debian-mirror-gitlab/spec/migrations/encrypt_feature_flags_clients_tokens_spec.rb

37 lines
1.4 KiB
Ruby
Raw Normal View History

2019-09-30 21:07:59 +05:30
# frozen_string_literal: true
require 'spec_helper'
2021-09-04 01:27:46 +05:30
require_migration!
2019-09-30 21:07:59 +05:30
2020-07-28 23:09:34 +05:30
RSpec.describe EncryptFeatureFlagsClientsTokens do
2019-09-30 21:07:59 +05:30
let(:migration) { described_class.new }
let(:feature_flags_clients) { table(:operations_feature_flags_clients) }
let(:projects) { table(:projects) }
let(:plaintext) { "secret-token" }
2021-03-11 19:13:27 +05:30
let(:ciphertext) { Gitlab::CryptoHelper.aes256_gcm_encrypt(plaintext, nonce: Gitlab::CryptoHelper::AES256_GCM_IV_STATIC) }
2019-09-30 21:07:59 +05:30
describe '#up' do
it 'keeps plaintext token the same and populates token_encrypted if not present' do
project = projects.create!(id: 123, name: 'gitlab1', path: 'gitlab1', namespace_id: 123)
feature_flags_client = feature_flags_clients.create!(project_id: project.id, token: plaintext)
migration.up
expect(feature_flags_client.reload.token).to eq(plaintext)
expect(feature_flags_client.reload.token_encrypted).to eq(ciphertext)
end
end
describe '#down' do
it 'decrypts encrypted token and saves it' do
project = projects.create!(id: 123, name: 'gitlab1', path: 'gitlab1', namespace_id: 123)
feature_flags_client = feature_flags_clients.create!(project_id: project.id, token_encrypted: ciphertext)
migration.down
expect(feature_flags_client.reload.token).to eq(plaintext)
expect(feature_flags_client.reload.token_encrypted).to eq(ciphertext)
end
end
end