Commit 0d66c970 authored by Małgorzata Ksionek's avatar Małgorzata Ksionek

Add specs for git actions

parent 503150b6
...@@ -919,6 +919,44 @@ RSpec.describe User do ...@@ -919,6 +919,44 @@ RSpec.describe User do
end end
end end
describe '#password_based_login_forbidden?' do
context 'when user is provisioned by group' do
before do
user.user_detail.provisioned_by_group = build(:group)
end
it 'is true' do
expect(user.password_based_login_forbidden?).to eq true
end
context 'with feature flag switched off' do
before do
stub_feature_flags(block_password_auth_for_saml_users: false)
end
it 'is false' do
expect(user.password_based_login_forbidden?).to eq false
end
end
end
context 'when user is not provisioned by group' do
it 'is false' do
expect(user.password_based_login_forbidden?).to eq false
end
context 'with feature flag switched off' do
before do
stub_feature_flags(block_password_auth_for_saml_users: false)
end
it 'is false' do
expect(user.password_based_login_forbidden?).to eq false
end
end
end
end
describe '#using_license_seat?' do describe '#using_license_seat?' do
let(:user) { create(:user) } let(:user) { create(:user) }
......
...@@ -153,4 +153,40 @@ RSpec.describe 'Git HTTP requests' do ...@@ -153,4 +153,40 @@ RSpec.describe 'Git HTTP requests' do
it_behaves_like 'pulls are allowed' it_behaves_like 'pulls are allowed'
end end
describe 'when user cannot use password-based login' do
let(:user) { create(:user) }
let(:group) { create(:group) }
let(:project) { create(:project, :repository, :private, group: group) }
let(:env) { { user: user.username, password: user.password } }
let(:path) { "#{project.full_path}.git" }
before do
project.add_developer(user)
user.update!(provisioned_by_group: group)
end
context 'with feature flag switched off' do
before do
stub_feature_flags(block_password_auth_for_saml_users: false)
end
it_behaves_like 'pulls are allowed'
it_behaves_like 'pushes are allowed'
end
context 'with feature flag switched on' do
it 'responds with status 401 Unauthorized for pull action' do
download(path, **env) do |response|
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
it 'responds with status 401 Unauthorized for push action' do
upload(path, **env) do |response|
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment