Commit f4aaffde authored by Alessio Caiazza's avatar Alessio Caiazza

Merge branch 'pl-rubocop-have-gitlab-http-status-spec-requests-1' into 'master'

Add http status cop in top-level request specs

See merge request gitlab-org/gitlab!23736
parents 6c703998 eee8e5d5
......@@ -347,6 +347,8 @@ RSpec/HaveGitlabHttpStatus:
- 'ee/spec/features/**/*'
- 'spec/controllers/*.rb'
- 'ee/spec/controllers/*.rb'
- 'spec/requests/*.rb'
- 'ee/spec/requests/*.rb'
Style/MultilineWhenThen:
Enabled: false
......
......@@ -37,7 +37,7 @@ describe GroupsController, type: :request do
expect { subject }
.to(change { group.reload.ip_restrictions.map(&:range) }
.from([]).to(range.split(',')))
expect(response).to have_gitlab_http_status(302)
expect(response).to have_gitlab_http_status(:found)
end
end
......@@ -60,7 +60,7 @@ describe GroupsController, type: :request do
it 'adds error message' do
expect { subject }
.not_to(change { group.reload.ip_restrictions.count }.from(0))
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
expect(response.body).to include('Ip restrictions range is an invalid IP address range')
end
end
......@@ -77,7 +77,7 @@ describe GroupsController, type: :request do
expect { subject }
.to(change { group.reload.ip_restrictions.map(&:range) }
.from(['10.0.0.0/8']).to(range.split(',')))
expect(response).to have_gitlab_http_status(302)
expect(response).to have_gitlab_http_status(:found)
end
end
......@@ -113,7 +113,7 @@ describe GroupsController, type: :request do
it 'adds error message' do
subject
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
expect(response.body).to include('Ip restrictions range is an invalid IP address range')
end
end
......@@ -140,7 +140,7 @@ describe GroupsController, type: :request do
it 'deletes ip restriction' do
expect { subject }
.to(change { group.reload.ip_restrictions.count }.to(0))
expect(response).to have_gitlab_http_status(302)
expect(response).to have_gitlab_http_status(:found)
end
end
end
......@@ -152,7 +152,7 @@ describe GroupsController, type: :request do
it 'does not create ip restriction' do
expect { subject }
.not_to change { group.reload.ip_restrictions.count }.from(0)
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
expect(response.body).to include('Ip restrictions base IP subnet restriction only allowed for top-level groups')
end
end
......@@ -166,7 +166,7 @@ describe GroupsController, type: :request do
it 'updates group setting' do
expect { subject }
.to change { group.reload.two_factor_grace_period }.from(48).to(42)
expect(response).to have_gitlab_http_status(302)
expect(response).to have_gitlab_http_status(:found)
end
it 'does not create ip restriction' do
......@@ -182,7 +182,7 @@ describe GroupsController, type: :request do
it 'does not create ip restriction' do
expect { subject }
.not_to change { group.reload.ip_restrictions.count }.from(0)
expect(response).to have_gitlab_http_status(302)
expect(response).to have_gitlab_http_status(:found)
end
end
end
......
......@@ -28,7 +28,7 @@ describe JwtController do
it 'allows access' do
get '/jwt/auth', params: parameters, headers: headers
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
expect(token_response['access']).to be_present
expect(token_access['actions']).to eq ['pull']
expect(token_access['type']).to eq 'repository'
......
......@@ -55,7 +55,7 @@ describe 'Git LFS API and storage' do
end
it 'responds with status 406' do
expect(response).to have_gitlab_http_status(406)
expect(response).to have_gitlab_http_status(:not_acceptable)
expect(json_response['message']).to eql('Your push has been rejected, because this repository has exceeded its size limit of 99 MB by 1 MB. Please contact your GitLab administrator for more information.')
end
end
......@@ -68,7 +68,7 @@ describe 'Git LFS API and storage' do
end
it 'responds with status 406' do
expect(response).to have_gitlab_http_status(406)
expect(response).to have_gitlab_http_status(:not_acceptable)
expect(json_response['documentation_url']).to include('/help')
expect(json_response['message']).to eql('Your push has been rejected, because this repository has exceeded its size limit of 300 MB by 50 MB. Please contact your GitLab administrator for more information.')
end
......@@ -125,7 +125,7 @@ describe 'Git LFS API and storage' do
end
it 'responds with status 200' do
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
end
end
end
......
......@@ -20,7 +20,7 @@ describe 'Rack Attack global throttles' do
it 'allows requests over the rate limit' do
(1 + requests_per_period).times do
get "/#{project.full_path}.git/info/refs", params: { service: 'git-upload-pack' }, headers: { 'Authorization' => "#{::Gitlab::Geo::BaseRequest::GITLAB_GEO_AUTH_TOKEN_TYPE} token" }
expect(response).to have_http_status 401
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
end
......
......@@ -40,7 +40,7 @@ describe 'Rack Attack EE throttles' do
# At first, allow requests under the rate limit.
requests_per_period.times do
post(*post_args)
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
# the last straw
......@@ -50,7 +50,7 @@ describe 'Rack Attack EE throttles' do
it 'allows requests after throttling and then waiting for the next period' do
requests_per_period.times do
post(*post_args)
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
expect_rejection { post(*post_args) }
......@@ -58,7 +58,7 @@ describe 'Rack Attack EE throttles' do
Timecop.travel(period.from_now) do
requests_per_period.times do
post(*post_args)
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
expect_rejection { post(*post_args) }
......@@ -73,12 +73,12 @@ describe 'Rack Attack EE throttles' do
# At first, allow requests under the rate limit.
requests_per_period.times do
post(*post_args)
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
# requests still allowed
post(*post_args)
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
end
end
......
......@@ -72,7 +72,7 @@ describe SmartcardController, type: :request do
it 'renders 404' do
subject
expect(response).to have_gitlab_http_status(404)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
......@@ -140,7 +140,7 @@ describe SmartcardController, type: :request do
it 'renders 401' do
subject
expect(response).to have_gitlab_http_status(401)
expect(response).to have_gitlab_http_status(:unauthorized)
expect(request.env['warden']).not_to be_authenticated
end
end
......
......@@ -848,7 +848,7 @@ describe 'Git HTTP requests' do
end
it "redirects" do
expect(response).to have_gitlab_http_status(302)
expect(response).to have_gitlab_http_status(:found)
end
end
end
......@@ -890,7 +890,7 @@ describe 'Git HTTP requests' do
it "responds with status 200" do
clone_get(path, env) do |response|
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
end
end
......
......@@ -15,12 +15,12 @@ describe JwtController do
context 'existing service' do
subject! { get '/jwt/auth', params: parameters }
it { expect(response).to have_gitlab_http_status(200) }
it { expect(response).to have_gitlab_http_status(:ok) }
context 'returning custom http code' do
let(:service) { double(execute: { http_status: 505 }) }
it { expect(response).to have_gitlab_http_status(505) }
it { expect(response).to have_gitlab_http_status(:http_version_not_supported) }
end
end
......@@ -43,7 +43,7 @@ describe JwtController do
subject! { get '/jwt/auth', params: parameters, headers: headers }
it { expect(response).to have_gitlab_http_status(401) }
it { expect(response).to have_gitlab_http_status(:unauthorized) }
end
context 'using personal access tokens' do
......@@ -58,7 +58,7 @@ describe JwtController do
subject! { get '/jwt/auth', params: parameters, headers: headers }
it 'authenticates correctly' do
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
expect(service_class).to have_received(:new).with(nil, user, ActionController::Parameters.new(parameters).permit!)
end
end
......@@ -96,7 +96,7 @@ describe JwtController do
context 'without personal token' do
it 'rejects the authorization attempt' do
expect(response).to have_gitlab_http_status(401)
expect(response).to have_gitlab_http_status(:unauthorized)
expect(response.body).to include('You must use a personal access token with \'api\' scope for Git over HTTP')
end
end
......@@ -106,7 +106,7 @@ describe JwtController do
let(:headers) { { authorization: credentials(user.username, access_token.token) } }
it 'accepts the authorization attempt' do
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
end
end
end
......@@ -116,7 +116,7 @@ describe JwtController do
get '/jwt/auth', params: parameters, headers: headers
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
end
end
......@@ -127,7 +127,7 @@ describe JwtController do
it 'rejects the authorization attempt' do
get '/jwt/auth', params: parameters, headers: headers
expect(response).to have_gitlab_http_status(401)
expect(response).to have_gitlab_http_status(:unauthorized)
expect(response.body).not_to include('You must use a personal access token with \'api\' scope for Git over HTTP')
end
end
......@@ -139,7 +139,7 @@ describe JwtController do
end
get '/jwt/auth', params: parameters, headers: headers
expect(response).to have_gitlab_http_status(401)
expect(response).to have_gitlab_http_status(:unauthorized)
expect(response.body).to include('You must use a personal access token with \'api\' scope for Git over HTTP')
end
end
......@@ -150,7 +150,7 @@ describe JwtController do
it 'accepts the authorization attempt' do
get '/jwt/auth', params: parameters
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
end
it 'allows read access' do
......@@ -163,7 +163,7 @@ describe JwtController do
context 'unknown service' do
subject! { get '/jwt/auth', params: { service: 'unknown' } }
it { expect(response).to have_gitlab_http_status(404) }
it { expect(response).to have_gitlab_http_status(:not_found) }
end
def credentials(login, password)
......
