2019-04-15 10:17:05 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2015-01-28 21:18:22 +00:00
|
|
|
require 'spec_helper'
|
|
|
|
|
|
2020-06-03 18:08:28 +00:00
|
|
|
RSpec.describe UsersController do
|
2020-12-16 18:10:10 +00:00
|
|
|
# This user should have the same e-mail address associated with the GPG key prepared for tests
|
|
|
|
|
let(:user) { create(:user, email: GpgHelpers::User1.emails[0]) }
|
2018-07-24 12:46:19 +00:00
|
|
|
let(:private_user) { create(:user, private_profile: true) }
|
|
|
|
|
let(:public_user) { create(:user) }
|
2015-01-28 21:18:22 +00:00
|
|
|
|
2015-03-13 10:39:26 +00:00
|
|
|
describe 'GET #show' do
|
2020-12-26 06:10:47 +00:00
|
|
|
shared_examples_for 'renders the show template' do
|
|
|
|
|
it 'renders the show template' do
|
|
|
|
|
get user_url user.username
|
2015-07-18 21:54:56 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
|
expect(response).to render_template('show')
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when the user exists and has public visibility' do
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'when logged in' do
|
2015-11-18 11:32:35 +00:00
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
|
|
|
|
end
|
2015-07-18 21:54:56 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
it_behaves_like 'renders the show template'
|
2015-11-18 11:32:35 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'when logged out' do
|
2020-12-26 06:10:47 +00:00
|
|
|
it_behaves_like 'renders the show template'
|
2015-07-18 21:54:56 +00:00
|
|
|
end
|
2015-01-28 21:18:22 +00:00
|
|
|
end
|
2016-03-30 20:14:21 +00:00
|
|
|
|
2016-04-05 21:56:07 +00:00
|
|
|
context 'when public visibility level is restricted' do
|
2016-03-30 20:14:21 +00:00
|
|
|
before do
|
|
|
|
|
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when logged out' do
|
2017-05-04 21:20:13 +00:00
|
|
|
it 'redirects to login page' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_url user.username
|
|
|
|
|
|
2017-05-04 21:20:13 +00:00
|
|
|
expect(response).to redirect_to new_user_session_path
|
2016-03-30 20:14:21 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when logged in' do
|
2017-06-14 18:18:56 +00:00
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
|
|
|
|
end
|
2016-03-30 20:14:21 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
it_behaves_like 'renders the show template'
|
2016-03-30 20:14:21 +00:00
|
|
|
end
|
|
|
|
|
end
|
2017-05-01 20:46:30 +00:00
|
|
|
|
2017-05-03 22:26:44 +00:00
|
|
|
context 'when a user by that username does not exist' do
|
|
|
|
|
context 'when logged out' do
|
2017-05-04 21:20:13 +00:00
|
|
|
it 'redirects to login page' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_url 'nonexistent'
|
|
|
|
|
|
2017-05-04 21:20:13 +00:00
|
|
|
expect(response).to redirect_to new_user_session_path
|
2017-05-03 22:26:44 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when logged in' do
|
2017-06-14 18:18:56 +00:00
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
|
|
|
|
end
|
2017-05-03 22:26:44 +00:00
|
|
|
|
|
|
|
|
it 'renders 404' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_url 'nonexistent'
|
|
|
|
|
|
2020-01-27 12:08:35 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2017-05-03 22:26:44 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2017-12-11 14:21:06 +00:00
|
|
|
|
2020-12-29 12:10:19 +00:00
|
|
|
context 'requested in json format' do
|
2017-12-11 14:21:06 +00:00
|
|
|
let(:project) { create(:project) }
|
2019-12-19 00:08:01 +00:00
|
|
|
|
2017-12-11 14:21:06 +00:00
|
|
|
before do
|
|
|
|
|
project.add_developer(user)
|
|
|
|
|
Gitlab::DataBuilder::Push.build_sample(project, user)
|
|
|
|
|
|
|
|
|
|
sign_in(user)
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-29 12:10:19 +00:00
|
|
|
it 'returns 404 with deprecation message' do
|
2020-12-26 06:10:47 +00:00
|
|
|
# Requesting "/username?format=json" instead of "/username.json"
|
|
|
|
|
get user_url user.username, params: { format: :json }
|
2017-12-11 14:21:06 +00:00
|
|
|
|
2020-12-29 12:10:19 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.media_type).to eq('application/json')
|
2020-12-29 12:10:19 +00:00
|
|
|
expect(Gitlab::Json.parse(response.body)['message']).to include('This endpoint is deprecated.')
