Commit 5c0431b1 authored by David Fernandez's avatar David Fernandez

Merge branch 'debian_tidy_specs' into 'master'

Tidy up Debian repository specs

See merge request gitlab-org/gitlab!60568
parents 1d0d175c c467392a
......@@ -5,35 +5,35 @@ RSpec.describe API::DebianGroupPackages do
include HttpBasicAuthHelpers
include WorkhorseHelpers
include_context 'Debian repository shared context', :group do
include_context 'Debian repository shared context', :group, false do
describe 'GET groups/:id/-/packages/debian/dists/*distribution/Release.gpg' do
let(:url) { "/groups/#{group.id}/-/packages/debian/dists/#{distribution}/Release.gpg" }
let(:url) { "/groups/#{container.id}/-/packages/debian/dists/#{distribution}/Release.gpg" }
it_behaves_like 'Debian group repository GET endpoint', :not_found, nil
it_behaves_like 'Debian repository read endpoint', 'GET request', :not_found
end
describe 'GET groups/:id/-/packages/debian/dists/*distribution/Release' do
let(:url) { "/groups/#{group.id}/-/packages/debian/dists/#{distribution}/Release" }
let(:url) { "/groups/#{container.id}/-/packages/debian/dists/#{distribution}/Release" }
it_behaves_like 'Debian group repository GET endpoint', :success, 'TODO Release'
it_behaves_like 'Debian repository read endpoint', 'GET request', :success, 'TODO Release'
end
describe 'GET groups/:id/-/packages/debian/dists/*distribution/InRelease' do
let(:url) { "/groups/#{group.id}/-/packages/debian/dists/#{distribution}/InRelease" }
let(:url) { "/groups/#{container.id}/-/packages/debian/dists/#{distribution}/InRelease" }
it_behaves_like 'Debian group repository GET endpoint', :not_found, nil
it_behaves_like 'Debian repository read endpoint', 'GET request', :not_found
end
describe 'GET groups/:id/-/packages/debian/dists/*distribution/:component/binary-:architecture/Packages' do
let(:url) { "/groups/#{group.id}/-/packages/debian/dists/#{distribution}/#{component}/binary-#{architecture}/Packages" }
let(:url) { "/groups/#{container.id}/-/packages/debian/dists/#{distribution}/#{component}/binary-#{architecture}/Packages" }
it_behaves_like 'Debian group repository GET endpoint', :success, 'TODO Packages'
it_behaves_like 'Debian repository read endpoint', 'GET request', :success, 'TODO Packages'
end
describe 'GET groups/:id/-/packages/debian/pool/:component/:letter/:source_package/:file_name' do
let(:url) { "/groups/#{group.id}/-/packages/debian/pool/#{component}/#{letter}/#{source_package}/#{package_name}_#{package_version}_#{architecture}.deb" }
let(:url) { "/groups/#{container.id}/-/packages/debian/pool/#{component}/#{letter}/#{source_package}/#{package_name}_#{package_version}_#{architecture}.deb" }
it_behaves_like 'Debian group repository GET endpoint', :success, 'TODO File'
it_behaves_like 'Debian repository read endpoint', 'GET request', :success, 'TODO File'
end
end
end
......@@ -5,49 +5,49 @@ RSpec.describe API::DebianProjectPackages do
include HttpBasicAuthHelpers
include WorkhorseHelpers
include_context 'Debian repository shared context', :project do
include_context 'Debian repository shared context', :project, true do
describe 'GET projects/:id/packages/debian/dists/*distribution/Release.gpg' do
let(:url) { "/projects/#{project.id}/packages/debian/dists/#{distribution}/Release.gpg" }
let(:url) { "/projects/#{container.id}/packages/debian/dists/#{distribution}/Release.gpg" }
it_behaves_like 'Debian project repository GET endpoint', :not_found, nil
it_behaves_like 'Debian repository read endpoint', 'GET request', :not_found
end
describe 'GET projects/:id/packages/debian/dists/*distribution/Release' do
let(:url) { "/projects/#{project.id}/packages/debian/dists/#{distribution}/Release" }
