Skip to content

G
gitlab-ce
Commit 229fd8af authored by nmilojevic1's avatar nmilojevic1
Browse files
Options

Add specs for both SharedState and Sessions store

parent e6551492
Expand all Show whitespace changes
Inline Side-by-side
Showing with 1858 additions and 1688 deletions
ee/spec/controllers/groups/dependency_proxy_for_containers_controller_spec.rb
View file @ 229fd8af
......@@ -45,7 +45,8 @@ RSpec.describe Groups::DependencyProxyForContainersController do
expect(response).to have_gitlab_http_status(:not_found)
end
context 'with an active session', :clean_gitlab_redis_shared_state do
shared_examples 'active session' do
context 'with an active session' do
let(:session_id) { '42' }
let(:session_time) { 5.minutes.ago }
let(:stored_session) do
......@@ -53,7 +54,7 @@ RSpec.describe Groups::DependencyProxyForContainersController do
end
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id}", Marshal.dump(stored_session))
redis.sadd("session:lookup:user:gitlab:#{user.id}", [session_id])
end
......@@ -63,6 +64,9 @@ RSpec.describe Groups::DependencyProxyForContainersController do
end
end
it_behaves_like 'redis sessions store', 'active session'
end
context 'when git check is not enforced' do
it_behaves_like successful_example
end
......
ee/spec/features/users/login_spec.rb
View file @ 229fd8af
......@@ -85,7 +85,12 @@ RSpec.describe 'Login' do
expect(page.body).to have_link('Register now', href: new_user_registration_path)
end
describe 'with two-factor authentication required', :clean_gitlab_redis_shared_state do
RSpec.shared_examples_for 'two-factor authentication' do
before do
load Rails.root.join('config/initializers/session_store.rb')
end
describe 'with two-factor authentication required' do
let_it_be(:user) { create(:user) }
let_it_be(:smartcard_identity) { create(:smartcard_identity, user: user) }
......@@ -124,6 +129,9 @@ RSpec.describe 'Login' do
end
end
end
it_behaves_like 'redis sessions store', 'two-factor authentication'
end
end
end
......
ee/spec/lib/gitlab/auth/group_saml/session_enforcer_spec.rb
View file @ 229fd8af
......@@ -9,6 +9,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
end
end
RSpec.shared_examples_for 'group saml session enforcer' do
describe '#access_restricted' do
let_it_be(:saml_provider) { create(:saml_provider, enforced_sso: true) }
let_it_be(:user) { create(:user) }
......@@ -27,7 +28,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
allow(saml_provider).to receive(:git_check_enforced?).and_return(true)
end
context 'with an active session', :clean_gitlab_redis_shared_state do
context 'with an active session' do
let(:session_id) { '42' }
let(:session_time) { 5.minutes.ago }
let(:stored_session) do
......@@ -35,7 +36,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
end
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id}", Marshal.dump(stored_session))
redis.sadd("session:lookup:user:gitlab:#{user.id}", [session_id])
end
......@@ -63,14 +64,14 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
end
end
context 'with two active sessions', :clean_gitlab_redis_shared_state do
context 'with two active sessions' do
let(:second_session_id) { '52' }
let(:second_stored_session) do
{ 'active_group_sso_sign_ins' => { create(:saml_provider, enforced_sso: true).id => session_time } }
end
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{second_session_id}", Marshal.dump(second_stored_session))
redis.sadd("session:lookup:user:gitlab:#{user.id}", [session_id, second_session_id])
end
......@@ -79,7 +80,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
it_behaves_like 'not enforced'
end
context 'with two active sessions for the same provider and one pre-sso', :clean_gitlab_redis_shared_state do
