summaryrefslogtreecommitdiff
path: root/spec
diff options
context:
space:
mode:
Diffstat (limited to 'spec')
-rw-r--r--spec/requests/api/repositories_spec.rb484
-rw-r--r--spec/support/api/status_shared_examples.rb42
2 files changed, 395 insertions, 131 deletions
diff --git a/spec/requests/api/repositories_spec.rb b/spec/requests/api/repositories_spec.rb
index c90b69e8ebb..fe28ad1d1a1 100644
--- a/spec/requests/api/repositories_spec.rb
+++ b/spec/requests/api/repositories_spec.rb
@@ -7,204 +7,426 @@ describe API::Repositories, api: true do
include WorkhorseHelpers
let(:user) { create(:user) }
- let(:user2) { create(:user) }
+ let(:guest) { create(:user).tap { |u| create(:project_member, :guest, user: u, project: project) } }
let!(:project) { create(:project, creator_id: user.id) }
let!(:master) { create(:project_member, :master, user: user, project: project) }
- let!(:guest) { create(:project_member, :guest, user: user2, project: project) }
+
+ shared_context 'disabled repository' do
+ before do
+ project.project_feature.update_attributes!(
+ repository_access_level: ProjectFeature::DISABLED,
+ merge_requests_access_level: ProjectFeature::DISABLED,
+ builds_access_level: ProjectFeature::DISABLED
+ )
+ expect(project.feature_available?(:repository, current_user)).to be false
+ end
+ end
describe "GET /projects/:id/repository/tree" do
- context "authorized user" do
- before { project.team << [user2, :reporter] }
+ let(:route) { "/projects/#{project.id}/repository/tree" }
- it "returns project commits" do
- get api("/projects/#{project.id}/repository/tree", user)
+ shared_examples_for 'repository tree' do
+ it 'returns the repository tree' do
+ get api(route, current_user)
expect(response).to have_http_status(200)
+ first_commit = json_response.first
+
expect(json_response).to be_an Array
- expect(json_response.first['name']).to eq('bar')
- expect(json_response.first['type']).to eq('tree')
- expect(json_response.first['mode']).to eq('040000')
+ expect(first_commit['name']).to eq('bar')
+ expect(first_commit['type']).to eq('tree')
+ expect(first_commit['mode']).to eq('040000')
end
- it 'returns a 404 for unknown ref' do
- get api("/projects/#{project.id}/repository/tree?ref_name=foo", user)
- expect(response).to have_http_status(404)
+ context 'when ref does not exist' do
+ it_behaves_like '404 response' do
+ let(:request) { get api("#{route}?ref_name=foo", current_user) }
+ let(:message) { '404 Tree Not Found' }
+ end
+ end
+
+ context 'when repository is disabled' do
+ include_context 'disabled repository'
+
+ it_behaves_like '403 response' do
+ let(:request) { get api(route, current_user) }
+ end
+ end
- expect(json_response).to be_an Object
- json_response['message'] == '404 Tree Not Found'
+ context 'with recursive=1' do
+ it 'returns recursive project paths tree' do
+ get api("#{route}?recursive=1", current_user)
+
+ expect(response.status).to eq(200)
+ expect(json_response).to be_an Array
+ expect(json_response[4]['name']).to eq('html')
+ expect(json_response[4]['path']).to eq('files/html')
+ expect(json_response[4]['type']).to eq('tree')
+ expect(json_response[4]['mode']).to eq('040000')
+ end
+
+ context 'when repository is disabled' do
+ include_context 'disabled repository'
+
+ it_behaves_like '403 response' do
+ let(:request) { get api(route, current_user) }
+ end
+ end
+
+ context 'when ref does not exist' do
+ it_behaves_like '404 response' do
+ let(:request) { get api("#{route}?recursive=1&ref_name=foo", current_user) }
+ let(:message) { '404 Tree Not Found' }
+ end
+ end
end
end
- context "unauthorized user" do
- it "does not return project commits" do
- get api("/projects/#{project.id}/repository/tree")
- expect(response).to have_http_status(401)
+ context 'when unauthenticated', 'and project is public' do
+ it_behaves_like 'repository tree' do
+ let(:project) { create(:project, :public) }
+ let(:current_user) { nil }
end
end
- end
- describe 'GET /projects/:id/repository/tree?recursive=1' do
