2014-10-07 09:05:24 -04:00
|
|
|
require 'spec_helper'
|
|
|
|
|
2017-07-10 10:24:02 -04:00
|
|
|
describe Gitlab::GitAccessWiki do
|
2017-07-25 13:09:00 -04:00
|
|
|
let(:access) { described_class.new(user, project, 'web', authentication_abilities: authentication_abilities, redirected_path: redirected_path) }
|
2018-02-21 19:20:30 -05:00
|
|
|
let(:project) { create(:project, :wiki_repo) }
|
2014-10-07 09:05:24 -04:00
|
|
|
let(:user) { create(:user) }
|
2017-09-19 03:44:58 -04:00
|
|
|
let(:changes) { ['6f6d7e7ed 570e7b2ab refs/heads/master'] }
|
2017-06-15 20:03:54 -04:00
|
|
|
let(:redirected_path) { nil }
|
2016-09-16 03:59:10 -04:00
|
|
|
let(:authentication_abilities) do
|
2016-09-15 09:40:53 -04:00
|
|
|
[
|
|
|
|
:read_project,
|
|
|
|
:download_code,
|
|
|
|
:push_code
|
|
|
|
]
|
|
|
|
end
|
2014-10-07 09:05:24 -04:00
|
|
|
|
2017-09-19 03:44:58 -04:00
|
|
|
describe '#push_access_check' do
|
|
|
|
context 'when user can :create_wiki' do
|
|
|
|
before do
|
|
|
|
create(:protected_branch, name: 'master', project: project)
|
2017-12-22 03:18:28 -05:00
|
|
|
project.add_developer(user)
|
2017-09-19 03:44:58 -04:00
|
|
|
end
|
2014-10-07 09:05:24 -04:00
|
|
|
|
2017-09-19 03:44:58 -04:00
|
|
|
subject { access.check('git-receive-pack', changes) }
|
2014-10-07 09:05:24 -04:00
|
|
|
|
2017-09-19 03:44:58 -04:00
|
|
|
it { expect { subject }.not_to raise_error }
|
|
|
|
|
|
|
|
context 'when in a read-only GitLab instance' do
|
|
|
|
before do
|
|
|
|
allow(Gitlab::Database).to receive(:read_only?) { true }
|
|
|
|
end
|
2014-10-07 09:05:24 -04:00
|
|
|
|
2017-09-19 03:44:58 -04:00
|
|
|
it 'does not give access to upload wiki code' do
|
|
|
|
expect { subject }.to raise_error(Gitlab::GitAccess::UnauthorizedError, "You can't push code to a read-only GitLab instance.")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2014-10-07 09:05:24 -04:00
|
|
|
end
|
2016-11-29 14:31:42 -05:00
|
|
|
|
2016-12-20 08:19:07 -05:00
|
|
|
describe '#access_check_download!' do
|
2018-12-20 11:25:48 -05:00
|
|
|
subject { access.check('git-upload-pack', Gitlab::GitAccess::ANY) }
|
2016-11-29 14:31:42 -05:00
|
|
|
|
|
|
|
before do
|
2017-12-22 03:18:28 -05:00
|
|
|
project.add_developer(user)
|
2016-11-29 14:31:42 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when wiki feature is enabled' do
|
|
|
|
it 'give access to download wiki code' do
|
2017-05-19 15:58:45 -04:00
|
|
|
expect { subject }.not_to raise_error
|
2016-11-29 14:31:42 -05:00
|
|
|
end
|
2018-02-21 19:20:30 -05:00
|
|
|
|
|
|
|
context 'when the wiki repository does not exist' do
|
|
|
|
it 'returns not found' do
|
|
|
|
wiki_repo = project.wiki.repository
|
2018-06-14 07:18:25 -04:00
|
|
|
Gitlab::GitalyClient::StorageSettings.allow_disk_access do
|
|
|
|
FileUtils.rm_rf(wiki_repo.path)
|
|
|
|
end
|
2018-02-21 19:20:30 -05:00
|
|
|
|
|
|
|
# Sanity check for rm_rf
|
|
|
|
expect(wiki_repo.exists?).to eq(false)
|
|
|
|
|
2018-02-22 13:51:00 -05:00
|
|
|
expect { subject }.to raise_error(Gitlab::GitAccess::NotFoundError, 'A repository for this project does not exist yet.')
|
2018-02-21 19:20:30 -05:00
|
|
|
end
|
|
|
|
end
|
2016-11-29 14:31:42 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when wiki feature is disabled' do
|
|
|
|
it 'does not give access to download wiki code' do
|
|
|
|
project.project_feature.update_attribute(:wiki_access_level, ProjectFeature::DISABLED)
|
|
|
|
|
2017-05-19 15:58:45 -04:00
|
|
|
expect { subject }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to download code from this project.')
|
2016-11-29 14:31:42 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2014-10-07 09:05:24 -04:00
|
|
|
end
|