331 lines
9.9 KiB
Ruby
331 lines
9.9 KiB
Ruby
# frozen_string_literal: true
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe Projects::LfsPointers::LfsDownloadService do
|
|
include StubRequests
|
|
|
|
let_it_be(:project) { create(:project) }
|
|
|
|
let(:lfs_content) { SecureRandom.random_bytes(10) }
|
|
let(:oid) { Digest::SHA256.hexdigest(lfs_content) }
|
|
let(:download_link) { "http://gitlab.com/#{oid}" }
|
|
let(:size) { lfs_content.size }
|
|
let(:lfs_object) { LfsDownloadObject.new(oid: oid, size: size, link: download_link) }
|
|
let(:local_request_setting) { false }
|
|
|
|
subject { described_class.new(project, lfs_object) }
|
|
|
|
before_all do
|
|
ApplicationSetting.create_from_defaults
|
|
end
|
|
|
|
before do
|
|
stub_application_setting(allow_local_requests_from_web_hooks_and_services: local_request_setting)
|
|
allow(project).to receive(:lfs_enabled?).and_return(true)
|
|
end
|
|
|
|
shared_examples 'lfs temporal file is removed' do
|
|
it do
|
|
subject.execute
|
|
|
|
expect(File.exist?(subject.send(:tmp_filename))).to be false
|
|
end
|
|
end
|
|
|
|
shared_examples 'no lfs object is created' do
|
|
it do
|
|
expect { subject.execute }.not_to change { LfsObject.count }
|
|
end
|
|
|
|
it 'returns error result' do
|
|
expect(subject.execute[:status]).to eq :error
|
|
end
|
|
|
|
it 'an error is logged' do
|
|
expect(subject).to receive(:log_error)
|
|
|
|
subject.execute
|
|
end
|
|
|
|
it_behaves_like 'lfs temporal file is removed'
|
|
end
|
|
|
|
shared_examples 'lfs object is created' do
|
|
it 'creates and associate the LFS object to project' do
|
|
expect(subject).to receive(:download_and_save_file!).and_call_original
|
|
|
|
expect { subject.execute }.to change { LfsObject.count }.by(1)
|
|
expect(LfsObject.first.projects).to include(project)
|
|
end
|
|
|
|
it 'returns success result' do
|
|
expect(subject.execute[:status]).to eq :success
|
|
end
|
|
|
|
it_behaves_like 'lfs temporal file is removed'
|
|
end
|
|
|
|
describe '#execute' do
|
|
context 'when file download succeeds' do
|
|
before do
|
|
stub_full_request(download_link).to_return(body: lfs_content)
|
|
end
|
|
|
|
it_behaves_like 'lfs object is created'
|
|
|
|
it 'has the same oid' do
|
|
subject.execute
|
|
|
|
expect(LfsObject.first.oid).to eq oid
|
|
end
|
|
|
|
it 'has the same size' do
|
|
subject.execute
|
|
|
|
expect(LfsObject.first.size).to eq size
|
|
end
|
|
|
|
it 'stores the content' do
|
|
subject.execute
|
|
|
|
expect(File.binread(LfsObject.first.file.file.file)).to eq lfs_content
|
|
end
|
|
|
|
it 'streams the download' do
|
|
expected_options = { headers: anything, stream_body: true }
|
|
|
|
expect(Gitlab::HTTP).to receive(:perform_request).with(Net::HTTP::Get, anything, expected_options)
|
|
|
|
subject.execute
|
|
end
|
|
|
|
it 'skips read_total_timeout', :aggregate_failures do
|
|
stub_const('GitLab::HTTP::DEFAULT_READ_TOTAL_TIMEOUT', 0)
|
|
|
|
expect(ProjectCacheWorker).to receive(:perform_async).once
|
|
expect(Gitlab::Metrics::System).not_to receive(:monotonic_time)
|
|
expect(subject.execute).to include(status: :success)
|
|
end
|
|
end
|
|
|
|
context 'when file download fails' do
|
|
before do
|
|
allow(Gitlab::HTTP).to receive(:get).and_return(code: 500, 'success?' => false)
|
|
end
|
|
|
|
it_behaves_like 'no lfs object is created'
|
|
|
|
it 'raise StandardError exception' do
|
|
expect(subject).to receive(:download_and_save_file!).and_raise(StandardError)
|
|
|
|
subject.execute
|
|
end
|
|
end
|
|
|
|
context 'when file download returns a redirect' do
|
|
