debian-mirror-gitlab/spec/requests/ide_controller_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

295 lines
9 KiB
Ruby
Raw Normal View History

2019-10-12 21:52:04 +05:30
# frozen_string_literal: true
require 'spec_helper'
2023-03-04 22:38:38 +05:30
RSpec.describe IdeController, feature_category: :web_ide do
2022-11-25 23:54:43 +05:30
using RSpec::Parameterized::TableSyntax
2021-07-02 01:05:55 +05:30
let_it_be(:reporter) { create(:user) }
let_it_be(:project) do
create(:project, :private).tap do |p|
p.add_reporter(reporter)
end
end
2021-04-17 20:07:23 +05:30
let_it_be(:creator) { project.creator }
let_it_be(:other_user) { create(:user) }
2022-11-25 23:54:43 +05:30
let_it_be(:top_nav_partial) { 'layouts/header/_default' }
2021-04-17 20:07:23 +05:30
let(:user) { creator }
2021-04-29 21:17:54 +05:30
let(:branch) { '' }
2019-10-12 21:52:04 +05:30
2023-03-04 22:38:38 +05:30
def find_csp_frame_src
csp = response.headers['Content-Security-Policy']
# Transform "frame-src foo bar; connect-src foo bar; script-src ..."
# into array of connect-src values
csp.split(';')
.map(&:strip)
.find { |entry| entry.starts_with?('frame-src') }
.split(' ')
.drop(1)
end
2019-10-12 21:52:04 +05:30
before do
2023-03-04 22:38:38 +05:30
stub_feature_flags(vscode_web_ide: true)
2019-10-12 21:52:04 +05:30
sign_in(user)
end
2021-04-17 20:07:23 +05:30
describe '#index', :aggregate_failures do
subject { get route }
2021-07-02 01:05:55 +05:30
shared_examples 'user access rights check' do
context 'user can read project' do
it 'increases the views counter' do
expect(Gitlab::UsageDataCounters::WebIdeCounter).to receive(:increment_views_count)
2021-04-17 20:07:23 +05:30
subject
2021-04-29 21:17:54 +05:30
end
2021-07-02 01:05:55 +05:30
context 'user can read project but cannot push code' do
include ProjectForksHelper
2021-04-29 21:17:54 +05:30
2021-07-02 01:05:55 +05:30
let(:user) { reporter }
2021-04-29 21:17:54 +05:30
2021-07-02 01:05:55 +05:30
context 'when user does not have fork' do
it 'instantiates fork_info instance var with fork_path and returns 200' do
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
expect(assigns(:fork_info)).to eq({ fork_path: controller.helpers.ide_fork_and_edit_path(project, branch, '', with_notice: false) })
end
it 'has nil fork_info if user cannot fork' do
project.project_feature.update!(forking_access_level: ProjectFeature::DISABLED)
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:fork_info)).to be_nil
end
end
context 'when user has fork' do
let!(:fork) { fork_project(project, user, repository: true, namespace: user.namespace) }
it 'instantiates fork_info instance var with ide_path and returns 200' do
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
expect(assigns(:fork_info)).to eq({ ide_path: controller.helpers.ide_edit_path(fork, branch, '') })
end
end
2021-04-17 20:07:23 +05:30
end
end
2021-07-02 01:05:55 +05:30
context 'user cannot read project' do
let(:user) { other_user }
2021-04-17 20:07:23 +05:30
2021-07-02 01:05:55 +05:30
it 'returns 404' do
2021-04-17 20:07:23 +05:30
subject
2021-07-02 01:05:55 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2021-04-17 20:07:23 +05:30
end
end
end
context '/-/ide' do
let(:route) { '/-/ide' }
2021-07-02 01:05:55 +05:30
it 'returns 404' do
2021-04-17 20:07:23 +05:30
subject
2021-07-02 01:05:55 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2021-04-17 20:07:23 +05:30
end
end
context '/-/ide/project' do
let(:route) { '/-/ide/project' }
2021-07-02 01:05:55 +05:30
it 'returns 404' do
2021-04-17 20:07:23 +05:30
subject
2021-07-02 01:05:55 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2021-04-17 20:07:23 +05:30
end
end
context '/-/ide/project/:project' do
let(:route) { "/-/ide/project/#{project.full_path}" }
2021-07-02 01:05:55 +05:30
it 'instantiates project instance var and returns 200' do
2021-04-17 20:07:23 +05:30
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
expect(assigns(:branch)).to be_nil
expect(assigns(:path)).to be_nil
expect(assigns(:merge_request)).to be_nil
2021-04-29 21:17:54 +05:30
expect(assigns(:fork_info)).to be_nil
2021-04-17 20:07:23 +05:30
end
2021-07-02 01:05:55 +05:30
it_behaves_like 'user access rights check'
2021-04-17 20:07:23 +05:30
%w(edit blob tree).each do |action|
context "/-/ide/project/:project/#{action}" do
let(:route) { "/-/ide/project/#{project.full_path}/#{action}" }
2021-07-02 01:05:55 +05:30
it 'instantiates project instance var and returns 200' do
2021-04-17 20:07:23 +05:30
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
expect(assigns(:branch)).to be_nil
expect(assigns(:path)).to be_nil
expect(assigns(:merge_request)).to be_nil
2021-04-29 21:17:54 +05:30
