debian-mirror-gitlab/spec/services/projects/update_service_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

961 lines
35 KiB
Ruby
Raw Permalink Normal View History

2019-07-31 22:56:46 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
require 'spec_helper'
2023-05-27 22:25:52 +05:30
RSpec.describe Projects::UpdateService, feature_category: :projects do
2019-07-07 11:18:12 +05:30
include ExternalAuthorizationServiceHelpers
2018-03-17 18:26:18 +05:30
include ProjectForksHelper
2014-09-02 18:07:02 +05:30
2018-03-17 18:26:18 +05:30
let(:user) { create(:user) }
2017-09-10 17:25:29 +05:30
let(:project) do
create(:project, creator: user, namespace: user.namespace)
end
2022-11-25 23:54:43 +05:30
shared_examples 'publishing Projects::ProjectAttributesChangedEvent' do |params:, attributes:|
it "publishes Projects::ProjectAttributesChangedEvent" do
expect { update_project(project, user, params) }
.to publish_event(Projects::ProjectAttributesChangedEvent)
.with(
project_id: project.id,
namespace_id: project.namespace_id,
root_namespace_id: project.root_namespace.id,
attributes: attributes
)
end
end
2018-03-17 18:26:18 +05:30
describe '#execute' do
let(:admin) { create(:admin) }
2014-09-02 18:07:02 +05:30
2018-03-17 18:26:18 +05:30
context 'when changing visibility level' do
2022-11-25 23:54:43 +05:30
it_behaves_like 'publishing Projects::ProjectAttributesChangedEvent',
params: { visibility_level: Gitlab::VisibilityLevel::INTERNAL },
attributes: %w[updated_at visibility_level]
2020-01-01 13:55:28 +05:30
context 'when visibility_level changes to INTERNAL' do
2017-08-17 22:00:37 +05:30
it 'updates the project to internal' do
2018-11-18 11:00:15 +05:30
expect(TodosDestroyer::ProjectPrivateWorker).not_to receive(:perform_in)
2017-08-17 22:00:37 +05:30
result = update_project(project, user, visibility_level: Gitlab::VisibilityLevel::INTERNAL)
2018-03-17 18:26:18 +05:30
2017-08-17 22:00:37 +05:30
expect(result).to eq({ status: :success })
expect(project).to be_internal
2014-09-02 18:07:02 +05:30
end
end
2020-01-01 13:55:28 +05:30
context 'when visibility_level changes to PUBLIC' do
2018-03-17 18:26:18 +05:30
it 'updates the project to public' do
2018-11-18 11:00:15 +05:30
expect(TodosDestroyer::ProjectPrivateWorker).not_to receive(:perform_in)
2017-08-17 22:00:37 +05:30
result = update_project(project, user, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
2018-11-18 11:00:15 +05:30
2018-03-17 18:26:18 +05:30
expect(result).to eq({ status: :success })
expect(project).to be_public
end
2020-01-01 13:55:28 +05:30
context 'and project is PRIVATE' do
it 'does not unlink project from fork network' do
expect(Projects::UnlinkForkService).not_to receive(:new)
update_project(project, user, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end
end
2018-03-17 18:26:18 +05:30
end
2014-09-02 18:07:02 +05:30
2020-01-01 13:55:28 +05:30
context 'when visibility_level changes to PRIVATE' do
2018-11-18 11:00:15 +05:30
before do
project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end
it 'updates the project to private' do
2019-01-03 12:48:30 +05:30
expect(TodosDestroyer::ProjectPrivateWorker).to receive(:perform_in).with(Todo::WAIT_FOR_DELETE, project.id)
2019-09-04 21:01:54 +05:30
expect(TodosDestroyer::ConfidentialIssueWorker).to receive(:perform_in).with(Todo::WAIT_FOR_DELETE, nil, project.id)
2018-11-18 11:00:15 +05:30
result = update_project(project, user, visibility_level: Gitlab::VisibilityLevel::PRIVATE)
expect(result).to eq({ status: :success })
expect(project).to be_private
end
end
2018-03-17 18:26:18 +05:30
context 'when visibility levels are restricted to PUBLIC only' do
before do
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
2014-09-02 18:07:02 +05:30
end
2018-03-17 18:26:18 +05:30
context 'when visibility_level is INTERNAL' do
it 'updates the project to internal' do
result = update_project(project, user, visibility_level: Gitlab::VisibilityLevel::INTERNAL)
2018-11-18 11:00:15 +05:30
2017-08-17 22:00:37 +05:30
expect(result).to eq({ status: :success })
2018-03-17 18:26:18 +05:30
expect(project).to be_internal
end
end
context 'when visibility_level is PUBLIC' do
it 'does not update the project to public' do
result = update_project(project, user, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
