debian-mirror-gitlab/spec/requests/ide_controller_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

216 lines
6 KiB
Ruby
Raw Normal View History

2019-10-12 21:52:04 +05:30
# frozen_string_literal: true
require 'spec_helper'
2023-03-04 22:38:38 +05:30
RSpec.describe IdeController, feature_category: :web_ide do
2022-11-25 23:54:43 +05:30
using RSpec::Parameterized::TableSyntax
2021-07-02 01:05:55 +05:30
let_it_be(:reporter) { create(:user) }
let_it_be(:project) do
create(:project, :private).tap do |p|
p.add_reporter(reporter)
end
end
2021-04-17 20:07:23 +05:30
let_it_be(:creator) { project.creator }
let_it_be(:other_user) { create(:user) }
2022-11-25 23:54:43 +05:30
let_it_be(:top_nav_partial) { 'layouts/header/_default' }
2021-04-17 20:07:23 +05:30
let(:user) { creator }
2019-10-12 21:52:04 +05:30
2023-07-09 08:55:56 +05:30
def find_csp_source(key)
2023-03-04 22:38:38 +05:30
csp = response.headers['Content-Security-Policy']
2023-07-09 08:55:56 +05:30
# Transform "default-src foo bar; connect-src foo bar; script-src ..."
# into array of values for a single directive based on the given key
2023-03-04 22:38:38 +05:30
csp.split(';')
.map(&:strip)
2023-07-09 08:55:56 +05:30
.find { |entry| entry.starts_with?(key) }
2023-03-04 22:38:38 +05:30
.split(' ')
.drop(1)
end
2019-10-12 21:52:04 +05:30
before do
2023-03-04 22:38:38 +05:30
stub_feature_flags(vscode_web_ide: true)
2019-10-12 21:52:04 +05:30
sign_in(user)
end
2021-04-17 20:07:23 +05:30
describe '#index', :aggregate_failures do
subject { get route }
2021-07-02 01:05:55 +05:30
shared_examples 'user access rights check' do
2023-05-27 22:25:52 +05:30
context 'when user can read project' do
2021-07-02 01:05:55 +05:30
it 'increases the views counter' do
expect(Gitlab::UsageDataCounters::WebIdeCounter).to receive(:increment_views_count)
2021-04-17 20:07:23 +05:30
subject
2021-04-29 21:17:54 +05:30
end
2023-05-27 22:25:52 +05:30
context 'when user can read project but cannot push code' do
2021-07-02 01:05:55 +05:30
include ProjectForksHelper
2021-04-29 21:17:54 +05:30
2021-07-02 01:05:55 +05:30
let(:user) { reporter }
2021-04-29 21:17:54 +05:30
2021-07-02 01:05:55 +05:30
context 'when user does not have fork' do
it 'instantiates fork_info instance var with fork_path and returns 200' do
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
2023-05-27 22:25:52 +05:30
expect(assigns(:fork_info)).to eq({
fork_path: controller.helpers.ide_fork_and_edit_path(
project,
'',
'',
with_notice: false
)
})
2021-07-02 01:05:55 +05:30
end
it 'has nil fork_info if user cannot fork' do
project.project_feature.update!(forking_access_level: ProjectFeature::DISABLED)
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:fork_info)).to be_nil
end
end
context 'when user has fork' do
let!(:fork) { fork_project(project, user, repository: true, namespace: user.namespace) }
it 'instantiates fork_info instance var with ide_path and returns 200' do
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
2023-05-27 22:25:52 +05:30
expect(assigns(:fork_info)).to eq({ ide_path: controller.helpers.ide_edit_path(fork, '', '') })
2021-07-02 01:05:55 +05:30
end
end
2021-04-17 20:07:23 +05:30
end
end
2023-05-27 22:25:52 +05:30
context 'when user cannot read project' do
2021-07-02 01:05:55 +05:30
let(:user) { other_user }
2021-04-17 20:07:23 +05:30
2021-07-02 01:05:55 +05:30
it 'returns 404' do
2021-04-17 20:07:23 +05:30
subject
2021-07-02 01:05:55 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2021-04-17 20:07:23 +05:30
