# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Import::GithubController do
include ImportSpecHelper
let(:provider) { :github }
let(:new_import_url) { public_send("new_import_#{provider}_url") }
include_context 'a GitHub-ish import controller'
describe "GET new" do
it_behaves_like 'a GitHub-ish import controller: GET new'
it "redirects to GitHub for an access token if logged in with GitHub" do
allow(controller).to receive(:logged_in_with_provider?).and_return(true)
expect(controller).to receive(:go_to_provider_for_permissions).and_call_original
allow(controller).to receive(:authorize_url).and_call_original
get :new
expect(response).to have_gitlab_http_status(:found)
end
it "prompts for an access token if GitHub not configured" do
allow(controller).to receive(:github_import_configured?).and_return(false)
expect(controller).not_to receive(:go_to_provider_for_permissions)
get :new
expect(response).to have_gitlab_http_status(:ok)
end
context 'when importing a CI/CD project' do
it 'always prompts for an access token' do
allow(controller).to receive(:github_import_configured?).and_return(true)
get :new, params: { ci_cd_only: true }
expect(response).to render_template(:new)
end
end
end
describe "GET callback" do
before do
allow(controller).to receive(:get_token).and_return(token)
allow(controller).to receive(:oauth_options).and_return({})
stub_omniauth_provider('github')
end
context "when auth state param is missing from session" do
it "reports an error" do
get :callback
expect(controller).to redirect_to(new_import_url)
expect(flash[:alert]).to eq('Access denied to your GitHub account.')
end
end
context "when auth state param is present in session" do
let(:valid_auth_state) { "secret-state" }
before do
session[:github_auth_state_key] = valid_auth_state
end
it "updates access token if state param is valid" do
token = "asdasd12345"
get :callback, params: { state: valid_auth_state }
expect(session[:github_access_token]).to eq(token)
expect(controller).to redirect_to(status_import_github_url)
end
it "reports an error if state param is invalid" do
get :callback, params: { state: "different-state" }
expect(controller).to redirect_to(new_import_url)
expect(flash[:alert]).to eq('Access denied to your GitHub account.')
end
it "includes namespace_id from session if it is present" do
namespace_id = 1
session[:namespace_id] = 1
get :callback, params: { state: valid_auth_state }
expect(controller).to redirect_to(status_import_github_url(namespace_id: namespace_id))
end
end
end
describe "POST personal_access_token" do
it_behaves_like 'a GitHub-ish import controller: POST personal_access_token'
it 'passes namespace_id param as query param if it was present' do
namespace_id = 5
status_import_url = public_send("status_import_#{provider}_url", { namespace_id: namespace_id })
allow_next_instance_of(Gitlab::LegacyGithubImport::Client) do |client|
allow(client).to receive(:user).and_return(true)
end
post :personal_access_token, params: { personal_access_token: 'some-token', namespace_id: 5 }
expect(controller).to redirect_to(status_import_url)
end
end
describe "GET status" do
context 'when using OAuth' do
before do
allow(controller).to receive(:logged_in_with_provider?).and_return(true)
end
context 'when OAuth config is missing' do
before do
allow(controller).to receive(:oauth_config).and_return(nil)
end
it 'returns missing config error' do
expect(controller).to receive(:go_to_provider_for_permissions).and_call_original
get :status
expect(session[:"#{provider}_access_token"]).to be_nil
expect(controller).to redirect_to(new_import_url)
expect(flash[:alert]).to eq('Missing OAuth configuration for GitHub.')