context 'with two active sessions for the same provider and one pre-sso' do
let(:second_session_id) { '52' }
let(:third_session_id) { '62' }
let(:second_stored_session) do
......@@ -87,7 +88,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
end
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{second_session_id}", Marshal.dump(second_stored_session))
redis.set("session:gitlab:#{third_session_id}", Marshal.dump({}))
redis.sadd("session:lookup:user:gitlab:#{user.id}", [session_id, second_session_id, third_session_id])
......@@ -192,14 +193,14 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
allow(saml_provider).to receive(:git_check_enforced?).and_return(false)
end
context 'with an active session', :clean_gitlab_redis_shared_state do
context 'with an active session' do
let(:session_id) { '42' }
let(:stored_session) do
{ 'active_group_sso_sign_ins' => { saml_provider.id => 5.minutes.ago } }
end
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id}", Marshal.dump(stored_session))
redis.sadd("session:lookup:user:gitlab:#{user.id}", [session_id])
end
......@@ -213,4 +214,7 @@ RSpec.describe Gitlab::Auth::GroupSaml::SessionEnforcer do
end
end
end
end
it_behaves_like 'redis sessions store', 'group saml session enforcer'
end
ee/spec/lib/gitlab/auth/otp/session_enforcer_spec.rb
View file @ 229fd8af
......@@ -2,7 +2,8 @@
require 'spec_helper'
RSpec.describe Gitlab::Auth::Otp::SessionEnforcer, :clean_gitlab_redis_shared_state do
RSpec.describe Gitlab::Auth::Otp::SessionEnforcer do
shared_examples_for 'otp session enforcer' do
let_it_be(:key) { create(:key)}
describe '#update_session' do
......@@ -13,12 +14,12 @@ RSpec.describe Gitlab::Auth::Otp::SessionEnforcer, :clean_gitlab_redis_shared_st
end
it 'registers a session in Redis' do
expect(Gitlab::Redis::SharedState).to receive(:with).and_yield(redis)
expect(redis_store_class).to receive(:with).and_yield(redis)
session_expiry_in_seconds = Gitlab::CurrentSettings.git_two_factor_session_expiry.minutes.to_i
expect(redis).to(
receive(:setex)
.with("#{described_class::OTP_SESSIONS_NAMESPACE}:#{key.id}",
.with("#{::Gitlab::Redis::Sessions::OTP_SESSIONS_NAMESPACE}:#{key.id}",
session_expiry_in_seconds,
true)
.once)
......@@ -48,8 +49,8 @@ RSpec.describe Gitlab::Auth::Otp::SessionEnforcer, :clean_gitlab_redis_shared_st
context 'with existing session' do
before do
Gitlab::Redis::SharedState.with do |redis|
redis.set("#{described_class::OTP_SESSIONS_NAMESPACE}:#{key.id}", true )
redis_store_class.with do |redis|
redis.set("#{::Gitlab::Redis::Sessions::OTP_SESSIONS_NAMESPACE}:#{key.id}", true )
end
end
......@@ -60,4 +61,7 @@ RSpec.describe Gitlab::Auth::Otp::SessionEnforcer, :clean_gitlab_redis_shared_st
it { is_expected.to be_truthy }
end
end
end
it_behaves_like 'redis sessions store', 'otp session enforcer'
end
ee/spec/lib/gitlab/auth/smartcard/session_enforcer_spec.rb
View file @ 229fd8af
......@@ -29,14 +29,15 @@ RSpec.describe Gitlab::Auth::Smartcard::SessionEnforcer do
stub_smartcard_setting(enabled: true, required_for_git_access: true)
end
context 'with a smartcard session', :clean_gitlab_redis_shared_state do
RSpec.shared_examples_for 'smartcard session' do
context 'with a smartcard session' do
let(:session_id) { '42' }
let(:stored_session) do
{ 'smartcard_signins' => { 'last_signin_at' => 5.minutes.ago } }
end
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id}", Marshal.dump(stored_session))
redis.sadd("session:lookup:user:gitlab:#{user.id}", [session_id])
end
......@@ -44,6 +45,9 @@ RSpec.describe Gitlab::Auth::Smartcard::SessionEnforcer do
it { is_expected.to be_falsey }
end
end
it_behaves_like 'redis sessions store', 'smartcard session'
context 'without any session' do
it { is_expected.to be_truthy }
......