|
2018-07-24 12:46:19 +00:00
|
|
|
end
|
2017-12-11 14:21:06 +00:00
|
|
|
end
|
2015-01-29 16:55:57 +00:00
|
|
|
end
|
2015-01-28 21:18:22 +00:00
|
|
|
|
2021-01-04 18:10:11 +00:00
|
|
|
describe 'GET /users/:username (deprecated user top)' do
|
|
|
|
|
it 'redirects to /user1' do
|
|
|
|
|
get '/users/user1'
|
|
|
|
|
|
|
|
|
|
expect(response).to redirect_to user_path('user1')
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-01 12:09:17 +00:00
|
|
|
describe 'GET #activity' do
|
2020-12-26 06:10:47 +00:00
|
|
|
shared_examples_for 'renders the show template' do
|
|
|
|
|
it 'renders the show template' do
|
|
|
|
|
get user_activity_url user.username
|
|
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
|
expect(response).to render_template('show')
|
|
|
|
|
end
|
|
|
|
|
end
|
2020-12-01 12:09:17 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
context 'when the user exists and has public visibility' do
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'when logged in' do
|
2020-12-01 12:09:17 +00:00
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
it_behaves_like 'renders the show template'
|
2020-12-01 12:09:17 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'when logged out' do
|
2020-12-26 06:10:47 +00:00
|
|
|
it_behaves_like 'renders the show template'
|
2020-12-01 12:09:17 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when public visibility level is restricted' do
|
|
|
|
|
before do
|
|
|
|
|
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when logged out' do
|
|
|
|
|
it 'redirects to login page' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_activity_url user.username
|
|
|
|
|
|
2020-12-01 12:09:17 +00:00
|
|
|
expect(response).to redirect_to new_user_session_path
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when logged in' do
|
|
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
it_behaves_like 'renders the show template'
|
2020-12-01 12:09:17 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when a user by that username does not exist' do
|
|
|
|
|
context 'when logged out' do
|
|
|
|
|
it 'redirects to login page' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_activity_url 'nonexistent'
|
|
|
|
|
|
2020-12-01 12:09:17 +00:00
|
|
|
expect(response).to redirect_to new_user_session_path
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when logged in' do
|
|
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'renders 404' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_activity_url 'nonexistent'
|
|
|
|
|
|
2020-12-01 12:09:17 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-29 12:10:19 +00:00
|
|
|
context 'requested in json format' do
|
2020-12-01 12:09:17 +00:00
|
|
|
let(:project) { create(:project) }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
project.add_developer(user)
|
|
|
|
|
Gitlab::DataBuilder::Push.build_sample(project, user)
|
|
|
|
|
|
|
|
|
|
sign_in(user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'loads events' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_activity_url user.username, format: :json
|
2020-12-01 12:09:17 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.media_type).to eq('application/json')
|
|
|
|
|
expect(Gitlab::Json.parse(response.body)['count']).to eq(1)
|
2020-12-01 12:09:17 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'hides events if the user cannot read cross project' do
|
|
|
|
|
allow(Ability).to receive(:allowed?).and_call_original
|
|
|
|
|
expect(Ability).to receive(:allowed?).with(user, :read_cross_project) { false }
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_activity_url user.username, format: :json
|
2020-12-01 12:09:17 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.media_type).to eq('application/json')
|
|
|
|
|
expect(Gitlab::Json.parse(response.body)['count']).to eq(0)
|
2020-12-01 12:09:17 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'hides events if the user has a private profile' do
|
|
|
|
|
Gitlab::DataBuilder::Push.build_sample(project, private_user)
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_activity_url private_user.username, format: :json
|
2020-12-01 12:09:17 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.media_type).to eq('application/json')
|
|
|
|
|
expect(Gitlab::Json.parse(response.body)['count']).to eq(0)
|
2020-12-01 12:09:17 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
describe 'GET #ssh_keys' do
|
|
|
|
|
context 'non existent user' do
|
|
|
|
|
it 'does not generally work' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get '/not-existent.keys'
|
2020-12-11 18:09:57 +00:00
|
|
|
|
|
|
|
|
expect(response).not_to be_successful
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'user with no keys' do
|
2020-12-26 06:10:47 +00:00
|
|
|
it 'responds the empty body with text/plain content type' do
|
|
|
|
|
get "/#{user.username}.keys"
|
2020-12-11 18:09:57 +00:00
|
|
|
|
|
|
|
|
expect(response).to be_successful
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.media_type).to eq("text/plain")
|
2020-12-11 18:09:57 +00:00
|
|
|
expect(response.body).to eq("")
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'user with keys' do
|
2020-12-11 18:09:57 +00:00
|
|
|
let!(:key) { create(:key, user: user) }
