) { upload_params(package_name: package_name) }
@@ -175,52 +157,71 @@ RSpec.describe API::NpmProjectPackages do
end
end
- context 'scoped package' do
- let(:package_name) { "@#{group.path}/my_package_name" }
+ context 'valid package record' do
let(:params) { upload_params(package_name: package_name) }
- context 'with access token' do
- subject { upload_package_with_token(package_name, params) }
+ shared_examples 'handling upload with different authentications' do
+ context 'with access token' do
+ subject { upload_package_with_token(package_name, params) }
+
+ it_behaves_like 'a package tracking event', 'API::NpmPackages', 'push_package'
+
+ it 'creates npm package with file' do
+ expect { subject }
+ .to change { project.packages.count }.by(1)
+ .and change { Packages::PackageFile.count }.by(1)
+ .and change { Packages::Tag.count }.by(1)
- it_behaves_like 'a package tracking event', 'API::NpmPackages', 'push_package'
+ expect(response).to have_gitlab_http_status(:ok)
+ end
+ end
- it 'creates npm package with file' do
- expect { subject }
+ it 'creates npm package with file with job token' do
+ expect { upload_package_with_job_token(package_name, params) }
.to change { project.packages.count }.by(1)
.and change { Packages::PackageFile.count }.by(1)
- .and change { Packages::Tag.count }.by(1)
expect(response).to have_gitlab_http_status(:ok)
end
- end
- it 'creates npm package with file with job token' do
- expect { upload_package_with_job_token(package_name, params) }
- .to change { project.packages.count }.by(1)
- .and change { Packages::PackageFile.count }.by(1)
+ context 'with an authenticated job token' do
+ let!(:job) { create(:ci_build, user: user) }
- expect(response).to have_gitlab_http_status(:ok)
- end
+ before do
+ Grape::Endpoint.before_each do |endpoint|
+ expect(endpoint).to receive(:current_authenticated_job) { job }
+ end
+ end
- context 'with an authenticated job token' do
- let!(:job) { create(:ci_build, user: user) }
+ after do
+ Grape::Endpoint.before_each nil
+ end
- before do
- Grape::Endpoint.before_each do |endpoint|
- expect(endpoint).to receive(:current_authenticated_job) { job }
+ it 'creates the package metadata' do
+ upload_package_with_token(package_name, params)
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(project.reload.packages.find(json_response['id']).original_build_info.pipeline).to eq job.pipeline
end
end
+ end
- after do
- Grape::Endpoint.before_each nil
- end
+ context 'with a scoped name' do
+ let(:package_name) { "@#{group.path}/my_package_name" }
- it 'creates the package metadata' do
- upload_package_with_token(package_name, params)
+ it_behaves_like 'handling upload with different authentications'
+ end
- expect(response).to have_gitlab_http_status(:ok)
- expect(project.reload.packages.find(json_response['id']).original_build_info.pipeline).to eq job.pipeline
- end
+ context 'with any scoped name' do
+ let(:package_name) { "@any_scope/my_package_name" }
+
+ it_behaves_like 'handling upload with different authentications'
+ end
+
+ context 'with an unscoped name' do
+ let(:package_name) { "my_unscoped_package_name" }
+
+ it_behaves_like 'handling upload with different authentications'
end
end
diff --git a/spec/requests/api/rubygem_packages_spec.rb b/spec/requests/api/rubygem_packages_spec.rb
index 5dd68bf9b10..c97072ee9cd 100644
--- a/spec/requests/api/rubygem_packages_spec.rb
+++ b/spec/requests/api/rubygem_packages_spec.rb
@@ -3,9 +3,11 @@
require 'spec_helper'
RSpec.describe API::RubygemPackages do
+ include PackagesManagerApiSpecHelpers
+ include WorkhorseHelpers
using RSpec::Parameterized::TableSyntax
- let_it_be(:project) { create(:project) }
+ let_it_be_with_reload(:project) { create(:project) }
let_it_be(:personal_access_token) { create(:personal_access_token) }
let_it_be(:user) { personal_access_token.user }
let_it_be(:job) { create(:ci_build, :running, user: user) }
@@ -13,6 +15,14 @@ RSpec.describe API::RubygemPackages do
let_it_be(:project_deploy_token) { create(:project_deploy_token, deploy_token: deploy_token, project: project) }
let_it_be(:headers) { {} }
+ let(:tokens) do
+ {
+ personal_access_token: personal_access_token.token,
+ deploy_token: deploy_token.token,
+ job_token: job.token
+ }
+ end
+
shared_examples 'when feature flag is disabled' do
let(:headers) do
{ 'HTTP_AUTHORIZATION' => personal_access_token.token }
@@ -42,14 +52,6 @@ RSpec.describe API::RubygemPackages do
{ 'HTTP_AUTHORIZATION' => token }
end
- let(:tokens) do
- {
- personal_access_token: personal_access_token.token,
- deploy_token: deploy_token.token,
- job_token: job.token
- }
- end
-
where(:user_role, :token_type, :valid_token, :status) do
:guest | :personal_access_token | true | :not_found
:guest | :personal_access_token | false | :unauthorized