let(:redirect_link) { 'http://external-link' }
|
|
|
|
before do
|
|
stub_full_request(download_link).to_return(status: 301, body: 'You are being redirected', headers: { 'Location' => redirect_link } )
|
|
stub_full_request(redirect_link).to_return(body: lfs_content)
|
|
end
|
|
|
|
it_behaves_like 'lfs object is created'
|
|
|
|
it 'correctly stores lfs object' do
|
|
subject.execute
|
|
|
|
new_lfs_object = LfsObject.first
|
|
|
|
expect(new_lfs_object).to have_attributes(oid: oid, size: size)
|
|
expect(File.binread(new_lfs_object.file.file.file)).to eq lfs_content
|
|
end
|
|
end
|
|
|
|
context 'when downloaded lfs file has a different size' do
|
|
let(:size) { 1 }
|
|
|
|
before do
|
|
stub_full_request(download_link).to_return(body: lfs_content)
|
|
end
|
|
|
|
it_behaves_like 'no lfs object is created'
|
|
|
|
it 'raise SizeError exception' do
|
|
expect(subject).to receive(:download_and_save_file!).and_raise(described_class::SizeError)
|
|
|
|
subject.execute
|
|
end
|
|
end
|
|
|
|
context 'when downloaded lfs file has a different oid' do
|
|
before do
|
|
stub_full_request(download_link).to_return(body: lfs_content)
|
|
allow_any_instance_of(Digest::SHA256).to receive(:hexdigest).and_return('foobar')
|
|
end
|
|
|
|
it_behaves_like 'no lfs object is created'
|
|
|
|
it 'raise OidError exception' do
|
|
expect(subject).to receive(:download_and_save_file!).and_raise(described_class::OidError)
|
|
|
|
subject.execute
|
|
end
|
|
end
|
|
|
|
context 'when an lfs object with the same oid already exists' do
|
|
let!(:existing_lfs_object) { create(:lfs_object, oid: oid) }
|
|
|
|
before do
|
|
stub_full_request(download_link).to_return(body: lfs_content)
|
|
end
|
|
|
|
it_behaves_like 'no lfs object is created'
|
|
|
|
it 'does not update the file attached to the existing LfsObject' do
|
|
expect { subject.execute }
|
|
.not_to change { existing_lfs_object.reload.file.file.file }
|
|
end
|
|
end
|
|
|
|
context 'when credentials present' do
|
|
let(:download_link_with_credentials) { "http://user:password@gitlab.com/#{oid}" }
|
|
let(:lfs_object) { LfsDownloadObject.new(oid: oid, size: size, link: download_link_with_credentials) }
|
|
let!(:request_stub) { stub_full_request(download_link).with(headers: { 'Authorization' => 'Basic dXNlcjpwYXNzd29yZA==' }).to_return(body: lfs_content) }
|
|
|
|
it 'the request adds authorization headers' do
|
|
subject.execute
|
|
|
|
expect(request_stub).to have_been_requested
|
|
end
|
|
|
|
context 'when Authorization header is present' do
|
|
let(:auth_header) { { 'Authorization' => 'Basic 12345' } }
|
|
let(:lfs_object) { LfsDownloadObject.new(oid: oid, size: size, link: download_link_with_credentials, headers: auth_header) }
|
|
let!(:request_stub) { stub_full_request(download_link).with(headers: auth_header).to_return(body: lfs_content) }
|
|
|
|
it 'request uses the header auth' do
|
|
subject.execute
|
|
|
|
expect(request_stub).to have_been_requested
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when localhost requests are allowed' do
|
|
let(:download_link) { 'http://192.168.2.120' }
|
|
let(:local_request_setting) { true }
|
|
|
|
before do
|
|
stub_full_request(download_link, ip_address: '192.168.2.120').to_return(body: lfs_content)
|
|
end
|
|
|
|
it_behaves_like 'lfs object is created'
|
|
end
|
|
|
|
context 'when a bad URL is used' do
|
|
where(download_link: ['/etc/passwd', 'ftp://example.com', 'http://127.0.0.2', 'http://192.168.2.120'])
|
|
|
|
with_them do
|
|
it 'does not download the file' do
|
|
expect(subject).not_to receive(:download_lfs_file!)
