spec/requests/api/v3/runners_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152

require 'spec_helper'

describe API::V3::Runners do
  let(:admin) { create(:user, :admin) }
  let(:user) { create(:user) }
  let(:user2) { create(:user) }

  let(:project) { create(:project, creator_id: user.id) }
  let(:project2) { create(:project, creator_id: user.id) }

  let!(:shared_runner) { create(:ci_runner, :shared) }
  let!(:unused_specific_runner) { create(:ci_runner) }

  let!(:specific_runner) do
    create(:ci_runner).tap do |runner|
      create(:ci_runner_project, runner: runner, project: project)
    end
  end

  let!(:two_projects_runner) do
    create(:ci_runner).tap do |runner|
      create(:ci_runner_project, runner: runner, project: project)
      create(:ci_runner_project, runner: runner, project: project2)
    end
  end

  before do
    # Set project access for users
    create(:project_member, :master, user: user, project: project)
    create(:project_member, :reporter, user: user2, project: project)
  end

  describe 'DELETE /runners/:id' do
    context 'admin user' do
      context 'when runner is shared' do
        it 'deletes runner' do
          expect do
            delete v3_api("/runners/#{shared_runner.id}", admin)

            expect(response).to have_gitlab_http_status(200)
          end.to change { Ci::Runner.shared.count }.by(-1)
        end
      end

      context 'when runner is not shared' do
        it 'deletes unused runner' do
          expect do
            delete v3_api("/runners/#{unused_specific_runner.id}", admin)

            expect(response).to have_gitlab_http_status(200)
          end.to change { Ci::Runner.specific.count }.by(-1)
        end

        it 'deletes used runner' do
          expect do
            delete v3_api("/runners/#{specific_runner.id}", admin)

            expect(response).to have_gitlab_http_status(200)
          end.to change { Ci::Runner.specific.count }.by(-1)
        end
      end

      it 'returns 404 if runner does not exists' do
        delete v3_api('/runners/9999', admin)

        expect(response).to have_gitlab_http_status(404)
      end
    end

    context 'authorized user' do
      context 'when runner is shared' do
        it 'does not delete runner' do
          delete v3_api("/runners/#{shared_runner.id}", user)
          expect(response).to have_gitlab_http_status(403)
        end
      end

      context 'when runner is not shared' do
        it 'does not delete runner without access to it' do
          delete v3_api("/runners/#{specific_runner.id}", user2)
          expect(response).to have_gitlab_http_status(403)
        end

        it 'does not delete runner with more than one associated project' do
          delete v3_api("/runners/#{two_projects_runner.id}", user)
          expect(response).to have_gitlab_http_status(403)
        end

        it 'deletes runner for one owned project' do
          expect do
            delete v3_api("/runners/#{specific_runner.id}", user)

            expect(response).to have_gitlab_http_status(200)
          end.to change { Ci::Runner.specific.count }.by(-1)
        end
      end
    end

    context 'unauthorized user' do
      it 'does not delete runner' do
        delete v3_api("/runners/#{specific_runner.id}")

        expect(response).to have_gitlab_http_status(401)
      end
    end
  end

  describe 'DELETE /projects/:id/runners/:runner_id' do
    context 'authorized user' do
      context 'when runner have more than one associated projects' do
        it "disables project's runner" do
          expect do
            delete v3_api("/projects/#{project.id}/runners/#{two_projects_runner.id}", user)

            expect(response).to have_gitlab_http_status(200)
          end.to change { project.runners.count }.by(-1)
        end
      end

      context 'when runner have one associated projects' do
        it "does not disable project's runner" do
          expect do
            delete v3_api("/projects/#{project.id}/runners/#{specific_runner.id}", user)
          end.to change { project.runners.count }.by(0)
          expect(response).to have_gitlab_http_status(403)
        end
      end

      it 'returns 404 is runner is not found' do
        delete v3_api("/projects/#{project.id}/runners/9999", user)

        expect(response).to have_gitlab_http_status(404)
      end
    end

    context 'authorized user without permissions' do
      it "does not disable project's runner" do
        delete v3_api("/projects/#{project.id}/runners/#{specific_runner.id}", user2)

        expect(response).to have_gitlab_http_status(403)
      end
    end

    context 'unauthorized user' do
      it "does not disable project's runner" do
        delete v3_api("/projects/#{project.id}/runners/#{specific_runner.id}")

        expect(response).to have_gitlab_http_status(401)
      end
    end
  end
end