diff options
Diffstat (limited to 'spec/support/shared_examples/requests')
6 files changed, 153 insertions, 30 deletions
diff --git a/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb b/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb index 83ba72c12aa..8616a3bd0b4 100644 --- a/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb @@ -201,7 +201,7 @@ RSpec.shared_examples 'rejects Debian access with unknown project id' do let(:project) { double(id: non_existing_record_id) } context 'as anonymous' do - it_behaves_like 'Debian project repository GET request', :anonymous, true, :not_found, nil + it_behaves_like 'Debian project repository GET request', :anonymous, true, :unauthorized, nil end context 'as authenticated user' do @@ -228,13 +228,13 @@ RSpec.shared_examples 'Debian project repository GET endpoint' do |success_statu 'PUBLIC' | :anonymous | false | true | success_status | success_body 'PRIVATE' | :developer | true | true | success_status | success_body 'PRIVATE' | :guest | true | true | :forbidden | nil - 'PRIVATE' | :developer | true | false | :not_found | nil - 'PRIVATE' | :guest | true | false | :not_found | nil + 'PRIVATE' | :developer | true | false | :unauthorized | nil + 'PRIVATE' | :guest | true | false | :unauthorized | nil 'PRIVATE' | :developer | false | true | :not_found | nil 'PRIVATE' | :guest | false | true | :not_found | nil - 'PRIVATE' | :developer | false | false | :not_found | nil - 'PRIVATE' | :guest | false | false | :not_found | nil - 'PRIVATE' | :anonymous | false | true | :not_found | nil + 'PRIVATE' | :developer | false | false | :unauthorized | nil + 'PRIVATE' | :guest | false | false | :unauthorized | nil + 'PRIVATE' | :anonymous | false | true | :unauthorized | nil end with_them do @@ -263,13 +263,13 @@ RSpec.shared_examples 'Debian project repository PUT endpoint' do |success_statu 'PUBLIC' | :anonymous | false | true | :unauthorized | nil 'PRIVATE' | :developer | true | true | success_status | nil 'PRIVATE' | :guest | true | true | :forbidden | nil - 'PRIVATE' | :developer | true | false | :not_found | nil - 'PRIVATE' | :guest | true | false | :not_found | nil + 'PRIVATE' | :developer | true | false | :unauthorized | nil + 'PRIVATE' | :guest | true | false | :unauthorized | nil 'PRIVATE' | :developer | false | true | :not_found | nil 'PRIVATE' | :guest | false | true | :not_found | nil - 'PRIVATE' | :developer | false | false | :not_found | nil - 'PRIVATE' | :guest | false | false | :not_found | nil - 'PRIVATE' | :anonymous | false | true | :not_found | nil + 'PRIVATE' | :developer | false | false | :unauthorized | nil + 'PRIVATE' | :guest | false | false | :unauthorized | nil + 'PRIVATE' | :anonymous | false | true | :unauthorized | nil end with_them do @@ -321,7 +321,7 @@ RSpec.shared_examples 'rejects Debian access with unknown group id' do let(:group) { double(id: non_existing_record_id) } context 'as anonymous' do - it_behaves_like 'Debian group repository GET request', :anonymous, true, :not_found, nil + it_behaves_like 'Debian group repository GET request', :anonymous, true, :unauthorized, nil end context 'as authenticated user' do @@ -348,13 +348,13 @@ RSpec.shared_examples 'Debian group repository GET endpoint' do |success_status, 'PUBLIC' | :anonymous | false | true | success_status | success_body 'PRIVATE' | :developer | true | true | success_status | success_body 'PRIVATE' | :guest | true | true | :forbidden | nil - 'PRIVATE' | :developer | true | false | :not_found | nil - 'PRIVATE' | :guest | true | false | :not_found | nil + 'PRIVATE' | :developer | true | false | :unauthorized | nil + 'PRIVATE' | :guest | true | false | :unauthorized | nil 'PRIVATE' | :developer | false | true | :not_found | nil 'PRIVATE' | :guest | false | true | :not_found | nil - 'PRIVATE' | :developer | false | false | :not_found | nil - 'PRIVATE' | :guest | false | false | :not_found | nil - 'PRIVATE' | :anonymous | false | true | :not_found | nil + 'PRIVATE' | :developer | false | false | :unauthorized | nil + 'PRIVATE' | :guest | false | false | :unauthorized | nil + 'PRIVATE' | :anonymous | false | true | :unauthorized | nil end with_them do diff --git a/spec/support/shared_examples/requests/api/graphql/noteable_shared_examples.rb b/spec/support/shared_examples/requests/api/graphql/noteable_shared_examples.rb new file mode 100644 index 00000000000..9cf5bc04f65 --- /dev/null +++ b/spec/support/shared_examples/requests/api/graphql/noteable_shared_examples.rb @@ -0,0 +1,62 @@ +# frozen_string_literal: true + +# Requires `query(fields)`, `path_to_noteable`, `project`, and `noteable` bindings +RSpec.shared_examples 'a noteable graphql type we can query' do + let(:note_factory) { :note } + let(:discussion_factory) { :discussion_note } + + describe '.discussions' do + let(:fields) do + "discussions { nodes { #{all_graphql_fields_for('Discussion')} } }" + end + + def expected + noteable.discussions.map do |discussion| + include( + 'id' => global_id_of(discussion), + 'replyId' => global_id_of(discussion, id: discussion.reply_id), + 'createdAt' => discussion.created_at.iso8601, + 'notes' => include( + 'nodes' => have_attributes(size: discussion.notes.size) + ) + ) + end + end + + it 'can fetch discussions' do + create(discussion_factory, project: project, noteable: noteable) + + post_graphql(query(fields), current_user: current_user) + + expect(graphql_data_at(*path_to_noteable, :discussions, :nodes)) + .to match_array(expected) + end + end + + describe '.notes' do + let(:fields) do + "notes { nodes { #{all_graphql_fields_for('Note', max_depth: 2)} } }" + end + + def expected + noteable.notes.map do |note| + include( + 'id' => global_id_of(note), + 'project' => include('id' => global_id_of(project)), + 'author' => include('id' => global_id_of(note.author)), + 'createdAt' => note.created_at.iso8601, + 'body' => eq(note.note) + ) + end + end + + it 'can fetch notes' do + create(note_factory, project: project, noteable: noteable) + + post_graphql(query(fields), current_user: current_user) + + expect(graphql_data_at(*path_to_noteable, :notes, :nodes)) + .to match_array(expected) + end + end +end diff --git a/spec/support/shared_examples/requests/api/read_user_shared_examples.rb b/spec/support/shared_examples/requests/api/read_user_shared_examples.rb index 59cd0ab67b4..b9fd997bd2c 100644 --- a/spec/support/shared_examples/requests/api/read_user_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/read_user_shared_examples.rb @@ -7,21 +7,33 @@ RSpec.shared_examples 'allows the "read_user" scope' do |api_version| context 'when the requesting token has the "api" scope' do let(:token) { create(:personal_access_token, scopes: ['api'], user: user) } - it 'returns a "200" response' do + it 'returns a "200" response on get request' do get api_call.call(path, user, personal_access_token: token, version: version) expect(response).to have_gitlab_http_status(:ok) end + + it 'returns a "200" response on head request' do + head api_call.call(path, user, personal_access_token: token, version: version) + + expect(response).to have_gitlab_http_status(:ok) + end end context 'when the requesting token has the "read_user" scope' do let(:token) { create(:personal_access_token, scopes: ['read_user'], user: user) } - it 'returns a "200" response' do + it 'returns a "200" response on get request' do get api_call.call(path, user, personal_access_token: token, version: version) expect(response).to have_gitlab_http_status(:ok) end + + it 'returns a "200" response on head request' do + head api_call.call(path, user, personal_access_token: token, version: version) + + expect(response).to have_gitlab_http_status(:ok) + end end context 'when the requesting token does not have any required scope' do @@ -45,21 +57,33 @@ RSpec.shared_examples 'allows the "read_user" scope' do |api_version| context 'when the requesting token has the "api" scope' do let!(:token) { Doorkeeper::AccessToken.create! application_id: application.id, resource_owner_id: user.id, scopes: "api" } - it 'returns a "200" response' do + it 'returns a "200" response on get request' do get api_call.call(path, user, oauth_access_token: token) expect(response).to have_gitlab_http_status(:ok) end + + it 'returns a "200" response on head request' do + head api_call.call(path, user, oauth_access_token: token) + + expect(response).to have_gitlab_http_status(:ok) + end end context 'when the requesting token has the "read_user" scope' do let!(:token) { Doorkeeper::AccessToken.create! application_id: application.id, resource_owner_id: user.id, scopes: "read_user" } - it 'returns a "200" response' do + it 'returns a "200" response on get request' do get api_call.call(path, user, oauth_access_token: token) expect(response).to have_gitlab_http_status(:ok) end + + it 'returns a "200" response on head request' do + head api_call.call(path, user, oauth_access_token: token) + + expect(response).to have_gitlab_http_status(:ok) + end end context 'when the requesting token does not have any required scope' do diff --git a/spec/support/shared_examples/requests/api/repository_storage_moves_shared_examples.rb b/spec/support/shared_examples/requests/api/repository_storage_moves_shared_examples.rb index b2970fd265d..3ca2b9fa6de 100644 --- a/spec/support/shared_examples/requests/api/repository_storage_moves_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/repository_storage_moves_shared_examples.rb @@ -85,14 +85,37 @@ RSpec.shared_examples 'repository_storage_moves API' do |container_type| end describe "GET /#{container_type}/:id/repository_storage_moves" do - it_behaves_like 'get container repository storage move list' do - let(:url) { "/#{container_type}/#{container.id}/repository_storage_moves" } + let(:container_id) { container.id } + let(:url) { "/#{container_type}/#{container_id}/repository_storage_moves" } + + it_behaves_like 'get container repository storage move list' + + context 'non-existent container' do + let(:container_id) { non_existing_record_id } + + it 'returns not found' do + get api(url, user) + + expect(response).to have_gitlab_http_status(:not_found) + end end end describe "GET /#{container_type}/:id/repository_storage_moves/:repository_storage_move_id" do - it_behaves_like 'get single container repository storage move' do - let(:url) { "/#{container_type}/#{container.id}/repository_storage_moves/#{repository_storage_move_id}" } + let(:container_id) { container.id } + let(:url) { "/#{container_type}/#{container_id}/repository_storage_moves/#{repository_storage_move_id}" } + + it_behaves_like 'get single container repository storage move' + + context 'non-existent container' do + let(:container_id) { non_existing_record_id } + let(:repository_storage_move_id) { storage_move.id } + + it 'returns not found' do + get api(url, user) + + expect(response).to have_gitlab_http_status(:not_found) + end end end @@ -109,7 +132,8 @@ RSpec.shared_examples 'repository_storage_moves API' do |container_type| end describe "POST /#{container_type}/:id/repository_storage_moves" do - let(:url) { "/#{container_type}/#{container.id}/repository_storage_moves" } + let(:container_id) { container.id } + let(:url) { "/#{container_type}/#{container_id}/repository_storage_moves" } let(:destination_storage_name) { 'test_second_storage' } def create_container_repository_storage_move @@ -154,6 +178,16 @@ RSpec.shared_examples 'repository_storage_moves API' do |container_type| expect(json_response['destination_storage_name']).to be_present end end + + context 'when container does not exist' do + let(:container_id) { non_existing_record_id } + + it 'returns not found' do + create_container_repository_storage_move + + expect(response).to have_gitlab_http_status(:not_found) + end + end end describe "POST /#{container_type.singularize}_repository_storage_moves" do diff --git a/spec/support/shared_examples/requests/api/resolvable_discussions_shared_examples.rb b/spec/support/shared_examples/requests/api/resolvable_discussions_shared_examples.rb index 460e8d57a2b..b5139bd8c99 100644 --- a/spec/support/shared_examples/requests/api/resolvable_discussions_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/resolvable_discussions_shared_examples.rb @@ -13,6 +13,9 @@ RSpec.shared_examples 'resolvable discussions API' do |parent_type, noteable_typ end it "unresolves discussion if resolved is false" do + expect(Gitlab::UsageDataCounters::MergeRequestActivityUniqueCounter) + .to receive(:track_unresolve_thread_action).with(user: user) + put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\ "discussions/#{note.discussion_id}", user), params: { resolved: false } diff --git a/spec/support/shared_examples/requests/rack_attack_shared_examples.rb b/spec/support/shared_examples/requests/rack_attack_shared_examples.rb index 3b039049ca9..926da827e75 100644 --- a/spec/support/shared_examples/requests/rack_attack_shared_examples.rb +++ b/spec/support/shared_examples/requests/rack_attack_shared_examples.rb @@ -112,7 +112,7 @@ RSpec.shared_examples 'rate-limited token-authenticated requests' do expect(response).not_to have_gitlab_http_status(:too_many_requests) end - arguments = { + arguments = a_hash_including({ message: 'Rack_Attack', env: :throttle, remote_ip: '127.0.0.1', @@ -121,7 +121,7 @@ RSpec.shared_examples 'rate-limited token-authenticated requests' do user_id: user.id, 'meta.user' => user.username, matched: throttle_types[throttle_setting_prefix] - } + }) expect(Gitlab::AuthLogger).to receive(:error).with(arguments).once @@ -278,7 +278,7 @@ RSpec.shared_examples 'rate-limited web authenticated requests' do expect(response).not_to have_gitlab_http_status(:too_many_requests) end - arguments = { + arguments = a_hash_including({ message: 'Rack_Attack', env: :throttle, remote_ip: '127.0.0.1', @@ -287,7 +287,7 @@ RSpec.shared_examples 'rate-limited web authenticated requests' do user_id: user.id, 'meta.user' => user.username, matched: throttle_types[throttle_setting_prefix] - } + }) expect(Gitlab::AuthLogger).to receive(:error).with(arguments).once expect { request_authenticated_web_url }.not_to exceed_query_limit(control_count) |