expect(result).to eq({ status: :error, message: 'New visibility level not allowed!' })
expect(project).to be_private
end
context 'when updated by an admin' do
2021-01-29 00:20:46 +05:30
context 'when admin mode is enabled', :enable_admin_mode do
it 'updates the project to public' do
result = update_project(project, admin, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
2018-11-18 11:00:15 +05:30
2021-01-29 00:20:46 +05:30
expect(result).to eq({ status: :success })
expect(project).to be_public
end
end
context 'when admin mode is disabled' do
it 'does not update the project to public' do
result = update_project(project, admin, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
expect(result).to eq({ status: :error, message: 'New visibility level not allowed!' })
expect(project).to be_private
end
2018-03-17 18:26:18 +05:30
end
2017-08-17 22:00:37 +05:30
end
2014-09-02 18:07:02 +05:30
end
end
2018-03-17 18:26:18 +05:30
context 'when project visibility is higher than parent group' do
let(:group) { create(:group, visibility_level: Gitlab::VisibilityLevel::INTERNAL) }
before do
2021-01-03 14:25:43 +05:30
project.update!(namespace: group, visibility_level: group.visibility_level)
2018-03-17 18:26:18 +05:30
end
2021-01-29 00:20:46 +05:30
it 'does not update project visibility level even if admin', :enable_admin_mode do
2018-03-17 18:26:18 +05:30
result = update_project(project, admin, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
2018-03-17 18:26:18 +05:30
expect(result).to eq({ status: :error, message: 'Visibility level public is not allowed in a internal group.' })
expect(project.reload).to be_internal
end
end
2021-01-03 14:25:43 +05:30
2022-07-29 17:44:30 +05:30
context 'when user is not project owner' do
let_it_be(:maintainer) { create(:user) }
before do
project.add_maintainer(maintainer)
end
context 'when project is private' do
it 'does not update the project to public' do
result = update_project(project, maintainer, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
expect(result).to eq({ status: :error, message: 'New visibility level not allowed!' })
expect(project).to be_private
end
it 'does not update the project to public with tricky value' do
result = update_project(project, maintainer, visibility_level: Gitlab::VisibilityLevel::PUBLIC.to_s + 'r')
expect(result).to eq({ status: :error, message: 'New visibility level not allowed!' })
expect(project).to be_private
end
end
context 'when project is public' do
before do
project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end
it 'does not update the project to private' do
result = update_project(project, maintainer, visibility_level: Gitlab::VisibilityLevel::PRIVATE)
expect(result).to eq({ status: :error, message: 'New visibility level not allowed!' })
expect(project).to be_public
end
it 'does not update the project to private with invalid string value' do
result = update_project(project, maintainer, visibility_level: 'invalid')
expect(result).to eq({ status: :error, message: 'New visibility level not allowed!' })
expect(project).to be_public
end
it 'does not update the project to private with valid string value' do
result = update_project(project, maintainer, visibility_level: 'private')
expect(result).to eq({ status: :error, message: 'New visibility level not allowed!' })
expect(project).to be_public
end
# See https://gitlab.com/gitlab-org/gitlab/-/issues/359910
it 'does not update the project to private because of Active Record typecasting' do
result = update_project(project, maintainer, visibility_level: 'public')
expect(result).to eq({ status: :success })
expect(project).to be_public
end
end
end
2021-01-03 14:25:43 +05:30
context 'when updating shared runners' do
context 'can enable shared runners' do
let(:group) { create(:group, shared_runners_enabled: true) }
let(:project) { create(:project, namespace: group, shared_runners_enabled: false) }
it 'enables shared runners' do
result = update_project(project, user, shared_runners_enabled: true)
expect(result).to eq({ status: :success })
expect(project.reload.shared_runners_enabled).to be_truthy
end
end
context 'cannot enable shared runners' do
let(:group) { create(:group, :shared_runners_disabled) }
let(:project) { create(:project, namespace: group, shared_runners_enabled: false) }
it 'does not enable shared runners' do
