237 lines
7.5 KiB
Ruby
237 lines
7.5 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe Projects::MirrorsController do
|
|
include ReactiveCachingHelpers
|
|
|
|
shared_examples 'only admin is allowed when mirroring is disabled' do
|
|
let(:subject_action) { raise 'subject_action is required' }
|
|
let(:user) { project.first_owner }
|
|
let(:project_settings_path) { project_settings_repository_path(project, anchor: 'js-push-remote-settings') }
|
|
|
|
context 'when project mirroring is enabled' do
|
|
it 'allows requests from a maintainer' do
|
|
sign_in(user)
|
|
|
|
subject_action
|
|
expect(response).to redirect_to(project_settings_path)
|
|
end
|
|
|
|
it 'allows requests from an admin user' do
|
|
user.update!(admin: true)
|
|
sign_in(user)
|
|
|
|
subject_action
|
|
expect(response).to redirect_to(project_settings_path)
|
|
end
|
|
end
|
|
|
|
context 'when project mirroring is disabled' do
|
|
before do
|
|
stub_application_setting(mirror_available: false)
|
|
end
|
|
|
|
it 'disallows requests from a maintainer' do
|
|
sign_in(user)
|
|
|
|
subject_action
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
end
|
|
|
|
context 'when admin mode is enabled', :enable_admin_mode do
|
|
it 'allows requests from an admin user' do
|
|
user.update!(admin: true)
|
|
sign_in(user)
|
|
|
|
subject_action
|
|
expect(response).to redirect_to(project_settings_path)
|
|
end
|
|
end
|
|
|
|
context 'when admin mode is disabled' do
|
|
it 'disallows requests from an admin user' do
|
|
user.update!(admin: true)
|
|
sign_in(user)
|
|
|
|
subject_action
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'Access control' do
|
|
let(:project) { create(:project, :repository) }
|
|
|
|
describe '#update' do
|
|
include_examples 'only admin is allowed when mirroring is disabled' do
|
|
let(:subject_action) do
|
|
do_put(project, remote_mirrors_attributes: { '0' => { 'enabled' => 1, 'url' => 'http://foo.com' } })
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#update_now' do
|
|
include_examples 'only admin is allowed when mirroring is disabled' do
|
|
let(:options) { { namespace_id: project.namespace, project_id: project } }
|
|
|
|
let(:subject_action) do
|
|
get :update_now, params: options.merge(sync_remote: true)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'setting up a remote mirror' do
|
|
let_it_be(:project) { create(:project, :repository) }
|
|
|
|
context 'when the current project is not a mirror' do
|
|
it 'allows to create a remote mirror' do
|
|
sign_in(project.first_owner)
|
|
|
|
expect do
|
|
do_put(project, remote_mirrors_attributes: { '0' => { 'enabled' => 1, 'url' => 'http://foo.com' } })
|
|
end.to change { RemoteMirror.count }.to(1)
|
|
end
|
|
end
|
|
|
|
context 'setting up SSH public-key authentication' do
|
|
let(:ssh_mirror_attributes) do
|
|
{
|
|
'auth_method' => 'ssh_public_key',
|
|
'url' => 'ssh://git@example.com',
|
|
'ssh_known_hosts' => 'test'
|
|
}
|
|
end
|
|
|
|
it 'processes a successful update' do
|
|
sign_in(project.first_owner)
|
|
do_put(project, remote_mirrors_attributes: { '0' => ssh_mirror_attributes })
|
|
|
|
expect(response).to redirect_to(project_settings_repository_path(project, anchor: 'js-push-remote-settings'))
|
|
|
|
expect(RemoteMirror.count).to eq(1)
|
|
expect(RemoteMirror.first).to have_attributes(
|
|
auth_method: 'ssh_public_key',
|
|
url: 'ssh://git@example.com',
|
|
ssh_public_key: match(/\Assh-rsa /),
|
|
ssh_known_hosts: 'test'
|
|
)
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#update' do
|
|
let(:project) { create(:project, :repository, :remote_mirror) }
|
|
|
|
before do
|
|
sign_in(project.first_owner)
|
|
end
|
|
|
|
context 'With valid URL for a push' do