end
end
end
context 'when feature remove_legacy_github_client is disabled' do
before do
stub_feature_flags(remove_legacy_github_client: false)
session[:"#{provider}_access_token"] = 'asdasd12345'
end
it_behaves_like 'a GitHub-ish import controller: GET status'
it 'uses Gitlab::LegacyGitHubImport::Client' do
expect(controller.send(:client)).to be_instance_of(Gitlab::LegacyGithubImport::Client)
end
it 'fetches repos using legacy client' do
expect_next_instance_of(Gitlab::LegacyGithubImport::Client) do |client|
expect(client).to receive(:repos)
end
get :status
end
it 'gets authorization url using legacy client' do
allow(controller).to receive(:logged_in_with_provider?).and_return(true)
expect(controller).to receive(:go_to_provider_for_permissions).and_call_original
expect_next_instance_of(Gitlab::LegacyGithubImport::Client) do |client|
expect(client).to receive(:authorize_url).and_call_original
end
get :new
end
end
context 'when feature remove_legacy_github_client is enabled' do
before do
stub_feature_flags(remove_legacy_github_client: true)
session[:"#{provider}_access_token"] = 'asdasd12345'
end
it_behaves_like 'a GitHub-ish import controller: GET status'
it 'uses Gitlab::GithubImport::Client' do
expect(controller.send(:client)).to be_instance_of(Gitlab::GithubImport::Client)
end
it 'fetches repos using latest github client' do
expect_next_instance_of(Octokit::Client) do |client|
expect(client).to receive(:repos).and_return([].to_enum)
end
get :status
end
it 'gets authorization url using oauth client' do
allow(controller).to receive(:logged_in_with_provider?).and_return(true)
expect(controller).to receive(:go_to_provider_for_permissions).and_call_original
expect_next_instance_of(OAuth2::Client) do |client|
expect(client.auth_code).to receive(:authorize_url).and_call_original
end
get :new
end
context 'pagination' do
context 'when no page is specified' do
it 'requests first page' do
expect_next_instance_of(Octokit::Client) do |client|
expect(client).to receive(:repos).with(nil, { page: 1, per_page: 25 }).and_return([].to_enum)
end
get :status
end
end
context 'when page is specified' do
it 'requests repos with specified page' do
expect_next_instance_of(Octokit::Client) do |client|
expect(client).to receive(:repos).with(nil, { page: 2, per_page: 25 }).and_return([].to_enum)
end
get :status, params: { page: 2 }
end
end
end
context 'when filtering' do
let(:filter) { 'test' }
let(:user_login) { 'user' }
let(:collaborations_subquery) { 'repo:repo1 repo:repo2' }
let(:organizations_subquery) { 'org:org1 org:org2' }
let(:search_query) { "test in:name is:public,private user:#{user_login} #{collaborations_subquery} #{organizations_subquery}" }
before do
allow_next_instance_of(Octokit::Client) do |client|
allow(client).to receive(:user).and_return(double(login: user_login))
end
end
it 'makes request to github search api' do
expect_next_instance_of(Octokit::Client) do |client|
expect(client).to receive(:user).and_return(double(login: user_login))
expect(client).to receive(:search_repositories).with(search_query, { page: 1, per_page: 25 }).and_return({ items: [].to_enum })
end
expect_next_instance_of(Gitlab::GithubImport::Client) do |client|
expect(client).to receive(:collaborations_subquery).and_return(collaborations_subquery)
expect(client).to receive(:organizations_subquery).and_return(organizations_subquery)
end
get :status, params: { filter: filter }, format: :json
end
context 'pagination' do
context 'when no page is specified' do
it 'requests first page' do
expect_next_instance_of(Octokit::Client) do |client|
expect(client).to receive(:user).and_return(double(login: user_login))
expect(client).to receive(:search_repositories).with(search_query, { page: 1, per_page: 25 }).and_return({ items: [].to_enum })
end
expect_next_instance_of(Gitlab::GithubImport::Client) do |client|
expect(client).to receive(:collaborations_subquery).and_return(collaborations_subquery)
expect(client).to receive(:organizations_subquery).and_return(organizations_subquery)
end
get :status, params: { filter: filter }, format: :json
end
end
context 'when page is specified' do
it 'requests repos with specified page' do
expect_next_instance_of(Octokit::Client) do |client|
expect(client).to receive(:user).and_return(double(login: user_login))
expect(client).to receive(:search_repositories).with(search_query, { page: 2, per_page: 25 }).and_return({ items: [].to_enum })
end
expect_next_instance_of(Gitlab::GithubImport::Client) do |client|
expect(client).to receive(:collaborations_subquery).and_return(collaborations_subquery)
expect(client).to receive(:organizations_subquery).and_return(organizations_subquery)
end
get :status, params: { filter: filter, page: 2 }, format: :json
end
end
end
context 'when user input contains colons and spaces' do
before do
allow_next_instance_of(Gitlab::GithubImport::Client) do |client|
allow(client).to receive(:search_repos_by_name).and_return(items: [])
end
end
it 'sanitizes user input' do
filter = ' test1:test2 test3 : test4 '
expected_filter = 'test1test2test3test4'
get :status, params: { filter: filter }, format: :json
expect(assigns(:filter)).to eq(expected_filter)
end
end
context 'when rate limit threshold is exceeded' do
before do
allow(controller).to receive(:status).and_raise(Gitlab::GithubImport::RateLimitError)
end
it 'returns 429' do
get :status, params: { filter: 'test' }, format: :json
expect(response).to have_gitlab_http_status(:too_many_requests)
end
end
end
end
end
describe "POST create" do
it_behaves_like 'a GitHub-ish import controller: POST create'
it_behaves_like 'project import rate limiter'
end
describe "GET realtime_changes" do
let(:user) { create(:user) }
it_behaves_like 'a GitHub-ish import controller: GET realtime_changes'
before do
assign_session_token(provider)
end
it 'includes stats in response' do
create(:project, import_type: provider, namespace: user.namespace, import_status: :finished, import_source: 'example/repo')
get :realtime_changes
expect(json_response[0]).to include('stats')
expect(json_response[0]['stats']).to include('fetched')
expect(json_response[0]['stats']).to include('imported')
end
end
end