2014-09-02 18:07:02 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
|
2016-06-22 15:30:34 +05:30
|
|
|
describe API::Helpers, api: true do
|
2015-11-26 14:37:03 +05:30
|
|
|
include API::Helpers
|
2014-09-02 18:07:02 +05:30
|
|
|
include ApiHelpers
|
2016-06-22 15:30:34 +05:30
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
let(:user) { create(:user) }
|
|
|
|
|
let(:admin) { create(:admin) }
|
|
|
|
|
let(:key) { create(:key, user: user) }
|
|
|
|
|
|
|
|
|
|
let(:params) { {} }
|
|
|
|
|
let(:env) { {} }
|
|
|
|
|
|
|
|
|
|
def set_env(token_usr, identifier)
|
|
|
|
|
clear_env
|
|
|
|
|
clear_param
|
2015-11-26 14:37:03 +05:30
|
|
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = token_usr.private_token
|
|
|
|
|
env[API::Helpers::SUDO_HEADER] = identifier
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def set_param(token_usr, identifier)
|
|
|
|
|
clear_env
|
|
|
|
|
clear_param
|
2015-11-26 14:37:03 +05:30
|
|
|
params[API::Helpers::PRIVATE_TOKEN_PARAM] = token_usr.private_token
|
|
|
|
|
params[API::Helpers::SUDO_PARAM] = identifier
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def clear_env
|
2015-11-26 14:37:03 +05:30
|
|
|
env.delete(API::Helpers::PRIVATE_TOKEN_HEADER)
|
|
|
|
|
env.delete(API::Helpers::SUDO_HEADER)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def clear_param
|
2015-11-26 14:37:03 +05:30
|
|
|
params.delete(API::Helpers::PRIVATE_TOKEN_PARAM)
|
|
|
|
|
params.delete(API::Helpers::SUDO_PARAM)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def error!(message, status)
|
|
|
|
|
raise Exception
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe ".current_user" do
|
2016-06-22 15:30:34 +05:30
|
|
|
describe "when authenticating using a user's private token" do
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns nil for an invalid token" do
|
2016-06-22 15:30:34 +05:30
|
|
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = 'invalid token'
|
|
|
|
|
allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
|
|
|
|
|
expect(current_user).to be_nil
|
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns nil for a user without access" do
|
2016-06-22 15:30:34 +05:30
|
|
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = user.private_token
|
2016-08-24 12:49:21 +05:30
|
|
|
allow_any_instance_of(Gitlab::UserAccess).to receive(:allowed?).and_return(false)
|
2016-06-22 15:30:34 +05:30
|
|
|
expect(current_user).to be_nil
|
|
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "leaves user as is when sudo not specified" do
|
2016-06-22 15:30:34 +05:30
|
|
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = user.private_token
|
|
|
|
|
expect(current_user).to eq(user)
|
|
|
|
|
clear_env
|
|
|
|
|
params[API::Helpers::PRIVATE_TOKEN_PARAM] = user.private_token
|
|
|
|
|
expect(current_user).to eq(user)
|
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
2016-06-22 15:30:34 +05:30
|
|
|
describe "when authenticating using a user's personal access tokens" do
|
|
|
|
|
let(:personal_access_token) { create(:personal_access_token, user: user) }
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns nil for an invalid token" do
|
2016-06-22 15:30:34 +05:30
|
|
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = 'invalid token'
|
|
|
|
|
allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
|
|
|
|
|
expect(current_user).to be_nil
|
|
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns nil for a user without access" do
|
2016-06-22 15:30:34 +05:30
|
|
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = personal_access_token.token
|
2016-08-24 12:49:21 +05:30
|
|
|
allow_any_instance_of(Gitlab::UserAccess).to receive(:allowed?).and_return(false)
|
2016-06-22 15:30:34 +05:30
|
|
|
expect(current_user).to be_nil
|
|
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "leaves user as is when sudo not specified" do
|
2016-06-22 15:30:34 +05:30
|
|
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = personal_access_token.token
|
|
|
|
|
expect(current_user).to eq(user)
|
|
|
|
|
clear_env
|
|
|
|
|
params[API::Helpers::PRIVATE_TOKEN_PARAM] = personal_access_token.token
|
|
|
|
|
expect(current_user).to eq(user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'does not allow revoked tokens' do
|
|
|
|
|
personal_access_token.revoke!
