debian-mirror-gitlab/spec/models/concerns/safe_url_spec.rb

57 lines
1.2 KiB
Ruby
Raw Permalink Normal View History

2020-01-01 13:55:28 +05:30
# frozen_string_literal: true
require 'spec_helper'
2020-07-28 23:09:34 +05:30
RSpec.describe SafeUrl do
2020-01-01 13:55:28 +05:30
describe '#safe_url' do
2020-03-13 15:44:24 +05:30
let(:safe_url_test_class) do
Class.new do
include SafeUrl
2020-01-01 13:55:28 +05:30
2020-03-13 15:44:24 +05:30
attr_reader :url
2020-01-01 13:55:28 +05:30
2020-03-13 15:44:24 +05:30
def initialize(url)
@url = url
end
2020-01-01 13:55:28 +05:30
end
end
2020-03-13 15:44:24 +05:30
let(:test_class) { safe_url_test_class.new(url) }
2020-01-01 13:55:28 +05:30
let(:url) { 'http://example.com' }
subject { test_class.safe_url }
it { is_expected.to eq(url) }
context 'when URL contains credentials' do
let(:url) { 'http://foo:bar@example.com' }
2021-04-29 21:17:54 +05:30
it 'masks username and password' do
is_expected.to eq('http://*****:*****@example.com')
end
2020-01-01 13:55:28 +05:30
2021-04-29 21:17:54 +05:30
context 'when username is allowed' do
subject { test_class.safe_url(allowed_usernames: usernames) }
2020-01-01 13:55:28 +05:30
2021-04-29 21:17:54 +05:30
let(:usernames) { %w[foo] }
2020-01-01 13:55:28 +05:30
2021-04-29 21:17:54 +05:30
it 'masks the password, but not the username' do
2020-01-01 13:55:28 +05:30
is_expected.to eq('http://foo:*****@example.com')
end
end
end
context 'when URL is empty' do
let(:url) { nil }
it { is_expected.to be_nil }
end
context 'when URI raises an error' do
let(:url) { 123 }
it { is_expected.to be_nil }
end
end
end