......@@ -227,7 +227,7 @@ describe 'Git LFS API and storage' do
end
it 'responds with redirect' do
expect(response).to have_gitlab_http_status(302)
expect(response).to have_gitlab_http_status(:found)
end
it 'responds with the file location' do
......@@ -1011,7 +1011,7 @@ describe 'Git LFS API and storage' do
it 'responds with status 403' do
subject
expect(response).to have_gitlab_http_status(403)
expect(response).to have_gitlab_http_status(:forbidden)
end
end
end
......@@ -1027,7 +1027,7 @@ describe 'Git LFS API and storage' do
it 'responds with status 200' do
subject
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
object = LfsObject.find_by_oid(sample_oid)
expect(object).to be_present
......@@ -1070,7 +1070,7 @@ describe 'Git LFS API and storage' do
it 'rejects slashes in the tempfile name (path traversal)' do
put_finalize('../bar', with_tempfile: true)
expect(response).to have_gitlab_http_status(403)
expect(response).to have_gitlab_http_status(:forbidden)
end
end
end
......
......@@ -23,7 +23,7 @@ describe 'Git LFS File Locking API' do
it 'returns a forbidden 403 response' do
post_lfs_json url, body, headers
expect(response).to have_gitlab_http_status(403)
expect(response).to have_gitlab_http_status(:forbidden)
end
end
end
......@@ -51,7 +51,7 @@ describe 'Git LFS File Locking API' do
it 'return an error message' do
post_lfs_json url, body, headers
expect(response).to have_gitlab_http_status(409)
expect(response).to have_gitlab_http_status(:conflict)
expect(json_response.keys).to match_array(%w(lock message documentation_url))
expect(json_response['message']).to match(/already locked/)
......@@ -68,7 +68,7 @@ describe 'Git LFS File Locking API' do
it 'creates the lock' do
post_lfs_json url, body, headers
expect(response).to have_gitlab_http_status(201)
expect(response).to have_gitlab_http_status(:created)
expect(json_response['lock'].keys).to match_array(%w(id path locked_at owner))
end
......@@ -87,7 +87,7 @@ describe 'Git LFS File Locking API' do
do_get url, nil, headers
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['locks'].size).to eq(2)
expect(json_response['locks'].first.keys).to match_array(%w(id path locked_at owner))
......@@ -106,7 +106,7 @@ describe 'Git LFS File Locking API' do
post_lfs_json url, nil, headers
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['ours'].size).to eq(1)
expect(json_response['ours'].first['path']).to eq('README')
......@@ -126,7 +126,7 @@ describe 'Git LFS File Locking API' do
it 'deletes the lock' do
post_lfs_json url, nil, headers
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
end
it 'returns the deleted lock' do
......@@ -142,7 +142,7 @@ describe 'Git LFS File Locking API' do
project.add_maintainer(maintainer)
post_lfs_json url, { force: true }, headers
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
end
end
end
......
......@@ -75,7 +75,7 @@ describe 'OpenID Connect requests' do
it 'userinfo response is unauthorized' do
request_user_info!
expect(response).to have_gitlab_http_status 403
expect(response).to have_gitlab_http_status(:forbidden)
expect(response.body).to be_blank
end
end
......@@ -177,7 +177,7 @@ describe 'OpenID Connect requests' do
it 'correctly returns the configuration' do
get '/.well-known/openid-configuration'
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['issuer']).to eq('http://localhost')
expect(json_response['jwks_uri']).to eq('http://www.example.com/oauth/discovery/keys')
expect(json_response['scopes_supported']).to eq(%w[api read_user read_repository write_repository sudo openid profile email])
......