ee/spec/lib/gitlab/auth/smartcard/session_spec.rb
View file @ 229fd8af
......@@ -3,19 +3,20 @@
require 'spec_helper'
RSpec.describe Gitlab::Auth::Smartcard::Session do
RSpec.shared_examples_for 'smartcard session' do
describe '#active?' do
let(:user) { create(:user) }
subject { described_class.new.active?(user) }
context 'with a smartcard session', :clean_gitlab_redis_shared_state do
context 'with a smartcard session' do
let(:session_id) { '42' }
let(:stored_session) do
{ 'smartcard_signins' => { 'last_signin_at' => 5.minutes.ago } }
end
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id}", Marshal.dump(stored_session))
redis.sadd("session:lookup:user:gitlab:#{user.id}", [session_id])
end
......@@ -44,4 +45,7 @@ RSpec.describe Gitlab::Auth::Smartcard::Session do
expect(Gitlab::Session.current[:smartcard_signins]).to eq({ 'last_signin_at' => now })
end
end
end
it_behaves_like 'redis sessions store', 'smartcard session'
end
ee/spec/lib/gitlab/git_access_spec.rb
View file @ 229fd8af
......@@ -704,6 +704,7 @@ RSpec.describe Gitlab::GitAccess do
end
end
RSpec.shared_examples_for 'checks smartcard access & otp session' do
describe '#check_smartcard_access!' do
before do
stub_licensed_features(smartcard_auth: true)
......@@ -712,14 +713,14 @@ RSpec.describe Gitlab::GitAccess do
project.add_developer(user)
end
context 'user with a smartcard session', :clean_gitlab_redis_shared_state do
context 'user with a smartcard session' do
let(:session_id) { '42' }
let(:stored_session) do
{ 'smartcard_signins' => { 'last_signin_at' => 5.minutes.ago } }
end
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id}", Marshal.dump(stored_session))
redis.sadd("session:lookup:user:gitlab:#{user.id}", [session_id])
end
......@@ -772,10 +773,10 @@ RSpec.describe Gitlab::GitAccess do
stub_licensed_features(git_two_factor_enforcement: true)
end
context 'with an OTP session', :clean_gitlab_redis_shared_state do
context 'with an OTP session' do
before do
Gitlab::Redis::SharedState.with do |redis|
redis.set("#{Gitlab::Auth::Otp::SessionEnforcer::OTP_SESSIONS_NAMESPACE}:#{key.id}", true)
redis_store_class.with do |redis|
redis.set("#{Gitlab::Redis::Sessions::OTP_SESSIONS_NAMESPACE}:#{key.id}", true)
end
end
......@@ -803,11 +804,11 @@ RSpec.describe Gitlab::GitAccess do
def stub_redis
redis = double(:redis)
expect(Gitlab::Redis::SharedState).to receive(:with).at_most(:twice).and_yield(redis)
expect(redis_store_class).to receive(:with).at_most(:twice).and_yield(redis)
expect(redis).to(
receive(:get)
.with("#{Gitlab::Auth::Otp::SessionEnforcer::OTP_SESSIONS_NAMESPACE}:#{key.id}"))
.with("#{Gitlab::Redis::Sessions::OTP_SESSIONS_NAMESPACE}:#{key.id}"))
.at_most(:twice)
.and_return(value_of_key)
end
......@@ -929,6 +930,9 @@ RSpec.describe Gitlab::GitAccess do
end
end
end
end
it_behaves_like 'redis sessions store', 'checks smartcard access & otp session'
describe '#check_sso_session!' do
before do
......
ee/spec/requests/api/internal/base_spec.rb
View file @ 229fd8af
......@@ -154,14 +154,15 @@ RSpec.describe API::Internal::Base do
project.add_developer(user)
end
context 'user with a smartcard session', :clean_gitlab_redis_shared_state do
RSpec.shared_examples_for 'smartcard session' do
context 'user with a smartcard session' do
let(:session_id) { '42' }
let(:stored_session) do
{ 'smartcard_signins' => { 'last_signin_at' => 5.minutes.ago } }
end
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id}", Marshal.dump(stored_session))
redis.sadd("session:lookup:user:gitlab:#{user.id}", [session_id])
end
......@@ -173,6 +174,9 @@ RSpec.describe API::Internal::Base do
expect(response).to have_gitlab_http_status(:ok)
end
end
end
it_behaves_like 'redis sessions store', 'smartcard session'
context 'user without a smartcard session' do
it "does not allow access" do
......
ee/spec/requests/repositories/git_http_controller_spec.rb
View file @ 229fd8af
......@@ -54,14 +54,15 @@ RSpec.describe Repositories::GitHttpController, type: :request do
project.add_developer(user)
end
context 'user with a smartcard session', :clean_gitlab_redis_shared_state do
RSpec.shared_examples_for 'smartcard session' do
context 'user with a smartcard session' do
let(:session_id) { '42' }
let(:stored_session) do
{ 'smartcard_signins' => { 'last_signin_at' => 5.minutes.ago } }
end
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id}", Marshal.dump(stored_session))
redis.sadd("session:lookup:user:gitlab:#{user.id}", [session_id])
end
......@@ -73,6 +74,9 @@ RSpec.describe Repositories::GitHttpController, type: :request do
expect(response).to have_gitlab_http_status(:ok)
end
end
end
it_behaves_like 'redis sessions store', 'smartcard session'
context 'user without a smartcard session' do
it "does not allow access" do
......
