1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Import::BitbucketServerService do
let_it_be(:user) { create(:user) }
let(:base_uri) { "https://test:7990" }
let(:token) { "asdasd12345" }
let(:secret) { "sekrettt" }
let(:project_key) { 'TES' }
let(:repo_slug) { 'vim' }
let(:repo) do
{
name: 'vim',
description: 'test',
visibility_level: Gitlab::VisibilityLevel::PUBLIC,
browse_url: 'http://repo.com/repo/repo',
clone_url: 'http://repo.com/repo/repo.git'
}
end
let(:client) { double(BitbucketServer::Client) }
let(:credentials) { { base_uri: base_uri, user: user, password: token } }
let(:params) { { bitbucket_server_url: base_uri, bitbucket_server_username: user, personal_access_token: token, bitbucket_server_project: project_key, bitbucket_server_repo: repo_slug } }
subject { described_class.new(client, user, params) }
before do
allow(subject).to receive(:authorized?).and_return(true)
end
context 'when no repo is found' do
before do
allow(subject).to receive(:authorized?).and_return(true)
allow(client).to receive(:repo).and_return(nil)
end
it 'returns an error' do
result = subject.execute(credentials)
expect(result).to include(
message: "Project #{project_key}/#{repo_slug} could not be found",
status: :error,
http_status: :unprocessable_entity
)
end
end
context 'when import source is disabled' do
before do
stub_application_setting(import_sources: nil)
allow(subject).to receive(:authorized?).and_return(true)
allow(client).to receive(:repo).with(project_key, repo_slug).and_return(double(repo))
end
it 'returns forbidden' do
result = subject.execute(credentials)
expect(result).to include(
status: :error,
http_status: :forbidden
)
end
end
context 'when user is unauthorized' do
before do
allow(subject).to receive(:authorized?).and_return(false)
end
it 'returns an error' do
result = subject.execute(credentials)
expect(result).to include(
message: "You don't have permissions to create this project",
status: :error,
http_status: :unauthorized
)
end
end
context 'verify url' do
shared_examples 'denies local request' do
before do
allow(client).to receive(:repo).with(project_key, repo_slug).and_return(double(repo))
end
it 'does not allow requests' do
result = subject.execute(credentials)
expect(result[:status]).to eq(:error)
expect(result[:message]).to include("Invalid URL:")
end
end
context 'when host is localhost' do
before do
allow(subject).to receive(:url).and_return('https://localhost:3000')
end
include_examples 'denies local request'
end
context 'when host is on local network' do
before do
allow(subject).to receive(:url).and_return('https://192.168.0.191')
end
include_examples 'denies local request'
end
context 'when host is ftp protocol' do
before do
allow(subject).to receive(:url).and_return('ftp://testing')
end
include_examples 'denies local request'
end
end
it 'raises an exception for unknown error causes' do
exception = StandardError.new('Not Implemented')
allow(client).to receive(:repo).and_raise(exception)
expect(Gitlab::Import::Logger).not_to receive(:error)
expect { subject.execute(credentials) }.to raise_error(exception)
end
end
|