result = update_project(project, user, shared_runners_enabled: true)
expect(result).to eq({ status: :error, message: 'Shared runners enabled cannot be enabled because parent group does not allow it' })
expect(project.reload.shared_runners_enabled).to be_falsey
end
end
end
end
2018-03-17 18:26:18 +05:30
describe 'when updating project that has forks' do
let(:project) { create(:project, :internal) }
2022-03-02 08:16:31 +05:30
let(:user) { project.first_owner }
2018-03-17 18:26:18 +05:30
let(:forked_project) { fork_project(project) }
2017-08-17 22:00:37 +05:30
2023-05-27 22:25:52 +05:30
it 'does not change visibility of forks' do
opts = { visibility_level: Gitlab::VisibilityLevel::PRIVATE }
2020-01-01 13:55:28 +05:30
2023-05-27 22:25:52 +05:30
expect(project).to be_internal
expect(forked_project).to be_internal
2017-08-17 22:00:37 +05:30
2023-05-27 22:25:52 +05:30
expect(update_project(project, user, opts)).to eq({ status: :success })
2023-05-27 22:25:52 +05:30
expect(project).to be_private
expect(forked_project.reload).to be_internal
2018-03-17 18:26:18 +05:30
end
end
2018-03-17 18:26:18 +05:30
context 'when updating a default branch' do
let(:project) { create(:project, :repository) }
2017-09-10 17:25:29 +05:30
2021-09-30 23:02:18 +05:30
it 'changes default branch, tracking the previous branch' do
previous_default_branch = project.default_branch
2018-03-17 18:26:18 +05:30
update_project(project, admin, default_branch: 'feature')
2017-09-10 17:25:29 +05:30
2021-09-30 23:02:18 +05:30
project.reload
expect(project.default_branch).to eq('feature')
expect(project.previous_default_branch).to eq(previous_default_branch)
update_project(project, admin, default_branch: previous_default_branch)
project.reload
expect(project.default_branch).to eq(previous_default_branch)
expect(project.previous_default_branch).to eq('feature')
2018-03-17 18:26:18 +05:30
end
it 'does not change a default branch' do
# The branch 'unexisted-branch' does not exist.
update_project(project, admin, default_branch: 'unexisted-branch')
2021-09-30 23:02:18 +05:30
project.reload
expect(project.default_branch).to eq 'master'
expect(project.previous_default_branch).to be_nil
2018-03-17 18:26:18 +05:30
end
2023-03-04 22:38:38 +05:30
context 'when repository has an ambiguous branch named "HEAD"' do
before do
allow(project.repository.raw).to receive(:write_ref).and_return(false)
allow(project.repository).to receive(:branch_names) { %w[fix master main HEAD] }
end
it 'returns an error to the user' do
result = update_project(project, admin, default_branch: 'fix')
expect(result).to include(status: :error)
expect(result[:message]).to include("Could not set the default branch. Do you have a branch named 'HEAD' in your repository?")
project.reload
expect(project.default_branch).to eq 'master'
expect(project.previous_default_branch).to be_nil
end
end
2017-09-10 17:25:29 +05:30
end
2018-03-27 19:54:05 +05:30
context 'when we update project but not enabling a wiki' do
it 'does not try to create an empty wiki' do
2022-11-25 23:54:43 +05:30
project.wiki.repository.raw.remove
2018-03-27 19:54:05 +05:30
result = update_project(project, user, { name: 'test1' })
expect(result).to eq({ status: :success })
expect(project.wiki_repository_exists?).to be false
end
it 'handles empty project feature attributes' do
2021-01-03 14:25:43 +05:30
project.project_feature.update!(wiki_access_level: ProjectFeature::DISABLED)
2018-03-27 19:54:05 +05:30
result = update_project(project, user, { name: 'test1' })
expect(result).to eq({ status: :success })
expect(project.wiki_repository_exists?).to be false
end
end
context 'when enabling a wiki' do
it 'creates a wiki' do
2021-01-03 14:25:43 +05:30
project.project_feature.update!(wiki_access_level: ProjectFeature::DISABLED)
2022-11-25 23:54:43 +05:30
project.wiki.repository.raw.remove
2018-03-27 19:54:05 +05:30
result = update_project(project, user, project_feature_attributes: { wiki_access_level: ProjectFeature::ENABLED })
expect(result).to eq({ status: :success })
expect(project.wiki_repository_exists?).to be true
expect(project.wiki_enabled?).to be true
end
it 'logs an error and creates a metric when wiki can not be created' do
2021-01-03 14:25:43 +05:30
project.project_feature.update!(wiki_access_level: ProjectFeature::DISABLED)
2018-03-27 19:54:05 +05:30
2023-06-20 00:43:36 +05:30