spec/channels/application_cable/connection_spec.rb
View file @ 229fd8af
......@@ -2,12 +2,13 @@
require 'spec_helper'
RSpec.describe ApplicationCable::Connection, :clean_gitlab_redis_shared_state do
RSpec.describe ApplicationCable::Connection do
RSpec.shared_examples_for 'ApplicationCable::Connection' do
let(:session_id) { Rack::Session::SessionId.new('6919a6f1bb119dd7396fadc38fd18d0d') }
context 'when session cookie is set' do
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id.private_id}", Marshal.dump(session_hash))
end
......@@ -64,4 +65,7 @@ RSpec.describe ApplicationCable::Connection, :clean_gitlab_redis_shared_state do
expect(connection.current_user).to be_nil
end
end
end
it_behaves_like 'redis sessions store', 'ApplicationCable::Connection'
end
spec/features/users/active_sessions_spec.rb
View file @ 229fd8af
......@@ -2,7 +2,8 @@
require 'spec_helper'
RSpec.describe 'Active user sessions', :clean_gitlab_redis_shared_state do
RSpec.describe 'Active user sessions' do
RSpec.shared_examples_for 'active user sessions' do
it 'successful login adds a new active user login' do
now = Time.zone.parse('2018-03-12 09:06')
Timecop.freeze(now) do
......@@ -29,13 +30,13 @@ RSpec.describe 'Active user sessions', :clean_gitlab_redis_shared_state do
it 'successful login cleans up obsolete entries' do
user = create(:user)
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.sadd("session:lookup:user:gitlab:#{user.id}", '59822c7d9fcdfa03725eff41782ad97d')
end
gitlab_sign_in(user)
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
expect(redis.smembers("session:lookup:user:gitlab:#{user.id}")).not_to include '59822c7d9fcdfa03725eff41782ad97d'
end
end
......@@ -44,14 +45,14 @@ RSpec.describe 'Active user sessions', :clean_gitlab_redis_shared_state do
user = create(:user)
personal_access_token = create(:personal_access_token, user: user)
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.sadd("session:lookup:user:gitlab:#{user.id}", '59822c7d9fcdfa03725eff41782ad97d')
end
visit user_path(user, :atom, private_token: personal_access_token.token)
expect(page.status_code).to eq 200
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
expect(redis.smembers("session:lookup:user:gitlab:#{user.id}")).to include '59822c7d9fcdfa03725eff41782ad97d'
end
end
......@@ -68,4 +69,7 @@ RSpec.describe 'Active user sessions', :clean_gitlab_redis_shared_state do
expect(ActiveSession.list(user)).to be_empty
end
end
it_behaves_like 'redis sessions store', 'active user sessions'
end
spec/features/users/anonymous_sessions_spec.rb
View file @ 229fd8af
......@@ -2,9 +2,10 @@
require 'spec_helper'
RSpec.describe 'Session TTLs', :clean_gitlab_redis_shared_state do
RSpec.describe 'Session TTLs' do
include SessionHelpers
RSpec.shared_examples_for 'session ttls' do
it 'creates a session with a short TTL when login fails' do
visit new_user_session_path
# The session key only gets created after a post
......@@ -14,7 +15,7 @@ RSpec.describe 'Session TTLs', :clean_gitlab_redis_shared_state do
expect(page).to have_content('Invalid login or password')
expect_single_session_with_short_ttl
expect_single_session_with_short_ttl(redis_store_class)
end
it 'increases the TTL when the login succeeds' do
......@@ -23,7 +24,7 @@ RSpec.describe 'Session TTLs', :clean_gitlab_redis_shared_state do
expect(page).to have_content(user.name)
expect_single_session_with_authenticated_ttl
expect_single_session_with_authenticated_ttl(redis_store_class)
end
context 'with an unauthorized project' do
......@@ -32,8 +33,11 @@ RSpec.describe 'Session TTLs', :clean_gitlab_redis_shared_state do
it 'creates a session with a short TTL' do
visit project_raw_path(project, 'master/README.md')
expect_single_session_with_short_ttl
expect_single_session_with_short_ttl(redis_store_class)
expect(page).to have_current_path(new_user_session_path)
end
end
end
it_behaves_like 'redis sessions store', 'session ttls'
end
spec/features/users/login_spec.rb
View file @ 229fd8af
......@@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
RSpec.describe 'Login' do
include TermsHelper
include UserLoginHelper
include SessionHelpers
......@@ -11,6 +11,11 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
stub_authentication_activity_metrics(debug: true)
end
RSpec.shared_examples_for 'login' do
before do
load Rails.root.join('config/initializers/session_store.rb')
end
describe 'password reset token after successful sign in' do
it 'invalidates password reset token' do
expect(authentication_metrics)
......@@ -60,7 +65,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
fill_in 'user_password', with: 'password'
click_button 'Sign in'
expect_single_session_with_authenticated_ttl
expect_single_session_with_authenticated_ttl(redis_store_class)
expect(current_path).to eq root_path
end
......@@ -84,7 +89,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
expect(page).to have_content('Your account has been blocked.')
end
it 'does not update Devise trackable attributes', :clean_gitlab_redis_shared_state do
it 'does not update Devise trackable attributes' do
expect(authentication_metrics)
.to increment(:user_blocked_counter)
.and increment(:user_unauthenticated_counter)
......@@ -161,7 +166,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
expect(page).to have_content('Invalid login or password.')
end
it 'does not update Devise trackable attributes', :clean_gitlab_redis_shared_state do
it 'does not update Devise trackable attributes' do
expect(authentication_metrics)
.to increment(:user_unauthenticated_counter)
.and increment(:user_password_invalid_counter)
......@@ -206,7 +211,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
enter_code(user.current_otp)
expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated'))
expect_single_session_with_authenticated_ttl
expect_single_session_with_authenticated_ttl(redis_store_class)
end
it 'does not allow sign-in if the user password is updated before entering a one-time code' do
......@@ -225,7 +230,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
enter_code(user.current_otp)
expect_single_session_with_authenticated_ttl
expect_single_session_with_authenticated_ttl(redis_store_class)
expect(current_path).to eq root_path
end
......@@ -254,7 +259,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
enter_code(user.current_otp)
expect_single_session_with_authenticated_ttl
expect_single_session_with_authenticated_ttl(redis_store_class)
expect(current_path).to eq root_path
end
......@@ -371,7 +376,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
sign_in_using_saml!
expect_single_session_with_authenticated_ttl
expect_single_session_with_authenticated_ttl(redis_store_class)
expect(page).not_to have_content('Two-Factor Authentication')
expect(current_path).to eq root_path
end
......@@ -390,7 +395,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
enter_code(user.current_otp)
expect_single_session_with_authenticated_ttl
expect_single_session_with_authenticated_ttl(redis_store_class)
expect(current_path).to eq root_path
end
end
......@@ -411,7 +416,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
gitlab_sign_in(user)
expect_single_session_with_authenticated_ttl
expect_single_session_with_authenticated_ttl(redis_store_class)
expect(current_path).to eq root_path
expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated'))
end
......@@ -423,7 +428,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
gitlab_sign_in(user)
visit new_user_session_path
expect_single_session_with_authenticated_ttl
expect_single_session_with_authenticated_ttl(redis_store_class)
expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated'))
end
......@@ -465,7 +470,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
gitlab_sign_in(user)
expect_single_session_with_short_ttl
expect_single_session_with_short_ttl(redis_store_class)
expect(page).to have_content('Invalid login or password.')