expect(assigns(:fork_info)).to be_nil
2021-04-17 20:07:23 +05:30
end
2021-07-02 01:05:55 +05:30
it_behaves_like 'user access rights check'
2021-04-17 20:07:23 +05:30
context "/-/ide/project/:project/#{action}/:branch" do
2021-04-29 21:17:54 +05:30
let(:branch) { 'master' }
let(:route) { "/-/ide/project/#{project.full_path}/#{action}/#{branch}" }
2021-04-17 20:07:23 +05:30
2021-07-02 01:05:55 +05:30
it 'instantiates project and branch instance vars and returns 200' do
2021-04-17 20:07:23 +05:30
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
2021-04-29 21:17:54 +05:30
expect(assigns(:branch)).to eq branch
2021-04-17 20:07:23 +05:30
expect(assigns(:path)).to be_nil
expect(assigns(:merge_request)).to be_nil
2021-04-29 21:17:54 +05:30
expect(assigns(:fork_info)).to be_nil
2021-04-17 20:07:23 +05:30
end
2021-07-02 01:05:55 +05:30
it_behaves_like 'user access rights check'
2021-04-17 20:07:23 +05:30
context "/-/ide/project/:project/#{action}/:branch/-" do
2021-04-29 21:17:54 +05:30
let(:branch) { 'branch/slash' }
let(:route) { "/-/ide/project/#{project.full_path}/#{action}/#{branch}/-" }
2021-04-17 20:07:23 +05:30
2021-07-02 01:05:55 +05:30
it 'instantiates project and branch instance vars and returns 200' do
2021-04-17 20:07:23 +05:30
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
2021-04-29 21:17:54 +05:30
expect(assigns(:branch)).to eq branch
2021-04-17 20:07:23 +05:30
expect(assigns(:path)).to be_nil
expect(assigns(:merge_request)).to be_nil
2021-04-29 21:17:54 +05:30
expect(assigns(:fork_info)).to be_nil
2021-04-17 20:07:23 +05:30
end
2021-07-02 01:05:55 +05:30
it_behaves_like 'user access rights check'
2021-04-17 20:07:23 +05:30
context "/-/ide/project/:project/#{action}/:branch/-/:path" do
2021-04-29 21:17:54 +05:30
let(:branch) { 'master' }
let(:route) { "/-/ide/project/#{project.full_path}/#{action}/#{branch}/-/foo/.bar" }
2021-04-17 20:07:23 +05:30
2021-07-02 01:05:55 +05:30
it 'instantiates project, branch, and path instance vars and returns 200' do
2021-04-17 20:07:23 +05:30
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
2021-04-29 21:17:54 +05:30
expect(assigns(:branch)).to eq branch
2021-04-17 20:07:23 +05:30
expect(assigns(:path)).to eq 'foo/.bar'
expect(assigns(:merge_request)).to be_nil
2021-04-29 21:17:54 +05:30
expect(assigns(:fork_info)).to be_nil
2021-04-17 20:07:23 +05:30
end
2021-07-02 01:05:55 +05:30
it_behaves_like 'user access rights check'
2021-04-17 20:07:23 +05:30
end
end
end
end
end
context '/-/ide/project/:project/merge_requests/:merge_request_id' do
let!(:merge_request) { create(:merge_request, source_project: project, target_project: project) }
let(:route) { "/-/ide/project/#{project.full_path}/merge_requests/#{merge_request.id}" }
2021-07-02 01:05:55 +05:30
it 'instantiates project and merge_request instance vars and returns 200' do
2021-04-17 20:07:23 +05:30
subject
expect(response).to have_gitlab_http_status(:ok)
expect(assigns(:project)).to eq project
expect(assigns(:branch)).to be_nil
expect(assigns(:path)).to be_nil
expect(assigns(:merge_request)).to eq merge_request.id.to_s
2021-04-29 21:17:54 +05:30
expect(assigns(:fork_info)).to be_nil
2021-04-17 20:07:23 +05:30
end
2021-07-02 01:05:55 +05:30
it_behaves_like 'user access rights check'
2021-04-17 20:07:23 +05:30
end
2022-07-23 23:45:48 +05:30
describe 'Snowplow view event', :snowplow do
it 'is tracked' do
subject
expect_snowplow_event(
category: described_class.to_s,
action: 'web_ide_views',
namespace: project.namespace,
user: user
)
end
context 'when route_hll_to_snowplow_phase2 FF is disabled' do
before do
stub_feature_flags(route_hll_to_snowplow_phase2: false)
end
it 'does not track Snowplow event' do
subject
expect_no_snowplow_event
end
end
end
2022-11-25 23:54:43 +05:30
# This indirectly tests that `minimal: true` was passed to the fullscreen layout
describe 'layout' do
where(:ff_state, :use_legacy_web_ide, :expect_top_nav) do
false | false | true
false | true | true
true | true | true
true | false | false
end
with_them do
before do
stub_feature_flags(vscode_web_ide: ff_state)
allow(user).to receive(:use_legacy_web_ide).and_return(use_legacy_web_ide)
subject
end
it 'handles rendering top nav' do
if expect_top_nav
expect(response).to render_template(top_nav_partial)
else
expect(response).not_to render_template(top_nav_partial)
end
end
end
end
2021-04-17 20:07:23 +05:30
end
2023-03-04 22:38:38 +05:30
describe 'frame-src content security policy' do
let(:route) { '/-/ide' }
before do
subject
end
it 'adds https://*.vscode-cdn.net in frame-src CSP policy' do
expect(find_csp_frame_src).to include("https://*.vscode-cdn.net/")
end
end
2021-04-17 20:07:23 +05:30
end
2019-10-12 21:52:04 +05:30
end