let(:url) { "/projects/#{container.id}/packages/debian/dists/#{distribution}/Release" }
it_behaves_like 'Debian project repository GET endpoint', :success, 'TODO Release'
it_behaves_like 'Debian repository read endpoint', 'GET request', :success, 'TODO Release'
end
describe 'GET projects/:id/packages/debian/dists/*distribution/InRelease' do
let(:url) { "/projects/#{project.id}/packages/debian/dists/#{distribution}/InRelease" }
let(:url) { "/projects/#{container.id}/packages/debian/dists/#{distribution}/InRelease" }
it_behaves_like 'Debian project repository GET endpoint', :not_found, nil
it_behaves_like 'Debian repository read endpoint', 'GET request', :not_found
end
describe 'GET projects/:id/packages/debian/dists/*distribution/:component/binary-:architecture/Packages' do
let(:url) { "/projects/#{project.id}/packages/debian/dists/#{distribution}/#{component}/binary-#{architecture}/Packages" }
let(:url) { "/projects/#{container.id}/packages/debian/dists/#{distribution}/#{component}/binary-#{architecture}/Packages" }
it_behaves_like 'Debian project repository GET endpoint', :success, 'TODO Packages'
it_behaves_like 'Debian repository read endpoint', 'GET request', :success, 'TODO Packages'
end
describe 'GET projects/:id/packages/debian/pool/:component/:letter/:source_package/:file_name' do
let(:url) { "/projects/#{project.id}/packages/debian/pool/#{component}/#{letter}/#{source_package}/#{package_name}_#{package_version}_#{architecture}.deb" }
let(:url) { "/projects/#{container.id}/packages/debian/pool/#{component}/#{letter}/#{source_package}/#{package_name}_#{package_version}_#{architecture}.deb" }
it_behaves_like 'Debian project repository GET endpoint', :success, 'TODO File'
it_behaves_like 'Debian repository read endpoint', 'GET request', :success, 'TODO File'
end
describe 'PUT projects/:id/packages/debian/:file_name' do
let(:method) { :put }
let(:url) { "/projects/#{project.id}/packages/debian/#{file_name}" }
let(:url) { "/projects/#{container.id}/packages/debian/#{file_name}" }
it_behaves_like 'Debian project repository PUT endpoint', :created, nil
it_behaves_like 'Debian repository write endpoint', 'upload request', :created
end
describe 'PUT projects/:id/packages/debian/:file_name/authorize' do
let(:method) { :put }
let(:url) { "/projects/#{project.id}/packages/debian/#{file_name}/authorize" }
let(:url) { "/projects/#{container.id}/packages/debian/#{file_name}/authorize" }
it_behaves_like 'Debian project repository PUT endpoint', :created, nil, is_authorize: true
it_behaves_like 'Debian repository write endpoint', 'upload authorize request', :created
end
end
end
# frozen_string_literal: true
RSpec.shared_context 'Debian repository shared context' do |object_type|
RSpec.shared_context 'Debian repository shared context' do |container_type, can_freeze|
include_context 'workhorse headers'
before do
stub_feature_flags(debian_packages: true)
end
if object_type == :project
let(:project) { create(:project, :public) }
elsif object_type == :group
let(:group) { create(:group, :public) }
end
let(:user) { create(:user) }
let(:personal_access_token) { create(:personal_access_token, user: user) }
let_it_be(:private_container, freeze: can_freeze) { create(container_type, :private) }
let_it_be(:public_container, freeze: can_freeze) { create(container_type, :public) }
let_it_be(:user, freeze: true) { create(:user) }
let_it_be(:personal_access_token, freeze: true) { create(:personal_access_token, user: user) }
let(:distribution) { 'bullseye' }
let(:component) { 'main' }
......@@ -36,7 +32,7 @@ RSpec.shared_context 'Debian repository shared context' do |object_type|
