2014-10-07 09:05:24 -04:00
|
|
|
require 'spec_helper'
|
|
|
|
|
2017-07-10 10:24:02 -04:00
|
|
|
describe Gitlab::GitAccessWiki do
|
2017-07-25 13:09:00 -04:00
|
|
|
let(:access) { described_class.new(user, project, 'web', authentication_abilities: authentication_abilities, redirected_path: redirected_path) }
|
2017-01-24 18:42:12 -05:00
|
|
|
let(:project) { create(:project, :repository) }
|
2014-10-07 09:05:24 -04:00
|
|
|
let(:user) { create(:user) }
|
2017-09-19 03:44:58 -04:00
|
|
|
let(:changes) { ['6f6d7e7ed 570e7b2ab refs/heads/master'] }
|
2017-06-15 20:03:54 -04:00
|
|
|
let(:redirected_path) { nil }
|
2016-09-16 03:59:10 -04:00
|
|
|
let(:authentication_abilities) do
|
2016-09-15 09:40:53 -04:00
|
|
|
[
|
|
|
|
:read_project,
|
|
|
|
:download_code,
|
|
|
|
:push_code
|
|
|
|
]
|
|
|
|
end
|
2014-10-07 09:05:24 -04:00
|
|
|
|
2017-09-19 03:44:58 -04:00
|
|
|
describe '#push_access_check' do
|
|
|
|
context 'when user can :create_wiki' do
|
|
|
|
before do
|
|
|
|
create(:protected_branch, name: 'master', project: project)
|
|
|
|
project.team << [user, :developer]
|
|
|
|
end
|
2014-10-07 09:05:24 -04:00
|
|
|
|
2017-09-19 03:44:58 -04:00
|
|
|
subject { access.check('git-receive-pack', changes) }
|
2014-10-07 09:05:24 -04:00
|
|
|
|
2017-09-19 03:44:58 -04:00
|
|
|
it { expect { subject }.not_to raise_error }
|
|
|
|
|
|
|
|
context 'when in a read-only GitLab instance' do
|
|
|
|
before do
|
|
|
|
allow(Gitlab::Database).to receive(:read_only?) { true }
|
|
|
|
end
|
2014-10-07 09:05:24 -04:00
|
|
|
|
2017-09-19 03:44:58 -04:00
|
|
|
it 'does not give access to upload wiki code' do
|
|
|
|
expect { subject }.to raise_error(Gitlab::GitAccess::UnauthorizedError, "You can't push code to a read-only GitLab instance.")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2014-10-07 09:05:24 -04:00
|
|
|
end
|
2016-11-29 14:31:42 -05:00
|
|
|
|
2016-12-20 08:19:07 -05:00
|
|
|
describe '#access_check_download!' do
|
2016-11-29 14:31:42 -05:00
|
|
|
subject { access.check('git-upload-pack', '_any') }
|
|
|
|
|
|
|
|
before do
|
|
|
|
project.team << [user, :developer]
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when wiki feature is enabled' do
|
|
|
|
it 'give access to download wiki code' do
|
2017-05-19 15:58:45 -04:00
|
|
|
expect { subject }.not_to raise_error
|
2016-11-29 14:31:42 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when wiki feature is disabled' do
|
|
|
|
it 'does not give access to download wiki code' do
|
|
|
|
project.project_feature.update_attribute(:wiki_access_level, ProjectFeature::DISABLED)
|
|
|
|
|
2017-05-19 15:58:45 -04:00
|
|
|
expect { subject }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to download code from this project.')
|
2016-11-29 14:31:42 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2014-10-07 09:05:24 -04:00
|
|
|
end
|