expect_next_instance_of(ProjectWiki) do |project_wiki|
expect(project_wiki).to receive(:create_wiki_repository).and_raise(Wiki::CouldNotCreateWikiError)
end
2018-03-27 19:54:05 +05:30
expect_any_instance_of(described_class).to receive(:log_error).with("Could not create wiki for #{project.full_name}")
2019-10-12 21:52:04 +05:30
counter = double(:counter)
expect(Gitlab::Metrics).to receive(:counter).with(:wiki_can_not_be_created_total, 'Counts the times we failed to create a wiki').and_return(counter)
expect(counter).to receive(:increment)
2018-03-27 19:54:05 +05:30
update_project(project, user, project_feature_attributes: { wiki_access_level: ProjectFeature::ENABLED })
end
end
2018-11-18 11:00:15 +05:30
context 'when changing feature visibility to private' do
it 'updates the visibility correctly' do
expect(TodosDestroyer::PrivateFeaturesWorker)
2019-01-03 12:48:30 +05:30
.to receive(:perform_in).with(Todo::WAIT_FOR_DELETE, project.id)
2018-11-18 11:00:15 +05:30
result = update_project(project, user, project_feature_attributes:
{ issues_access_level: ProjectFeature::PRIVATE }
2020-11-24 15:15:51 +05:30
)
2018-11-18 11:00:15 +05:30
expect(result).to eq({ status: :success })
expect(project.project_feature.issues_access_level).to be(ProjectFeature::PRIVATE)
end
end
2022-11-25 23:54:43 +05:30
context 'when changes project features' do
# Using some sample features for testing.
# Not using all the features because some of them must be enabled/disabled together
%w[issues wiki forking].each do |feature_name|
2023-07-09 08:55:56 +05:30
context "with feature_name:#{feature_name}" do
let(:feature) { "#{feature_name}_access_level" }
let(:params) do
{ project_feature_attributes: { feature => ProjectFeature::ENABLED } }
end
2022-11-25 23:54:43 +05:30
2023-07-09 08:55:56 +05:30
before do
project.project_feature.update!(feature => ProjectFeature::DISABLED)
end
2022-11-25 23:54:43 +05:30
2023-07-09 08:55:56 +05:30
it 'publishes Projects::ProjectFeaturesChangedEvent' do
expect { update_project(project, user, params) }
.to publish_event(Projects::ProjectFeaturesChangedEvent)
.with(
project_id: project.id,
namespace_id: project.namespace_id,
root_namespace_id: project.root_namespace.id,
features: array_including(feature, "updated_at")
)
end
2022-11-25 23:54:43 +05:30
end
end
end
2022-08-27 11:52:29 +05:30
context 'when archiving a project' do
2022-11-25 23:54:43 +05:30
it_behaves_like 'publishing Projects::ProjectAttributesChangedEvent',
params: { archived: true },
attributes: %w[updated_at archived]
2022-08-27 11:52:29 +05:30
it 'publishes a ProjectTransferedEvent' do
expect { update_project(project, user, archived: true) }
.to publish_event(Projects::ProjectArchivedEvent)
.with(
project_id: project.id,
namespace_id: project.namespace_id,
root_namespace_id: project.root_namespace.id
)
end
end
2022-08-13 15:12:31 +05:30
context 'when changing operations feature visibility' do
let(:feature_params) { { operations_access_level: ProjectFeature::DISABLED } }
it 'does not sync the changes to the related fields' do
result = update_project(project, user, project_feature_attributes: feature_params)
expect(result).to eq({ status: :success })
feature = project.project_feature
expect(feature.operations_access_level).to eq(ProjectFeature::DISABLED)
expect(feature.monitor_access_level).not_to eq(ProjectFeature::DISABLED)
expect(feature.infrastructure_access_level).not_to eq(ProjectFeature::DISABLED)
expect(feature.feature_flags_access_level).not_to eq(ProjectFeature::DISABLED)
expect(feature.environments_access_level).not_to eq(ProjectFeature::DISABLED)
end
end
2018-03-17 18:26:18 +05:30
context 'when updating a project that contains container images' do
before do
stub_container_registry_config(enabled: true)
stub_container_registry_tags(repository: /image/, tags: %w[rc1])
create(:container_repository, project: project, name: :image)
end
it 'does not allow to rename the project' do
result = update_project(project, admin, path: 'renamed')
expect(result).to include(status: :error)
expect(result[:message]).to match(/contains container registry tags/)
end
it 'allows to update other settings' do
result = update_project(project, admin, public_builds: true)
expect(result[:status]).to eq :success
expect(project.reload.public_builds).to be true
end
2017-09-10 17:25:29 +05:30
end