end
end
......@@ -952,4 +957,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_shared_state do
end
end
end
end
it_behaves_like 'redis sessions store', 'login'
end
spec/initializers/session_store_spec.rb
View file @ 229fd8af
......@@ -10,25 +10,37 @@ RSpec.describe 'Session initializer for GitLab' do
end
describe 'config#session_store' do
context 'when the GITLAB_REDIS_STORE_WITH_SESSION_STORE env is not set' do
context 'when the GITLAB_USE_REDIS_SESSIONS_STORE env is not set' do
before do
stub_env('GITLAB_REDIS_STORE_WITH_SESSION_STORE', nil)
stub_env('GITLAB_USE_REDIS_SESSIONS_STORE', nil)
end
it 'initialized as a redis_store with a proper Redis::Store instance' do
it 'initialized with Multistore as ENV var defaults to true' do
expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(redis_store: kind_of(::Redis::Store)))
load_session_store
end
end
context 'when the GITLAB_REDIS_STORE_WITH_SESSION_STORE env is disabled' do
context 'when the GITLAB_USE_REDIS_SESSIONS_STORE env is disabled' do
before do
stub_env('GITLAB_REDIS_STORE_WITH_SESSION_STORE', false)
stub_env('GITLAB_USE_REDIS_SESSIONS_STORE', false)
end
it 'initialized as a redis_store with a proper servers configuration' do
expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(servers: kind_of(Hash)))
expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(redis_store: kind_of(Redis::Store)))
load_session_store
end
end
context 'when the GITLAB_USE_REDIS_SESSIONS_STORE env is enabled' do
before do
stub_env('GITLAB_USE_REDIS_SESSIONS_STORE', true)
end
it 'initialized as a redis_store with a proper servers configuration' do
expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(redis_store: kind_of(::Redis::Store)))
load_session_store
end
......
spec/lib/gitlab/anonymous_session_spec.rb
View file @ 229fd8af
......@@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe Gitlab::AnonymousSession, :clean_gitlab_redis_shared_state do
RSpec.describe Gitlab::AnonymousSession do
let(:default_session_id) { '6919a6f1bb119dd7396fadc38fd18d0d' }
let(:additional_session_id) { '7919a6f1bb119dd7396fadc38fd18d0d' }
......@@ -12,11 +12,12 @@ RSpec.describe Gitlab::AnonymousSession, :clean_gitlab_redis_shared_state do
described_class.new('127.0.0.1')
end
RSpec.shared_examples_for 'anonymous sessions' do
describe '#store_session_ip' do
it 'adds session id to proper key' do
subject.count_session_ip
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
expect(redis.get("session:lookup:ip:gitlab2:127.0.0.1").to_i).to eq 1
end
end
......@@ -25,7 +26,7 @@ RSpec.describe Gitlab::AnonymousSession, :clean_gitlab_redis_shared_state do
freeze_time do
subject.count_session_ip
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
expect(redis.ttl("session:lookup:ip:gitlab2:127.0.0.1")).to eq(24.hours.to_i)
end
end
......@@ -36,7 +37,7 @@ RSpec.describe Gitlab::AnonymousSession, :clean_gitlab_redis_shared_state do
subject.count_session_ip
new_anonymous_session.count_session_ip
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
expect(redis.get("session:lookup:ip:gitlab2:127.0.0.1").to_i).to eq(2)
end
end
......@@ -45,7 +46,7 @@ RSpec.describe Gitlab::AnonymousSession, :clean_gitlab_redis_shared_state do
describe '#stored_sessions' do
it 'returns all anonymous sessions per ip' do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:lookup:ip:gitlab2:127.0.0.1", 2)
end
......@@ -54,14 +55,17 @@ RSpec.describe Gitlab::AnonymousSession, :clean_gitlab_redis_shared_state do
end
it 'removes obsolete lookup through ip entries' do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:lookup:ip:gitlab2:127.0.0.1", 2)
end
subject.cleanup_session_per_ip_count
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
expect(redis.exists("session:lookup:ip:gitlab2:127.0.0.1")).to eq(false)
end
end
end
it_behaves_like 'redis sessions store', 'anonymous sessions'
end
spec/lib/gitlab/redis/sessions_spec.rb
View file @ 229fd8af
......@@ -4,4 +4,54 @@ require 'spec_helper'
RSpec.describe Gitlab::Redis::Sessions do
include_examples "redis_new_instance_shared_examples", 'sessions', Gitlab::Redis::SharedState
describe 'redis instance used in connection pool' do
before do
clear_pool
end
context 'when redis.sessions configuration is not provided' do
it 'uses ::Redis instance' do
expect(described_class).to receive(:config_fallback?).and_return(true)
described_class.pool.with do |redis_instance|
expect(redis_instance).to be_instance_of(::Redis)
end
end
end
context 'when redis.sessions configuration is provided' do
it 'instantiates an instance of MultiStore' do
expect(described_class).to receive(:config_fallback?).and_return(false)
described_class.pool.with do |redis_instance|
expect(redis_instance).to be_instance_of(::Gitlab::Redis::MultiStore)
end
end
end
def clear_pool
described_class.remove_instance_variable(:@pool)
rescue NameError
# raised if @pool was not set; ignore
end
end
describe '#store' do
subject { described_class.store(namespace: described_class::SESSION_NAMESPACE) }
context 'when redis.sessions configuration is provided' do
it 'instantiates ::Redis instance' do
expect(described_class).to receive(:config_fallback?).and_return(true)
expect(subject).to be_instance_of(::Redis::Store)
end
end
context 'when redis.sessions configuration is not provided' do
it 'instantiates an instance of MultiStore' do
expect(described_class).to receive(:config_fallback?).and_return(false)
expect(subject).to be_instance_of(::Gitlab::Redis::MultiStore)
end
end
end
end
spec/models/active_session_spec.rb
View file @ 229fd8af
This diff is collapsed.
spec/requests/api/commits_spec.rb
View file @ 229fd8af
......@@ -376,12 +376,13 @@ RSpec.describe API::Commits do
end
end
RSpec.shared_examples_for 'warden user session' do
context 'when using warden' do
it 'increments usage counters', :clean_gitlab_redis_shared_state do
it 'increments usage counters' do
session_id = Rack::Session::SessionId.new('6919a6f1bb119dd7396fadc38fd18d0d')
session_hash = { 'warden.user.user.key' => [[user.id], user.encrypted_password[0, 29]] }
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id.private_id}", Marshal.dump(session_hash))
end
......@@ -393,6 +394,9 @@ RSpec.describe API::Commits do
post api(url), params: valid_c_params
end
end
end
it_behaves_like 'redis sessions store', 'warden user session'
context 'a new file in project repo' do
before do
......
spec/support/helpers/session_helpers.rb
View file @ 229fd8af
# frozen_string_literal: true
module SessionHelpers
def expect_single_session_with_authenticated_ttl
expect_single_session_with_expiration(Settings.gitlab['session_expire_delay'] * 60)
def expect_single_session_with_authenticated_ttl(redis_store_class)
expect_single_session_with_expiration(redis_store_class, Settings.gitlab['session_expire_delay'] * 60)
end
def expect_single_session_with_short_ttl
expect_single_session_with_expiration(Settings.gitlab['unauthenticated_session_expire_delay'])
def expect_single_session_with_short_ttl(redis_store_class)
expect_single_session_with_expiration(redis_store_class, Settings.gitlab['unauthenticated_session_expire_delay'])
end
def expect_single_session_with_expiration(expiration)
session_keys = get_session_keys
def expect_single_session_with_expiration(redis_store_class, expiration)
session_keys = get_session_keys(redis_store_class)
expect(session_keys.size).to eq(1)
expect(get_ttl(session_keys.first)).to be_within(5).of(expiration)
expect(get_ttl(redis_store_class, session_keys.first)).to be_within(5).of(expiration)
end
def get_session_keys
Gitlab::Redis::SharedState.with { |redis| redis.scan_each(match: 'session:gitlab:*').to_a }
def get_session_keys(redis_store_class)
redis_store_class.with { |redis| redis.scan_each(match: 'session:gitlab:*').to_a }
end
def get_ttl(key)
Gitlab::Redis::SharedState.with { |redis| redis.ttl(key) }
def get_ttl(redis_store_class, key)
redis_store_class.with { |redis| redis.ttl(key) }
end
end
spec/support/redis/redis_shared_examples.rb
View file @ 229fd8af
......@@ -93,18 +93,23 @@ RSpec.shared_examples "redis_shared_examples" do
subject { described_class.new(rails_env).store }
shared_examples 'redis store' do
let(:redis_store) { ::Redis::Store }
let(:redis_store_to_s) { "Redis Client connected to #{host} against DB #{redis_database}" }
it 'instantiates Redis::Store' do
is_expected.to be_a(::Redis::Store)
expect(subject.to_s).to eq("Redis Client connected to #{host} against DB #{redis_database}")
is_expected.to be_a(redis_store)
expect(subject.to_s).to eq(redis_store_to_s)
end
context 'with the namespace' do
let(:namespace) { 'namespace_name' }
let(:redis_store_to_s) { "Redis Client connected to #{host} against DB #{redis_database} with namespace #{namespace}" }
subject { described_class.new(rails_env).store(namespace: namespace) }
it "uses specified namespace" do
expect(subject.to_s).to eq("Redis Client connected to #{host} against DB #{redis_database} with namespace #{namespace}")
expect(subject.to_s).to eq(redis_store_to_s)
end
end
end
......
spec/support/shared_examples/lib/gitlab/redis/redis_sessions_store_shared_examples.rb 0 → 100644
View file @ 229fd8af
# frozen_string_literal: true
RSpec.shared_examples 'redis sessions store' do |example|
context 'when ENV[GITLAB_USE_REDIS_SESSIONS_STORE] is true', :clean_gitlab_redis_sessions do
before do
stub_env('GITLAB_USE_REDIS_SESSIONS_STORE', 'true')
end
it_behaves_like example do
let(:redis_store_class) { Gitlab::Redis::Sessions }
end
end
context 'when ENV[GITLAB_USE_REDIS_SESSIONS_STORE] is false', :clean_gitlab_redis_shared_state do
before do
stub_env('GITLAB_USE_REDIS_SESSIONS_STORE', 'false')
end
it_behaves_like example do
let(:redis_store_class) { Gitlab::Redis::SharedState }
end
end
end
spec/support/shared_examples/requests/api/graphql/mutations/snippets_shared_examples.rb
View file @ 229fd8af
......@@ -18,19 +18,20 @@ RSpec.shared_examples 'snippet edit usage data counters' do
end
end
RSpec.shared_examples_for 'sessionless user' do
context 'when user is not sessionless' do
before do
session_id = Rack::Session::SessionId.new('6919a6f1bb119dd7396fadc38fd18d0d')
session_hash = { 'warden.user.user.key' => [[current_user.id], current_user.encrypted_password[0, 29]] }
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:gitlab:#{session_id.private_id}", Marshal.dump(session_hash))
end
cookies[Gitlab::Application.config.session_options[:key]] = session_id.public_id
end
it 'tracks usage data actions', :clean_gitlab_redis_shared_state do
it 'tracks usage data actions' do
expect(::Gitlab::UsageDataCounters::EditorUniqueCounter).to receive(:track_snippet_editor_edit_action)
post_graphql_mutation(mutation)
......@@ -46,4 +47,7 @@ RSpec.shared_examples 'snippet edit usage data counters' do
end
end
end
end
it_behaves_like 'redis sessions store', 'sessionless user'
end
spec/tasks/gitlab/cleanup_rake_spec.rb
View file @ 229fd8af
......@@ -3,6 +3,7 @@
require 'rake_helper'
RSpec.describe 'gitlab:cleanup rake tasks', :silence_stdout do
RSpec.shared_examples_for 'rake gitlab:cleanup' do
before do
Rake.application.rake_require 'tasks/gitlab/cleanup'
end
......@@ -166,14 +167,14 @@ RSpec.describe 'gitlab:cleanup rake tasks', :silence_stdout do
end
context 'sessions' do
describe 'gitlab:cleanup:sessions:active_sessions_lookup_keys', :clean_gitlab_redis_shared_state do
describe 'gitlab:cleanup:sessions:active_sessions_lookup_keys' do
subject(:rake_task) { run_rake_task('gitlab:cleanup:sessions:active_sessions_lookup_keys') }
let!(:user) { create(:user) }
let(:existing_session_id) { '5' }
before do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
redis.set("session:user:gitlab:#{user.id}:#{existing_session_id}",
Marshal.dump(true))
redis.sadd("session:lookup:user:gitlab:#{user.id}", (1..10).to_a)
......@@ -185,7 +186,7 @@ RSpec.describe 'gitlab:cleanup rake tasks', :silence_stdout do
end
it 'removes expired active session lookup keys' do
Gitlab::Redis::SharedState.with do |redis|
redis_store_class.with do |redis|
lookup_key = "session:lookup:user:gitlab:#{user.id}"
expect { subject }.to change { redis.scard(lookup_key) }.from(10).to(1)
expect(redis.smembers("session:lookup:user:gitlab:#{user.id}")).to(
......@@ -194,4 +195,7 @@ RSpec.describe 'gitlab:cleanup rake tasks', :silence_stdout do
end
end
end
end
it_behaves_like 'redis sessions store', 'rake gitlab:cleanup'
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7