Use public ip address from third party API

for whitelising when running against static environments Move fetching ip address in its own module Sign in as admin for setting up IP address and some refactoring

Use public ip address from third party API
for whitelising when running against static environments Move fetching ip address in its own module Sign in as admin for setting up IP address and some refactoring
3b76fb19 · Sanad Liaquat · 3832a8ad · 3b76fb19 · 3b76fb19 · 3b76fb19
Commit 3b76fb19 authored Dec 10, 2019 by Sanad Liaquat
7 changed files
--- a/qa/.gitignore
+++ b/qa/.gitignore
 tmp/
 .ruby-version
+.ruby-gemset
 urls.yml
--- a/qa/qa.rb
+++ b/qa/qa.rb
@@ -35,6 +35,7 @@ module QA
    autoload :Logger, 'qa/runtime/logger'
    autoload :GPG, 'qa/runtime/gpg'
    autoload :MailHog, 'qa/runtime/mail_hog'
+    autoload :IPAddress, 'qa/runtime/ip_address'
    module API
      autoload :Client, 'qa/runtime/api/client'

--- a/qa/qa/resource/api_fabricator.rb
+++ b/qa/qa/resource/api_fabricator.rb
@@ -88,7 +88,7 @@ module QA
        url = Runtime::API::Request.new(api_client, api_delete_path).url
        response = delete(url)
-        unless response.code == HTTP_STATUS_NO_CONTENT
+        unless [HTTP_STATUS_NO_CONTENT, HTTP_STATUS_ACCEPTED].include? response.code
          raise ResourceNotDeletedError, "Resource at #{url} could not be deleted (#{response.code}): `#{response}`."
        end

--- a/qa/qa/resource/group.rb
+++ b/qa/qa/resource/group.rb
@@ -70,6 +70,10 @@ module QA
        }
      end
+      def api_delete_path
+        "/groups/#{id}"
+      end
      def full_path
        sandbox.path + ' / ' + path
      end

--- a/qa/qa/runtime/ip_address.rb
+++ b/qa/qa/runtime/ip_address.rb
+# frozen_string_literal: true
+require 'socket'
+module QA
+  module Runtime
+    module IPAddress
+      include Support::Api
+      HostUnreachableError = Class.new(StandardError)
+      LOOPBACK_ADDRESS = '127.0.0.1'
+      PUBLIC_IP_ADDRESS_API = "https://api.ipify.org"
+      def fetch_current_ip_address
+        # When running on CI against a live environment such as staging.gitlab.com,
+        # we use the public facing IP address
+        ip_address = if Env.running_in_ci? && !URI.parse(Scenario.gitlab_address).host.include?('test')
+                       response = get(PUBLIC_IP_ADDRESS_API)
+                       raise HostUnreachableError, "#{PUBLIC_IP_ADDRESS_API} is unreachable" unless response.code == Support::Api::HTTP_STATUS_OK
+                       response.body
+                     elsif page.current_host.include?('localhost')
+                       LOOPBACK_ADDRESS
+                     else
+                       Socket.ip_address_list.detect { |intf| intf.ipv4_private? }.ip_address
+                     end
+        QA::Runtime::Logger.info "Current IP address: #{ip_address}"
+        ip_address
+      end
+    end
+  end
+end
--- a/qa/qa/specs/features/ee/browser_ui/1_manage/group/restrict_by_ip_address_spec.rb
+++ b/qa/qa/specs/features/ee/browser_ui/1_manage/group/restrict_by_ip_address_spec.rb
 # frozen_string_literal: true
 require 'securerandom'
-require 'socket'
 module QA
-  # https://gitlab.com/gitlab-org/gitlab/issues/34351
+  context 'Manage' do
-  context 'Manage', :quarantine do
+    describe 'Group access', :requires_admin do
-    describe 'Group access' do
+      include Runtime::IPAddress
-      LOOPBACK_ADDRESS = '127.0.0.1'
      before(:all) do
        @sandbox_group = Resource::Sandbox.fabricate! do |sandbox_group|
@@ -21,31 +19,23 @@ module QA
        end
      end
-      before do
+      after(:all) do
-        Page::Main::Menu.perform do |menu|
+        @group.remove_via_api!
-          menu.sign_out if menu.has_personal_area?(wait: 0)
-        end
-        Flow::Login.sign_in
      end
      context 'when restricted by another ip address' do
        it 'denies access' do
-          @group.sandbox.visit!
+          Flow::Login.while_signed_in_as_admin do
+            @group.sandbox.visit!
-          Page::Group::Menu.perform(&:click_group_general_settings_item)
-          Page::Group::Settings::General.perform do |settings|
+            Page::Group::Menu.perform(&:click_group_general_settings_item)
-            settings.set_ip_address_restriction(get_next_ip_address)
-          end
-          Page::Main::Menu.perform do |menu|
+            Page::Group::Settings::General.perform do |settings|
-            menu.sign_out if menu.has_personal_area?(wait: 0)
+              settings.set_ip_address_restriction(get_next_ip_address(fetch_current_ip_address))
+            end
          end
-          Page::Main::Login.perform do |menu|
+          Flow::Login.sign_in(as: @user)
-            menu.sign_in_using_credentials(user: @user)
-          end
          @group.sandbox.visit!
          expect(page).to have_text('Page Not Found')
@@ -59,21 +49,17 @@ module QA
      context 'when restricted by user\'s ip address' do
        it 'allows access' do
-          @group.sandbox.visit!
+          Flow::Login.while_signed_in_as_admin do
+            @group.sandbox.visit!
-          Page::Group::Menu.perform(&:click_group_general_settings_item)
+            Page::Group::Menu.perform(&:click_group_general_settings_item)
-          Page::Group::Settings::General.perform do |settings|
+            Page::Group::Settings::General.perform do |settings|
-            settings.set_ip_address_restriction(get_current_ip_address)
+              settings.set_ip_address_restriction(fetch_current_ip_address)
+            end
          end
-          Page::Main::Menu.perform do |menu|
+          Flow::Login.sign_in(as: @user)
-            menu.sign_out if menu.has_personal_area?(wait: 0)
-          end
-          Page::Main::Login.perform do |menu|
-            menu.sign_in_using_credentials(user: @user)
-          end
          @group.sandbox.visit!
          expect(page).to have_text(@group.sandbox.path)
@@ -83,22 +69,12 @@ module QA
        end
      end
-      def get_current_ip_address
+      def get_next_ip_address(current_ip_address)
-        return LOOPBACK_ADDRESS if page.current_host.include?('localhost')
+        current_last_part = current_ip_address.split(".").pop.to_i
-        Socket.ip_address_list.detect { |intf| intf.ipv4_private? }.ip_address
-      end
-      def get_next_ip_address
-        current_ip = get_current_ip_address
-        QA::Runtime::Logger.info "User's ip address: #{current_ip}"
-        current_last_part = current_ip.split(".").pop.to_i
        updated_last_part = current_last_part < 255 ? current_last_part + 1 : 1
-        current_ip.split(".")[0...-1].push(updated_last_part).join(".")
+        current_ip_address.split(".")[0...-1].push(updated_last_part).join(".")
      end
    end
  end

--- a/qa/qa/support/api.rb
+++ b/qa/qa/support/api.rb
@@ -6,6 +6,7 @@ module QA
      HTTP_STATUS_OK = 200
      HTTP_STATUS_CREATED = 201
      HTTP_STATUS_NO_CONTENT = 204
+      HTTP_STATUS_ACCEPTED = 202
      def post(url, payload)
        RestClient::Request.execute(