2019-07-31 22:56:46 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2018-12-05 23:21:45 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
2023-03-04 22:38:38 +05:30
|
|
|
RSpec.describe Settings, feature_category: :authentication_and_authorization do
|
2023-04-23 21:23:45 +05:30
|
|
|
using RSpec::Parameterized::TableSyntax
|
|
|
|
|
2018-12-05 23:21:45 +05:30
|
|
|
describe 'omniauth' do
|
|
|
|
it 'defaults to enabled' do
|
|
|
|
expect(described_class.omniauth.enabled).to be true
|
|
|
|
end
|
|
|
|
end
|
2019-02-15 15:39:39 +05:30
|
|
|
|
2020-04-08 14:13:33 +05:30
|
|
|
describe '.load_dynamic_cron_schedules!' do
|
|
|
|
it 'generates a valid cron schedule' do
|
|
|
|
expect(Fugit::Cron.parse(described_class.load_dynamic_cron_schedules!)).to be_a(Fugit::Cron)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2023-04-23 21:23:45 +05:30
|
|
|
describe '.build_ci_component_fqdn' do
|
|
|
|
subject(:fqdn) { described_class.build_ci_component_fqdn }
|
|
|
|
|
|
|
|
where(:host, :port, :relative_url, :result) do
|
|
|
|
'acme.com' | 9090 | '/gitlab' | 'acme.com:9090/gitlab/'
|
|
|
|
'acme.com' | 443 | '/gitlab' | 'acme.com/gitlab/'
|
|
|
|
'acme.com' | 443 | '' | 'acme.com/'
|
|
|
|
'acme.com' | 9090 | '' | 'acme.com:9090/'
|
|
|
|
'test' | 9090 | '' | 'test:9090/'
|
|
|
|
end
|
|
|
|
|
|
|
|
with_them do
|
|
|
|
before do
|
|
|
|
allow(Gitlab.config).to receive(:gitlab).and_return(
|
|
|
|
Settingslogic.new({
|
|
|
|
'host' => host,
|
|
|
|
'https' => true,
|
|
|
|
'port' => port,
|
|
|
|
'relative_url_root' => relative_url
|
|
|
|
}))
|
|
|
|
end
|
|
|
|
|
|
|
|
it { is_expected.to eq(result) }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-02-15 15:39:39 +05:30
|
|
|
describe '.attr_encrypted_db_key_base_truncated' do
|
|
|
|
it 'is a string with maximum 32 bytes size' do
|
|
|
|
expect(described_class.attr_encrypted_db_key_base_truncated.bytesize)
|
|
|
|
.to be <= 32
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '.attr_encrypted_db_key_base_12' do
|
|
|
|
context 'when db key base secret is less than 12 bytes' do
|
|
|
|
before do
|
|
|
|
allow(described_class)
|
|
|
|
.to receive(:attr_encrypted_db_key_base)
|
|
|
|
.and_return('a' * 10)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'expands db key base secret to 12 bytes' do
|
|
|
|
expect(described_class.attr_encrypted_db_key_base_12)
|
|
|
|
.to eq(('a' * 10) + ('0' * 2))
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when key has multiple multi-byte UTF chars exceeding 12 bytes' do
|
|
|
|
before do
|
|
|
|
allow(described_class)
|
|
|
|
.to receive(:attr_encrypted_db_key_base)
|
|
|
|
.and_return('❤' * 18)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not use more than 32 bytes' do
|
|
|
|
db_key_base = described_class.attr_encrypted_db_key_base_12
|
|
|
|
|
|
|
|
expect(db_key_base).to eq('❤' * 4)
|
|
|
|
expect(db_key_base.bytesize).to eq 12
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '.attr_encrypted_db_key_base_32' do
|
|
|
|
context 'when db key base secret is less than 32 bytes' do
|
|
|
|
before do
|
|
|
|
allow(described_class)
|
|
|
|
.to receive(:attr_encrypted_db_key_base)
|
|
|
|
.and_return('a' * 10)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'expands db key base secret to 32 bytes' do
|
|
|
|
expanded_key_base = ('a' * 10) + ('0' * 22)
|
|
|
|
|
|
|
|
expect(expanded_key_base.bytesize).to eq 32
|
|
|
|
expect(described_class.attr_encrypted_db_key_base_32)
|
|
|
|
.to eq expanded_key_base
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when db key base secret is 32 bytes' do
|
|
|
|
before do
|
|
|
|
allow(described_class)
|
|
|
|
.to receive(:attr_encrypted_db_key_base)
|
|
|
|
.and_return('a' * 32)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns original value' do
|
|
|
|
expect(described_class.attr_encrypted_db_key_base_32)
|
|
|
|
.to eq 'a' * 32
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when db key base contains multi-byte UTF character' do
|
|
|
|
before do
|
|
|
|
allow(described_class)
|
|
|
|
.to receive(:attr_encrypted_db_key_base)
|
|
|
|
.and_return('❤' * 6)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not use more than 32 bytes' do
|
|
|
|
db_key_base = described_class.attr_encrypted_db_key_base_32
|
|
|
|
|
|
|
|
expect(db_key_base).to eq '❤❤❤❤❤❤' + ('0' * 14)
|
|
|
|
expect(db_key_base.bytesize).to eq 32
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when db key base multi-byte UTF chars exceeding 32 bytes' do
|
|
|
|
before do
|
|
|
|
allow(described_class)
|
|
|
|
.to receive(:attr_encrypted_db_key_base)
|
|
|
|
.and_return('❤' * 18)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not use more than 32 bytes' do
|
|
|
|
db_key_base = described_class.attr_encrypted_db_key_base_32
|
|
|
|
|
|
|
|
expect(db_key_base).to eq(('❤' * 10) + ('0' * 2))
|
|
|
|
expect(db_key_base.bytesize).to eq 32
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2020-07-28 23:09:34 +05:30
|
|
|
|
2021-09-30 23:02:18 +05:30
|
|
|
describe '.cron_for_service_ping' do
|
2020-07-28 23:09:34 +05:30
|
|
|
it 'returns correct crontab for some manually calculated example' do
|
|
|
|
allow(Gitlab::CurrentSettings)
|
2022-10-11 01:57:18 +05:30
|
|
|
.to receive(:uuid) { 'd9e2f4e8-db1f-4e51-b03d-f427e1965c4a' }
|
2020-07-28 23:09:34 +05:30
|
|
|
|
2022-07-16 23:28:13 +05:30
|
|
|
expect(described_class.send(:cron_for_service_ping)).to eq('44 10 * * 4')
|
2020-07-28 23:09:34 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns min, hour, day in the valid range' do
|
|
|
|
allow(Gitlab::CurrentSettings)
|
|
|
|
.to receive(:uuid) { SecureRandom.uuid }
|
|
|
|
|
|
|
|
10.times do
|
2021-09-30 23:02:18 +05:30
|
|
|
cron = described_class.send(:cron_for_service_ping).split(/\s/)
|
2020-07-28 23:09:34 +05:30
|
|
|
|
|
|
|
expect(cron[0].to_i).to be_between(0, 59)
|
|
|
|
expect(cron[1].to_i).to be_between(0, 23)
|
|
|
|
expect(cron[4].to_i).to be_between(0, 6)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2021-02-22 17:27:13 +05:30
|
|
|
|
|
|
|
describe '.encrypted' do
|
|
|
|
before do
|
|
|
|
allow(Gitlab::Application.secrets).to receive(:encryped_settings_key_base).and_return(SecureRandom.hex(64))
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'defaults to using the encrypted_settings_key_base for the key' do
|
|
|
|
expect(Gitlab::EncryptedConfiguration).to receive(:new).with(hash_including(base_key: Gitlab::Application.secrets.encrypted_settings_key_base))
|
|
|
|
Settings.encrypted('tmp/tests/test.enc')
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns empty encrypted config when a key has not been set' do
|
|
|
|
allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(nil)
|
|
|
|
expect(Settings.encrypted('tmp/tests/test.enc').read).to be_empty
|
|
|
|
end
|
|
|
|
end
|
2022-10-11 01:57:18 +05:30
|
|
|
|
|
|
|
describe '.microsoft_graph_mailer' do
|
|
|
|
it 'defaults' do
|
|
|
|
expect(described_class.microsoft_graph_mailer.enabled).to be false
|
|
|
|
expect(described_class.microsoft_graph_mailer.user_id).to be_nil
|
|
|
|
expect(described_class.microsoft_graph_mailer.tenant).to be_nil
|
|
|
|
expect(described_class.microsoft_graph_mailer.client_id).to be_nil
|
|
|
|
expect(described_class.microsoft_graph_mailer.client_secret).to be_nil
|
|
|
|
expect(described_class.microsoft_graph_mailer.azure_ad_endpoint).to eq('https://login.microsoftonline.com')
|
|
|
|
expect(described_class.microsoft_graph_mailer.graph_endpoint).to eq('https://graph.microsoft.com')
|
|
|
|
end
|
|
|
|
end
|
2023-04-23 21:23:45 +05:30
|
|
|
|
|
|
|
describe '.repositories' do
|
|
|
|
it 'sets up storage settings' do
|
|
|
|
described_class.repositories.storages.each do |_, storage|
|
|
|
|
expect(storage).to be_a Gitlab::GitalyClient::StorageSettings
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2018-12-05 23:21:45 +05:30
|
|
|
end
|