2018-03-17 18:26:18 +05:30
context 'when renaming a project' do
2022-08-13 15:12:31 +05:30
let(:raw_fake_repo) { Gitlab::Git::Repository.new('default', File.join(user.namespace.full_path, 'existing.git'), nil, nil) }
2018-03-17 18:26:18 +05:30
context 'with legacy storage' do
2018-03-27 19:54:05 +05:30
let(:project) { create(:project, :legacy_storage, :repository, creator: user, namespace: user.namespace) }
2018-03-17 18:26:18 +05:30
before do
2022-08-13 15:12:31 +05:30
raw_fake_repo.create_repository
2018-03-17 18:26:18 +05:30
end
after do
2022-08-13 15:12:31 +05:30
raw_fake_repo.remove
2018-03-17 18:26:18 +05:30
end
it 'does not allow renaming when new path matches existing repository on disk' do
result = update_project(project, admin, path: 'existing')
expect(result).to include(status: :error)
expect(result[:message]).to match('There is already a repository with that name on disk')
expect(project).not_to be_valid
expect(project.errors.messages).to have_key(:base)
expect(project.errors.messages[:base]).to include('There is already a repository with that name on disk')
end
2018-11-18 11:00:15 +05:30
2018-11-20 20:47:30 +05:30
context 'when hashed storage is enabled' do
2018-11-18 11:00:15 +05:30
before do
stub_application_setting(hashed_storage_enabled: true)
end
it 'migrates project to a hashed storage instead of renaming the repo to another legacy name' do
result = update_project(project, admin, path: 'new-path')
expect(result).not_to include(status: :error)
expect(project).to be_valid
expect(project.errors).to be_empty
expect(project.reload.hashed_storage?(:repository)).to be_truthy
end
end
2018-03-17 18:26:18 +05:30
end
context 'with hashed storage' do
let(:project) { create(:project, :repository, creator: user, namespace: user.namespace) }
before do
stub_application_setting(hashed_storage_enabled: true)
end
it 'does not check if new path matches existing repository on disk' do
expect(project).not_to receive(:repository_with_same_path_already_exists?)
result = update_project(project, admin, path: 'existing')
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
expect(result).to include(status: :success)
end
end
2017-09-10 17:25:29 +05:30
end
2018-03-17 18:26:18 +05:30
context 'when passing invalid parameters' do
it 'returns an error result when record cannot be updated' do
result = update_project(project, admin, { name: 'foo&bar' })
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
expect(result).to eq({
status: :error,
2021-11-18 22:05:49 +05:30
message: "Name can contain only letters, digits, emojis, '_', '.', '+', dashes, or spaces. It must start with a letter, digit, emoji, or '_'."
2018-03-17 18:26:18 +05:30
})
end
2017-09-10 17:25:29 +05:30
end
2018-05-09 12:01:36 +05:30
2019-10-12 21:52:04 +05:30
context 'when updating #emails_disabled' do
it 'updates the attribute for the project owner' do
expect { update_project(project, user, emails_disabled: true) }
.to change { project.emails_disabled }
.to(true)
end
it 'does not update when not project owner' do
maintainer = create(:user)
2022-08-13 15:12:31 +05:30
project.add_member(maintainer, :maintainer)
2019-10-12 21:52:04 +05:30
expect { update_project(project, maintainer, emails_disabled: true) }
.not_to change { project.emails_disabled }
end
end
2023-06-20 00:43:36 +05:30
context 'when updating #runner_registration_enabled' do
it 'updates the attribute' do
expect { update_project(project, user, runner_registration_enabled: false) }
.to change { project.runner_registration_enabled }
.to(false)
end
context 'when runner registration is disabled for all projects' do
before do
stub_application_setting(valid_runner_registrars: [])
end
it 'restricts updating the attribute' do
expect { update_project(project, user, runner_registration_enabled: false) }
.not_to change { project.runner_registration_enabled }
end
end
end
2021-11-18 22:05:49 +05:30
context 'when updating runners settings' do
let(:settings) do
{ instance_runners_enabled: true, namespace_traversal_ids: [123] }
end
2021-11-11 11:23:49 +05:30
2021-11-18 22:05:49 +05:30
let!(:pending_build) do
create(:ci_pending_build, project: project, **settings)
end
context 'when project has shared runners enabled' do
let(:project) { create(:project, shared_runners_enabled: true) }
it 'updates builds queue when shared runners get disabled' do