......@@ -53,7 +53,7 @@ describe 'Rack Attack global throttles' do
# At first, allow requests under the rate limit.
requests_per_period.times do
get url_that_does_not_require_authentication
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
# the last straw
......@@ -63,7 +63,7 @@ describe 'Rack Attack global throttles' do
it 'allows requests after throttling and then waiting for the next period' do
requests_per_period.times do
get url_that_does_not_require_authentication
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
expect_rejection { get url_that_does_not_require_authentication }
......@@ -71,7 +71,7 @@ describe 'Rack Attack global throttles' do
Timecop.travel(period.from_now) do
requests_per_period.times do
get url_that_does_not_require_authentication
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
expect_rejection { get url_that_does_not_require_authentication }
......@@ -81,7 +81,7 @@ describe 'Rack Attack global throttles' do
it 'counts requests from different IPs separately' do
requests_per_period.times do
get url_that_does_not_require_authentication
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
expect_next_instance_of(Rack::Attack::Request) do |instance|
......@@ -90,14 +90,14 @@ describe 'Rack Attack global throttles' do
# would be over limit for the same IP
get url_that_does_not_require_authentication
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
context 'when the request is to the api internal endpoints' do
it 'allows requests over the rate limit' do
(1 + requests_per_period).times do
get url_api_internal, params: { secret_token: Gitlab::Shell.secret_token }
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
end
end
......@@ -109,7 +109,7 @@ describe 'Rack Attack global throttles' do
it 'does not cont as unauthenticated' do
(1 + requests_per_period).times do
post request_jobs_url, params: { token: runner.token }
expect(response).to have_http_status 204
expect(response).to have_gitlab_http_status(:no_content)
end
end
end
......@@ -117,7 +117,7 @@ describe 'Rack Attack global throttles' do
it 'logs RackAttack info into structured logs' do
requests_per_period.times do
get url_that_does_not_require_authentication
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
arguments = {
......@@ -143,7 +143,7 @@ describe 'Rack Attack global throttles' do
it 'allows requests over the rate limit' do
(1 + requests_per_period).times do
get url_that_does_not_require_authentication
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
end
end
......@@ -243,7 +243,7 @@ describe 'Rack Attack global throttles' do
it 'allows requests over the rate limit' do
(1 + requests_per_period).times do
post protected_path_that_does_not_require_authentication, params: post_params
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
end
end
......@@ -257,7 +257,7 @@ describe 'Rack Attack global throttles' do
it 'rejects requests over the rate limit' do
requests_per_period.times do
post protected_path_that_does_not_require_authentication, params: post_params
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
expect_rejection { post protected_path_that_does_not_require_authentication, params: post_params }
......@@ -272,7 +272,7 @@ describe 'Rack Attack global throttles' do
it 'allows requests over the rate limit' do
(1 + requests_per_period).times do
post protected_path_that_does_not_require_authentication, params: post_params
expect(response).to have_http_status 200
expect(response).to have_gitlab_http_status(:ok)
end
end
end
......@@ -329,7 +329,7 @@ describe 'Rack Attack global throttles' do
it 'allows requests over the rate limit' do
(1 + requests_per_period).times do
post(*request_args)
expect(response).not_to have_http_status 429
expect(response).not_to have_gitlab_http_status(:too_many_requests)
end
end
end
......@@ -369,7 +369,7 @@ describe 'Rack Attack global throttles' do
it 'allows requests over the rate limit' do
(1 + requests_per_period).times do
post url_that_requires_authentication
expect(response).not_to have_http_status 429
expect(response).not_to have_gitlab_http_status(:too_many_requests)
end
end
end
......
......@@ -19,7 +19,7 @@ describe 'Loading a user avatar' do
it 'only performs three SQL queries' do
get user.avatar_url # Skip queries on first application load
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
expect { get user.avatar_url }.not_to exceed_query_limit(3)
end
end
......@@ -29,7 +29,7 @@ describe 'Loading a user avatar' do
it 'only performs two SQL queries' do
get user.avatar_url # Skip queries on first application load
expect(response).to have_gitlab_http_status(200)
expect(response).to have_gitlab_http_status(:ok)
expect { get user.avatar_url }.not_to exceed_query_limit(2)
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment