2019-07-31 22:56:46 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
describe Projects::CreateService, '#execute' do
|
2019-07-07 11:18:12 +05:30
|
|
|
include ExternalAuthorizationServiceHelpers
|
2018-12-05 23:21:45 +05:30
|
|
|
include GitHelpers
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
let(:user) { create :user }
|
|
|
|
let(:opts) do
|
|
|
|
{
|
2017-09-10 17:25:29 +05:30
|
|
|
name: 'GitLab',
|
|
|
|
namespace_id: user.namespace.id
|
2017-08-17 22:00:37 +05:30
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates labels on Project creation if there are templates' do
|
|
|
|
Label.create(title: "bug", template: true)
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
2019-03-02 22:35:43 +05:30
|
|
|
created_label = project.reload.labels.last
|
|
|
|
|
|
|
|
expect(created_label.type).to eq('ProjectLabel')
|
|
|
|
expect(created_label.project_id).to eq(project.id)
|
|
|
|
expect(created_label.title).to eq('bug')
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'user namespace' do
|
|
|
|
it do
|
|
|
|
project = create_project(user, opts)
|
2015-09-11 14:41:01 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
expect(project).to be_valid
|
|
|
|
expect(project.owner).to eq(user)
|
2018-11-18 11:00:15 +05:30
|
|
|
expect(project.team.maintainers).to include(user)
|
2017-08-17 22:00:37 +05:30
|
|
|
expect(project.namespace).to eq(user.namespace)
|
2015-09-11 14:41:01 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2015-09-11 14:41:01 +05:30
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
describe 'after create actions' do
|
|
|
|
it 'invalidate personal_projects_count caches' do
|
|
|
|
expect(user).to receive(:invalidate_personal_projects_count)
|
|
|
|
|
|
|
|
create_project(user, opts)
|
|
|
|
end
|
2020-03-13 15:44:24 +05:30
|
|
|
|
|
|
|
it 'creates associated project settings' do
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(project.project_setting).to be_persisted
|
|
|
|
end
|
2018-05-09 12:01:36 +05:30
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context "admin creates project with other user's namespace_id" do
|
|
|
|
it 'sets the correct permissions' do
|
|
|
|
admin = create(:admin)
|
|
|
|
opts = {
|
|
|
|
name: 'GitLab',
|
|
|
|
namespace_id: user.namespace.id
|
|
|
|
}
|
|
|
|
project = create_project(admin, opts)
|
2015-09-25 12:07:36 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
expect(project).to be_persisted
|
|
|
|
expect(project.owner).to eq(user)
|
2018-11-18 11:00:15 +05:30
|
|
|
expect(project.team.maintainers).to contain_exactly(user)
|
2017-08-17 22:00:37 +05:30
|
|
|
expect(project.namespace).to eq(user.namespace)
|
2015-09-25 12:07:36 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2015-09-25 12:07:36 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'group namespace' do
|
|
|
|
let(:group) do
|
|
|
|
create(:group).tap do |group|
|
|
|
|
group.add_owner(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
before do
|
|
|
|
user.refresh_authorized_projects # Ensure cache is warm
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it do
|
|
|
|
project = create_project(user, opts.merge!(namespace_id: group.id))
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
expect(project).to be_valid
|
|
|
|
expect(project.owner).to eq(group)
|
|
|
|
expect(project.namespace).to eq(group)
|
2019-12-04 20:38:33 +05:30
|
|
|
expect(project.team.owners).to include(user)
|
2017-08-17 22:00:37 +05:30
|
|
|
expect(user.authorized_projects).to include(project)
|
|
|
|
end
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'error handling' do
|
|
|
|
it 'handles invalid options' do
|
|
|
|
opts[:default_branch] = 'master'
|
|
|
|
expect(create_project(user, opts)).to eq(nil)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
2018-05-09 12:01:36 +05:30
|
|
|
|
|
|
|
it 'sets invalid service as inactive' do
|
|
|
|
create(:service, type: 'JiraService', project: nil, template: true, active: true)
|
|
|
|
|
|
|
|
project = create_project(user, opts)
|
|
|
|
service = project.services.first
|
|
|
|
|
|
|
|
expect(project).to be_persisted
|
|
|
|
expect(service.active).to be false
|
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'wiki_enabled creates repository directory' do
|
|
|
|
context 'wiki_enabled true creates wiki repository directory' do
|
|
|
|
it do
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(wiki_repo(project).exists?).to be_truthy
|
2015-12-23 02:04:40 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'wiki_enabled false does not create wiki repository directory' do
|
|
|
|
it do
|
|
|
|
opts[:wiki_enabled] = false
|
|
|
|
project = create_project(user, opts)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(wiki_repo(project).exists?).to be_falsey
