debian-mirror-gitlab/spec/requests/api/project_hooks_spec.rb

233 lines
9.7 KiB
Ruby
Raw Normal View History

2019-12-26 22:10:19 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
require 'spec_helper'
2017-08-17 22:00:37 +05:30
describe API::ProjectHooks, 'ProjectHooks' do
2014-09-02 18:07:02 +05:30
let(:user) { create(:user) }
let(:user3) { create(:user) }
2017-09-10 17:25:29 +05:30
let!(:project) { create(:project, creator_id: user.id, namespace: user.namespace) }
2015-12-23 02:04:40 +05:30
let!(:hook) do
create(:project_hook,
2016-09-13 17:45:13 +05:30
:all_events_enabled,
project: project,
url: 'http://example.com',
2018-11-20 20:47:30 +05:30
enable_ssl_verification: true,
push_events_branch_filter: 'master')
2015-12-23 02:04:40 +05:30
end
2014-09-02 18:07:02 +05:30
before do
2018-11-18 11:00:15 +05:30
project.add_maintainer(user)
2018-03-17 18:26:18 +05:30
project.add_developer(user3)
2014-09-02 18:07:02 +05:30
end
describe "GET /projects/:id/hooks" do
context "authorized user" do
2016-09-13 17:45:13 +05:30
it "returns project hooks" do
2014-09-02 18:07:02 +05:30
get api("/projects/#{project.id}/hooks", user)
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:ok)
2015-04-26 12:48:37 +05:30
expect(json_response).to be_an Array
2017-08-17 22:00:37 +05:30
expect(response).to include_pagination_headers
2015-04-26 12:48:37 +05:30
expect(json_response.count).to eq(1)
expect(json_response.first['url']).to eq("http://example.com")
2015-10-24 18:46:33 +05:30
expect(json_response.first['issues_events']).to eq(true)
2018-03-27 19:54:05 +05:30
expect(json_response.first['confidential_issues_events']).to eq(true)
2015-10-24 18:46:33 +05:30
expect(json_response.first['push_events']).to eq(true)
expect(json_response.first['merge_requests_events']).to eq(true)
expect(json_response.first['tag_push_events']).to eq(true)
expect(json_response.first['note_events']).to eq(true)
2018-04-05 14:03:07 +05:30
expect(json_response.first['confidential_note_events']).to eq(true)
2017-08-17 22:00:37 +05:30
expect(json_response.first['job_events']).to eq(true)
2016-09-13 17:45:13 +05:30
expect(json_response.first['pipeline_events']).to eq(true)
2016-09-29 09:46:39 +05:30
expect(json_response.first['wiki_page_events']).to eq(true)
2015-10-24 18:46:33 +05:30
expect(json_response.first['enable_ssl_verification']).to eq(true)
2018-11-20 20:47:30 +05:30
expect(json_response.first['push_events_branch_filter']).to eq('master')
2014-09-02 18:07:02 +05:30
end
end
context "unauthorized user" do
2016-09-13 17:45:13 +05:30
it "does not access project hooks" do
2014-09-02 18:07:02 +05:30
get api("/projects/#{project.id}/hooks", user3)
2017-08-17 22:00:37 +05:30
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:forbidden)
2014-09-02 18:07:02 +05:30
end
end
end
describe "GET /projects/:id/hooks/:hook_id" do
context "authorized user" do
2016-09-13 17:45:13 +05:30
it "returns a project hook" do
2014-09-02 18:07:02 +05:30
get api("/projects/#{project.id}/hooks/#{hook.id}", user)
2017-08-17 22:00:37 +05:30
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:ok)
2015-04-26 12:48:37 +05:30
expect(json_response['url']).to eq(hook.url)
2015-10-24 18:46:33 +05:30
expect(json_response['issues_events']).to eq(hook.issues_events)
2018-03-27 19:54:05 +05:30
expect(json_response['confidential_issues_events']).to eq(hook.confidential_issues_events)
2015-10-24 18:46:33 +05:30
expect(json_response['push_events']).to eq(hook.push_events)
expect(json_response['merge_requests_events']).to eq(hook.merge_requests_events)
expect(json_response['tag_push_events']).to eq(hook.tag_push_events)
expect(json_response['note_events']).to eq(hook.note_events)
2018-04-05 14:03:07 +05:30
expect(json_response['confidential_note_events']).to eq(hook.confidential_note_events)
2017-09-10 17:25:29 +05:30
expect(json_response['job_events']).to eq(hook.job_events)
2016-09-29 09:46:39 +05:30
expect(json_response['pipeline_events']).to eq(hook.pipeline_events)
expect(json_response['wiki_page_events']).to eq(hook.wiki_page_events)
2015-10-24 18:46:33 +05:30
expect(json_response['enable_ssl_verification']).to eq(hook.enable_ssl_verification)