- context 'authorized user' do
- before { project.team << [user2, :reporter] }
+ context 'when unauthenticated', 'and project is private' do
+ it_behaves_like '404 response' do
+ let(:request) { get api(route) }
+ let(:message) { '404 Project Not Found' }
+ end
+ end
- it 'should return recursive project paths tree' do
- get api("/projects/#{project.id}/repository/tree?recursive=1", user)
+ context 'when authenticated', 'as a developer' do
+ it_behaves_like 'repository tree' do
+ let(:current_user) { user }
+ end
+ end
- expect(response.status).to eq(200)
+ context 'when authenticated', 'as a guest' do
+ it_behaves_like '403 response' do
+ let(:request) { get api(route, guest) }
+ end
+ end
+ end
- expect(json_response).to be_an Array
- expect(json_response[4]['name']).to eq('html')
- expect(json_response[4]['path']).to eq('files/html')
- expect(json_response[4]['type']).to eq('tree')
- expect(json_response[4]['mode']).to eq('040000')
+ {
+ 'blobs/:sha' => 'blobs/master',
+ 'commits/:sha/blob' => 'commits/master/blob'
+ }.each do |desc_path, example_path|
+ describe "GET /projects/:id/repository/#{desc_path}" do
+ let(:route) { "/projects/#{project.id}/repository/#{example_path}?filepath=README.md" }
+
+ shared_examples_for 'repository blob' do
+ it 'returns the repository blob' do
+ get api(route, current_user)
+
+ expect(response).to have_http_status(200)
+ end
+
+ context 'when sha does not exist' do
+ it_behaves_like '404 response' do
+ let(:request) { get api(route.sub('master', 'invalid_branch_name'), current_user) }
+ let(:message) { '404 Commit Not Found' }
+ end
+ end
+
+ context 'when filepath does not exist' do
+ it_behaves_like '404 response' do
+ let(:request) { get api(route.sub('README.md', 'README.invalid'), current_user) }
+ let(:message) { '404 File Not Found' }
+ end
+ end
+
+ context 'when no filepath is given' do
+ it_behaves_like '400 response' do
+ let(:request) { get api(route.sub('?filepath=README.md', ''), current_user) }
+ end
+ end
+
+ context 'when repository is disabled' do
+ include_context 'disabled repository'
+
+ it_behaves_like '403 response' do
+ let(:request) { get api(route, current_user) }
+ end
+ end
end
- it 'returns a 404 for unknown ref' do
- get api("/projects/#{project.id}/repository/tree?ref_name=foo&recursive=1", user)
- expect(response).to have_http_status(404)
+ context 'when unauthenticated', 'and project is public' do
+ it_behaves_like 'repository blob' do
+ let(:project) { create(:project, :public) }
+ let(:current_user) { nil }
+ end
+ end
- expect(json_response).to be_an Object
- json_response['message'] == '404 Tree Not Found'
+ context 'when unauthenticated', 'and project is private' do
+ it_behaves_like '404 response' do
+ let(:request) { get api(route) }
+ let(:message) { '404 Project Not Found' }
+ end
+ end
+
+ context 'when authenticated', 'as a developer' do
+ it_behaves_like 'repository blob' do
+ let(:current_user) { user }
+ end
end
- end
- context "unauthorized user" do
- it "does not return project commits" do
- get api("/projects/#{project.id}/repository/tree?recursive=1")
- expect(response).to have_http_status(401)
+ context 'when authenticated', 'as a guest' do
+ it_behaves_like '403 response' do
+ let(:request) { get api(route, guest) }
+ end
end
end
end
- describe "GET /projects/:id/repository/blobs/:sha" do
- it "gets the raw file contents" do
- get api("/projects/#{project.id}/repository/blobs/master?filepath=README.md", user)
- expect(response).to have_http_status(200)
+ describe "GET /projects/:id/repository/raw_blobs/:sha" do
+ let(:route) { "/projects/#{project.id}/repository/raw_blobs/#{sample_blob.oid}" }
+
+ shared_examples_for 'repository raw blob' do
+ it 'returns the repository raw blob' do
+ get api(route, current_user)
+
+ expect(response).to have_http_status(200)
+ end
+
+ context 'when sha does not exist' do
+ it_behaves_like '404 response' do
+ let(:request) { get api(route.sub(sample_blob.oid, '123456'), current_user) }