|
|
let(:remote_mirror_attributes) do
|
|
{ "0" => { "enabled" => "0", url: 'https://updated.example.com' } }
|
|
end
|
|
|
|
it 'processes a successful update' do
|
|
do_put(project, remote_mirrors_attributes: remote_mirror_attributes)
|
|
|
|
expect(response).to redirect_to(project_settings_repository_path(project, anchor: 'js-push-remote-settings'))
|
|
expect(flash[:notice]).to match(/successfully updated/)
|
|
end
|
|
|
|
it 'creates a RemoteMirror object' do
|
|
expect { do_put(project, remote_mirrors_attributes: remote_mirror_attributes) }.to change(RemoteMirror, :count).by(1)
|
|
end
|
|
end
|
|
|
|
context 'With invalid URL for a push' do
|
|
let(:remote_mirror_attributes) do
|
|
{ "0" => { "enabled" => "0", url: 'ftp://invalid.invalid' } }
|
|
end
|
|
|
|
it 'processes an unsuccessful update' do
|
|
do_put(project, remote_mirrors_attributes: remote_mirror_attributes)
|
|
|
|
expect(response).to redirect_to(project_settings_repository_path(project, anchor: 'js-push-remote-settings'))
|
|
expect(flash[:alert]).to match(/Only allowed schemes are/)
|
|
end
|
|
|
|
it 'does not create a RemoteMirror object' do
|
|
expect { do_put(project, remote_mirrors_attributes: remote_mirror_attributes) }.not_to change(RemoteMirror, :count)
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#ssh_host_keys', :use_clean_rails_memory_store_caching do
|
|
let(:project) { create(:project) }
|
|
let(:cache) { SshHostKey.new(project: project, url: "ssh://example.com:22") }
|
|
|
|
before do
|
|
sign_in(project.first_owner)
|
|
end
|
|
|
|
context 'invalid URLs' do
|
|
%w[
|
|
INVALID
|
|
git@example.com:foo/bar.git
|
|
ssh://git@example.com:foo/bar.git
|
|
ssh://127.0.0.1/foo/bar.git
|
|
].each do |url|
|
|
it "returns an error with a 400 response for URL #{url.inspect}" do
|
|
do_get(project, url)
|
|
|
|
expect(response).to have_gitlab_http_status(:bad_request)
|
|
expect(json_response).to eq('message' => 'Invalid URL')
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'no data in cache' do
|
|
it 'requests the cache to be filled and returns a 204 response' do
|
|
expect(ExternalServiceReactiveCachingWorker).to receive(:perform_async).with(cache.class, cache.id).at_least(:once)
|
|
|
|
do_get(project)
|
|
|
|
expect(response).to have_gitlab_http_status(:no_content)
|
|
end
|
|
end
|
|
|
|
context 'error in the cache' do
|
|
it 'returns the error with a 400 response' do
|
|
stub_reactive_cache(cache, error: 'An error')
|
|
|
|
do_get(project)
|
|
|
|
expect(response).to have_gitlab_http_status(:bad_request)
|
|
expect(json_response).to eq('message' => 'An error')
|
|
end
|
|
end
|
|
|
|
context 'data in the cache' do
|
|
let(:ssh_key) { 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf' }
|
|
let(:ssh_fp) { { type: 'ed25519', bits: 256, fingerprint: '2e:65:6a:c8:cf:bf:b2:8b:9a:bd:6d:9f:11:5c:12:16', fingerprint_sha256: 'SHA256:eUXGGm1YGsMAS7vkcx6JOJdOGHPem5gQp4taiCfCLB8', index: 0 } }
|
|
|
|
it 'returns the data with a 200 response' do
|
|
stub_reactive_cache(cache, known_hosts: ssh_key)
|
|
|
|
do_get(project)
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(json_response).to eq('known_hosts' => ssh_key, 'fingerprints' => [ssh_fp.stringify_keys], 'host_keys_changed' => true)
|
|
end
|
|
end
|
|
|
|
def do_get(project, url = 'ssh://example.com')
|
|
get :ssh_host_keys, params: { namespace_id: project.namespace, project_id: project, ssh_url: url }
|
|
end
|
|
end
|
|
|
|
def do_put(project, options, extra_attrs = {})
|
|
attrs = extra_attrs.merge(namespace_id: project.namespace.to_param, project_id: project.to_param)
|
|
attrs[:project] = options
|
|
|
|
put :update, params: attrs
|
|
end
|
|
end
|