2014-09-02 18:07:02 +05:30
end
2016-09-13 17:45:13 +05:30
it "returns a 404 error if hook id is not available" do
2014-09-02 18:07:02 +05:30
get api("/projects/#{project.id}/hooks/1234", user)
2017-08-17 22:00:37 +05:30
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2014-09-02 18:07:02 +05:30
end
end
context "unauthorized user" do
2016-09-13 17:45:13 +05:30
it "does not access an existing hook" do
2014-09-02 18:07:02 +05:30
get api("/projects/#{project.id}/hooks/#{hook.id}", user3)
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:forbidden)
2014-09-02 18:07:02 +05:30
end
end
end
describe "POST /projects/:id/hooks" do
2016-09-13 17:45:13 +05:30
it "adds hook to project" do
2015-09-11 14:41:01 +05:30
expect do
2017-08-17 22:00:37 +05:30
post api("/projects/#{project.id}/hooks", user),
2019-02-15 15:39:39 +05:30
params: { url: "http://example.com", issues_events: true, confidential_issues_events: true, wiki_page_events: true, job_events: true, push_events_branch_filter: 'some-feature-branch' }
2015-09-11 14:41:01 +05:30
end.to change {project.hooks.count}.by(1)
2017-08-17 22:00:37 +05:30
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:created)
2015-10-24 18:46:33 +05:30
expect(json_response['url']).to eq('http://example.com')
expect(json_response['issues_events']).to eq(true)
2018-03-27 19:54:05 +05:30
expect(json_response['confidential_issues_events']).to eq(true)
2015-10-24 18:46:33 +05:30
expect(json_response['push_events']).to eq(true)
expect(json_response['merge_requests_events']).to eq(false)
expect(json_response['tag_push_events']).to eq(false)
expect(json_response['note_events']).to eq(false)
2018-04-05 14:03:07 +05:30
expect(json_response['confidential_note_events']).to eq(nil)
2017-08-17 22:00:37 +05:30
expect(json_response['job_events']).to eq(true)
2016-09-13 17:45:13 +05:30
expect(json_response['pipeline_events']).to eq(false)
2017-08-17 22:00:37 +05:30
expect(json_response['wiki_page_events']).to eq(true)
2015-10-24 18:46:33 +05:30
expect(json_response['enable_ssl_verification']).to eq(true)
2018-11-20 20:47:30 +05:30
expect(json_response['push_events_branch_filter']).to eq('some-feature-branch')
2017-08-17 22:00:37 +05:30
expect(json_response).not_to include('token')
end
it "adds the token without including it in the response" do
token = "secret token"
expect do
2019-02-15 15:39:39 +05:30
post api("/projects/#{project.id}/hooks", user), params: { url: "http://example.com", token: token }
2017-08-17 22:00:37 +05:30
end.to change {project.hooks.count}.by(1)
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:created)
2017-08-17 22:00:37 +05:30
expect(json_response["url"]).to eq("http://example.com")
expect(json_response).not_to include("token")
hook = project.hooks.find(json_response["id"])
expect(hook.url).to eq("http://example.com")
expect(hook.token).to eq(token)
2014-09-02 18:07:02 +05:30
end
2016-09-13 17:45:13 +05:30
it "returns a 400 error if url not given" do
2014-09-02 18:07:02 +05:30
post api("/projects/#{project.id}/hooks", user)
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:bad_request)
2014-09-02 18:07:02 +05:30
end
2016-09-13 17:45:13 +05:30
it "returns a 422 error if url not valid" do
2019-02-15 15:39:39 +05:30
post api("/projects/#{project.id}/hooks", user), params: { url: "ftp://example.com" }
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:unprocessable_entity)
2018-11-20 20:47:30 +05:30
end
it "returns a 422 error if branch filter is not valid" do
2019-02-15 15:39:39 +05:30
post api("/projects/#{project.id}/hooks", user), params: { url: "http://example.com", push_events_branch_filter: '~badbranchname/' }
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:unprocessable_entity)
2014-09-02 18:07:02 +05:30
end
end
describe "PUT /projects/:id/hooks/:hook_id" do
2016-09-13 17:45:13 +05:30
it "updates an existing project hook" do
2014-09-02 18:07:02 +05:30
put api("/projects/#{project.id}/hooks/#{hook.id}", user),
2019-02-15 15:39:39 +05:30
params: { url: 'http://example.org', push_events: false, job_events: true }
2017-08-17 22:00:37 +05:30
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:ok)
