gitlab-org--gitlab-foss/spec/controllers/projects/badges_controller_spec.rb

# frozen_string_literal: true

require 'spec_helper'

describe Projects::BadgesController do
  let(:project) { pipeline.project }
  let!(:pipeline) { create(:ci_empty_pipeline) }
  let(:user) { create(:user) }

  shared_examples 'a badge resource' do |badge_type|
    context 'when pipelines are public' do
      before do
        project.update!(public_builds: true)
      end

      context 'when project is public' do
        before do
          project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
        end

        it "returns the #{badge_type} badge to unauthenticated users" do
          get_badge(badge_type)

          expect(response).to have_gitlab_http_status(:ok)
        end
      end

      context 'when project is restricted' do
        before do
          project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
          project.add_guest(user)
          sign_in(user)
        end

        it "returns the #{badge_type} badge to guest users" do
          get_badge(badge_type)

          expect(response).to have_gitlab_http_status(:ok)
        end
      end
    end

    context 'format' do
      before do
        project.add_maintainer(user)
        sign_in(user)
      end

      it 'renders the `flat` badge layout by default' do
        get_badge(badge_type)

        expect(response).to render_template('projects/badges/badge')
      end

      context 'when style param is set to `flat`' do
        it 'renders the `flat` badge layout' do
          get_badge(badge_type, 'flat')

          expect(response).to render_template('projects/badges/badge')
        end
      end

      context 'when style param is set to an invalid type' do
        it 'renders the `flat` (default) badge layout' do
          get_badge(badge_type, 'xxx')

          expect(response).to render_template('projects/badges/badge')
        end
      end

      context 'when style param is set to `flat-square`' do
        it 'renders the `flat-square` badge layout' do
          get_badge(badge_type, 'flat-square')

          expect(response).to render_template('projects/badges/badge_flat-square')
        end
      end
    end

    context 'when pipelines are not public' do
      before do
        project.update!(public_builds: false)
      end

      context 'when project is public' do
        before do
          project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
        end

        it 'returns 404 to unauthenticated users' do
          get_badge(badge_type)

          expect(response).to have_gitlab_http_status(:not_found)
        end
      end

      context 'when project is restricted to the user' do
        before do
          project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
          project.add_guest(user)
          sign_in(user)
        end

        it 'defaults to project permissions' do
          get_badge(:coverage)

          expect(response).to have_gitlab_http_status(:not_found)
        end
      end
    end
  end

  describe '#pipeline' do
    it_behaves_like 'a badge resource', :pipeline
  end

  describe '#coverage' do
    it_behaves_like 'a badge resource', :coverage
  end

  def get_badge(badge, style = nil)
    params = {
      namespace_id: project.namespace.to_param,
      project_id: project,
      ref: pipeline.ref,
      style: style
    }

    get badge, params: params, format: :svg
  end
end
Add some frozen string to spec/*/.rb Adds frozen string to the following: * spec/bin/*/.rb * spec/config/*/.rb * spec/controllers/*/.rb xref https://gitlab.com/gitlab-org/gitlab-ce/issues/59758 2019-04-15 06:17:05 -04:00			`# frozen_string_literal: true`

Rename build to pipeline for status badges First commit in probably 2, for resolve gitlab-org/gitlab-ce#15582. This commit is renaming files and classes from build to pipeline. Also wording is editted to pipeline. Given `pipeline` had more characters than `build`, I've made the field a bit wider. The width now matchers the one for the coverage badge, so they look nice when in a table format, or in a list. As soon as this commit is merged to master, and released, the build.svg is deprecated, meaning that all users which already placed a badge should update it. However, to make sure it keeps working tests are added for this case. 2017-07-19 07:08:47 -04:00			`require 'spec_helper'`

			`describe Projects::BadgesController do`
			`let(:project) { pipeline.project }`
			`let!(:pipeline) { create(:ci_empty_pipeline) }`
			`let(:user) { create(:user) }`

Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			`shared_examples 'a badge resource' do \|badge_type\|`
			`context 'when pipelines are public' do`
			`before do`
			`project.update!(public_builds: true)`
			`end`

			`context 'when project is public' do`
			`before do`
			`project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)`
			`end`

			`it "returns the #{badge_type} badge to unauthenticated users" do`
			`get_badge(badge_type)`

			`expect(response).to have_gitlab_http_status(:ok)`
			`end`
			`end`

			`context 'when project is restricted' do`
			`before do`
			`project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)`
			`project.add_guest(user)`
			`sign_in(user)`
			`end`

			`it "returns the #{badge_type} badge to guest users" do`
			`get_badge(badge_type)`