expect { update_project(project, admin, shared_runners_enabled: false) }
.to change { pending_build.reload.instance_runners_enabled }.to(false)
expect(pending_build.reload.instance_runners_enabled).to be false
end
end
context 'when project has shared runners disabled' do
let(:project) { create(:project, shared_runners_enabled: false) }
it 'updates builds queue when shared runners get enabled' do
expect { update_project(project, admin, shared_runners_enabled: true) }
.to not_change { pending_build.reload.instance_runners_enabled }
expect(pending_build.reload.instance_runners_enabled).to be true
end
2021-11-11 11:23:49 +05:30
end
2021-11-18 22:05:49 +05:30
context 'when project has group runners enabled' do
let(:project) { create(:project, group_runners_enabled: true) }
before do
project.ci_cd_settings.update!(group_runners_enabled: true)
end
it 'updates builds queue when group runners get disabled' do
update_project(project, admin, group_runners_enabled: false)
2021-11-11 11:23:49 +05:30
2021-11-18 22:05:49 +05:30
expect(pending_build.reload.namespace_traversal_ids).to be_empty
2021-11-11 11:23:49 +05:30
end
end
2021-11-18 22:05:49 +05:30
context 'when project has group runners disabled' do
let(:project) { create(:project, :in_subgroup, group_runners_enabled: false) }
before do
project.reload.ci_cd_settings.update!(group_runners_enabled: false)
end
it 'updates builds queue when group runners get enabled' do
update_project(project, admin, group_runners_enabled: true)
2021-11-11 11:23:49 +05:30
2021-11-18 22:05:49 +05:30
expect(pending_build.reload.namespace_traversal_ids).to include(project.namespace.id)
2021-11-11 11:23:49 +05:30
end
end
end
2019-07-07 11:18:12 +05:30
context 'with external authorization enabled' do
before do
enable_external_authorization_service_check
2019-10-12 21:52:04 +05:30
allow(::Gitlab::ExternalAuthorization)
.to receive(:access_allowed?).with(user, 'default_label', project.full_path).and_call_original
2019-07-07 11:18:12 +05:30
end
it 'does not save the project with an error if the service denies access' do
expect(::Gitlab::ExternalAuthorization)
.to receive(:access_allowed?).with(user, 'new-label') { false }
result = update_project(project, user, { external_authorization_classification_label: 'new-label' })
expect(result[:message]).to be_present
expect(result[:status]).to eq(:error)
end
it 'saves the new label if the service allows access' do
expect(::Gitlab::ExternalAuthorization)
.to receive(:access_allowed?).with(user, 'new-label') { true }
result = update_project(project, user, { external_authorization_classification_label: 'new-label' })
expect(result[:status]).to eq(:success)
expect(project.reload.external_authorization_classification_label).to eq('new-label')
end
it 'checks the default label when the classification label was cleared' do
expect(::Gitlab::ExternalAuthorization)
.to receive(:access_allowed?).with(user, 'default_label') { true }
update_project(project, user, { external_authorization_classification_label: '' })
end
it 'does not check the label when it does not change' do
2019-10-12 21:52:04 +05:30
expect(::Gitlab::ExternalAuthorization).to receive(:access_allowed?).once
2019-07-07 11:18:12 +05:30
update_project(project, user, { name: 'New name' })
end
end
2020-03-13 15:44:24 +05:30
2021-09-30 23:02:18 +05:30
context 'when updating nested attributes for prometheus integration' do
context 'prometheus integration exists' do
let(:prometheus_integration_attributes) do
2023-06-20 00:43:36 +05:30
attributes_for(
:prometheus_integration,
project: project,
properties: { api_url: "http://new.prometheus.com", manual_configuration: "0" }
)
2020-03-13 15:44:24 +05:30
end
2021-09-30 23:02:18 +05:30
let!(:prometheus_integration) do
2023-06-20 00:43:36 +05:30
create(
:prometheus_integration,
project: project,
properties: { api_url: "http://old.prometheus.com", manual_configuration: "0" }
)
2020-03-13 15:44:24 +05:30
end
it 'updates existing record' do
2021-09-30 23:02:18 +05:30
expect { update_project(project, user, prometheus_integration_attributes: prometheus_integration_attributes) }
.to change { prometheus_integration.reload.api_url }
2020-03-13 15:44:24 +05:30
.from("http://old.prometheus.com")
.to("http://new.prometheus.com")
end
end
2021-09-30 23:02:18 +05:30
context 'prometheus integration does not exist' do