end
end
let(:params) { workhorse_params }
let(:api_params) { workhorse_params }
let(:auth_headers) { {} }
let(:wh_headers) do
......@@ -57,12 +53,12 @@ RSpec.shared_context 'Debian repository shared context' do |object_type|
api(url),
method: method,
file_key: :file,
params: params,
params: api_params,
headers: headers,
send_rewritten_field: send_rewritten_field
)
else
send method, api(url), headers: headers, params: params
send method, api(url), headers: headers, params: api_params
end
end
end
......@@ -81,289 +77,190 @@ RSpec.shared_context 'Debian repository auth headers' do |user_role, user_token,
end
end
RSpec.shared_context 'Debian repository project access' do |project_visibility_level, user_role, user_token, auth_method|
RSpec.shared_context 'Debian repository access' do |visibility_level, user_role, add_member, user_token, auth_method|
include_context 'Debian repository auth headers', user_role, user_token, auth_method do
let(:containers) { { private: private_container, public: public_container } }
let(:container) { containers[visibility_level] }
before do
project.update_column(:visibility_level, Gitlab::VisibilityLevel.const_get(project_visibility_level, false))
container.send("add_#{user_role}", user) if add_member && user_role != :anonymous
end
end
end
RSpec.shared_examples 'Debian project repository GET request' do |user_role, add_member, status, body|
context "for user type #{user_role}" do
before do
project.send("add_#{user_role}", user) if add_member && user_role != :anonymous
end
RSpec.shared_examples 'Debian repository GET request' do |status, body = nil|
and_body = body.nil? ? '' : ' and expected body'
and_body = body.nil? ? '' : ' and expected body'
it "returns #{status}#{and_body}" do
subject
it "returns #{status}#{and_body}" do
subject
expect(response).to have_gitlab_http_status(status)
expect(response).to have_gitlab_http_status(status)
unless body.nil?
expect(response.body).to eq(body)
end
unless body.nil?
expect(response.body).to eq(body)
end
end
end
RSpec.shared_examples 'Debian project repository PUT request' do |user_role, add_member, status, body|
context "for user type #{user_role}" do
before do
project.send("add_#{user_role}", user) if add_member && user_role != :anonymous
end
RSpec.shared_examples 'Debian repository upload request' do |status, body = nil|
and_body = body.nil? ? '' : ' and expected body'
and_body = body.nil? ? '' : ' and expected body'
if status == :created
it 'creates package files', :aggregate_failures do
pending "Debian package creation not implemented"
if status == :created
it 'creates package files', :aggregate_failures do
pending "Debian package creation not implemented"
expect { subject }
.to change { project.packages.debian.count }.by(1)
expect { subject }
.to change { container.packages.debian.count }.by(1)
expect(response).to have_gitlab_http_status(status)
expect(response.media_type).to eq('text/plain')
expect(response).to have_gitlab_http_status(status)
expect(response.media_type).to eq('text/plain')
unless body.nil?
expect(response.body).to eq(body)
end
unless body.nil?
expect(response.body).to eq(body)
end
it_behaves_like 'a package tracking event', described_class.name, 'push_package'
else
it "returns #{status}#{and_body}", :aggregate_failures do
subject
end
it_behaves_like 'a package tracking event', described_class.name, 'push_package'
else
it "returns #{status}#{and_body}", :aggregate_failures do
subject
expect(response).to have_gitlab_http_status(status)
expect(response).to have_gitlab_http_status(status)
unless body.nil?
expect(response.body).to eq(body)
end
unless body.nil?