			`expect(response).to have_gitlab_http_status(:ok)`
			`end`
			`end`
			`end`
Rename build to pipeline for status badges First commit in probably 2, for resolve gitlab-org/gitlab-ce#15582. This commit is renaming files and classes from build to pipeline. Also wording is editted to pipeline. Given `pipeline` had more characters than `build`, I've made the field a bit wider. The width now matchers the one for the coverage badge, so they look nice when in a table format, or in a list. As soon as this commit is merged to master, and released, the build.svg is deprecated, meaning that all users which already placed a badge should update it. However, to make sure it keeps working tests are added for this case. 2017-07-19 07:08:47 -04:00
Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			`context 'format' do`
			`before do`
			`project.add_maintainer(user)`
			`sign_in(user)`
			`end`
Rename build to pipeline for status badges First commit in probably 2, for resolve gitlab-org/gitlab-ce#15582. This commit is renaming files and classes from build to pipeline. Also wording is editted to pipeline. Given `pipeline` had more characters than `build`, I've made the field a bit wider. The width now matchers the one for the coverage badge, so they look nice when in a table format, or in a list. As soon as this commit is merged to master, and released, the build.svg is deprecated, meaning that all users which already placed a badge should update it. However, to make sure it keeps working tests are added for this case. 2017-07-19 07:08:47 -04:00
Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			it 'renders the `flat` badge layout by default' do
			`get_badge(badge_type)`
Rename build to pipeline for status badges First commit in probably 2, for resolve gitlab-org/gitlab-ce#15582. This commit is renaming files and classes from build to pipeline. Also wording is editted to pipeline. Given `pipeline` had more characters than `build`, I've made the field a bit wider. The width now matchers the one for the coverage badge, so they look nice when in a table format, or in a list. As soon as this commit is merged to master, and released, the build.svg is deprecated, meaning that all users which already placed a badge should update it. However, to make sure it keeps working tests are added for this case. 2017-07-19 07:08:47 -04:00
Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			`expect(response).to render_template('projects/badges/badge')`
			`end`
Rename build to pipeline for status badges First commit in probably 2, for resolve gitlab-org/gitlab-ce#15582. This commit is renaming files and classes from build to pipeline. Also wording is editted to pipeline. Given `pipeline` had more characters than `build`, I've made the field a bit wider. The width now matchers the one for the coverage badge, so they look nice when in a table format, or in a list. As soon as this commit is merged to master, and released, the build.svg is deprecated, meaning that all users which already placed a badge should update it. However, to make sure it keeps working tests are added for this case. 2017-07-19 07:08:47 -04:00
Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			context 'when style param is set to `flat`' do
			it 'renders the `flat` badge layout' do
			`get_badge(badge_type, 'flat')`
Rename build to pipeline for status badges First commit in probably 2, for resolve gitlab-org/gitlab-ce#15582. This commit is renaming files and classes from build to pipeline. Also wording is editted to pipeline. Given `pipeline` had more characters than `build`, I've made the field a bit wider. The width now matchers the one for the coverage badge, so they look nice when in a table format, or in a list. As soon as this commit is merged to master, and released, the build.svg is deprecated, meaning that all users which already placed a badge should update it. However, to make sure it keeps working tests are added for this case. 2017-07-19 07:08:47 -04:00
Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			`expect(response).to render_template('projects/badges/badge')`
			`end`
			`end`
Add flat-square badge style 2019-01-18 08:39:35 -05:00
Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			`context 'when style param is set to an invalid type' do`
			it 'renders the `flat` (default) badge layout' do
			`get_badge(badge_type, 'xxx')`

			`expect(response).to render_template('projects/badges/badge')`
			`end`
			`end`
Add flat-square badge style 2019-01-18 08:39:35 -05:00
Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			context 'when style param is set to `flat-square`' do
			it 'renders the `flat-square` badge layout' do
			`get_badge(badge_type, 'flat-square')`
Add flat-square badge style 2019-01-18 08:39:35 -05:00
Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			`expect(response).to render_template('projects/badges/badge_flat-square')`
			`end`
			`end`
Add flat-square badge style 2019-01-18 08:39:35 -05:00			`end`

Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			`context 'when pipelines are not public' do`
			`before do`
			`project.update!(public_builds: false)`
			`end`
Add flat-square badge style 2019-01-18 08:39:35 -05:00
Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			`context 'when project is public' do`
			`before do`
			`project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)`
			`end`

			`it 'returns 404 to unauthenticated users' do`
			`get_badge(badge_type)`

			`expect(response).to have_gitlab_http_status(:not_found)`
			`end`
			`end`

			`context 'when project is restricted to the user' do`
			`before do`
			`project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)`
			`project.add_guest(user)`
			`sign_in(user)`
			`end`

			`it 'defaults to project permissions' do`
			`get_badge(:coverage)`

			`expect(response).to have_gitlab_http_status(:not_found)`
			`end`
			`end`
Add flat-square badge style 2019-01-18 08:39:35 -05:00			`end`
			`end`

Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			`describe '#pipeline' do`
			`it_behaves_like 'a badge resource', :pipeline`
			`end`
Add flat-square badge style 2019-01-18 08:39:35 -05:00
Don't display badges when builds are restricted Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build. 2019-06-21 12:56:03 -04:00			`describe '#coverage' do`
			`it_behaves_like 'a badge resource', :coverage`
Add flat-square badge style 2019-01-18 08:39:35 -05:00			`end`

			`def get_badge(badge, style = nil)`
			`params = {`
			`namespace_id: project.namespace.to_param,`
			`project_id: project,`
			`ref: pipeline.ref,`
			`style: style`
			`}`

			`get badge, params: params, format: :svg`
Rename build to pipeline for status badges First commit in probably 2, for resolve gitlab-org/gitlab-ce#15582. This commit is renaming files and classes from build to pipeline. Also wording is editted to pipeline. Given `pipeline` had more characters than `build`, I've made the field a bit wider. The width now matchers the one for the coverage badge, so they look nice when in a table format, or in a list. As soon as this commit is merged to master, and released, the build.svg is deprecated, meaning that all users which already placed a badge should update it. However, to make sure it keeps working tests are added for this case. 2017-07-19 07:08:47 -04:00			`end`
			`end`