diff options
Diffstat (limited to 'spec/requests/projects/google_cloud/deployments_controller_spec.rb')
-rw-r--r-- | spec/requests/projects/google_cloud/deployments_controller_spec.rb | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/spec/requests/projects/google_cloud/deployments_controller_spec.rb b/spec/requests/projects/google_cloud/deployments_controller_spec.rb new file mode 100644 index 00000000000..a5eccc43147 --- /dev/null +++ b/spec/requests/projects/google_cloud/deployments_controller_spec.rb @@ -0,0 +1,103 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Projects::GoogleCloud::DeploymentsController do + let_it_be(:project) { create(:project, :public) } + + let_it_be(:user_guest) { create(:user) } + let_it_be(:user_developer) { create(:user) } + let_it_be(:user_maintainer) { create(:user) } + let_it_be(:user_creator) { project.creator } + + let_it_be(:unauthorized_members) { [user_guest, user_developer] } + let_it_be(:authorized_members) { [user_maintainer, user_creator] } + + let_it_be(:urls_list) { %W[#{project_google_cloud_deployments_cloud_run_path(project)} #{project_google_cloud_deployments_cloud_storage_path(project)}] } + + before do + project.add_guest(user_guest) + project.add_developer(user_developer) + project.add_maintainer(user_maintainer) + end + + describe "Routes must be restricted behind Google OAuth2" do + context 'when a public request is made' do + it 'returns not found on GET request' do + urls_list.each do |url| + get url + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + + context 'when unauthorized members make requests' do + it 'returns not found on GET request' do + urls_list.each do |url| + unauthorized_members.each do |unauthorized_member| + sign_in(unauthorized_member) + + get url + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + end + + context 'when authorized members make requests' do + it 'redirects on GET request' do + urls_list.each do |url| + authorized_members.each do |authorized_member| + sign_in(authorized_member) + + get url + + expect(response).to redirect_to(assigns(:authorize_url)) + end + end + end + end + end + + describe 'Authorized GET project/-/google_cloud/deployments/cloud_run' do + let_it_be(:url) { "#{project_google_cloud_deployments_cloud_run_path(project)}" } + + before do + allow_next_instance_of(GoogleApi::CloudPlatform::Client) do |client| + allow(client).to receive(:validate_token).and_return(true) + end + end + + it 'renders placeholder' do + authorized_members.each do |authorized_member| + sign_in(authorized_member) + + get url + + expect(response).to have_gitlab_http_status(:ok) + end + end + end + + describe 'Authorized GET project/-/google_cloud/deployments/cloud_storage' do + let_it_be(:url) { "#{project_google_cloud_deployments_cloud_storage_path(project)}" } + + before do + allow_next_instance_of(GoogleApi::CloudPlatform::Client) do |client| + allow(client).to receive(:validate_token).and_return(true) + end + end + + it 'renders placeholder' do + authorized_members.each do |authorized_member| + sign_in(authorized_member) + + get url + + expect(response).to have_gitlab_http_status(:ok) + end + end + end +end |