140 lines
4.8 KiB
Ruby
140 lines
4.8 KiB
Ruby
|
# frozen_string_literal: true
|
||
|
|
||
|
require 'spec_helper'
|
||
|
|
||
|
RSpec.describe API::RubygemPackages do
|
||
|
using RSpec::Parameterized::TableSyntax
|
||
|
|
||
|
let_it_be(:project) { create(:project) }
|
||
|
let_it_be(:personal_access_token) { create(:personal_access_token) }
|
||
|
let_it_be(:user) { personal_access_token.user }
|
||
|
let_it_be(:job) { create(:ci_build, :running, user: user) }
|
||
|
let_it_be(:deploy_token) { create(:deploy_token, read_package_registry: true, write_package_registry: true) }
|
||
|
let_it_be(:project_deploy_token) { create(:project_deploy_token, deploy_token: deploy_token, project: project) }
|
||
|
let_it_be(:headers) { {} }
|
||
|
|
||
|
shared_examples 'when feature flag is disabled' do
|
||
|
let(:headers) do
|
||
|
{ 'HTTP_AUTHORIZATION' => personal_access_token.token }
|
||
|
end
|
||
|
|
||
|
before do
|
||
|
stub_feature_flags(rubygem_packages: false)
|
||
|
end
|
||
|
|
||
|
it_behaves_like 'returning response status', :not_found
|
||
|
end
|
||
|
|
||
|
shared_examples 'when package feature is disabled' do
|
||
|
before do
|
||
|
stub_config(packages: { enabled: false })
|
||
|
end
|
||
|
|
||
|
it_behaves_like 'returning response status', :not_found
|
||
|
end
|
||
|
|
||
|
shared_examples 'without authentication' do
|
||
|
it_behaves_like 'returning response status', :unauthorized
|
||
|
end
|
||
|
|
||
|
shared_examples 'with authentication' do
|
||
|
let(:headers) do
|
||
|
{ 'HTTP_AUTHORIZATION' => token }
|
||
|
end
|
||
|
|
||
|
let(:tokens) do
|
||
|
{
|
||
|
personal_access_token: personal_access_token.token,
|
||
|
deploy_token: deploy_token.token,
|
||
|
job_token: job.token
|
||
|
}
|
||
|
end
|
||
|
|
||
|
where(:user_role, :token_type, :valid_token, :status) do
|
||
|
:guest | :personal_access_token | true | :not_found
|
||
|
:guest | :personal_access_token | false | :unauthorized
|
||
|
:guest | :deploy_token | true | :not_found
|
||
|
:guest | :deploy_token | false | :unauthorized
|
||
|
:guest | :job_token | true | :not_found
|
||
|
:guest | :job_token | false | :unauthorized
|
||
|
:reporter | :personal_access_token | true | :not_found
|
||
|
:reporter | :personal_access_token | false | :unauthorized
|
||
|
:reporter | :deploy_token | true | :not_found
|
||
|
:reporter | :deploy_token | false | :unauthorized
|
||
|
:reporter | :job_token | true | :not_found
|
||
|
:reporter | :job_token | false | :unauthorized
|
||
|
:developer | :personal_access_token | true | :not_found
|
||
|
:developer | :personal_access_token | false | :unauthorized
|
||
|
:developer | :deploy_token | true | :not_found
|
||
|
:developer | :deploy_token | false | :unauthorized
|
||
|
:developer | :job_token | true | :not_found
|
||
|
:developer | :job_token | false | :unauthorized
|
||
|
end
|
||
|
|
||
|
with_them do
|
||
|
before do
|
||
|
project.send("add_#{user_role}", user) unless user_role == :anonymous
|
||
|
end
|
||
|
|
||
|
let(:token) { valid_token ? tokens[token_type] : 'invalid-token123' }
|
||
|
|
||
|
it_behaves_like 'returning response status', params[:status]
|
||
|
end
|
||
|
end
|
||
|
|
||
|
shared_examples 'an unimplemented route' do
|
||
|
it_behaves_like 'without authentication'
|
||
|
it_behaves_like 'with authentication'
|
||
|
it_behaves_like 'when feature flag is disabled'
|
||
|
it_behaves_like 'when package feature is disabled'
|
||
|
end
|
||
|
|
||
|
describe 'GET /api/v4/projects/:project_id/packages/rubygems/:filename' do
|
||
|
let(:url) { api("/projects/#{project.id}/packages/rubygems/specs.4.8.gz") }
|
||
|
|
||
|
subject { get(url, headers: headers) }
|
||
|
|
||
|
it_behaves_like 'an unimplemented route'
|
||
|
end
|
||
|
|
||
|
describe 'GET /api/v4/projects/:project_id/packages/rubygems/quick/Marshal.4.8/:file_name' do
|
||
|
let(:url) { api("/projects/#{project.id}/packages/rubygems/quick/Marshal.4.8/my_gem-1.0.0.gemspec.rz") }
|
||
|
|
||
|
subject { get(url, headers: headers) }
|
||
|
|
||
|
it_behaves_like 'an unimplemented route'
|
||
|
end
|
||
|
|
||
|
describe 'GET /api/v4/projects/:project_id/packages/rubygems/gems/:file_name' do
|
||
|
let(:url) { api("/projects/#{project.id}/packages/rubygems/gems/my_gem-1.0.0.gem") }
|
||
|
|
||
|
subject { get(url, headers: headers) }
|
||
|
|
||
|
it_behaves_like 'an unimplemented route'
|
||
|
end
|
||
|
|
||
|
describe 'POST /api/v4/projects/:project_id/packages/rubygems/api/v1/gems/authorize' do
|
||
|
let(:url) { api("/projects/#{project.id}/packages/rubygems/api/v1/gems/authorize") }
|
||
|
|
||
|
subject { post(url, headers: headers) }
|
||
|
|
||
|
it_behaves_like 'an unimplemented route'
|
||
|
end
|
||
|
|
||
|
describe 'POST /api/v4/projects/:project_id/packages/rubygems/api/v1/gems' do
|
||
|
let(:url) { api("/projects/#{project.id}/packages/rubygems/api/v1/gems") }
|
||
|
|
||
|
subject { post(url, headers: headers) }
|
||
|
|
||
|
it_behaves_like 'an unimplemented route'
|
||
|
end
|
||
|
|
||
|
describe 'GET /api/v4/projects/:project_id/packages/rubygems/api/v1/dependencies' do
|
||
|
let(:url) { api("/projects/#{project.id}/packages/rubygems/api/v1/dependencies") }
|
||
|
|
||
|
subject { get(url, headers: headers) }
|
||
|
|
||
|
it_behaves_like 'an unimplemented route'
|
||
|
end
|
||
|
end
|