+ let(:message) { '404 Blob Not Found' }
+ end
+ end
+
+ context 'when repository is disabled' do
+ include_context 'disabled repository'
+
+ it_behaves_like '403 response' do
+ let(:request) { get api(route, current_user) }
+ end
+ end
end
- it "returns 404 for invalid branch_name" do
- get api("/projects/#{project.id}/repository/blobs/invalid_branch_name?filepath=README.md", user)
- expect(response).to have_http_status(404)
+ context 'when unauthenticated', 'and project is public' do
+ it_behaves_like 'repository raw blob' do
+ let(:project) { create(:project, :public) }
+ let(:current_user) { nil }
+ end
end
- it "returns 404 for invalid file" do
- get api("/projects/#{project.id}/repository/blobs/master?filepath=README.invalid", user)
- expect(response).to have_http_status(404)
+ context 'when unauthenticated', 'and project is private' do
+ it_behaves_like '404 response' do
+ let(:request) { get api(route) }
+ let(:message) { '404 Project Not Found' }
+ end
end
- it "returns a 400 error if filepath is missing" do
- get api("/projects/#{project.id}/repository/blobs/master", user)
- expect(response).to have_http_status(400)
+ context 'when authenticated', 'as a developer' do
+ it_behaves_like 'repository raw blob' do
+ let(:current_user) { user }
+ end
end
- end
- describe "GET /projects/:id/repository/commits/:sha/blob" do
- it "gets the raw file contents" do
- get api("/projects/#{project.id}/repository/commits/master/blob?filepath=README.md", user)
- expect(response).to have_http_status(200)
+ context 'when authenticated', 'as a guest' do
+ it_behaves_like '403 response' do
+ let(:request) { get api(route, guest) }
+ end
end
end
- describe "GET /projects/:id/repository/raw_blobs/:sha" do
- it "gets the raw file contents" do
- get api("/projects/#{project.id}/repository/raw_blobs/#{sample_blob.oid}", user)
- expect(response).to have_http_status(200)
- end
+ describe "GET /projects/:id/repository/archive(.:format)?:sha" do
+ let(:route) { "/projects/#{project.id}/repository/archive" }
+
+ shared_examples_for 'repository archive' do
+ it 'returns the repository archive' do
+ get api(route, current_user)
+
+ expect(response).to have_http_status(200)
+
+ repo_name = project.repository.name.gsub("\.git", "")
+ type, params = workhorse_send_data
+
+ expect(type).to eq('git-archive')
+ expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.tar.gz/)
+ end
+
+ it 'returns the repository archive archive.zip' do
+ get api("/projects/#{project.id}/repository/archive.zip", user)
+
+ expect(response).to have_http_status(200)
+
+ repo_name = project.repository.name.gsub("\.git", "")
+ type, params = workhorse_send_data
+
+ expect(type).to eq('git-archive')
+ expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.zip/)
+ end
+
+ it 'returns the repository archive archive.tar.bz2' do
+ get api("/projects/#{project.id}/repository/archive.tar.bz2", user)
+
+ expect(response).to have_http_status(200)
+
+ repo_name = project.repository.name.gsub("\.git", "")
+ type, params = workhorse_send_data
- it 'returns a 404 for unknown blob' do
- get api("/projects/#{project.id}/repository/raw_blobs/123456", user)
- expect(response).to have_http_status(404)
+ expect(type).to eq('git-archive')
+ expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.tar.bz2/)
+ end
- expect(json_response).to be_an Object
- json_response['message'] == '404 Blob Not Found'
+ context 'when sha does not exist' do
+ it_behaves_like '404 response' do
+ let(:request) { get api("#{route}?sha=xxx", current_user) }
+ let(:message) { '404 File Not Found' }
+ end
+ end
end
- end
- describe "GET /projects/:id/repository/archive(.:format)?:sha" do
- it "gets the archive" do
- get api("/projects/#{project.id}/repository/archive", user)
- repo_name = project.repository.name.gsub("\.git", "")
- expect(response).to have_http_status(200)
- type, params = workhorse_send_data
- expect(type).to eq('git-archive')
- expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.tar.gz/)
+ context 'when unauthenticated', 'and project is public' do
+ it_behaves_like 'repository archive' do
+ let(:project) { create(:project, :public) }
+ let(:current_user) { nil }
+ end
end
- it "gets the archive.zip" do
- get api("/projects/#{project.id}/repository/archive.zip", user)
- repo_name = project.repository.name.gsub("\.git", "")
- expect(response).to have_http_status(200)
- type, params = workhorse_send_data
- expect(type).to eq('git-archive')
- expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.zip/)
+ context 'when unauthenticated', 'and project is private' do
+ it_behaves_like '404 response' do
+ let(:request) { get api(route) }
+ let(:message) { '404 Project Not Found' }
+ end
end
- it "gets the archive.tar.bz2" do
- get api("/projects/#{project.id}/repository/archive.tar.bz2", user)
- repo_name = project.repository.name.gsub("\.git", "")
- expect(response).to have_http_status(200)
- type, params = workhorse_send_data
- expect(type).to eq('git-archive')
- expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.tar.bz2/)
+ context 'when authenticated', 'as a developer' do
+ it_behaves_like 'repository archive' do
+ let(:current_user) { user }
+ end
end
- it "returns 404 for invalid sha" do
- get api("/projects/#{project.id}/repository/archive/?sha=xxx", user)
- expect(response).to have_http_status(404)
+ context 'when authenticated', 'as a guest' do
+ it_behaves_like '403 response' do
+ let(:request) { get api(route, guest) }
+ end
end
end
describe 'GET /projects/:id/repository/compare' do
- it "compares branches" do
- get api("/projects/#{project.id}/repository/compare", user), from: 'master', to: 'feature'
- expect(response).to have_http_status(200)
- expect(json_response['commits']).to be_present
- expect(json_response['diffs']).to be_present
+ let(:route) { "/projects/#{project.id}/repository/compare" }
+
+ shared_examples_for 'repository compare' do
+ it "compares branches" do
+ get api(route, current_user), from: 'master', to: 'feature'
+
+ expect(response).to have_http_status(200)
+ expect(json_response['commits']).to be_present
+ expect(json_response['diffs']).to be_present
+ end
+
+ it "compares tags" do
+ get api(route, current_user), from: 'v1.0.0', to: 'v1.1.0'
+
+ expect(response).to have_http_status(200)
+ expect(json_response['commits']).to be_present
+ expect(json_response['diffs']).to be_present
+ end
+
+ it "compares commits" do
+ get api(route, current_user), from: sample_commit.id, to: sample_commit.parent_id
+
+ expect(response).to have_http_status(200)
+ expect(json_response['commits']).to be_empty
+ expect(json_response['diffs']).to be_empty
+ expect(json_response['compare_same_ref']).to be_falsey
+ end
+
+ it "compares commits in reverse order" do
+ get api(route, current_user), from: sample_commit.parent_id, to: sample_commit.id
+
+ expect(response).to have_http_status(200)
+ expect(json_response['commits']).to be_present
+ expect(json_response['diffs']).to be_present
+ end
+
+ it "compares same refs" do
+ get api(route, current_user), from: 'master', to: 'master'
+
+ expect(response).to have_http_status(200)
+ expect(json_response['commits']).to be_empty
+ expect(json_response['diffs']).to be_empty
+ expect(json_response['compare_same_ref']).to be_truthy
+ end
end
- it "compares tags" do
- get api("/projects/#{project.id}/repository/compare", user), from: 'v1.0.0', to: 'v1.1.0'
- expect(response).to have_http_status(200)
- expect(json_response['commits']).to be_present
- expect(json_response['diffs']).to be_present
+ context 'when unauthenticated', 'and project is public' do
+ it_behaves_like 'repository compare' do
+ let(:project) { create(:project, :public) }
+ let(:current_user) { nil }
+ end
end
- it "compares commits" do
- get api("/projects/#{project.id}/repository/compare", user), from: sample_commit.id, to: sample_commit.parent_id
- expect(response).to have_http_status(200)
- expect(json_response['commits']).to be_empty
- expect(json_response['diffs']).to be_empty
