2016-02-12 10:05:17 -05:00
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
describe PagesDomain, models: true do
|
|
|
|
describe 'associations' do
|
|
|
|
it { is_expected.to belong_to(:project) }
|
|
|
|
end
|
2016-12-20 06:24:44 -05:00
|
|
|
|
2017-03-24 19:04:03 -04:00
|
|
|
describe 'validate domain' do
|
2017-05-19 10:07:38 -04:00
|
|
|
subject(:pages_domain) { build(:pages_domain, domain: domain) }
|
2016-02-12 10:05:17 -05:00
|
|
|
|
|
|
|
context 'is unique' do
|
|
|
|
let(:domain) { 'my.domain.com' }
|
|
|
|
|
|
|
|
it { is_expected.to validate_uniqueness_of(:domain) }
|
|
|
|
end
|
|
|
|
|
2017-05-19 10:07:38 -04:00
|
|
|
{
|
|
|
|
'my.domain.com' => true,
|
|
|
|
'123.456.789' => true,
|
|
|
|
'0x12345.com' => true,
|
|
|
|
'0123123' => true,
|
|
|
|
'_foo.com' => false,
|
|
|
|
'reserved.com' => false,
|
|
|
|
'a.reserved.com' => false,
|
|
|
|
nil => false
|
|
|
|
}.each do |value, validity|
|
|
|
|
context "domain #{value.inspect} validity" do
|
|
|
|
before do
|
|
|
|
allow(Settings.pages).to receive(:host).and_return('reserved.com')
|
|
|
|
end
|
|
|
|
|
|
|
|
let(:domain) { value }
|
|
|
|
|
|
|
|
it { expect(pages_domain.valid?).to eq(validity) }
|
|
|
|
end
|
2016-02-12 10:05:17 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'validate certificate' do
|
|
|
|
subject { domain }
|
|
|
|
|
|
|
|
context 'when only certificate is specified' do
|
|
|
|
let(:domain) { build(:pages_domain, :with_certificate) }
|
|
|
|
|
2016-05-30 04:11:46 -04:00
|
|
|
it { is_expected.not_to be_valid }
|
2016-02-12 10:05:17 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when only key is specified' do
|
|
|
|
let(:domain) { build(:pages_domain, :with_key) }
|
|
|
|
|
2016-05-30 04:11:46 -04:00
|
|
|
it { is_expected.not_to be_valid }
|
2016-02-12 10:05:17 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'with matching key' do
|
|
|
|
let(:domain) { build(:pages_domain, :with_certificate, :with_key) }
|
|
|
|
|
|
|
|
it { is_expected.to be_valid }
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'for not matching key' do
|
2016-02-16 08:39:58 -05:00
|
|
|
let(:domain) { build(:pages_domain, :with_missing_chain, :with_key) }
|
2016-02-12 10:05:17 -05:00
|
|
|
|
2016-05-30 04:11:46 -04:00
|
|
|
it { is_expected.not_to be_valid }
|
2016-02-12 10:05:17 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-03-24 19:04:03 -04:00
|
|
|
describe '#url' do
|
2016-02-12 10:05:17 -05:00
|
|
|
subject { domain.url }
|
|
|
|
|
|
|
|
context 'without the certificate' do
|
|
|
|
let(:domain) { build(:pages_domain) }
|
|
|
|
|
|
|
|
it { is_expected.to eq('http://my.domain.com') }
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with a certificate' do
|
|
|
|
let(:domain) { build(:pages_domain, :with_certificate) }
|
|
|
|
|
|
|
|
it { is_expected.to eq('https://my.domain.com') }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-03-24 19:04:03 -04:00
|
|
|
describe '#has_matching_key?' do
|
2016-02-12 10:05:17 -05:00
|
|
|
subject { domain.has_matching_key? }
|
|
|
|
|
|
|
|
context 'for matching key' do
|
|
|
|
let(:domain) { build(:pages_domain, :with_certificate, :with_key) }
|
|
|
|
|
|
|
|
it { is_expected.to be_truthy }
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'for invalid key' do
|
2016-02-16 08:39:58 -05:00
|
|
|
let(:domain) { build(:pages_domain, :with_missing_chain, :with_key) }
|
2016-02-12 10:05:17 -05:00
|
|
|
|
|
|
|
it { is_expected.to be_falsey }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-03-24 19:04:03 -04:00
|
|
|
describe '#has_intermediates?' do
|
2016-02-12 10:05:17 -05:00
|
|
|
subject { domain.has_intermediates? }
|
|
|
|
|
|
|
|
context 'for self signed' do
|
|
|
|
let(:domain) { build(:pages_domain, :with_certificate) }
|
|
|
|
|
|
|
|
it { is_expected.to be_truthy }
|
|
|
|
end
|
|
|
|
|
2016-02-16 08:39:58 -05:00
|
|
|
context 'for missing certificate chain' do
|
|
|
|
let(:domain) { build(:pages_domain, :with_missing_chain) }
|
2016-02-12 10:05:17 -05:00
|
|
|
|
|
|
|
it { is_expected.to be_falsey }
|
|
|
|
end
|
2016-02-16 08:39:58 -05:00
|
|
|
|
|
|
|
context 'for trusted certificate chain' do
|
2016-02-17 04:05:26 -05:00
|
|
|
# We only validate that we can to rebuild the trust chain, for certificates
|
|
|
|
# We assume that 'AddTrustExternalCARoot' needed to validate the chain is in trusted store.
|
|
|
|
# It will be if ca-certificates is installed on Debian/Ubuntu/Alpine
|
|
|
|
|
2016-02-16 08:39:58 -05:00
|
|
|
let(:domain) { build(:pages_domain, :with_trusted_chain) }
|
|
|
|
|
|
|
|
it { is_expected.to be_truthy }
|
|
|
|
end
|
2016-02-12 10:05:17 -05:00
|
|
|
end
|
|
|
|
|
2017-03-24 19:04:03 -04:00
|
|
|
describe '#expired?' do
|
2016-02-12 10:05:17 -05:00
|
|
|
subject { domain.expired? }
|
|
|
|
|
|
|
|
context 'for valid' do
|
|
|
|
let(:domain) { build(:pages_domain, :with_certificate) }
|
|
|
|
|
|
|
|
it { is_expected.to be_falsey }
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'for expired' do
|
|
|
|
let(:domain) { build(:pages_domain, :with_expired_certificate) }
|
|
|
|
|
|
|
|
it { is_expected.to be_truthy }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-03-24 19:04:03 -04:00
|
|
|
describe '#subject' do
|
2016-02-12 10:05:17 -05:00
|
|
|
let(:domain) { build(:pages_domain, :with_certificate) }
|
|
|
|
|
|
|
|
subject { domain.subject }
|
|
|
|
|
|
|
|
it { is_expected.to eq('/CN=test-certificate') }
|
|
|
|
end
|
|
|
|
|
2017-03-24 19:04:03 -04:00
|
|
|
describe '#certificate_text' do
|
2016-02-12 10:05:17 -05:00
|
|
|
let(:domain) { build(:pages_domain, :with_certificate) }
|
|
|
|
|
|
|
|
subject { domain.certificate_text }
|
|
|
|
|
|
|
|
# We test only existence of output, since the output is long
|
2016-05-30 04:11:46 -04:00
|
|
|
it { is_expected.not_to be_empty }
|
2016-02-12 10:05:17 -05:00
|
|
|
end
|
|
|
|
end
|