2020-03-13 15:44:24 +05:30
context 'valid parameters' do
2021-09-30 23:02:18 +05:30
let(:prometheus_integration_attributes) do
2023-06-20 00:43:36 +05:30
attributes_for(
:prometheus_integration,
project: project,
properties: { api_url: "http://example.prometheus.com", manual_configuration: "0" }
)
2020-03-13 15:44:24 +05:30
end
it 'creates new record' do
2021-09-30 23:02:18 +05:30
expect { update_project(project, user, prometheus_integration_attributes: prometheus_integration_attributes) }
.to change { ::Integrations::Prometheus.where(project: project).count }
2020-03-13 15:44:24 +05:30
.from(0)
.to(1)
end
end
context 'invalid parameters' do
2021-09-30 23:02:18 +05:30
let(:prometheus_integration_attributes) do
2023-06-20 00:43:36 +05:30
attributes_for(
:prometheus_integration,
project: project,
properties: { api_url: nil, manual_configuration: "1" }
)
2020-03-13 15:44:24 +05:30
end
it 'does not create new record' do
2021-09-30 23:02:18 +05:30
expect { update_project(project, user, prometheus_integration_attributes: prometheus_integration_attributes) }
.not_to change { ::Integrations::Prometheus.where(project: project).count }
2020-03-13 15:44:24 +05:30
end
end
end
end
2020-06-23 00:09:42 +05:30
describe 'when changing repository_storage' do
let(:repository_read_only) { false }
let(:project) { create(:project, :repository, repository_read_only: repository_read_only) }
let(:opts) { { repository_storage: 'test_second_storage' } }
before do
stub_storage_settings('test_second_storage' => { 'path' => 'tmp/tests/extra_storage' })
end
shared_examples 'the transfer was not scheduled' do
it 'does not schedule the transfer' do
expect do
update_project(project, user, opts)
end.not_to change(project.repository_storage_moves, :count)
end
end
context 'authenticated as admin' do
let(:user) { create(:admin) }
2021-01-29 00:20:46 +05:30
context 'when admin mode is enabled', :enable_admin_mode do
it 'schedules the transfer of the repository to the new storage and locks the project' do
update_project(project, admin, opts)
2020-06-23 00:09:42 +05:30
2021-01-29 00:20:46 +05:30
expect(project).to be_repository_read_only
expect(project.repository_storage_moves.last).to have_attributes(
2021-04-17 20:07:23 +05:30
state: ::Projects::RepositoryStorageMove.state_machines[:state].states[:scheduled].value,
2021-01-29 00:20:46 +05:30
source_storage_name: 'default',
destination_storage_name: 'test_second_storage'
)
end
end
context 'when admin mode is disabled' do
it_behaves_like 'the transfer was not scheduled'
2020-06-23 00:09:42 +05:30
end
context 'the repository is read-only' do
let(:repository_read_only) { true }
it_behaves_like 'the transfer was not scheduled'
end
context 'the storage has not changed' do
let(:opts) { { repository_storage: 'default' } }
it_behaves_like 'the transfer was not scheduled'
end
context 'the storage does not exist' do
let(:opts) { { repository_storage: 'nonexistent' } }
it_behaves_like 'the transfer was not scheduled'
end
end
context 'authenticated as user' do
let(:user) { create(:user) }
it_behaves_like 'the transfer was not scheduled'
end
end
2021-09-04 01:27:46 +05:30
describe 'when updating topics' do
let(:project) { create(:project, topic_list: 'topic1, topic2') }
it 'update using topics' do
result = update_project(project, user, { topics: 'topics' })
expect(result[:status]).to eq(:success)
expect(project.topic_list).to eq(%w[topics])
end
it 'update using topic_list' do
result = update_project(project, user, { topic_list: 'topic_list' })
expect(result[:status]).to eq(:success)
expect(project.topic_list).to eq(%w[topic_list])
end
it 'update using tag_list (deprecated)' do
result = update_project(project, user, { tag_list: 'tag_list' })
expect(result[:status]).to eq(:success)
expect(project.topic_list).to eq(%w[tag_list])
end
end
2023-05-27 22:25:52 +05:30
describe 'when updating pages unique domain', feature_category: :pages do
let(:group) { create(:group, path: 'group') }
let(:project) { create(:project, path: 'project', group: group) }
context 'with pages_unique_domain feature flag disabled' do
before do
stub_feature_flags(pages_unique_domain: false)
end
it 'does not change pages unique domain' do
expect(project)
.to receive(:update)
.with({ project_setting_attributes: { has_confluence: true } })
.and_call_original
expect do
update_project(project, user, project_setting_attributes: {
has_confluence: true,
pages_unique_domain_enabled: true
})
end.not_to change { project.project_setting.pages_unique_domain_enabled }
end
it 'does not remove other attributes' do
expect(project)
.to receive(:update)
.with({ name: 'True' })
.and_call_original
update_project(project, user, name: 'True')
end
end
context 'with pages_unique_domain feature flag enabled' do
before do
stub_feature_flags(pages_unique_domain: true)
end
it 'updates project pages unique domain' do
expect do
update_project(project, user, project_setting_attributes: {
pages_unique_domain_enabled: true
})
end.to change { project.project_setting.pages_unique_domain_enabled }
expect(project.project_setting.pages_unique_domain_enabled).to eq true
expect(project.project_setting.pages_unique_domain).to match %r{project-group-\w+}
end
it 'does not changes unique domain when it already exists' do
project.project_setting.update!(
pages_unique_domain_enabled: false,
pages_unique_domain: 'unique-domain'
)
expect do
update_project(project, user, project_setting_attributes: {
pages_unique_domain_enabled: true
})
end.to change { project.project_setting.pages_unique_domain_enabled }
expect(project.project_setting.pages_unique_domain_enabled).to eq true
expect(project.project_setting.pages_unique_domain).to eq 'unique-domain'
end
it 'does not changes unique domain when it disabling unique domain' do
project.project_setting.update!(
pages_unique_domain_enabled: true,
pages_unique_domain: 'unique-domain'
)
expect do
update_project(project, user, project_setting_attributes: {
pages_unique_domain_enabled: false
})
end.not_to change { project.project_setting.pages_unique_domain }
expect(project.project_setting.pages_unique_domain_enabled).to eq false
expect(project.project_setting.pages_unique_domain).to eq 'unique-domain'
end
context 'when there is another project with the unique domain' do
it 'fails pages unique domain already exists' do
create(
:project_setting,
pages_unique_domain_enabled: true,
pages_unique_domain: 'unique-domain'
)
allow(Gitlab::Pages::RandomDomain)
.to receive(:generate)
.and_return('unique-domain')
result = update_project(project, user, project_setting_attributes: {
pages_unique_domain_enabled: true
})
expect(result).to eq(
status: :error,
message: 'Project setting pages unique domain has already been taken'
)
end
end
end
end
2017-09-10 17:25:29 +05:30
end
2018-03-17 18:26:18 +05:30
describe '#run_auto_devops_pipeline?' do
subject { described_class.new(project, user).run_auto_devops_pipeline? }
context 'when master contains a .gitlab-ci.yml file' do
before do
allow(project.repository).to receive(:gitlab_ci_yml).and_return("script: ['test']")
end
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
it { is_expected.to eq(false) }
2017-09-10 17:25:29 +05:30
end
2018-11-08 19:23:39 +05:30
context 'when auto devops is nil' do
it { is_expected.to eq(false) }
end
2018-03-17 18:26:18 +05:30
context 'when auto devops is explicitly enabled' do
before do
project.create_auto_devops!(enabled: true)
end
it { is_expected.to eq(true) }
2017-09-10 17:25:29 +05:30
end
2018-03-17 18:26:18 +05:30
context 'when auto devops is explicitly disabled' do
before do
project.create_auto_devops!(enabled: false)
end
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
it { is_expected.to eq(false) }
2017-09-10 17:25:29 +05:30
end
2018-03-17 18:26:18 +05:30
context 'when auto devops is set to instance setting' do
before do
project.create_auto_devops!(enabled: nil)
2019-07-31 22:56:46 +05:30
project.reload
2018-03-17 18:26:18 +05:30
allow(project.auto_devops).to receive(:previous_changes).and_return('enabled' => true)
end
context 'when auto devops is enabled system-wide' do
before do
stub_application_setting(auto_devops_enabled: true)
end
it { is_expected.to eq(true) }
end
2017-08-17 22:00:37 +05:30
2018-03-17 18:26:18 +05:30
context 'when auto devops is disabled system-wide' do
before do
stub_application_setting(auto_devops_enabled: false)
end
it { is_expected.to eq(false) }
end
2017-09-10 17:25:29 +05:30
end
2017-08-17 22:00:37 +05:30
end
2014-09-02 18:07:02 +05:30
def update_project(project, user, opts)
2017-08-17 22:00:37 +05:30
described_class.new(project, user, opts).execute
2014-09-02 18:07:02 +05:30
end
end