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2018-03-17 18:26:18 +05:30
|
|
|
|
|
|
|
def wiki_repo(project)
|
|
|
|
relative_path = ProjectWiki.new(project).disk_path + '.git'
|
2019-03-02 22:35:43 +05:30
|
|
|
Gitlab::Git::Repository.new(project.repository_storage, relative_path, 'foobar', project.full_path)
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2018-11-18 11:00:15 +05:30
|
|
|
context 'import data' do
|
|
|
|
it 'stores import data and URL' do
|
|
|
|
import_data = { data: { 'test' => 'some data' } }
|
|
|
|
project = create_project(user, { name: 'test', import_url: 'http://import-url', import_data: import_data })
|
|
|
|
|
|
|
|
expect(project.import_data).to be_persisted
|
|
|
|
expect(project.import_data.data).to eq(import_data[:data])
|
|
|
|
expect(project.import_url).to eq('http://import-url')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'builds_enabled global setting' do
|
|
|
|
let(:project) { create_project(user, opts) }
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
subject { project.builds_enabled? }
|
|
|
|
|
|
|
|
context 'global builds_enabled false does not enable CI by default' do
|
|
|
|
before do
|
|
|
|
project.project_feature.update_attribute(:builds_access_level, ProjectFeature::DISABLED)
|
2015-04-26 12:48:37 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
|
|
|
|
it { is_expected.to be_falsey }
|
2015-04-26 12:48:37 +05:30
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'global builds_enabled true does enable CI by default' do
|
|
|
|
it { is_expected.to be_truthy }
|
|
|
|
end
|
|
|
|
end
|
2015-11-26 14:37:03 +05:30
|
|
|
|
2019-09-04 21:01:54 +05:30
|
|
|
context 'default visibility level' do
|
|
|
|
let(:group) { create(:group, :private) }
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
before do
|
2019-09-04 21:01:54 +05:30
|
|
|
stub_application_setting(default_project_visibility: Gitlab::VisibilityLevel::INTERNAL)
|
|
|
|
group.add_developer(user)
|
2015-11-26 14:37:03 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
opts.merge!(
|
2019-09-04 21:01:54 +05:30
|
|
|
visibility: 'private',
|
|
|
|
name: 'test',
|
|
|
|
namespace: group,
|
|
|
|
path: 'foo'
|
2017-08-17 22:00:37 +05:30
|
|
|
)
|
|
|
|
end
|
2015-11-26 14:37:03 +05:30
|
|
|
|
2019-09-04 21:01:54 +05:30
|
|
|
it 'creates a private project' do
|
2017-08-17 22:00:37 +05:30
|
|
|
project = create_project(user, opts)
|
2015-11-26 14:37:03 +05:30
|
|
|
|
2019-09-04 21:01:54 +05:30
|
|
|
expect(project).to respond_to(:errors)
|
2015-11-26 14:37:03 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
expect(project.errors.any?).to be(false)
|
2019-09-04 21:01:54 +05:30
|
|
|
expect(project.visibility_level).to eq(Gitlab::VisibilityLevel::PRIVATE)
|
2017-08-17 22:00:37 +05:30
|
|
|
expect(project.saved?).to be(true)
|
2019-09-04 21:01:54 +05:30
|
|
|
expect(project.valid?).to be(true)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'restricted visibility level' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
|
|
|
|
end
|
|
|
|
|
|
|
|
shared_examples 'restricted visibility' do
|
|
|
|
it 'does not allow a restricted visibility level for non-admins' do
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(project).to respond_to(:errors)
|
|
|
|
expect(project.errors.messages).to have_key(:visibility_level)
|
|
|
|
expect(project.errors.messages[:visibility_level].first).to(
|
|
|
|
match('restricted by your GitLab administrator')
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'allows a restricted visibility level for admins' do
|
|
|
|
admin = create(:admin)
|
|
|
|
project = create_project(admin, opts)
|
|
|
|
|
|
|
|
expect(project.errors.any?).to be(false)
|
|
|
|
expect(project.saved?).to be(true)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when visibility is project based' do
|
|
|
|
before do
|
|
|
|
opts.merge!(
|
|
|
|
visibility_level: Gitlab::VisibilityLevel::PUBLIC
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
|
|
|
include_examples 'restricted visibility'
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when visibility is overridden' do
|
|
|
|
let(:visibility) { 'public' }
|
|
|
|
|
|
|
|
before do
|
|
|
|
opts.merge!(
|
|
|
|
import_data: {
|
|
|
|
data: {
|
|
|
|
override_params: {
|
|
|
|
visibility: visibility
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
|
|
|
include_examples 'restricted visibility'
|
|
|
|
|
|
|
|
context 'when visibility is misspelled' do
|
|
|
|
let(:visibility) { 'publik' }
|
|
|
|
|
|
|
|
it 'does not restrict project creation' do
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(project.errors.any?).to be(false)
|
|
|
|
expect(project.saved?).to be(true)
|
|
|
|
end
|
|
|
|
end
|
2015-11-26 14:37:03 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2015-11-26 14:37:03 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'repository creation' do
|
|
|
|
it 'synchronously creates the repository' do
|
2020-03-13 15:44:24 +05:30
|
|
|
expect_next_instance_of(Project) do |instance|
|
|
|
|
expect(instance).to receive(:create_repository)
|
|
|
|
end
|
2015-04-26 12:48:37 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
project = create_project(user, opts)
|
|
|
|
expect(project).to be_valid
|
|
|
|
expect(project.owner).to eq(user)
|
|
|
|
expect(project.namespace).to eq(user.namespace)
|
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
|
|
|
|
context 'when another repository already exists on disk' do
|
|
|
|
let(:opts) do
|
|
|
|
{
|
|
|
|
name: 'Existing',
|
|
|
|
namespace_id: user.namespace.id
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
context 'with legacy storage' do
|
2020-04-08 14:13:33 +05:30
|
|
|
let(:fake_repo_path) { File.join(TestEnv.repos_path, user.namespace.full_path, 'existing.git') }
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
before do
|
2019-09-04 21:01:54 +05:30
|
|
|
stub_application_setting(hashed_storage_enabled: false)
|
2020-04-08 14:13:33 +05:30
|
|
|
TestEnv.create_bare_repository(fake_repo_path)
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
after do
|
2020-04-08 14:13:33 +05:30
|
|
|
FileUtils.rm_rf(fake_repo_path)
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
it 'does not allow to create a project when path matches existing repository on disk' do
|
|
|
|
project = create_project(user, opts)
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(project).not_to be_persisted
|
|
|
|
expect(project).to respond_to(:errors)
|
|
|
|
expect(project.errors.messages).to have_key(:base)
|
|
|
|
expect(project.errors.messages[:base].first).to match('There is already a repository with that name on disk')
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not allow to import project when path matches existing repository on disk' do
|
|
|
|
project = create_project(user, opts.merge({ import_url: 'https://gitlab.com/gitlab-org/gitlab-test.git' }))
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(project).not_to be_persisted
|
|
|
|
expect(project).to respond_to(:errors)
|
|
|
|
expect(project.errors.messages).to have_key(:base)
|
|
|
|
expect(project.errors.messages[:base].first).to match('There is already a repository with that name on disk')
|
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
end
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
context 'with hashed storage' do
|
|
|
|
let(:hash) { '6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b' }
|
|
|
|
let(:hashed_path) { '@hashed/6b/86/6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b' }
|
2020-04-08 14:13:33 +05:30
|
|
|
let(:fake_repo_path) { File.join(TestEnv.repos_path, "#{hashed_path}.git") }
|
2018-03-17 18:26:18 +05:30
|
|
|
|
|
|
|
before do
|
|
|
|
allow(Digest::SHA2).to receive(:hexdigest) { hash }
|
2020-04-08 14:13:33 +05:30
|
|
|
TestEnv.create_bare_repository(fake_repo_path)
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
after do
|
2020-04-08 14:13:33 +05:30
|
|
|
FileUtils.rm_rf(fake_repo_path)
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
it 'does not allow to create a project when path matches existing repository on disk' do
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(project).not_to be_persisted
|
|
|
|
expect(project).to respond_to(:errors)
|
|
|
|
expect(project.errors.messages).to have_key(:base)
|
|
|
|
expect(project.errors.messages[:base].first).to match('There is already a repository with that name on disk')
|
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
end
|
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2015-04-26 12:48:37 +05:30
|
|
|
|
2018-11-08 19:23:39 +05:30
|
|
|
context 'when readme initialization is requested' do
|
|
|
|
it 'creates README.md' do
|
|
|
|
opts[:initialize_with_readme] = '1'
|
|
|
|
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(project.repository.commit_count).to be(1)
|
|
|
|
expect(project.repository.readme.name).to eql('README.md')
|
|
|
|
expect(project.repository.readme.data).to include('# GitLab')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'when there is an active service template' do
|
|
|
|
before do
|
2020-04-08 14:13:33 +05:30
|
|
|
create(:prometheus_service, project: nil, template: true, active: true)
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2015-04-26 12:48:37 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
it 'creates a service from this template' do
|
|
|
|
project = create_project(user, opts)
|
2015-09-11 14:41:01 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
expect(project.services.count).to eq 1
|
2020-05-05 14:28:15 +05:30
|
|
|
expect(project.errors).to be_empty
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2015-09-25 12:07:36 +05:30
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
context 'when a bad service template is created' do
|
2018-05-09 12:01:36 +05:30
|
|
|
it 'sets service to be inactive' do
|
2019-12-04 20:38:33 +05:30
|
|
|
opts[:import_url] = 'http://www.gitlab.com/gitlab-org/gitlab-foss'
|
2017-09-10 17:25:29 +05:30
|
|
|
create(:service, type: 'DroneCiService', project: nil, template: true, active: true)
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
project = create_project(user, opts)
|
2018-05-09 12:01:36 +05:30
|
|
|
service = project.services.first
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
expect(project).to be_persisted
|
|
|
|
expect(service.active).to be false
|
2015-09-25 12:07:36 +05:30
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
context 'when skip_disk_validation is used' do
|
|
|
|
it 'sets the project attribute' do
|
|
|
|
opts[:skip_disk_validation] = true
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(project.skip_disk_validation).to be_truthy
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-12-13 13:39:08 +05:30
|
|
|
it 'calls the passed block' do
|
|
|
|
fake_block = double('block')
|
|
|
|
opts[:relations_block] = fake_block
|
|
|
|
|
|
|
|
expect_next_instance_of(Project) do |project|
|
|
|
|
expect(fake_block).to receive(:call).with(project)
|
|
|
|
end
|
|
|
|
|
|
|
|
create_project(user, opts)
|
|
|
|
end
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
it 'writes project full path to .git/config' do
|
|
|
|
project = create_project(user, opts)
|
2018-12-05 23:21:45 +05:30
|
|
|
rugged = rugged_repo(project.repository)
|
2018-03-17 18:26:18 +05:30
|
|
|
|
2018-11-08 19:23:39 +05:30
|
|
|
expect(rugged.config['gitlab.fullpath']).to eq project.full_path
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
|
|
|
|
2020-04-08 14:13:33 +05:30
|
|
|
context 'when project has access to shared service' do
|
|
|
|
context 'Prometheus application is shared via group cluster' do
|
|
|
|
let(:cluster) { create(:cluster, :group, groups: [group]) }
|
|
|
|
let(:group) do
|
|
|
|
create(:group).tap do |group|
|
|
|
|
group.add_owner(user)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
before do
|
|
|
|
create(:clusters_applications_prometheus, :installed, cluster: cluster)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates PrometheusService record', :aggregate_failures do
|
|
|
|
project = create_project(user, opts.merge!(namespace_id: group.id))
|
|
|
|
service = project.prometheus_service
|
|
|
|
|
|
|
|
expect(service.active).to be true
|
|
|
|
expect(service.manual_configuration?).to be false
|
|
|
|
expect(service.persisted?).to be true
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'Prometheus application is shared via instance cluster' do
|
|
|
|
let(:cluster) { create(:cluster, :instance) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
create(:clusters_applications_prometheus, :installed, cluster: cluster)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates PrometheusService record', :aggregate_failures do
|
|
|
|
project = create_project(user, opts)
|
|
|
|
service = project.prometheus_service
|
|
|
|
|
|
|
|
expect(service.active).to be true
|
|
|
|
expect(service.manual_configuration?).to be false
|
|
|
|
expect(service.persisted?).to be true
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'cleans invalid record and logs warning', :aggregate_failures do
|
|
|
|
invalid_service_record = build(:prometheus_service, properties: { api_url: nil, manual_configuration: true }.to_json)
|
|
|
|
allow_next_instance_of(Project) do |instance|
|
|
|
|
allow(instance).to receive(:build_prometheus_service).and_return(invalid_service_record)
|
|
|
|
end
|
|
|
|
|
|
|
|
expect(Gitlab::ErrorTracking).to receive(:track_exception).with(an_instance_of(ActiveRecord::RecordInvalid), include(extra: { project_id: a_kind_of(Integer) }))
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(project.prometheus_service).to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'shared Prometheus application is not available' do
|
|
|
|
it 'does not persist PrometheusService record', :aggregate_failures do
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(project.prometheus_service).to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-07-07 11:18:12 +05:30
|
|
|
context 'with external authorization enabled' do
|
|
|
|
before do
|
|
|
|
enable_external_authorization_service_check
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not save the project with an error if the service denies access' do
|
|
|
|
expect(::Gitlab::ExternalAuthorization)
|
|
|
|
.to receive(:access_allowed?).with(user, 'new-label', any_args) { false }
|
|
|
|
|
|
|
|
project = create_project(user, opts.merge({ external_authorization_classification_label: 'new-label' }))
|
|
|
|
|
|
|
|
expect(project.errors[:external_authorization_classification_label]).to be_present
|
|
|
|
expect(project).not_to be_persisted
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'saves the project when the user has access to the label' do
|
|
|
|
expect(::Gitlab::ExternalAuthorization)
|
|
|
|
.to receive(:access_allowed?).with(user, 'new-label', any_args) { true }
|
|
|
|
|
|
|
|
project = create_project(user, opts.merge({ external_authorization_classification_label: 'new-label' }))
|
|
|
|
|
|
|
|
expect(project).to be_persisted
|
|
|
|
expect(project.external_authorization_classification_label).to eq('new-label')
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not save the project when the user has no access to the default label and no label is provided' do
|
|
|
|
expect(::Gitlab::ExternalAuthorization)
|
|
|
|
.to receive(:access_allowed?).with(user, 'default_label', any_args) { false }
|
|
|
|
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(project.errors[:external_authorization_classification_label]).to be_present
|
|
|
|
expect(project).not_to be_persisted
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
it_behaves_like 'measurable service' do
|
|
|
|
before do
|
|
|
|
opts.merge!(
|
|
|
|
current_user: user,
|
|
|
|
path: 'foo'
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
|
|
|
let(:base_log_data) do
|
|
|
|
{
|
|
|
|
class: Projects::CreateService.name,
|
|
|
|
current_user: user.name,
|
|
|
|
project_full_path: "#{user.namespace.full_path}/#{opts[:path]}"
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
after do
|
|
|
|
create_project(user, opts)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with specialized_project_authorization_workers' do
|
|
|
|
let_it_be(:other_user) { create(:user) }
|
|
|
|
let_it_be(:group) { create(:group) }
|
|
|
|
|
|
|
|
let(:opts) do
|
|
|
|
{
|
|
|
|
name: 'GitLab',
|
|
|
|
namespace_id: group.id
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
before do
|
|
|
|
group.add_maintainer(user)
|
|
|
|
group.add_developer(other_user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'updates authorization for current_user' do
|
|
|
|
expect(Users::RefreshAuthorizedProjectsService).to(
|
|
|
|
receive(:new).with(user).and_call_original
|
|
|
|
)
|
|
|
|
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(
|
|
|
|
Ability.allowed?(user, :read_project, project)
|
|
|
|
).to be_truthy
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'schedules authorization update for users with access to group' do
|
|
|
|
expect(AuthorizedProjectsWorker).not_to(
|
|
|
|
receive(:bulk_perform_async)
|
|
|
|
)
|
|
|
|
expect(AuthorizedProjectUpdate::ProjectCreateWorker).to(
|
|
|
|
receive(:perform_async).and_call_original
|
|
|
|
)
|
|
|
|
expect(AuthorizedProjectUpdate::UserRefreshWithLowUrgencyWorker).to(
|
|
|
|
receive(:bulk_perform_in)
|
|
|
|
.with(1.hour, array_including([user.id], [other_user.id]))
|
|
|
|
.and_call_original
|
|
|
|
)
|
|
|
|
|
|
|
|
create_project(user, opts)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when feature is disabled' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(specialized_project_authorization_workers: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'updates authorization for current_user' do
|
|
|
|
expect(Users::RefreshAuthorizedProjectsService).to(
|
|
|
|
receive(:new).with(user).and_call_original
|
|
|
|
)
|
|
|
|
|
|
|
|
project = create_project(user, opts)
|
|
|
|
|
|
|
|
expect(
|
|
|
|
Ability.allowed?(user, :read_project, project)
|
|
|
|
).to be_truthy
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'uses AuthorizedProjectsWorker' do
|
|
|
|
expect(AuthorizedProjectsWorker).to(
|
|
|
|
receive(:bulk_perform_async).with(array_including([user.id], [other_user.id])).and_call_original
|
|
|
|
)
|
|
|
|
expect(AuthorizedProjectUpdate::ProjectCreateWorker).not_to(
|
|
|
|
receive(:perform_async)
|
|
|
|
)
|
|
|
|
expect(AuthorizedProjectUpdate::UserRefreshWithLowUrgencyWorker).not_to(
|
|
|
|
receive(:bulk_perform_in)
|
|
|
|
)
|
|
|
|
|
|
|
|
create_project(user, opts)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
def create_project(user, opts)
|
|
|
|
Projects::CreateService.new(user, opts).execute
|
|
|
|
end
|
|
|
|
end
|