2015-04-26 12:48:37 +05:30
expect(json_response['url']).to eq('http://example.org')
2015-10-24 18:46:33 +05:30
expect(json_response['issues_events']).to eq(hook.issues_events)
2018-03-27 19:54:05 +05:30
expect(json_response['confidential_issues_events']).to eq(hook.confidential_issues_events)
2015-10-24 18:46:33 +05:30
expect(json_response['push_events']).to eq(false)
expect(json_response['merge_requests_events']).to eq(hook.merge_requests_events)
expect(json_response['tag_push_events']).to eq(hook.tag_push_events)
expect(json_response['note_events']).to eq(hook.note_events)
2018-04-05 14:03:07 +05:30
expect(json_response['confidential_note_events']).to eq(hook.confidential_note_events)
2017-09-10 17:25:29 +05:30
expect(json_response['job_events']).to eq(hook.job_events)
2016-09-29 09:46:39 +05:30
expect(json_response['pipeline_events']).to eq(hook.pipeline_events)
expect(json_response['wiki_page_events']).to eq(hook.wiki_page_events)
2015-10-24 18:46:33 +05:30
expect(json_response['enable_ssl_verification']).to eq(hook.enable_ssl_verification)
2014-09-02 18:07:02 +05:30
end
2017-08-17 22:00:37 +05:30
it "adds the token without including it in the response" do
token = "secret token"
2019-02-15 15:39:39 +05:30
put api("/projects/#{project.id}/hooks/#{hook.id}", user), params: { url: "http://example.org", token: token }
2017-08-17 22:00:37 +05:30
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:ok)
2017-08-17 22:00:37 +05:30
expect(json_response["url"]).to eq("http://example.org")
expect(json_response).not_to include("token")
expect(hook.reload.url).to eq("http://example.org")
expect(hook.reload.token).to eq(token)
end
2016-09-13 17:45:13 +05:30
it "returns 404 error if hook id not found" do
2019-02-15 15:39:39 +05:30
put api("/projects/#{project.id}/hooks/1234", user), params: { url: 'http://example.org' }
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2014-09-02 18:07:02 +05:30
end
2016-09-13 17:45:13 +05:30
it "returns 400 error if url is not given" do
2014-09-02 18:07:02 +05:30
put api("/projects/#{project.id}/hooks/#{hook.id}", user)
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:bad_request)
2014-09-02 18:07:02 +05:30
end
2016-09-13 17:45:13 +05:30
it "returns a 422 error if url is not valid" do
2019-02-15 15:39:39 +05:30
put api("/projects/#{project.id}/hooks/#{hook.id}", user), params: { url: 'ftp://example.com' }
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:unprocessable_entity)
2014-09-02 18:07:02 +05:30
end
end
describe "DELETE /projects/:id/hooks/:hook_id" do
2016-09-13 17:45:13 +05:30
it "deletes hook from project" do
2015-09-11 14:41:01 +05:30
expect do
2014-09-02 18:07:02 +05:30
delete api("/projects/#{project.id}/hooks/#{hook.id}", user)
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:no_content)
2017-08-17 22:00:37 +05:30
end.to change {project.hooks.count}.by(-1)
2014-09-02 18:07:02 +05:30
end
2016-09-13 17:45:13 +05:30
it "returns a 404 error when deleting non existent hook" do
2014-09-02 18:07:02 +05:30
delete api("/projects/#{project.id}/hooks/42", user)
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2014-09-02 18:07:02 +05:30
end
2016-11-03 12:29:30 +05:30
it "returns a 404 error if hook id not given" do
2014-09-02 18:07:02 +05:30
delete api("/projects/#{project.id}/hooks", user)
2016-11-03 12:29:30 +05:30
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2014-09-02 18:07:02 +05:30
end
2016-06-02 11:05:42 +05:30
2020-03-09 13:42:32 +05:30
it "returns a 404 if a user attempts to delete project hooks they do not own" do
2016-06-02 11:05:42 +05:30
test_user = create(:user)
2017-09-10 17:25:29 +05:30
other_project = create(:project)
2018-11-18 11:00:15 +05:30
other_project.add_maintainer(test_user)
2016-06-02 11:05:42 +05:30
delete api("/projects/#{other_project.id}/hooks/#{hook.id}", test_user)
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2016-06-02 11:05:42 +05:30
expect(WebHook.exists?(hook.id)).to be_truthy
end
2018-03-17 18:26:18 +05:30
it_behaves_like '412 response' do
let(:request) { api("/projects/#{project.id}/hooks/#{hook.id}", user) }
end
2014-09-02 18:07:02 +05:30
end
end