@@ -114,19 +116,163 @@ RSpec.describe API::RubygemPackages do
end
describe 'POST /api/v4/projects/:project_id/packages/rubygems/api/v1/gems/authorize' do
+ include_context 'workhorse headers'
+
let(:url) { api("/projects/#{project.id}/packages/rubygems/api/v1/gems/authorize") }
+ let(:headers) { {} }
subject { post(url, headers: headers) }
- it_behaves_like 'an unimplemented route'
+ context 'with valid project' do
+ where(:visibility, :user_role, :member, :token_type, :valid_token, :shared_examples_name, :expected_status) do
+ :public | :developer | true | :personal_access_token | true | 'process rubygems workhorse authorization' | :success
+ :public | :guest | true | :personal_access_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :developer | true | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :guest | true | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :developer | false | :personal_access_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :guest | false | :personal_access_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :developer | false | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :guest | false | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :anonymous | false | :personal_access_token | true | 'rejects rubygems packages access' | :unauthorized
+ :private | :developer | true | :personal_access_token | true | 'process rubygems workhorse authorization' | :success
+ :private | :guest | true | :personal_access_token | true | 'rejects rubygems packages access' | :forbidden
+ :private | :developer | true | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :guest | true | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :developer | false | :personal_access_token | true | 'rejects rubygems packages access' | :not_found
+ :private | :guest | false | :personal_access_token | true | 'rejects rubygems packages access' | :not_found
+ :private | :developer | false | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :guest | false | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :anonymous | false | :personal_access_token | true | 'rejects rubygems packages access' | :unauthorized
+ :public | :developer | true | :job_token | true | 'process rubygems workhorse authorization' | :success
+ :public | :guest | true | :job_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :developer | true | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :guest | true | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :developer | false | :job_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :guest | false | :job_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :developer | false | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :guest | false | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :developer | true | :job_token | true | 'process rubygems workhorse authorization' | :success
+ :private | :guest | true | :job_token | true | 'rejects rubygems packages access' | :forbidden
+ :private | :developer | true | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :guest | true | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :developer | false | :job_token | true | 'rejects rubygems packages access' | :not_found
+ :private | :guest | false | :job_token | true | 'rejects rubygems packages access' | :not_found
+ :private | :developer | false | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :guest | false | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :developer | true | :deploy_token | true | 'process rubygems workhorse authorization' | :success
+ :public | :developer | true | :deploy_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :developer | true | :deploy_token | true | 'process rubygems workhorse authorization' | :success
+ :private | :developer | true | :deploy_token | false | 'rejects rubygems packages access' | :unauthorized
+ end
+
+ with_them do
+ let(:token) { valid_token ? tokens[token_type] : 'invalid-token123' }
+ let(:user_headers) { user_role == :anonymous ? {} : { 'HTTP_AUTHORIZATION' => token } }
+ let(:headers) { user_headers.merge(workhorse_headers) }
+
+ before do
+ project.update!(visibility: visibility.to_s)
+ end
+
+ it_behaves_like params[:shared_examples_name], params[:user_role], params[:expected_status], params[:member]
+ end
+ end
end
describe 'POST /api/v4/projects/:project_id/packages/rubygems/api/v1/gems' do
- let(:url) { api("/projects/#{project.id}/packages/rubygems/api/v1/gems") }
+ include_context 'workhorse headers'
+
+ let(:url) { "/projects/#{project.id}/packages/rubygems/api/v1/gems" }
+
+ let_it_be(:file_name) { 'package.gem' }
+ let(:headers) { {} }
+ let(:params) { { file: temp_file(file_name) } }
+ let(:file_key) { :file }
+ let(:send_rewritten_field) { true }
+
+ subject do
+ workhorse_finalize(
+ api(url),
+ method: :post,
