spec/services/import/gitlab_projects/file_acquisition_strategies/remote_file_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe ::Import::GitlabProjects::FileAcquisitionStrategies::RemoteFile, :aggregate_failures do
  let(:remote_url) { 'https://external.file.path/file.tar.gz' }
  let(:params) { { remote_import_url: remote_url } }

  subject { described_class.new(params: params) }

  before do
    stub_headers_for(remote_url, {
      'content-length' => 10.gigabytes,
      'content-type' => 'application/gzip'
    })
  end

  describe 'validation' do
    it { expect(subject).to be_valid }

    context 'file_url validation' do
      let(:remote_url) { 'ftp://invalid.url/file.tar.gz' }

      it 'validates the file_url scheme' do
        expect(subject).not_to be_valid
        expect(subject.errors.full_messages)
          .to include("File url is blocked: Only allowed schemes are https")
      end

      context 'when localhost urls are not allowed' do
        let(:remote_url) { 'https://localhost:3000/file.tar.gz' }

        it 'validates the file_url' do
          stub_application_setting(allow_local_requests_from_web_hooks_and_services: false)

          expect(subject).not_to be_valid
          expect(subject.errors.full_messages)
            .to include("File url is blocked: Requests to localhost are not allowed")
        end
      end
    end

    context 'when import_project_from_remote_file_s3 is enabled' do
      before do
        stub_feature_flags(import_project_from_remote_file_s3: true)
      end

      context 'when the HTTP request fail to recover the headers' do
        it 'adds the error message' do
          expect(Gitlab::HTTP)
            .to receive(:head)
            .and_raise(StandardError, 'request invalid')

          expect(subject).not_to be_valid
          expect(subject.errors.full_messages)
            .to include('Failed to retrive headers: request invalid')
        end
      end

      it 'validates the remote content-length' do
        stub_headers_for(remote_url, { 'content-length' => 11.gigabytes })

        expect(subject).not_to be_valid
        expect(subject.errors.full_messages)
          .to include('Content length is too big (should be at most 10 GB)')
      end

      it 'validates the remote content-type' do
        stub_headers_for(remote_url, { 'content-type' => 'unknown' })

        expect(subject).not_to be_valid
        expect(subject.errors.full_messages)
          .to include("Content type 'unknown' not allowed. (Allowed: application/gzip, application/x-tar, application/x-gzip)")
      end

      context 'when trying to import from AWS S3' do
        it 'adds an error suggesting to use `projects/remote-import-s3`' do
          stub_headers_for(
            remote_url,
            'Server' => 'AmazonS3',
            'x-amz-request-id' => 'some-id'
          )

          expect(subject).not_to be_valid
          expect(subject.errors.full_messages)
            .to include('To import from AWS S3 use `projects/remote-import-s3`')
        end
      end
    end

    context 'when import_project_from_remote_file_s3 is disabled' do
      before do
        stub_feature_flags(import_project_from_remote_file_s3: false)
      end

      context 'when trying to import from AWS S3' do
        it 'does not validate the remote content-length or content-type' do
          stub_headers_for(
            remote_url,
            'Server' => 'AmazonS3',
            'x-amz-request-id' => 'some-id',
            'content-length' => 11.gigabytes,
            'content-type' => 'unknown'
          )

          expect(subject).to be_valid
        end
      end

      context 'when NOT trying to import from AWS S3' do
        it 'validates content-length and content-type' do
          stub_headers_for(
            remote_url,
            'Server' => 'NOT AWS S3',
            'content-length' => 11.gigabytes,
            'content-type' => 'unknown'
          )

          expect(subject).not_to be_valid

          expect(subject.errors.full_messages)
            .to include("Content type 'unknown' not allowed. (Allowed: application/gzip, application/x-tar, application/x-gzip)")
          expect(subject.errors.full_messages)
            .to include('Content length is too big (should be at most 10 GB)')
        end
      end
    end
  end

  describe '#project_params' do
    it 'returns import_export_upload in the params' do
      subject = described_class.new(params: { remote_import_url: remote_url })

      expect(subject.project_params).to match(
        import_export_upload: an_instance_of(::ImportExportUpload)
      )
      expect(subject.project_params[:import_export_upload]).to have_attributes(
        remote_import_url: remote_url
      )
    end
  end

  def stub_headers_for(url, headers = {})
    allow(Gitlab::HTTP)
      .to receive(:head)
      .with(remote_url, timeout: 1.second)
      .and_return(double(headers: headers)) # rubocop: disable RSpec/VerifiedDoubles
  end
end