expect(response.body).to eq(body)
end
end
end
end
RSpec.shared_examples 'Debian project repository PUT authorize request' do |user_role, add_member, status, body, is_authorize|
context "for user type #{user_role}" do
before do
project.send("add_#{user_role}", user) if add_member && user_role != :anonymous
end
and_body = body.nil? ? '' : ' and expected body'
RSpec.shared_examples 'Debian repository upload authorize request' do |status, body = nil|
and_body = body.nil? ? '' : ' and expected body'
if status == :created
it 'authorizes package file upload', :aggregate_failures do
subject
if status == :created
it 'authorizes package file upload', :aggregate_failures do
subject
expect(response).to have_gitlab_http_status(:ok)
expect(response.media_type).to eq(Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE)
expect(json_response['TempPath']).to eq(Packages::PackageFileUploader.workhorse_local_upload_path)
expect(json_response['RemoteObject']).to be_nil
expect(json_response['MaximumSize']).to be_nil
end
expect(response).to have_gitlab_http_status(:ok)
expect(response.media_type).to eq(Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE)
expect(json_response['TempPath']).to eq(Packages::PackageFileUploader.workhorse_local_upload_path)
expect(json_response['RemoteObject']).to be_nil
expect(json_response['MaximumSize']).to be_nil
end
context 'without a valid token' do
let(:workhorse_token) { 'invalid' }
context 'without a valid token' do
let(:workhorse_token) { 'invalid' }
it 'rejects request' do
subject
it 'rejects request' do
subject
expect(response).to have_gitlab_http_status(:forbidden)
end
expect(response).to have_gitlab_http_status(:forbidden)
end
end
context 'bypassing gitlab-workhorse' do
let(:workhorse_headers) { {} }
context 'bypassing gitlab-workhorse' do
let(:workhorse_headers) { {} }
it 'rejects request' do
subject
it 'rejects request' do
subject
expect(response).to have_gitlab_http_status(:forbidden)
end
expect(response).to have_gitlab_http_status(:forbidden)
end
else
it "returns #{status}#{and_body}", :aggregate_failures do
subject
end
else
it "returns #{status}#{and_body}", :aggregate_failures do
subject
expect(response).to have_gitlab_http_status(status)
expect(response).to have_gitlab_http_status(status)
unless body.nil?
expect(response.body).to eq(body)
end
unless body.nil?
expect(response.body).to eq(body)
end
end
end
end
RSpec.shared_examples 'rejects Debian access with unknown project id' do
context 'with an unknown project' do
let(:project) { double(id: non_existing_record_id) }
RSpec.shared_examples 'rejects Debian access with unknown container id' do
context 'with an unknown container' do
let(:container) { double(id: non_existing_record_id) }
context 'as anonymous' do
it_behaves_like 'Debian project repository GET request', :anonymous, true, :unauthorized, nil
it_behaves_like 'Debian repository GET request', :unauthorized, nil
end
context 'as authenticated user' do
subject { get api(url), headers: basic_auth_header(user.username, personal_access_token.token) }
it_behaves_like 'Debian project repository GET request', :anonymous, true, :not_found, nil
it_behaves_like 'Debian repository GET request', :not_found, nil
end
end
end
RSpec.shared_examples 'Debian project repository GET endpoint' do |success_status, success_body|
context 'with valid project' do
RSpec.shared_examples 'Debian repository read endpoint' do |desired_behavior, success_status, success_body|
context 'with valid container' do
using RSpec::Parameterized::TableSyntax
where(:project_visibility_level, :user_role, :member, :user_token, :expected_status, :expected_body) do
'PUBLIC' | :developer | true | true | success_status | success_body
'PUBLIC' | :guest | true | true | success_status | success_body
'PUBLIC' | :developer | true | false | success_status | success_body
'PUBLIC' | :guest | true | false | success_status | success_body
'PUBLIC' | :developer | false | true | success_status | success_body
'PUBLIC' | :guest | false | true | success_status | success_body
'PUBLIC' | :developer | false | false | success_status | success_body
'PUBLIC' | :guest | false | false | success_status | success_body
'PUBLIC' | :anonymous | false | true | success_status | success_body
'PRIVATE' | :developer | true | true | success_status | success_body
'PRIVATE' | :guest | true | true | :forbidden | nil
'PRIVATE' | :developer | true | false | :unauthorized | nil
'PRIVATE' | :guest | true | false | :unauthorized | nil
'PRIVATE' | :developer | false | true | :not_found | nil
'PRIVATE' | :guest | false | true | :not_found | nil