end
end
end
2023-05-27 22:25:52 +05:30
context 'with /-/ide' do
2021-04-17 20:07:23 +05:30
let(:route) { '/-/ide' }
2021-07-02 01:05:55 +05:30
it 'returns 404' do
2021-04-17 20:07:23 +05:30
subject
2021-07-02 01:05:55 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2021-04-17 20:07:23 +05:30
end
end
2023-05-27 22:25:52 +05:30
context 'with /-/ide/project' do
2021-04-17 20:07:23 +05:30
let(:route) { '/-/ide/project' }
2021-07-02 01:05:55 +05:30
it 'returns 404' do
2021-04-17 20:07:23 +05:30
subject
2021-07-02 01:05:55 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2021-04-17 20:07:23 +05:30
end
end
2023-05-27 22:25:52 +05:30
context 'with /-/ide/project/:project' do
2021-04-17 20:07:23 +05:30
let(:route) { "/-/ide/project/#{project.full_path}" }
2021-07-02 01:05:55 +05:30
it 'instantiates project instance var and returns 200' do
2021-04-17 20:07:23 +05:30
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
2021-04-29 21:17:54 +05:30
expect(assigns(:fork_info)).to be_nil
2021-04-17 20:07:23 +05:30
end
2021-07-02 01:05:55 +05:30
it_behaves_like 'user access rights check'
2021-04-17 20:07:23 +05:30
2023-05-27 22:25:52 +05:30
%w[edit blob tree].each do |action|
context "with /-/ide/project/:project/#{action}" do
2021-04-17 20:07:23 +05:30
let(:route) { "/-/ide/project/#{project.full_path}/#{action}" }
2021-07-02 01:05:55 +05:30
it 'instantiates project instance var and returns 200' do
2021-04-17 20:07:23 +05:30
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
2021-04-29 21:17:54 +05:30
expect(assigns(:fork_info)).to be_nil
2021-04-17 20:07:23 +05:30
end
2021-07-02 01:05:55 +05:30
it_behaves_like 'user access rights check'
2021-04-17 20:07:23 +05:30
end
end
2022-07-23 23:45:48 +05:30
describe 'Snowplow view event', :snowplow do
it 'is tracked' do
subject
expect_snowplow_event(
category: described_class.to_s,
action: 'web_ide_views',
namespace: project.namespace,
user: user
)
end
end
2022-11-25 23:54:43 +05:30
# This indirectly tests that `minimal: true` was passed to the fullscreen layout
describe 'layout' do
2023-07-09 08:55:56 +05:30
where(:ff_state, :expect_top_nav) do
false | true
true | false
2022-11-25 23:54:43 +05:30
end
with_them do
before do
stub_feature_flags(vscode_web_ide: ff_state)
subject
end
it 'handles rendering top nav' do
if expect_top_nav
expect(response).to render_template(top_nav_partial)
else
expect(response).not_to render_template(top_nav_partial)
end
end
end
end
2021-04-17 20:07:23 +05:30
end
2023-03-04 22:38:38 +05:30
2023-07-09 08:55:56 +05:30
describe 'content security policy' do
2023-03-04 22:38:38 +05:30
let(:route) { '/-/ide' }
2023-07-09 08:55:56 +05:30
it 'updates the content security policy with the correct frame sources' do
2023-03-04 22:38:38 +05:30
subject
2023-07-09 08:55:56 +05:30
expect(find_csp_source('frame-src')).to include("http://www.example.com/assets/webpack/", "https://*.vscode-cdn.net/")
expect(find_csp_source('worker-src')).to include("http://www.example.com/assets/webpack/")
2023-03-04 22:38:38 +05:30
end
2023-07-09 08:55:56 +05:30
it 'with relative_url_root, updates the content security policy with the correct frame sources' do
stub_config_setting(relative_url_root: '/gitlab')
subject
expect(find_csp_source('frame-src')).to include("http://www.example.com/gitlab/assets/webpack/")
expect(find_csp_source('worker-src')).to include("http://www.example.com/gitlab/assets/webpack/")
2023-03-04 22:38:38 +05:30
end
end
2021-04-17 20:07:23 +05:30
end
2019-10-12 21:52:04 +05:30
end