|
|
|
|
|
let!(:another_key) { create(:another_key, user: user) }
|
|
|
|
|
let!(:deploy_key) { create(:deploy_key, user: user) }
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
shared_examples_for 'renders all public keys' do
|
2020-12-26 06:10:47 +00:00
|
|
|
it 'renders all non-deploy keys separated with a new line with text/plain content type without the comment key' do
|
|
|
|
|
get "/#{user.username}.keys"
|
2020-12-11 18:09:57 +00:00
|
|
|
|
|
|
|
|
expect(response).to be_successful
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.media_type).to eq("text/plain")
|
2020-12-11 18:09:57 +00:00
|
|
|
|
|
|
|
|
expect(response.body).not_to eq('')
|
|
|
|
|
expect(response.body).to eq(user.all_ssh_keys.join("\n"))
|
|
|
|
|
|
|
|
|
|
expect(response.body).to include(key.key.sub(' dummy@gitlab.com', ''))
|
|
|
|
|
expect(response.body).to include(another_key.key.sub(' dummy@gitlab.com', ''))
|
|
|
|
|
|
|
|
|
|
expect(response.body).not_to match(/dummy@gitlab.com/)
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.body).not_to include(deploy_key.key)
|
2020-12-11 18:09:57 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'while signed in' do
|
2020-12-11 18:09:57 +00:00
|
|
|
before do
|
2020-12-21 18:10:26 +00:00
|
|
|
sign_in(user)
|
2020-12-11 18:09:57 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
it_behaves_like 'renders all public keys'
|
|
|
|
|
end
|
2020-12-11 18:09:57 +00:00
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'when logged out' do
|
|
|
|
|
before do
|
|
|
|
|
sign_out(user)
|
2020-12-11 18:09:57 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
it_behaves_like 'renders all public keys'
|
2021-01-25 15:09:00 +00:00
|
|
|
|
|
|
|
|
context 'when public visibility is restricted' do
|
|
|
|
|
before do
|
|
|
|
|
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
|
|
|
|
|
end
|
|
|
|
|
|
2021-08-31 21:10:43 +00:00
|
|
|
it 'redirects to sign in' do
|
|
|
|
|
get "/#{user.username}.keys"
|
|
|
|
|
|
|
|
|
|
expect(response).to redirect_to(new_user_session_path)
|
|
|
|
|
end
|
2021-01-25 15:09:00 +00:00
|
|
|
end
|
2020-12-11 18:09:57 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
describe 'GET #gpg_keys' do
|
|
|
|
|
context 'non existent user' do
|
|
|
|
|
it 'does not generally work' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get '/not-existent.keys'
|
2020-12-16 18:10:10 +00:00
|
|
|
|
|
|
|
|
expect(response).not_to be_successful
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'user with no keys' do
|
2020-12-26 06:10:47 +00:00
|
|
|
it 'responds the empty body with text/plain content type' do
|
|
|
|
|
get "/#{user.username}.gpg"
|
2020-12-16 18:10:10 +00:00
|
|
|
|
|
|
|
|
expect(response).to be_successful
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.media_type).to eq("text/plain")
|
2020-12-19 21:10:05 +00:00
|
|
|
expect(response.body).to eq("")
|
2020-12-16 18:10:10 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'user with keys' do
|
2020-12-16 18:10:10 +00:00
|
|
|
let!(:gpg_key) { create(:gpg_key, user: user) }
|
2021-11-04 00:12:36 +00:00
|
|
|
let!(:another_gpg_key) { create(:another_gpg_key, user: user.reload) }
|
2020-12-16 18:10:10 +00:00
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
shared_examples_for 'renders all verified GPG keys' do
|
2020-12-26 06:10:47 +00:00
|
|
|
it 'renders all verified keys separated with a new line with text/plain content type' do
|
|
|
|
|
get "/#{user.username}.gpg"
|
2020-12-16 18:10:10 +00:00
|
|
|
|
|
|
|
|
expect(response).to be_successful
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.media_type).to eq("text/plain")
|
2020-12-19 21:10:05 +00:00
|
|
|
|
2020-12-16 18:10:10 +00:00
|
|
|
expect(response.body).not_to eq('')
|
|
|
|
|
expect(response.body).to eq(user.gpg_keys.select(&:verified?).map(&:key).join("\n"))
|
|
|
|
|
|
|
|
|
|
expect(response.body).to include(gpg_key.key)
|
|
|
|
|
expect(response.body).to include(another_gpg_key.key)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'while signed in' do
|
2020-12-16 18:10:10 +00:00
|
|
|
before do
|
2020-12-21 18:10:26 +00:00
|
|
|
sign_in(user)
|
2020-12-16 18:10:10 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
it_behaves_like 'renders all verified GPG keys'
|
|
|
|
|
end
|
2020-12-16 18:10:10 +00:00
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'when logged out' do
|
|
|
|
|
before do
|
|
|
|
|
sign_out(user)
|
2020-12-16 18:10:10 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
it_behaves_like 'renders all verified GPG keys'
|
2020-12-16 18:10:10 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-21 18:10:26 +00:00
|
|
|
context 'when revoked' do
|
2020-12-26 06:10:47 +00:00
|
|
|
shared_examples_for 'doesn\'t render revoked keys' do
|
|
|
|
|
it 'doesn\'t render revoked keys' do
|
|
|
|
|
get "/#{user.username}.gpg"
|
|
|
|
|
|
|
|
|
|
expect(response.body).not_to eq('')
|
|
|
|
|
|
|
|
|
|
expect(response.body).to include(gpg_key.key)
|
|
|
|
|
expect(response.body).not_to include(another_gpg_key.key)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-16 18:10:10 +00:00
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
|
|
|
|
another_gpg_key.revoke
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
context 'while signed in' do
|
|
|
|
|
it_behaves_like 'doesn\'t render revoked keys'
|
2020-12-16 18:10:10 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
context 'when logged out' do
|
|
|
|
|
before do
|
|
|
|
|
sign_out(user)
|
|
|
|
|
end
|
2020-12-16 18:10:10 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
it_behaves_like 'doesn\'t render revoked keys'
|
2020-12-16 18:10:10 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2015-03-13 10:39:26 +00:00
|
|
|
describe 'GET #calendar' do
|
2018-07-24 12:46:19 +00:00
|
|
|
context 'for user' do
|
|
|
|
|
let(:project) { create(:project) }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
|
|
|
|
project.add_developer(user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with public profile' do
|
|
|
|
|
it 'renders calendar' do
|
|
|
|
|
push_data = Gitlab::DataBuilder::Push.build_sample(project, public_user)
|
|
|
|
|
EventCreateService.new.push(project, public_user, push_data)
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_calendar_url public_user.username, format: :json
|
2015-07-18 21:54:56 +00:00
|
|
|
|
2020-01-27 12:08:35 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2018-07-24 12:46:19 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with private profile' do
|
|
|
|
|
it 'does not render calendar' do
|
|
|
|
|
push_data = Gitlab::DataBuilder::Push.build_sample(project, private_user)
|
|
|
|
|
EventCreateService.new.push(project, private_user, push_data)
|
2015-07-18 21:54:56 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_calendar_url private_user.username, format: :json
|
2018-07-24 12:46:19 +00:00
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
|
|
|
end
|
|
|
|
|
end
|
2015-01-28 21:18:22 +00:00
|
|
|
end
|
2016-02-22 14:46:29 +00:00
|
|
|
|
|
|
|
|
context 'forked project' do
|
2017-08-02 19:55:11 +00:00
|
|
|
let(:project) { create(:project) }
|
2016-09-19 18:28:41 +00:00
|
|
|
let(:forked_project) { Projects::ForkService.new(project, user).execute }
|
2016-02-22 14:46:29 +00:00
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
2017-12-22 08:18:28 +00:00
|
|
|
project.add_developer(user)
|
Migrate events into a new format
This commit migrates events data in such a way that push events are
stored much more efficiently. This is done by creating a shadow table
called "events_for_migration", and a table called "push_event_payloads"
which is used for storing push data of push events. The background
migration in this commit will copy events from the "events" table into
the "events_for_migration" table, push events in will also have a row
created in "push_event_payloads".
This approach allows us to reclaim space in the next release by simply
swapping the "events" and "events_for_migration" tables, then dropping
the old events (now "events_for_migration") table.
The new table structure is also optimised for storage space, and does
not include the unused "title" column nor the "data" column (since this
data is moved to "push_event_payloads").
== Newly Created Events
Newly created events are inserted into both "events" and
"events_for_migration", both using the exact same primary key value. The
table "push_event_payloads" in turn has a foreign key to the _shadow_
table. This removes the need for recreating and validating the foreign
key after swapping the tables. Since the shadow table also has a foreign
key to "projects.id" we also don't have to worry about orphaned rows.
This approach however does require some additional storage as we're
duplicating a portion of the events data for at least 1 release. The
exact amount is hard to estimate, but for GitLab.com this is expected to
be between 10 and 20 GB at most. The background migration in this commit
deliberately does _not_ update the "events" table as doing so would put
a lot of pressure on PostgreSQL's auto vacuuming system.
== Supporting Both Old And New Events
Application code has also been adjusted to support push events using
both the old and new data formats. This is done by creating a PushEvent
class which extends the regular Event class. Using Rails' Single Table
Inheritance system we can ensure the right class is used for the right
data, which in this case is based on the value of `events.action`. To
support displaying old and new data at the same time the PushEvent class
re-defines a few methods of the Event class, falling back to their
original implementations for push events in the old format.
Once all existing events have been migrated the various push event
related methods can be removed from the Event model, and the calls to
`super` can be removed from the methods in the PushEvent model.
The UI and event atom feed have also been slightly changed to better
handle this new setup, fortunately only a few changes were necessary to
make this work.
== API Changes
The API only displays push data of events in the new format. Supporting
both formats in the API is a bit more difficult compared to the UI.
Since the old push data was not really well documented (apart from one
example that used an incorrect "action" nmae) I decided that supporting
both was not worth the effort, especially since events will be migrated
in a few days _and_ new events are created in the correct format.