'PRIVATE' | :developer | false | false | :unauthorized | nil
'PRIVATE' | :guest | false | false | :unauthorized | nil
'PRIVATE' | :anonymous | false | true | :unauthorized | nil
where(:visibility_level, :user_role, :member, :user_token, :expected_status, :expected_body) do
:public | :developer | true | true | success_status | success_body
:public | :guest | true | true | success_status | success_body
:public | :developer | true | false | success_status | success_body
:public | :guest | true | false | success_status | success_body
:public | :developer | false | true | success_status | success_body
:public | :guest | false | true | success_status | success_body
:public | :developer | false | false | success_status | success_body
:public | :guest | false | false | success_status | success_body
:public | :anonymous | false | true | success_status | success_body
:private | :developer | true | true | success_status | success_body
:private | :guest | true | true | :forbidden | nil
:private | :developer | true | false | :unauthorized | nil
:private | :guest | true | false | :unauthorized | nil
:private | :developer | false | true | :not_found | nil
:private | :guest | false | true | :not_found | nil
:private | :developer | false | false | :unauthorized | nil
:private | :guest | false | false | :unauthorized | nil
:private | :anonymous | false | true | :unauthorized | nil
end
with_them do
include_context 'Debian repository project access', params[:project_visibility_level], params[:user_role], params[:user_token], :basic do
it_behaves_like 'Debian project repository GET request', params[:user_role], params[:member], params[:expected_status], params[:expected_body]
include_context 'Debian repository access', params[:visibility_level], params[:user_role], params[:member], params[:user_token], :basic do
it_behaves_like "Debian repository #{desired_behavior}", params[:expected_status], params[:expected_body]
end
end
end
it_behaves_like 'rejects Debian access with unknown project id'
end
RSpec.shared_examples 'Debian project repository PUT endpoint' do |success_status, success_body, is_authorize = false|
context 'with valid project' do
using RSpec::Parameterized::TableSyntax
where(:project_visibility_level, :user_role, :member, :user_token, :expected_status, :expected_body) do
'PUBLIC' | :developer | true | true | success_status | nil
'PUBLIC' | :guest | true | true | :forbidden | nil
'PUBLIC' | :developer | true | false | :unauthorized | nil
'PUBLIC' | :guest | true | false | :unauthorized | nil
'PUBLIC' | :developer | false | true | :forbidden | nil
'PUBLIC' | :guest | false | true | :forbidden | nil
'PUBLIC' | :developer | false | false | :unauthorized | nil
'PUBLIC' | :guest | false | false | :unauthorized | nil
'PUBLIC' | :anonymous | false | true | :unauthorized | nil
'PRIVATE' | :developer | true | true | success_status | nil
'PRIVATE' | :guest | true | true | :forbidden | nil
'PRIVATE' | :developer | true | false | :unauthorized | nil
'PRIVATE' | :guest | true | false | :unauthorized | nil
'PRIVATE' | :developer | false | true | :not_found | nil
'PRIVATE' | :guest | false | true | :not_found | nil
'PRIVATE' | :developer | false | false | :unauthorized | nil
'PRIVATE' | :guest | false | false | :unauthorized | nil
'PRIVATE' | :anonymous | false | true | :unauthorized | nil
end
with_them do
include_context 'Debian repository project access', params[:project_visibility_level], params[:user_role], params[:user_token], :basic do
desired_behavior = if is_authorize
'Debian project repository PUT authorize request'
else
'Debian project repository PUT request'
end
it_behaves_like desired_behavior, params[:user_role], params[:member], params[:expected_status], params[:expected_body]
end
end
end
it_behaves_like 'rejects Debian access with unknown project id'
end
RSpec.shared_context 'Debian repository group access' do |group_visibility_level, user_role, user_token, auth_method|
include_context 'Debian repository auth headers', user_role, user_token, auth_method do
before do
group.update_column(:visibility_level, Gitlab::VisibilityLevel.const_get(group_visibility_level, false))
end
end
end
RSpec.shared_examples 'Debian group repository GET request' do |user_role, add_member, status, body|
context "for user type #{user_role}" do
before do
group.send("add_#{user_role}", user) if add_member && user_role != :anonymous
end
and_body = body.nil? ? '' : ' and expected body'
it "returns #{status}#{and_body}" do
subject
expect(response).to have_gitlab_http_status(status)
unless body.nil?
expect(response.body).to eq(body)
end
end
end
end
RSpec.shared_examples 'rejects Debian access with unknown group id' do
context 'with an unknown group' do
let(:group) { double(id: non_existing_record_id) }
context 'as anonymous' do
it_behaves_like 'Debian group repository GET request', :anonymous, true, :unauthorized, nil
end
context 'as authenticated user' do
subject { get api(url), headers: basic_auth_header(user.username, personal_access_token.token) }
it_behaves_like 'Debian group repository GET request', :anonymous, true, :not_found, nil
end
end
it_behaves_like 'rejects Debian access with unknown container id'
end
RSpec.shared_examples 'Debian group repository GET endpoint' do |success_status, success_body|
context 'with valid group' do
RSpec.shared_examples 'Debian repository write endpoint' do |desired_behavior, success_status, success_body|
context 'with valid container' do
using RSpec::Parameterized::TableSyntax
where(:group_visibility_level, :user_role, :member, :user_token, :expected_status, :expected_body) do
'PUBLIC' | :developer | true | true | success_status | success_body
'PUBLIC' | :guest | true | true | success_status | success_body
'PUBLIC' | :developer | true | false | success_status | success_body
'PUBLIC' | :guest | true | false | success_status | success_body
'PUBLIC' | :developer | false | true | success_status | success_body
'PUBLIC' | :guest | false | true | success_status | success_body
'PUBLIC' | :developer | false | false | success_status | success_body
'PUBLIC' | :guest | false | false | success_status | success_body
'PUBLIC' | :anonymous | false | true | success_status | success_body
'PRIVATE' | :developer | true | true | success_status | success_body
'PRIVATE' | :guest | true | true | :forbidden | nil
'PRIVATE' | :developer | true | false | :unauthorized | nil
'PRIVATE' | :guest | true | false | :unauthorized | nil
'PRIVATE' | :developer | false | true | :not_found | nil
'PRIVATE' | :guest | false | true | :not_found | nil
'PRIVATE' | :developer | false | false | :unauthorized | nil
'PRIVATE' | :guest | false | false | :unauthorized | nil
'PRIVATE' | :anonymous | false | true | :unauthorized | nil
where(:visibility_level, :user_role, :member, :user_token, :expected_status, :expected_body) do
:public | :developer | true | true | success_status | success_body
:public | :guest | true | true | :forbidden | nil
:public | :developer | true | false | :unauthorized | nil
:public | :guest | true | false | :unauthorized | nil
:public | :developer | false | true | :forbidden | nil
:public | :guest | false | true | :forbidden | nil
:public | :developer | false | false | :unauthorized | nil
:public | :guest | false | false | :unauthorized | nil
:public | :anonymous | false | true | :unauthorized | nil
:private | :developer | true | true | success_status | success_body
:private | :guest | true | true | :forbidden | nil
:private | :developer | true | false | :unauthorized | nil
:private | :guest | true | false | :unauthorized | nil
:private | :developer | false | true | :not_found | nil
:private | :guest | false | true | :not_found | nil
:private | :developer | false | false | :unauthorized | nil
:private | :guest | false | false | :unauthorized | nil
:private | :anonymous | false | true | :unauthorized | nil
end
with_them do
include_context 'Debian repository group access', params[:group_visibility_level], params[:user_role], params[:user_token], :basic do
it_behaves_like 'Debian group repository GET request', params[:user_role], params[:member], params[:expected_status], params[:expected_body]
include_context 'Debian repository access', params[:visibility_level], params[:user_role], params[:member], params[:user_token], :basic do
it_behaves_like "Debian repository #{desired_behavior}", params[:expected_status], params[:expected_body]
end
end
end
it_behaves_like 'rejects Debian access with unknown group id'
it_behaves_like 'rejects Debian access with unknown container id'
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment