debian-mirror-gitlab/spec/controllers/concerns/routable_actions_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

157 lines
3.7 KiB
Ruby
Raw Normal View History

2019-09-04 21:01:54 +05:30
# frozen_string_literal: true
require 'spec_helper'
2020-06-23 00:09:42 +05:30
RSpec.describe RoutableActions do
2019-09-04 21:01:54 +05:30
controller(::ApplicationController) do
2020-03-13 15:44:24 +05:30
include RoutableActions
2019-09-04 21:01:54 +05:30
before_action :routable
def routable
@klass = params[:type].constantize
2021-09-30 23:02:18 +05:30
@routable = find_routable!(params[:type].constantize, params[:id], '/')
2019-09-04 21:01:54 +05:30
end
def show
head :ok
end
end
def get_routable(routable)
get :show, params: { id: routable.full_path, type: routable.class }
end
describe '#find_routable!' do
context 'when signed in' do
let(:user) { create(:user) }
before do
sign_in(user)
end
context 'with a project' do
let(:routable) { create(:project) }
context 'when authorized' do
before do
routable.add_guest(user)
end
it 'returns the project' do
get_routable(routable)
expect(assigns[:routable]).to be_a(Project)
end
it 'allows access' do
get_routable(routable)
2020-03-13 15:44:24 +05:30
expect(response).to have_gitlab_http_status(:ok)
2019-09-04 21:01:54 +05:30
end
end
it 'prevents access when not authorized' do
get_routable(routable)
2020-03-13 15:44:24 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2019-09-04 21:01:54 +05:30
end
end
context 'with a group' do
let(:routable) { create(:group, :private) }
context 'when authorized' do
before do
routable.add_guest(user)
end
it 'returns the group' do
get_routable(routable)
expect(assigns[:routable]).to be_a(Group)
end
it 'allows access' do
get_routable(routable)
2020-03-13 15:44:24 +05:30
expect(response).to have_gitlab_http_status(:ok)
2019-09-04 21:01:54 +05:30
end
end
it 'prevents access when not authorized' do
get_routable(routable)
2020-03-13 15:44:24 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2019-09-04 21:01:54 +05:30
end
end
context 'with a user' do
let(:routable) { user }
it 'allows access when authorized' do
get_routable(routable)
2020-03-13 15:44:24 +05:30
expect(response).to have_gitlab_http_status(:ok)
2019-09-04 21:01:54 +05:30
end
it 'prevents access when unauthorized' do
allow(subject).to receive(:can?).and_return(false)
get_routable(user)
2020-03-13 15:44:24 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2019-09-04 21:01:54 +05:30
end
end
end
context 'when not signed in' do
it 'redirects to sign in for private resouces' do
routable = create(:project, :private)
get_routable(routable)
2020-03-13 15:44:24 +05:30
expect(response).to have_gitlab_http_status(:found)
2019-09-04 21:01:54 +05:30
expect(response.location).to end_with('/users/sign_in')
end
end
end
describe '#perform_not_found_actions' do
let(:routable) { create(:project) }
before do
sign_in(create(:user))
end
it 'performs multiple checks' do
last_check_called = false
checks = [proc {}, proc { last_check_called = true }]
allow(subject).to receive(:not_found_actions).and_return(checks)
get_routable(routable)
expect(last_check_called).to eq(true)
end
it 'performs checks in the context of the controller' do
2021-09-30 23:02:18 +05:30
check = lambda { |routable, path_info| redirect_to routable }
2019-09-04 21:01:54 +05:30
allow(subject).to receive(:not_found_actions).and_return([check])
get_routable(routable)
expect(response.location).to end_with(routable.to_param)
end
it 'skips checks once one has resulted in a render/redirect' do
first_check = proc { render plain: 'first' }
second_check = proc { render plain: 'second' }
allow(subject).to receive(:not_found_actions).and_return([first_check, second_check])
get_routable(routable)
expect(response.body).to eq('first')
end
end
end