404 lines
14 KiB
Ruby
404 lines
14 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe API::Namespaces, :aggregate_failures, feature_category: :subgroups do
|
|
let_it_be(:admin) { create(:admin) }
|
|
let_it_be(:user) { create(:user) }
|
|
let_it_be(:group1) { create(:group, name: 'group.one') }
|
|
let_it_be(:group2) { create(:group, :nested) }
|
|
let_it_be(:project) { create(:project, namespace: group2, name: group2.name, path: group2.path) }
|
|
let_it_be(:project_namespace) { project.project_namespace }
|
|
let_it_be(:path) { "/namespaces" }
|
|
|
|
describe "GET /namespaces" do
|
|
context "when unauthenticated" do
|
|
it "returns authentication error" do
|
|
get api(path)
|
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
|
end
|
|
end
|
|
|
|
context "when authenticated as admin" do
|
|
it "returns correct attributes" do
|
|
get api(path, admin, admin_mode: true)
|
|
|
|
group_kind_json_response = json_response.find { |resource| resource['kind'] == 'group' }
|
|
user_kind_json_response = json_response.find { |resource| resource['kind'] == 'user' }
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response).to include_pagination_headers
|
|
expect(group_kind_json_response.keys).to include('id', 'kind', 'name', 'path', 'full_path',
|
|
'parent_id', 'members_count_with_descendants')
|
|
|
|
expect(user_kind_json_response.keys).to include('id', 'kind', 'name', 'path', 'full_path', 'parent_id')
|
|
end
|
|
|
|
it "admin: returns an array of all namespaces" do
|
|
get api(path, admin, admin_mode: true)
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response).to include_pagination_headers
|
|
expect(json_response).to be_an Array
|
|
# project namespace is excluded
|
|
expect(json_response.length).to eq(Namespace.count - 1)
|
|
end
|
|
|
|
it "admin: returns an array of matched namespaces" do
|
|
get api("/namespaces?search=#{group2.name}", admin, admin_mode: true)
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response).to include_pagination_headers
|
|
expect(json_response).to be_an Array
|
|
expect(json_response.length).to eq(1)
|
|
expect(json_response.last['path']).to eq(group2.path)
|
|
expect(json_response.last['full_path']).to eq(group2.full_path)
|
|
end
|
|
end
|
|
|
|
context "when authenticated as a regular user" do
|
|
it "returns correct attributes when user can admin group" do
|
|
group1.add_owner(user)
|
|
|
|
get api(path, user)
|
|
|
|
owned_group_response = json_response.find { |resource| resource['id'] == group1.id }
|
|
|
|
expect(owned_group_response.keys).to include('id', 'kind', 'name', 'path', 'full_path',
|
|
'parent_id', 'members_count_with_descendants')
|
|
end
|
|
|
|
it "returns correct attributes when user cannot admin group" do
|
|
group1.add_guest(user)
|
|
|
|
get api(path, user)
|
|
|
|
guest_group_response = json_response.find { |resource| resource['id'] == group1.id }
|
|
|
|
expect(guest_group_response.keys).to include('id', 'kind', 'name', 'path', 'full_path', 'parent_id')
|
|
end
|
|
|
|
it "user: returns an array of namespaces" do
|
|
get api(path, user)
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response).to include_pagination_headers
|
|
expect(json_response).to be_an Array
|
|
expect(json_response.length).to eq(1)
|
|
end
|
|
|
|
it "admin: returns an array of matched namespaces" do
|
|
get api("/namespaces?search=#{user.username}", user)
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response).to include_pagination_headers
|
|
expect(json_response).to be_an Array
|
|
expect(json_response.length).to eq(1)
|
|
end
|
|
|
|
context 'with owned_only param' do
|
|
it 'returns only owned groups' do
|
|
group1.add_developer(user)
|
|
group2.add_owner(user)
|
|
|
|
get api("/namespaces?owned_only=true", user)
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response).to include_pagination_headers
|
|
expect(json_response.map { |resource| resource['id'] }).to match_array([user.namespace_id, group2.id])
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'GET /namespaces/:id' do
|
|
let(:owned_group) { group1 }
|
|
|
|
let_it_be(:user2) { create(:user) }
|
|
|
|
it_behaves_like 'GET request permissions for admin mode' do
|
|
let(:path) { "/namespaces/#{group2.id}" }
|
|
let(:failed_status_code) { :not_found }
|
|
end
|
|
|
|
it_behaves_like 'GET request permissions for admin mode' do
|
|
let(:path) { "/namespaces/#{user2.namespace.id}" }
|
|
let(:failed_status_code) { :not_found }
|
|
end
|
|
|
|
shared_examples 'can access namespace' do |admin_mode: false|
|
|
it 'returns namespace details' do
|
|
get api("#{path}/#{namespace_id}", request_actor, admin_mode: admin_mode)
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
expect(json_response['id']).to eq(requested_namespace.id)
|
|
expect(json_response['path']).to eq(requested_namespace.path)
|
|
expect(json_response['name']).to eq(requested_namespace.name)
|
|
end
|
|
end
|
|
|
|
shared_examples 'namespace reader' do
|
|
let(:requested_namespace) { owned_group }
|
|
|
|
before do
|
|
owned_group.add_owner(request_actor)
|
|
end
|
|
|
|
context 'when namespace exists' do
|
|
context 'when requested by ID' do
|
|
context 'when requesting group' do
|
|
let(:namespace_id) { owned_group.id }
|
|
|
|
it_behaves_like 'can access namespace'
|
|
end
|
|
|
|
context 'when requesting personal namespace' do
|
|
let(:namespace_id) { request_actor.namespace.id }
|
|
let(:requested_namespace) { request_actor.namespace }
|
|
|
|
it_behaves_like 'can access namespace'
|
|
end
|
|
|
|
context 'when requesting project_namespace' do
|
|
let(:namespace_id) { project_namespace.id }
|
|
|
|
it 'returns not-found' do
|
|
get api("#{path}/#{namespace_id}", request_actor)
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when requested by path' do
|
|
context 'when requesting group' do
|
|
let(:namespace_id) { owned_group.path }
|
|
|
|
it_behaves_like 'can access namespace'
|
|
end
|
|
|
|
context 'when requesting personal namespace' do
|
|
let(:namespace_id) { request_actor.namespace.path }
|
|
let(:requested_namespace) { request_actor.namespace }
|
|
|
|
it_behaves_like 'can access namespace'
|
|
end
|
|
|
|
context 'when requesting project_namespace' do
|
|
let(:namespace_id) { project_namespace.full_path }
|
|
|
|
it 'returns not-found' do
|
|
get api("/namespaces/#{namespace_id}", request_actor)
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
context "when namespace doesn't exist" do
|
|
it 'returns not-found' do
|
|
get api("#{path}/0", request_actor)
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when unauthenticated' do
|
|
it 'returns authentication error' do
|
|
get api("#{path}/#{group1.id}")
|
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
|
end
|
|
|
|
it 'returns authentication error' do
|
|
get api("#{path}/#{project_namespace.id}")
|
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
|
end
|
|
end
|
|
|
|
context 'when authenticated as regular user' do
|
|
let(:request_actor) { user }
|
|
|
|
context 'when requested namespace is not owned by user' do
|
|
context 'when requesting group' do
|
|
it 'returns not-found' do
|
|
get api("#{path}/#{group2.id}", request_actor)
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
end
|
|
end
|
|
|
|
context 'when requesting personal namespace' do
|
|
it 'returns not-found' do
|
|
get api("#{path}/#{user2.namespace.id}", request_actor)
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when requested namespace is owned by user' do
|
|
it_behaves_like 'namespace reader'
|
|
end
|
|
end
|
|
|
|
context 'when authenticated as admin' do
|
|
let(:request_actor) { admin }
|
|
|
|
context 'when requested namespace is not owned by user' do
|
|
context 'when requesting group' do
|
|
let(:namespace_id) { group2.id }
|
|
let(:requested_namespace) { group2 }
|
|
|
|
it_behaves_like 'can access namespace', admin_mode: true
|
|
end
|
|
|
|
context 'when requesting personal namespace' do
|
|
let(:namespace_id) { user2.namespace.id }
|
|
let(:requested_namespace) { user2.namespace }
|
|
|
|
it_behaves_like 'can access namespace', admin_mode: true
|
|
end
|
|
end
|
|
|
|
context 'when requested namespace is owned by user' do
|
|
it_behaves_like 'namespace reader'
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'GET /namespaces/:namespace/exists' do
|
|
let_it_be(:namespace1) { create(:group, name: 'Namespace 1', path: 'namespace-1') }
|
|
let_it_be(:namespace2) { create(:group, name: 'Namespace 2', path: 'namespace-2') }
|
|
let_it_be(:namespace_with_dot) { create(:group, name: 'With Dot', path: 'with.dot') }
|
|
let_it_be(:namespace1sub) { create(:group, name: 'Sub Namespace 1', path: 'sub-namespace-1', parent: namespace1) }
|
|
let_it_be(:namespace2sub) { create(:group, name: 'Sub Namespace 2', path: 'sub-namespace-2', parent: namespace2) }
|
|
|
|
context 'when unauthenticated' do
|
|
it 'returns authentication error' do
|
|
get api("#{path}/#{namespace1.path}/exists")
|
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
|
end
|
|
|
|
context 'when requesting project_namespace' do
|
|
let(:namespace_id) { project_namespace.id }
|
|
|
|
it 'returns authentication error' do
|
|
get api("#{path}/#{project_namespace.path}/exists"), params: { parent_id: group2.id }
|
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when authenticated' do
|
|
it_behaves_like 'rate limited endpoint', rate_limit_key: :namespace_exists do
|
|
let(:current_user) { user }
|
|
|
|
def request
|
|
get api("#{path}/#{namespace1.path}/exists", current_user)
|
|
end
|
|
end
|
|
|
|
it 'returns JSON indicating the namespace exists and a suggestion' do
|
|
get api("#{path}/#{namespace1.path}/exists", user)
|
|
|
|
expected_json = { exists: true, suggests: ["#{namespace1.path}1"] }.to_json
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response.body).to eq(expected_json)
|
|
end
|
|
|
|
it 'supports dot in namespace path' do
|
|
get api("#{path}/#{namespace_with_dot.path}/exists", user)
|
|
|
|
expected_json = { exists: true, suggests: ["#{namespace_with_dot.path}1"] }.to_json
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response.body).to eq(expected_json)
|
|
end
|
|
|
|
it 'returns JSON indicating the namespace does not exist without a suggestion' do
|
|
get api("#{path}/non-existing-namespace/exists", user)
|
|
|
|
expected_json = { exists: false, suggests: [] }.to_json
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response.body).to eq(expected_json)
|
|
end
|
|
|
|
it 'checks the existence of a namespace in case-insensitive manner' do
|
|
get api("#{path}/#{namespace1.path.upcase}/exists", user)
|
|
|
|
expected_json = { exists: true, suggests: ["#{namespace1.path.upcase}1"] }.to_json
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response.body).to eq(expected_json)
|
|
end
|
|
|
|
it 'checks the existence within the parent namespace only' do
|
|
get api("#{path}/#{namespace1sub.path}/exists", user), params: { parent_id: namespace1.id }
|
|
|
|
expected_json = { exists: true, suggests: ["#{namespace1sub.path}1"] }.to_json
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response.body).to eq(expected_json)
|
|
end
|
|
|
|
it 'ignores nested namespaces when checking for top-level namespace' do
|
|
get api("#{path}/#{namespace1sub.path}/exists", user)
|
|
|
|
expected_json = { exists: false, suggests: [] }.to_json
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response.body).to eq(expected_json)
|
|
end
|
|
|
|
it 'ignores paths of groups present in other hierarchies when making suggestions' do
|
|
(1..2).to_a.each do |suffix|
|
|
create(:group, name: "mygroup#{suffix}", path: "mygroup#{suffix}", parent: namespace2)
|
|
end
|
|
|
|
create(:group, name: 'mygroup', path: 'mygroup', parent: namespace1)
|
|
|
|
get api("#{path}/mygroup/exists", user), params: { parent_id: namespace1.id }
|
|
|
|
# if the paths of groups present in hierachies aren't ignored, the suggestion generated would have
|
|
# been `mygroup3`, just because groups with path `mygroup1` and `mygroup2` exists somewhere else.
|
|
# But there is no reason for those groups that exists elsewhere to cause a conflict because
|
|
# their hierarchies differ. Hence, the correct suggestion to be generated would be `mygroup1`
|
|
expected_json = { exists: true, suggests: ["mygroup1"] }.to_json
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response.body).to eq(expected_json)
|
|
end
|
|
|
|
it 'ignores top-level namespaces when checking with parent_id' do
|
|
get api("#{path}/#{namespace1.path}/exists", user), params: { parent_id: namespace1.id }
|
|
|
|
expected_json = { exists: false, suggests: [] }.to_json
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response.body).to eq(expected_json)
|
|
end
|
|
|
|
it 'ignores namespaces of other parent namespaces when checking with parent_id' do
|
|
get api("#{path}/#{namespace2sub.path}/exists", user), params: { parent_id: namespace1.id }
|
|
|
|
expected_json = { exists: false, suggests: [] }.to_json
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response.body).to eq(expected_json)
|
|
end
|
|
|
|
context 'when requesting project_namespace' do
|
|
let(:namespace_id) { project_namespace.id }
|
|
|
|
it 'returns JSON indicating the namespace does not exist without a suggestion' do
|
|
get api("#{path}/#{project_namespace.path}/exists", user), params: { parent_id: group2.id }
|
|
|
|
expected_json = { exists: false, suggests: [] }.to_json
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
expect(response.body).to eq(expected_json)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|