debian-mirror-gitlab/spec/controllers/groups/uploads_controller_spec.rb

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe Groups::UploadsController do
  include WorkhorseHelpers

  let(:model) { create(:group, :public) }
  let(:params) do
    { group_id: model }
  end

  let(:other_model) { create(:group, :public) }
  let(:other_params) do
    { group_id: other_model }
  end

  it_behaves_like 'handle uploads' do
    let(:uploader_class) { NamespaceFileUploader }
  end

  context 'with a moved group' do
    let!(:upload) { create(:upload, :issuable_upload, :with_file, model: model) }
    let(:group) { model }
    let(:old_path) { group.to_param + 'old' }
    let!(:redirect_route) { model.redirect_routes.create!(path: old_path) }
    let(:upload_path) { File.basename(upload.path) }

    it 'redirects to a file with the proper extension' do
      get :show, params: { group_id: old_path, filename: upload_path, secret: upload.secret }

      expect(response.location).to eq(show_group_uploads_url(group, upload.secret, upload_path))
      expect(response.location).to end_with(upload.path)
      expect(response).to have_gitlab_http_status(:redirect)
    end
  end

  describe "GET #show" do
    let(:filename) { "rails_sample.jpg" }
    let(:user)  { create(:user) }
    let(:jpg)   { fixture_file_upload('spec/fixtures/rails_sample.jpg', 'image/jpg') }
    let(:txt)   { fixture_file_upload('spec/fixtures/doc_sample.txt', 'text/plain') }
    let(:secret) { FileUploader.generate_secret }
    let(:uploader_class) { FileUploader }

    let(:upload_service) do
      UploadService.new(model, jpg, uploader_class).execute
    end

    let(:show_upload) do
      get :show, params: params.merge(secret: secret, filename: filename)
    end

    before do
      allow(FileUploader).to receive(:generate_secret).and_return(secret)

      allow_next_instance_of(FileUploader) do |instance|
        allow(instance).to receive(:image?).and_return(true)
      end

      upload_service
    end

    context 'when the group is public' do
      before do
        model.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PUBLIC)
      end

      context "when not signed in" do
        it "responds with appropriate status" do
          show_upload

          expect(response).to have_gitlab_http_status(:ok)
        end
      end

      context "when signed in" do
        before do
          sign_in(user)
        end

        context "when the user doesn't have access to the model" do
          it "responds with status 200" do
            show_upload

            expect(response).to have_gitlab_http_status(:ok)
          end
        end
      end
    end

    context 'when the group is private' do
      before do
        model.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PRIVATE)
      end

      context "when not signed in" do
        it "responds with appropriate status" do
          show_upload

          expect(response).to have_gitlab_http_status(:ok)
        end
      end

      context "when signed in" do
        before do
          sign_in(user)
        end

        context "when the user doesn't have access to the model" do
          it "responds with status 200" do
            show_upload

            expect(response).to have_gitlab_http_status(:ok)
          end
        end
      end
    end
  end

  def post_authorize(verified: true)
    request.headers.merge!(workhorse_internal_api_request_header) if verified

    post :authorize, params: { group_id: model.full_path }, format: :json
  end
end
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`# frozen_string_literal: true`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`require 'spec_helper'`

New upstream version 13.1.0 2020-06-23 00:09:42 +05:30			`RSpec.describe Groups::UploadsController do`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`include WorkhorseHelpers`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`let(:model) { create(:group, :public) }`
			`let(:params) do`
			`{ group_id: model }`
			`end`

New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`let(:other_model) { create(:group, :public) }`
			`let(:other_params) do`
			`{ group_id: other_model }`
			`end`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`it_behaves_like 'handle uploads' do`
			`let(:uploader_class) { NamespaceFileUploader }`
			`end`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`context 'with a moved group' do`
			`let!(:upload) { create(:upload, :issuable_upload, :with_file, model: model) }`
			`let(:group) { model }`
			`let(:old_path) { group.to_param + 'old' }`
New upstream version 13.11.2+ds1 2021-04-29 21:17:54 +05:30			`let!(:redirect_route) { model.redirect_routes.create!(path: old_path) }`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`let(:upload_path) { File.basename(upload.path) }`

			`it 'redirects to a file with the proper extension' do`
			`get :show, params: { group_id: old_path, filename: upload_path, secret: upload.secret }`

			`expect(response.location).to eq(show_group_uploads_url(group, upload.secret, upload_path))`
			`expect(response.location).to end_with(upload.path)`
			`expect(response).to have_gitlab_http_status(:redirect)`
			`end`
			`end`

New upstream version 15.0.4+ds1 2022-07-16 23:28:13 +05:30			`describe "GET #show" do`
			`let(:filename) { "rails_sample.jpg" }`
			`let(:user) { create(:user) }`
			`let(:jpg) { fixture_file_upload('spec/fixtures/rails_sample.jpg', 'image/jpg') }`
			`let(:txt) { fixture_file_upload('spec/fixtures/doc_sample.txt', 'text/plain') }`
			`let(:secret) { FileUploader.generate_secret }`
			`let(:uploader_class) { FileUploader }`

			`let(:upload_service) do`
			`UploadService.new(model, jpg, uploader_class).execute`
			`end`

			`let(:show_upload) do`
			`get :show, params: params.merge(secret: secret, filename: filename)`
			`end`

			`before do`
			`allow(FileUploader).to receive(:generate_secret).and_return(secret)`

			`allow_next_instance_of(FileUploader) do \|instance\|`
			`allow(instance).to receive(:image?).and_return(true)`
			`end`

			`upload_service`
			`end`

			`context 'when the group is public' do`
			`before do`
			`model.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PUBLIC)`
			`end`

			`context "when not signed in" do`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`it "responds with appropriate status" do`
			`show_upload`
New upstream version 15.0.4+ds1 2022-07-16 23:28:13 +05:30
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`expect(response).to have_gitlab_http_status(:ok)`
New upstream version 15.0.4+ds1 2022-07-16 23:28:13 +05:30			`end`
			`end`

			`context "when signed in" do`
			`before do`
			`sign_in(user)`
			`end`

			`context "when the user doesn't have access to the model" do`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`it "responds with status 200" do`
			`show_upload`
New upstream version 15.0.4+ds1 2022-07-16 23:28:13 +05:30
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`expect(response).to have_gitlab_http_status(:ok)`
New upstream version 15.0.4+ds1 2022-07-16 23:28:13 +05:30			`end`
			`end`
			`end`
			`end`

			`context 'when the group is private' do`
			`before do`
			`model.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PRIVATE)`
			`end`

			`context "when not signed in" do`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`it "responds with appropriate status" do`
			`show_upload`
New upstream version 15.0.4+ds1 2022-07-16 23:28:13 +05:30
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`expect(response).to have_gitlab_http_status(:ok)`
New upstream version 15.0.4+ds1 2022-07-16 23:28:13 +05:30			`end`
			`end`

			`context "when signed in" do`
			`before do`
			`sign_in(user)`
			`end`

			`context "when the user doesn't have access to the model" do`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`it "responds with status 200" do`
			`show_upload`
New upstream version 15.0.4+ds1 2022-07-16 23:28:13 +05:30
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`expect(response).to have_gitlab_http_status(:ok)`
New upstream version 15.0.4+ds1 2022-07-16 23:28:13 +05:30			`end`
			`end`
			`end`
			`end`
			`end`

New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`def post_authorize(verified: true)`
			`request.headers.merge!(workhorse_internal_api_request_header) if verified`

New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`post :authorize, params: { group_id: model.full_path }, format: :json`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`end`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`end`