2017-07-10 15:43:57 +00:00
|
|
|
|
|
|
|
|
push_data = Gitlab::DataBuilder::Push.build_sample(project, user)
|
|
|
|
|
|
|
|
|
|
fork_push_data = Gitlab::DataBuilder::Push
|
|
|
|
|
.build_sample(forked_project, user)
|
|
|
|
|
|
|
|
|
|
EventCreateService.new.push(project, user, push_data)
|
|
|
|
|
EventCreateService.new.push(forked_project, user, fork_push_data)
|
2016-02-22 14:46:29 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'includes forked projects' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_calendar_url user.username
|
|
|
|
|
|
2016-02-22 14:46:29 +00:00
|
|
|
expect(assigns(:contributions_calendar).projects.count).to eq(2)
|
|
|
|
|
end
|
|
|
|
|
end
|
2015-01-28 21:18:22 +00:00
|
|
|
end
|
|
|
|
|
|
2015-03-13 10:39:26 +00:00
|
|
|
describe 'GET #calendar_activities' do
|
2017-08-02 19:55:11 +00:00
|
|
|
let!(:project) { create(:project) }
|
2017-05-01 20:46:30 +00:00
|
|
|
let(:user) { create(:user) }
|
2015-03-13 10:39:26 +00:00
|
|
|
|
|
|
|
|
before do
|
2019-11-14 03:06:25 +00:00
|
|
|
allow_next_instance_of(User) do |instance|
|
|
|
|
|
allow(instance).to receive(:contributed_projects_ids).and_return([project.id])
|
|
|
|
|
end
|
2015-07-18 21:54:56 +00:00
|
|
|
|
|
|
|
|
sign_in(user)
|
2017-12-22 08:18:28 +00:00
|
|
|
project.add_developer(user)
|
2015-03-13 10:39:26 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
it 'renders activities on the specified day' do
|
|
|
|
|
get user_calendar_activities_url user.username, date: '2014-07-31'
|
|
|
|
|
|
|
|
|
|
expect(response.media_type).to eq('text/html')
|
|
|
|
|
expect(response.body).to include('Jul 31, 2014')
|
2015-03-13 10:39:26 +00:00
|
|
|
end
|
|
|
|
|
|
2018-07-24 12:46:19 +00:00
|
|
|
context 'for user' do
|
|
|
|
|
context 'with public profile' do
|
2019-03-01 18:12:50 +00:00
|
|
|
let(:issue) { create(:issue, project: project, author: user) }
|
|
|
|
|
let(:note) { create(:note, noteable: issue, author: user, project: project) }
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
create_push_event
|
|
|
|
|
create_note_event
|
|
|
|
|
end
|
2018-07-24 12:46:19 +00:00
|
|
|
|
2019-03-01 18:12:50 +00:00
|
|
|
it 'renders calendar_activities' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_calendar_activities_url public_user.username
|
2019-03-01 18:12:50 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.body).not_to be_empty
|
2018-07-24 12:46:19 +00:00
|
|
|
end
|
2019-03-01 18:12:50 +00:00
|
|
|
|
|
|
|
|
it 'avoids N+1 queries', :request_store do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_calendar_activities_url public_user.username
|
2019-03-01 18:12:50 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
control = ActiveRecord::QueryRecorder.new { get user_calendar_activities_url public_user.username }
|
2019-03-01 18:12:50 +00:00
|
|
|
|
|
|
|
|
create_push_event
|
|
|
|
|
create_note_event
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
expect { get user_calendar_activities_url public_user.username }.not_to exceed_query_limit(control)
|
2019-03-01 18:12:50 +00:00
|
|
|
end
|
2018-07-24 12:46:19 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with private profile' do
|
|
|
|
|
it 'does not render calendar_activities' do
|
|
|
|
|
push_data = Gitlab::DataBuilder::Push.build_sample(project, private_user)
|
|
|
|
|
EventCreateService.new.push(project, private_user, push_data)
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_calendar_activities_url private_user.username
|
|
|
|
|
|
2018-07-24 12:46:19 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
|
|
|
end
|
|
|
|
|
end
|
2019-03-01 18:12:50 +00:00
|
|
|
|
2019-04-09 15:38:58 +00:00
|
|
|
context 'external authorization' do
|
2020-12-26 06:10:47 +00:00
|
|
|
subject { get user_calendar_activities_url user.username }
|
2019-04-09 15:38:58 +00:00
|
|
|
|
|
|
|
|
it_behaves_like 'disabled when using an external authorization service'
|
|
|
|
|
end
|
|
|
|
|
|
2019-03-01 18:12:50 +00:00
|
|
|
def create_push_event
|
|
|
|
|
push_data = Gitlab::DataBuilder::Push.build_sample(project, public_user)
|
|
|
|
|
EventCreateService.new.push(project, public_user, push_data)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def create_note_event
|
|
|
|
|
EventCreateService.new.leave_note(note, public_user)
|
|
|
|
|
end
|
2015-03-13 10:39:26 +00:00
|
|
|
end
|
|
|
|
|
end
|
2016-05-08 15:06:19 +00:00
|
|
|
|
2018-12-21 14:26:33 +00:00
|
|
|
describe 'GET #contributed' do
|
|
|
|
|
let(:project) { create(:project, :public) }
|
2022-01-28 03:15:57 +00:00
|
|
|
let(:aimed_for_deletion_project) { create(:project, :public, :archived, marked_for_deletion_at: 3.days.ago) }
|
2020-12-07 21:10:08 +00:00
|
|
|
|
|
|
|
|
subject do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_contributed_projects_url author.username, format: format
|
2020-12-07 21:10:08 +00:00
|
|
|
end
|
2018-12-21 14:26:33 +00:00
|
|
|
|
|
|
|
|
before do
|
2020-12-07 21:10:08 +00:00
|
|
|
sign_in(user)
|
2018-12-21 14:26:33 +00:00
|
|
|
|
|
|
|
|
project.add_developer(public_user)
|
|
|
|
|
project.add_developer(private_user)
|
2022-01-28 03:15:57 +00:00
|
|
|
aimed_for_deletion_project.add_developer(public_user)
|
|
|
|
|
aimed_for_deletion_project.add_developer(private_user)
|
2020-12-07 21:10:08 +00:00
|
|
|
create(:push_event, project: project, author: author)
|
2022-01-28 03:15:57 +00:00
|
|
|
create(:push_event, project: aimed_for_deletion_project, author: author)
|
2020-12-07 21:10:08 +00:00
|
|
|
|
|
|
|
|
subject
|
2018-12-21 14:26:33 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-07 21:10:08 +00:00
|
|
|
shared_examples_for 'renders contributed projects' do
|
2018-12-21 14:26:33 +00:00
|
|
|
it 'renders contributed projects' do
|
2020-12-07 21:10:08 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.body).not_to be_empty
|
2020-12-07 21:10:08 +00:00
|
|
|
end
|
2022-01-28 03:15:57 +00:00
|
|
|
|
|
|
|
|
it 'does not list projects aimed for deletion' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
|
expect(assigns(:contributed_projects)).to eq([project])
|
|
|
|
|
end
|
2020-12-07 21:10:08 +00:00
|
|
|
end
|
2018-12-21 14:26:33 +00:00
|
|
|
|
2020-12-07 21:10:08 +00:00
|
|
|
%i(html json).each do |format|
|
|
|
|
|
context "format: #{format}" do
|
|
|
|
|
let(:format) { format }
|
2018-12-21 14:26:33 +00:00
|
|
|
|
2020-12-07 21:10:08 +00:00
|
|
|
context 'with public profile' do
|
|
|
|
|
let(:author) { public_user }
|
|
|
|
|
|
|
|
|
|
it_behaves_like 'renders contributed projects'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with private profile' do
|
|
|
|
|
let(:author) { private_user }
|
|
|
|
|
|
|
|
|
|
it 'returns 404' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with a user that has the ability to read private profiles', :enable_admin_mode do
|
|
|
|
|
let(:user) { create(:admin) }
|
|
|
|
|
|
|
|
|
|
it_behaves_like 'renders contributed projects'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe 'GET #starred' do
|
|
|
|
|
let(:project) { create(:project, :public) }
|
2022-01-28 03:15:57 +00:00
|
|
|
let(:aimed_for_deletion_project) { create(:project, :public, :archived, marked_for_deletion_at: 3.days.ago) }
|
2020-12-07 21:10:08 +00:00
|
|
|
|
|
|
|
|
subject do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_starred_projects_url author.username, format: format
|
2020-12-07 21:10:08 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
author.toggle_star(project)
|
|
|
|
|
|
|
|
|
|
sign_in(user)
|
|
|
|
|
subject
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for 'renders starred projects' do
|
|
|
|
|
it 'renders starred projects' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(response.body).not_to be_empty
|
2018-12-21 14:26:33 +00:00
|
|
|
end
|
2022-01-28 03:15:57 +00:00
|
|
|
|
|
|
|
|
it 'does not list projects aimed for deletion' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
|
expect(assigns(:starred_projects)).to eq([project])
|
|
|
|
|
end
|
2018-12-21 14:26:33 +00:00
|
|
|
end
|
|
|
|
|
|
2020-12-07 21:10:08 +00:00
|
|
|
%i(html json).each do |format|
|
|
|
|
|
context "format: #{format}" do
|
|
|
|
|
let(:format) { format }
|
2018-12-21 14:26:33 +00:00
|
|
|
|
2020-12-07 21:10:08 +00:00
|
|
|
context 'with public profile' do
|
|
|
|
|
let(:author) { public_user }
|
|
|
|
|
|
|
|
|
|
it_behaves_like 'renders starred projects'
|
|
|
|
|
end
|
2018-12-21 14:26:33 +00:00
|
|
|
|
2020-12-07 21:10:08 +00:00
|
|
|
context 'with private profile' do
|
|
|
|
|
let(:author) { private_user }
|
|
|
|
|
|
|
|
|
|
it 'returns 404' do
|
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with a user that has the ability to read private profiles', :enable_admin_mode do
|
|
|
|
|
let(:user) { create(:admin) }
|
|
|
|
|
|
|
|
|
|
it_behaves_like 'renders starred projects'
|
|
|
|
|
end
|
|
|
|
|
end
|
2018-12-21 14:26:33 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-05-08 15:06:19 +00:00
|
|
|
describe 'GET #snippets' do
|
|
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'format html' do
|
|
|
|
|
it 'renders snippets page' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_snippets_url user.username
|
|
|
|
|
|
2020-01-27 12:08:35 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2016-05-08 15:06:19 +00:00
|
|
|
expect(response).to render_template('show')
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'format json' do
|
|
|
|
|
it 'response with snippets json data' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_snippets_url user.username, format: :json
|
|
|
|
|
|
2020-01-27 12:08:35 +00:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2019-07-16 08:03:49 +00:00
|
|
|
expect(json_response).to have_key('html')
|
2016-05-08 15:06:19 +00:00
|
|
|
end
|
|
|
|
|
end
|
2019-04-09 15:38:58 +00:00
|
|
|
|
|
|
|
|
context 'external authorization' do
|
2020-12-26 06:10:47 +00:00
|
|
|
subject { get user_snippets_url user.username }
|
2019-04-09 15:38:58 +00:00
|
|
|
|
|
|
|
|
it_behaves_like 'disabled when using an external authorization service'
|
|
|
|
|
end
|
2017-05-01 20:46:30 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe 'GET #exists' do
|
2022-01-26 21:16:58 +00:00
|
|
|
context 'when user exists' do
|
|
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
2022-01-06 12:14:04 +00:00
|
|
|
|
2022-01-26 21:16:58 +00:00
|
|
|
allow(::Gitlab::ApplicationRateLimiter).to receive(:throttled?).and_return(false)
|
|
|
|
|
end
|
2017-05-01 20:46:30 +00:00
|
|
|
|
|
|
|
|
it 'returns JSON indicating the user exists' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_exists_url user.username
|
2017-05-01 20:46:30 +00:00
|
|
|
|
|
|
|
|
expected_json = { exists: true }.to_json
|
|
|
|
|
expect(response.body).to eq(expected_json)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when the casing is different' do
|
|
|
|
|
let(:user) { create(:user, username: 'CamelCaseUser') }
|
|
|
|
|
|
|
|
|
|
it 'returns JSON indicating the user exists' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_exists_url user.username.downcase
|
2017-05-01 20:46:30 +00:00
|
|
|
|
|
|
|
|
expected_json = { exists: true }.to_json
|
|
|
|
|
expect(response.body).to eq(expected_json)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when the user does not exist' do
|
2022-01-26 21:16:58 +00:00
|
|
|
it 'will not show a signup page if registration is disabled' do
|
|
|
|
|
stub_application_setting(signup_enabled: false)
|
|
|
|
|
get user_exists_url 'foo'
|
|
|
|
|
|
|
|
|
|
expected_json = { error: "You must be authenticated to access this path." }.to_json
|
|
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
|
|
|
|
expect(response.body).to eq(expected_json)
|
|
|
|
|
end
|
|
|
|
|
|
2017-05-01 20:46:30 +00:00
|
|
|
it 'returns JSON indicating the user does not exist' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_exists_url 'foo'
|
2017-05-01 20:46:30 +00:00
|
|
|
|
|
|
|
|
expected_json = { exists: false }.to_json
|
|
|
|
|
expect(response.body).to eq(expected_json)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when a user changed their username' do
|
2021-04-03 06:09:31 +00:00
|
|
|
let(:redirect_route) { user.namespace.redirect_routes.create!(path: 'old-username') }
|
2017-05-01 20:46:30 +00:00
|
|
|
|
|
|
|
|
it 'returns JSON indicating a user by that username does not exist' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_exists_url 'old-username'
|
2017-05-01 20:46:30 +00:00
|
|
|
|
|
|
|
|
expected_json = { exists: false }.to_json
|
|
|
|
|
expect(response.body).to eq(expected_json)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2022-01-06 12:14:04 +00:00
|
|
|
|
|
|
|
|
context 'when the rate limit has been reached' do
|
|
|
|
|
it 'returns status 429 Too Many Requests', :aggregate_failures do
|
|
|
|
|
ip = '1.2.3.4'
|
|
|
|
|
expect(::Gitlab::ApplicationRateLimiter).to receive(:throttled?).with(:username_exists, scope: ip).and_return(true)
|
|
|
|
|
|
|
|
|
|
get user_exists_url(user.username), env: { 'REMOTE_ADDR': ip }
|
|
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:too_many_requests)
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-05-08 15:06:19 +00:00
|
|
|
end
|
2017-05-11 20:57:03 +00:00
|
|
|
|
2017-05-18 19:56:39 +00:00
|
|
|
describe '#ensure_canonical_path' do
|
|
|
|
|
before do
|
|
|
|
|
sign_in(user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for a GET request' do
|
|
|
|
|
context 'when requesting users at the root path' do
|
|
|
|
|
context 'when requesting the canonical path' do
|
|
|
|
|
let(:user) { create(:user, username: 'CamelCaseUser') }
|
|
|
|
|
|
|
|
|
|
context 'with exactly matching casing' do
|
|
|
|
|
it 'responds with success' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_url user.username
|
2017-05-18 19:56:39 +00:00
|
|
|
|
2019-08-19 09:55:20 +00:00
|
|
|
expect(response).to be_successful
|
2017-05-18 19:56:39 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with different casing' do
|
|
|
|
|
it 'redirects to the correct casing' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_url user.username.downcase
|
2017-05-18 19:56:39 +00:00
|
|
|
|
|
|
|
|
expect(response).to redirect_to(user)
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(flash[:notice]).to be_nil
|
2017-05-18 19:56:39 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
shared_examples_for 'redirects to the canonical path' do
|
2017-05-18 19:56:39 +00:00
|
|
|
it 'redirects to the canonical path' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_url redirect_route.path
|
2017-05-18 19:56:39 +00:00
|
|
|
|
|
|
|
|
expect(response).to redirect_to(user)
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(flash[:notice]).to eq(user_moved_message(redirect_route, user))
|
2017-05-18 19:56:39 +00:00
|
|
|
end
|
2020-12-26 06:10:47 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when requesting a redirected path' do
|
2021-04-03 06:09:31 +00:00
|
|
|
let(:redirect_route) { user.namespace.redirect_routes.create!(path: 'old-path') }
|
2020-12-26 06:10:47 +00:00
|
|
|
|
|
|
|
|
it_behaves_like 'redirects to the canonical path'