|
|
|
|
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = personal_access_token.token
|
|
|
|
|
allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
|
|
|
|
|
expect(current_user).to be_nil
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'does not allow expired tokens' do
|
|
|
|
|
personal_access_token.update_attributes!(expires_at: 1.day.ago)
|
|
|
|
|
env[API::Helpers::PRIVATE_TOKEN_HEADER] = personal_access_token.token
|
|
|
|
|
allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
|
|
|
|
|
expect(current_user).to be_nil
|
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "changes current user to sudo when admin" do
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, user.id)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_param(admin, user.id)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, user.username)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_param(admin, user.username)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "throws an error when the current user is not an admin and attempting to sudo" do
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(user, admin.id)
|
2015-09-11 14:41:01 +05:30
|
|
|
expect { current_user }.to raise_error(Exception)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_param(user, admin.id)
|
2015-09-11 14:41:01 +05:30
|
|
|
expect { current_user }.to raise_error(Exception)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(user, admin.username)
|
2015-09-11 14:41:01 +05:30
|
|
|
expect { current_user }.to raise_error(Exception)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_param(user, admin.username)
|
2015-09-11 14:41:01 +05:30
|
|
|
expect { current_user }.to raise_error(Exception)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "throws an error when the user cannot be found for a given id" do
|
2014-09-02 18:07:02 +05:30
|
|
|
id = user.id + admin.id
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(user.id).not_to eq(id)
|
|
|
|
|
expect(admin.id).not_to eq(id)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, id)
|
2015-09-11 14:41:01 +05:30
|
|
|
expect { current_user }.to raise_error(Exception)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
|
|
|
|
set_param(admin, id)
|
2015-09-11 14:41:01 +05:30
|
|
|
expect { current_user }.to raise_error(Exception)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "throws an error when the user cannot be found for a given username" do
|
2014-09-02 18:07:02 +05:30
|
|
|
username = "#{user.username}#{admin.username}"
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(user.username).not_to eq(username)
|
|
|
|
|
expect(admin.username).not_to eq(username)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, username)
|
2015-09-11 14:41:01 +05:30
|
|
|
expect { current_user }.to raise_error(Exception)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
|
|
|
|
set_param(admin, username)
|
2015-09-11 14:41:01 +05:30
|
|
|
expect { current_user }.to raise_error(Exception)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "handles sudo's to oneself" do
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, admin.id)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(admin)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_param(admin, admin.id)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(admin)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, admin.username)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(admin)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_param(admin, admin.username)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(admin)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "handles multiple sudo's to oneself" do
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, user.id)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(user)
|
|
|
|
|
expect(current_user).to eq(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, user.username)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(user)
|
|
|
|
|
expect(current_user).to eq(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
|
|
|
|
set_param(admin, user.id)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(user)
|
|
|
|
|
expect(current_user).to eq(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_param(admin, user.username)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(user)
|
|
|
|
|
expect(current_user).to eq(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "handles multiple sudo's to oneself using string ids" do
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, user.id.to_s)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(user)
|
|
|
|
|
expect(current_user).to eq(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
|
|
|
|
set_param(admin, user.id.to_s)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(current_user).to eq(user)
|
|
|
|
|
expect(current_user).to eq(user)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe '.sudo_identifier' do
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns integers when input is an int" do
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, '123')
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(sudo_identifier).to eq(123)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, '0001234567890')
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(sudo_identifier).to eq(1234567890)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
|
|
|
|
set_param(admin, '123')
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(sudo_identifier).to eq(123)
|
2014-09-02 18:07:02 +05:30
|
|
|
set_param(admin, '0001234567890')
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(sudo_identifier).to eq(1234567890)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns string when input is an is not an int" do
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, '12.30')
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(sudo_identifier).to eq("12.30")
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, 'hello')
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(sudo_identifier).to eq('hello')
|
2014-09-02 18:07:02 +05:30
|
|
|
set_env(admin, ' 123')
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(sudo_identifier).to eq(' 123')
|
2014-09-02 18:07:02 +05:30
|
|
|
|
|
|
|
|
set_param(admin, '12.30')
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(sudo_identifier).to eq("12.30")
|
2014-09-02 18:07:02 +05:30
|
|
|
set_param(admin, 'hello')
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(sudo_identifier).to eq('hello')
|
2014-09-02 18:07:02 +05:30
|
|
|
set_param(admin, ' 123')
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(sudo_identifier).to eq(' 123')
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
end
|
2016-08-24 12:49:21 +05:30
|
|
|
|
|
|
|
|
describe '.to_boolean' do
|
|
|
|
|
it 'converts a valid string to a boolean' do
|
|
|
|
|
expect(to_boolean('true')).to be_truthy
|
|
|
|
|
expect(to_boolean('YeS')).to be_truthy
|
|
|
|
|
expect(to_boolean('t')).to be_truthy
|
|
|
|
|
expect(to_boolean('1')).to be_truthy
|
|
|
|
|
expect(to_boolean('ON')).to be_truthy
|
|
|
|
|
expect(to_boolean('FaLse')).to be_falsy
|
|
|
|
|
expect(to_boolean('F')).to be_falsy
|
|
|
|
|
expect(to_boolean('NO')).to be_falsy
|
|
|
|
|
expect(to_boolean('n')).to be_falsy
|
|
|
|
|
expect(to_boolean('0')).to be_falsy
|
|
|
|
|
expect(to_boolean('oFF')).to be_falsy
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'converts an invalid string to nil' do
|
|
|
|
|
expect(to_boolean('fals')).to be_nil
|
|
|
|
|
expect(to_boolean('yeah')).to be_nil
|
|
|
|
|
expect(to_boolean('')).to be_nil
|
|
|
|
|
expect(to_boolean(nil)).to be_nil
|
|
|
|
|
end
|
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
