2015-04-26 12:48:37 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
describe Gitlab::GitAccessWiki do
|
|
|
|
let(:access) { described_class.new(user, project, 'web', authentication_abilities: authentication_abilities, redirected_path: redirected_path) }
|
2018-03-17 18:26:18 +05:30
|
|
|
let(:project) { create(:project, :wiki_repo) }
|
2015-04-26 12:48:37 +05:30
|
|
|
let(:user) { create(:user) }
|
2018-03-17 18:26:18 +05:30
|
|
|
let(:changes) { ['6f6d7e7ed 570e7b2ab refs/heads/master'] }
|
2017-09-10 17:25:29 +05:30
|
|
|
let(:redirected_path) { nil }
|
2016-09-29 09:46:39 +05:30
|
|
|
let(:authentication_abilities) do
|
|
|
|
[
|
|
|
|
:read_project,
|
|
|
|
:download_code,
|
|
|
|
:push_code
|
|
|
|
]
|
|
|
|
end
|
2015-04-26 12:48:37 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
describe '#push_access_check' do
|
|
|
|
context 'when user can :create_wiki' do
|
|
|
|
before do
|
|
|
|
create(:protected_branch, name: 'master', project: project)
|
|
|
|
project.add_developer(user)
|
|
|
|
end
|
2015-04-26 12:48:37 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
subject { access.check('git-receive-pack', changes) }
|
2015-04-26 12:48:37 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
it { expect { subject }.not_to raise_error }
|
|
|
|
|
|
|
|
context 'when in a read-only GitLab instance' do
|
|
|
|
before do
|
|
|
|
allow(Gitlab::Database).to receive(:read_only?) { true }
|
|
|
|
end
|
2015-04-26 12:48:37 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
it 'does not give access to upload wiki code' do
|
|
|
|
expect { subject }.to raise_error(Gitlab::GitAccess::UnauthorizedError, "You can't push code to a read-only GitLab instance.")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2015-04-26 12:48:37 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
|
|
|
|
describe '#access_check_download!' do
|
2019-02-13 22:33:31 +05:30
|
|
|
subject { access.check('git-upload-pack', Gitlab::GitAccess::ANY) }
|
2017-08-17 22:00:37 +05:30
|
|
|
|
|
|
|
before do
|
2018-03-17 18:26:18 +05:30
|
|
|
project.add_developer(user)
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'when wiki feature is enabled' do
|
|
|
|
it 'give access to download wiki code' do
|
2017-09-10 17:25:29 +05:30
|
|
|
expect { subject }.not_to raise_error
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2018-03-17 18:26:18 +05:30
|
|
|
|
|
|
|
context 'when the wiki repository does not exist' do
|
|
|
|
it 'returns not found' do
|
|
|
|
wiki_repo = project.wiki.repository
|
2018-11-08 19:23:39 +05:30
|
|
|
Gitlab::GitalyClient::StorageSettings.allow_disk_access do
|
|
|
|
FileUtils.rm_rf(wiki_repo.path)
|
|
|
|
end
|
2018-03-17 18:26:18 +05:30
|
|
|
|
|
|
|
# Sanity check for rm_rf
|
|
|
|
expect(wiki_repo.exists?).to eq(false)
|
|
|
|
|
|
|
|
expect { subject }.to raise_error(Gitlab::GitAccess::NotFoundError, 'A repository for this project does not exist yet.')
|
|
|
|
end
|
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'when wiki feature is disabled' do
|
|
|
|
it 'does not give access to download wiki code' do
|
|
|
|
project.project_feature.update_attribute(:wiki_access_level, ProjectFeature::DISABLED)
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
expect { subject }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to download code from this project.')
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2015-04-26 12:48:37 +05:30
|
|
|
end
|