installations_controller_spec.rb 2.76 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95
# frozen_string_literal: true

require 'spec_helper'

RSpec.describe JiraConnect::InstallationsController do
  let_it_be(:installation) { create(:jira_connect_installation) }

  describe 'GET /-/jira_connect/installations' do
    before do
      get '/-/jira_connect/installations', params: { jwt: jwt }
    end

    context 'without JWT' do
      let(:jwt) { nil }

      it 'returns 403' do
        expect(response).to have_gitlab_http_status(:forbidden)
      end
    end

    context 'with valid JWT' do
      let(:qsh) { Atlassian::Jwt.create_query_string_hash('https://gitlab.test/installations', 'GET', 'https://gitlab.test') }
      let(:jwt) { Atlassian::Jwt.encode({ iss: installation.client_key, qsh: qsh }, installation.shared_secret) }

      it 'returns status ok' do
        expect(response).to have_gitlab_http_status(:ok)
      end

      it 'returns the installation as json' do
        expect(json_response).to eq({
          'gitlab_com' => true,
          'instance_url' => nil
        })
      end

      context 'with instance_url' do
        let_it_be(:installation) { create(:jira_connect_installation, instance_url: 'https://example.com') }

        it 'returns the installation as json' do
          expect(json_response).to eq({
            'gitlab_com' => false,
            'instance_url' => 'https://example.com'
          })
        end
      end
    end
  end

  describe 'PUT /-/jira_connect/installations' do
    before do
      put '/-/jira_connect/installations', params: { jwt: jwt, installation: { instance_url: update_instance_url } }
    end

    let(:update_instance_url) { 'https://example.com' }

    context 'without JWT' do
      let(:jwt) { nil }

      it 'returns 403' do
        expect(response).to have_gitlab_http_status(:forbidden)
      end
    end

    context 'with valid JWT' do
      let(:qsh) { Atlassian::Jwt.create_query_string_hash('https://gitlab.test/subscriptions', 'GET', 'https://gitlab.test') }
      let(:jwt) { Atlassian::Jwt.encode({ iss: installation.client_key, qsh: qsh }, installation.shared_secret) }

      it 'returns 200' do
        expect(response).to have_gitlab_http_status(:ok)
      end

      it 'updates the instance_url' do
        expect(json_response).to eq({
          'gitlab_com' => false,
          'instance_url' => 'https://example.com'
        })
      end

      context 'invalid URL' do
        let(:update_instance_url) { 'invalid url' }

        it 'returns 422 and errors', :aggregate_failures do
          expect(response).to have_gitlab_http_status(:unprocessable_entity)
          expect(json_response).to eq({
            'errors' => {
              'instance_url' => [
                'is blocked: Only allowed schemes are http, https'
              ]
            }
          })
        end
      end
    end
  end
end