2019-04-15 06:17:05 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2019-04-09 11:38:58 -04:00
|
|
|
require 'spec_helper'
|
|
|
|
|
2020-06-03 23:08:05 -04:00
|
|
|
RSpec.describe ProjectUnauthorized do
|
2019-04-09 11:38:58 -04:00
|
|
|
include ExternalAuthorizationServiceHelpers
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
sign_in user
|
|
|
|
end
|
|
|
|
|
|
|
|
render_views
|
|
|
|
|
2019-05-13 04:50:23 -04:00
|
|
|
describe '.on_routable_not_found' do
|
2019-04-09 11:38:58 -04:00
|
|
|
controller(::Projects::ApplicationController) do
|
|
|
|
def show
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
let(:project) { create(:project) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
project.add_developer(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders a 200 when the service allows access to the project' do
|
|
|
|
external_service_allow_access(user, project)
|
|
|
|
|
|
|
|
get :show, params: { namespace_id: project.namespace.to_param, id: project.to_param }
|
|
|
|
|
2020-02-06 13:08:54 -05:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2019-04-09 11:38:58 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders a 403 when the service denies access to the project' do
|
|
|
|
external_service_deny_access(user, project)
|
|
|
|
|
|
|
|
get :show, params: { namespace_id: project.namespace.to_param, id: project.to_param }
|
|
|
|
|
2020-02-06 13:08:54 -05:00
|
|
|
expect(response).to have_gitlab_http_status(:forbidden)
|
2019-04-09 11:38:58 -04:00
|
|
|
expect(response.body).to match("External authorization denied access to this project")
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders a 404 when the user cannot see the project at all' do
|
|
|
|
other_project = create(:project, :private)
|
|
|
|
|
|
|
|
get :show, params: { namespace_id: other_project.namespace.to_param, id: other_project.to_param }
|
|
|
|
|
2020-02-06 13:08:54 -05:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2019-04-09 11:38:58 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|