Merge branch '34049-public-commits-should-not-require-authentication' into 'master'
Commits API: Listing commits for public repo doesn't require authentication Closes #34049 See merge request !13287
This commit is contained in:
commit
9ac2a51779
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
title: Added tests for commits API unauthenticated user and public/private project
|
||||
merge_request: 13287
|
||||
author: Jacopo Beschi @jacopo-beschi
|
|
@ -16,11 +16,13 @@ describe API::Commits do
|
|||
end
|
||||
|
||||
describe 'GET /projects/:id/repository/commits' do
|
||||
context 'authorized user' do
|
||||
let(:route) { "/projects/#{project_id}/repository/commits" }
|
||||
|
||||
shared_examples_for 'project commits' do
|
||||
it "returns project commits" do
|
||||
commit = project.repository.commit
|
||||
|
||||
get api("/projects/#{project_id}/repository/commits", user)
|
||||
get api(route, current_user)
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response).to match_response_schema('public_api/v4/commits')
|
||||
|
@ -32,7 +34,7 @@ describe API::Commits do
|
|||
it 'include correct pagination headers' do
|
||||
commit_count = project.repository.count_commits(ref: 'master').to_s
|
||||
|
||||
get api("/projects/#{project_id}/repository/commits", user)
|
||||
get api(route, current_user)
|
||||
|
||||
expect(response).to include_pagination_headers
|
||||
expect(response.headers['X-Total']).to eq(commit_count)
|
||||
|
@ -40,14 +42,24 @@ describe API::Commits do
|
|||
end
|
||||
end
|
||||
|
||||
context "unauthorized user" do
|
||||
it "does not return project commits" do
|
||||
get api("/projects/#{project_id}/repository/commits")
|
||||
context 'when unauthenticated', 'and project is public' do
|
||||
let(:project) { create(:project, :public, :repository) }
|
||||
|
||||
expect(response).to have_http_status(404)
|
||||
it_behaves_like 'project commits'
|
||||
end
|
||||
|
||||
context 'when unauthenticated', 'and project is private' do
|
||||
it_behaves_like '404 response' do
|
||||
let(:request) { get api(route) }
|
||||
let(:message) { '404 Project Not Found' }
|
||||
end
|
||||
end
|
||||
|
||||
context 'when authenticated', 'as a master' do
|
||||
let(:current_user) { user }
|
||||
|
||||
it_behaves_like 'project commits'
|
||||
|
||||
context "since optional parameter" do
|
||||
it "returns project commits since provided parameter" do
|
||||
commits = project.repository.commits("master")
|
||||
|
@ -178,6 +190,7 @@ describe API::Commits do
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe "POST /projects/:id/repository/commits" do
|
||||
let!(:url) { "/projects/#{project_id}/repository/commits" }
|
||||
|
|
Loading…
Reference in New Issue