+ file_key: file_key,
+ params: params,
+ headers: headers,
+ send_rewritten_field: send_rewritten_field
+ )
+ end
- subject { post(url, headers: headers) }
+ context 'with valid project' do
+ where(:visibility, :user_role, :member, :token_type, :valid_token, :shared_examples_name, :expected_status) do
+ :public | :developer | true | :personal_access_token | true | 'process rubygems upload' | :created
+ :public | :guest | true | :personal_access_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :developer | true | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :guest | true | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :developer | false | :personal_access_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :guest | false | :personal_access_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :developer | false | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :guest | false | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :anonymous | false | :personal_access_token | true | 'rejects rubygems packages access' | :unauthorized
+ :private | :developer | true | :personal_access_token | true | 'process rubygems upload' | :created
+ :private | :guest | true | :personal_access_token | true | 'rejects rubygems packages access' | :forbidden
+ :private | :developer | true | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :guest | true | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :developer | false | :personal_access_token | true | 'rejects rubygems packages access' | :not_found
+ :private | :guest | false | :personal_access_token | true | 'rejects rubygems packages access' | :not_found
+ :private | :developer | false | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :guest | false | :personal_access_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :anonymous | false | :personal_access_token | true | 'rejects rubygems packages access' | :unauthorized
+ :public | :developer | true | :job_token | true | 'process rubygems upload' | :created
+ :public | :guest | true | :job_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :developer | true | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :guest | true | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :developer | false | :job_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :guest | false | :job_token | true | 'rejects rubygems packages access' | :forbidden
+ :public | :developer | false | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :guest | false | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :developer | true | :job_token | true | 'process rubygems upload' | :created
+ :private | :guest | true | :job_token | true | 'rejects rubygems packages access' | :forbidden
+ :private | :developer | true | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :guest | true | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :developer | false | :job_token | true | 'rejects rubygems packages access' | :not_found
+ :private | :guest | false | :job_token | true | 'rejects rubygems packages access' | :not_found
+ :private | :developer | false | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :guest | false | :job_token | false | 'rejects rubygems packages access' | :unauthorized
+ :public | :developer | true | :deploy_token | true | 'process rubygems upload' | :created
+ :public | :developer | true | :deploy_token | false | 'rejects rubygems packages access' | :unauthorized
+ :private | :developer | true | :deploy_token | true | 'process rubygems upload' | :created
+ :private | :developer | true | :deploy_token | false | 'rejects rubygems packages access' | :unauthorized
+ end
- it_behaves_like 'an unimplemented route'
+ with_them do
+ let(:token) { valid_token ? tokens[token_type] : 'invalid-token123' }
+ let(:user_headers) { user_role == :anonymous ? {} : { 'HTTP_AUTHORIZATION' => token } }
+ let(:headers) { user_headers.merge(workhorse_headers) }
+
+ before do
+ project.update!(visibility: visibility.to_s)
+ end
+
+ it_behaves_like params[:shared_examples_name], params[:user_role], params[:expected_status], params[:member]
+ end
+
+ context 'failed package file save' do
+ let(:user_headers) { { 'HTTP_AUTHORIZATION' => personal_access_token.token } }
+ let(:headers) { user_headers.merge(workhorse_headers) }
+
+ before do
+ project.add_developer(user)
+ end
+
+ it 'does not create package record', :aggregate_failures do
+ allow(Packages::CreatePackageFileService).to receive(:new).and_raise(StandardError)
+
+ expect { subject }
+ .to change { project.packages.count }.by(0)
+ .and change { Packages::PackageFile.count }.by(0)
+ expect(response).to have_gitlab_http_status(:error)
+ end
+ end
+ end
end
describe 'GET /api/v4/projects/:project_id/packages/rubygems/api/v1/dependencies' do
View Lorry Controller Status