|
2017-05-18 19:56:39 +00:00
|
|
|
|
|
|
|
|
context 'when the old path is a substring of the scheme or host' do
|
2021-04-03 06:09:31 +00:00
|
|
|
let(:redirect_route) { user.namespace.redirect_routes.create!(path: 'http') }
|
2017-05-18 19:56:39 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
# it does not modify the requested host and ...
|
|
|
|
|
it_behaves_like 'redirects to the canonical path'
|
2017-05-18 19:56:39 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when the old path is substring of users' do
|
2021-04-03 06:09:31 +00:00
|
|
|
let(:redirect_route) { user.namespace.redirect_routes.create!(path: 'ser') }
|
2017-05-18 19:56:39 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
it_behaves_like 'redirects to the canonical path'
|
2017-05-18 19:56:39 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when requesting users under the /users path' do
|
|
|
|
|
context 'when requesting the canonical path' do
|
|
|
|
|
let(:user) { create(:user, username: 'CamelCaseUser') }
|
|
|
|
|
|
|
|
|
|
context 'with exactly matching casing' do
|
|
|
|
|
it 'responds with success' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_projects_url user.username
|
2017-05-18 19:56:39 +00:00
|
|
|
|
2019-08-19 09:55:20 +00:00
|
|
|
expect(response).to be_successful
|
2017-05-18 19:56:39 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with different casing' do
|
|
|
|
|
it 'redirects to the correct casing' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_projects_url user.username.downcase
|
2017-05-18 19:56:39 +00:00
|
|
|
|
|
|
|
|
expect(response).to redirect_to(user_projects_path(user))
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(flash[:notice]).to be_nil
|
2017-05-18 19:56:39 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
shared_examples_for 'redirects to the canonical path' do
|
2017-05-18 19:56:39 +00:00
|
|
|
it 'redirects to the canonical path' do
|
2020-12-26 06:10:47 +00:00
|
|
|
get user_projects_url redirect_route.path
|
2017-05-18 19:56:39 +00:00
|
|
|
|
|
|
|
|
expect(response).to redirect_to(user_projects_path(user))
|
2020-12-26 06:10:47 +00:00
|
|
|
expect(flash[:notice]).to eq(user_moved_message(redirect_route, user))
|
2017-05-18 19:56:39 +00:00
|
|
|
end
|
2020-12-26 06:10:47 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when requesting a redirected path' do
|
2021-04-03 06:09:31 +00:00
|
|
|
let(:redirect_route) { user.namespace.redirect_routes.create!(path: 'old-path') }
|
2020-12-26 06:10:47 +00:00
|
|
|
|
|
|
|
|
it_behaves_like 'redirects to the canonical path'
|
2017-05-18 19:56:39 +00:00
|
|
|
|
|
|
|
|
context 'when the old path is a substring of the scheme or host' do
|
2021-04-03 06:09:31 +00:00
|
|
|
let(:redirect_route) { user.namespace.redirect_routes.create!(path: 'http') }
|
2017-05-18 19:56:39 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
# it does not modify the requested host and ...
|
|
|
|
|
it_behaves_like 'redirects to the canonical path'
|
2017-05-18 19:56:39 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'when the old path is substring of users' do
|
2021-04-03 06:09:31 +00:00
|
|
|
let(:redirect_route) { user.namespace.redirect_routes.create!(path: 'ser') }
|
2017-05-18 19:56:39 +00:00
|
|
|
|
2020-12-26 06:10:47 +00:00
|
|
|
# it does not modify the /users part of the path
|
|
|
|
|
# (i.e. /users/ser should not become /ufoos/ser) and ...
|
|
|
|
|
it_behaves_like 'redirects to the canonical path'
|
2017-05-18 19:56:39 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2018-11-28 19:06:02 +00:00
|
|
|
context 'token authentication' do
|
2022-01-12 00:16:35 +00:00
|
|
|
it_behaves_like 'authenticates sessionless user for the request spec', 'show atom', public_resource: true do
|
|
|
|
|
let(:url) { user_url(user, format: :atom) }
|
|
|
|
|
end
|
2018-11-28 19:06:02 +00:00
|
|
|
end
|
|
|
|
|
|
2017-05-11 20:57:03 +00:00
|
|
|
def user_moved_message(redirect_route, user)
|
|
|
|
|
"User '#{redirect_route.path}' was moved to '#{user.full_path}'. Please update any links and bookmarks that may still have the old path."
|
|
|
|
|
end
|
2015-03-13 10:39:26 +00:00
|
|
|
end
|