- expect(json_response['compare_same_ref']).to be_falsey
+ context 'when unauthenticated', 'and project is private' do
+ it_behaves_like '404 response' do
+ let(:request) { get api(route) }
+ let(:message) { '404 Project Not Found' }
+ end
end
- it "compares commits in reverse order" do
- get api("/projects/#{project.id}/repository/compare", user), from: sample_commit.parent_id, to: sample_commit.id
- expect(response).to have_http_status(200)
- expect(json_response['commits']).to be_present
- expect(json_response['diffs']).to be_present
+ context 'when authenticated', 'as a developer' do
+ it_behaves_like 'repository compare' do
+ let(:current_user) { user }
+ end
end
- it "compares same refs" do
- get api("/projects/#{project.id}/repository/compare", user), from: 'master', to: 'master'
- expect(response).to have_http_status(200)
- expect(json_response['commits']).to be_empty
- expect(json_response['diffs']).to be_empty
- expect(json_response['compare_same_ref']).to be_truthy
+ context 'when authenticated', 'as a guest' do
+ it_behaves_like '403 response' do
+ let(:request) { get api(route, guest) }
+ end
end
end
describe 'GET /projects/:id/repository/contributors' do
- it 'returns valid data' do
- get api("/projects/#{project.id}/repository/contributors", user)
- expect(response).to have_http_status(200)
- expect(json_response).to be_an Array
- contributor = json_response.first
- expect(contributor['email']).to eq('tiagonbotelho@hotmail.com')
- expect(contributor['name']).to eq('tiagonbotelho')
- expect(contributor['commits']).to eq(1)
- expect(contributor['additions']).to eq(0)
- expect(contributor['deletions']).to eq(0)
+ let(:route) { "/projects/#{project.id}/repository/contributors" }
+
+ shared_examples_for 'repository contributors' do
+ it 'returns valid data' do
+ get api(route, current_user)
+
+ expect(response).to have_http_status(200)
+ expect(json_response).to be_an Array
+
+ first_contributor = json_response.first
+
+ expect(first_contributor['email']).to eq('tiagonbotelho@hotmail.com')
+ expect(first_contributor['name']).to eq('tiagonbotelho')
+ expect(first_contributor['commits']).to eq(1)
+ expect(first_contributor['additions']).to eq(0)
+ expect(first_contributor['deletions']).to eq(0)
+ end
+ end
+
+ context 'when unauthenticated', 'and project is public' do
+ it_behaves_like 'repository contributors' do
+ let(:project) { create(:project, :public) }
+ let(:current_user) { nil }
+ end
+ end
+
+ context 'when unauthenticated', 'and project is private' do
+ it_behaves_like '404 response' do
+ let(:request) { get api(route) }
+ let(:message) { '404 Project Not Found' }
+ end
+ end
+
+ context 'when authenticated', 'as a developer' do
+ it_behaves_like 'repository contributors' do
+ let(:current_user) { user }
+ end
+ end
+
+ context 'when authenticated', 'as a guest' do
+ it_behaves_like '403 response' do
+ let(:request) { get api(route, guest) }
+ end
end
end
end
diff --git a/spec/support/api/status_shared_examples.rb b/spec/support/api/status_shared_examples.rb
new file mode 100644
index 00000000000..3481749a7f0
--- /dev/null
+++ b/spec/support/api/status_shared_examples.rb
@@ -0,0 +1,42 @@
+# Specs for status checking.
+#
+# Requires an API request:
+# let(:request) { get api("/projects/#{project.id}/repository/branches", user) }
+shared_examples_for '400 response' do
+ before do
+ # Fires the request
+ request
+ end
+
+ it 'returns 400' do
+ expect(response).to have_http_status(400)
+ end
+end
+
+shared_examples_for '403 response' do
+ before do
+ # Fires the request
+ request
+ end
+
+ it 'returns 403' do
+ expect(response).to have_http_status(403)
+ end
+end
+
+shared_examples_for '404 response' do
+ let(:message) { nil }
+ before do
+ # Fires the request
+ request
+ end
+
+ it 'returns 404' do
+ expect(response).to have_http_status(404)
+ expect(json_response).to be_an Object
+
+ if message.present?
+ expect(json_response['message']).to eq(message)
+ end
+ end
+end