|
|
|
|
expect { subject.execute }.not_to change { LfsObject.count }
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when the URL points to a redirected URL' do
|
|
context 'that is blocked' do
|
|
where(redirect_link: ['ftp://example.com', 'http://127.0.0.2', 'http://192.168.2.120'])
|
|
|
|
with_them do
|
|
before do
|
|
stub_full_request(download_link, ip_address: '192.168.2.120')
|
|
.to_return(status: 301, headers: { 'Location' => redirect_link })
|
|
end
|
|
|
|
it_behaves_like 'no lfs object is created'
|
|
end
|
|
end
|
|
|
|
context 'that is not blocked' do
|
|
let(:redirect_link) { "http://example.com/"}
|
|
|
|
before do
|
|
stub_full_request(download_link).to_return(status: 301, headers: { 'Location' => redirect_link })
|
|
stub_full_request(redirect_link).to_return(body: lfs_content)
|
|
end
|
|
|
|
it_behaves_like 'lfs object is created'
|
|
end
|
|
end
|
|
|
|
context 'when the lfs object attributes are invalid' do
|
|
let(:oid) { 'foobar' }
|
|
|
|
before do
|
|
expect(lfs_object).to be_invalid
|
|
end
|
|
|
|
it_behaves_like 'no lfs object is created'
|
|
|
|
it 'does not download the file' do
|
|
expect(subject).not_to receive(:download_lfs_file!)
|
|
|
|
subject.execute
|
|
end
|
|
end
|
|
|
|
context 'when a large lfs object with the same oid already exists' do
|
|
let!(:existing_lfs_object) { create(:lfs_object, :with_file, :correct_oid) }
|
|
|
|
before do
|
|
stub_const("#{described_class}::LARGE_FILE_SIZE", 500)
|
|
stub_full_request(download_link).to_return(body: lfs_content)
|
|
end
|
|
|
|
context 'and first fragments are the same' do
|
|
let(:lfs_content) { existing_lfs_object.file.read }
|
|
|
|
context 'when lfs_link_existing_object feature flag disabled' do
|
|
before do
|
|
stub_feature_flags(lfs_link_existing_object: false)
|
|
end
|
|
|
|
it 'does not call link_existing_lfs_object!' do
|
|
expect(subject).not_to receive(:link_existing_lfs_object!)
|
|
|
|
subject.execute
|
|
end
|
|
end
|
|
|
|
it 'returns success' do
|
|
expect(subject.execute).to eq({ status: :success })
|
|
end
|
|
|
|
it 'links existing lfs object to the project' do
|
|
expect { subject.execute }
|
|
.to change { project.lfs_objects.include?(existing_lfs_object) }.from(false).to(true)
|
|
end
|
|
end
|
|
|
|
context 'and first fragments diverges' do
|
|
let(:lfs_content) { SecureRandom.random_bytes(1000) }
|
|
let(:oid) { existing_lfs_object.oid }
|
|
|
|
it 'raises oid mismatch error' do
|
|
expect(subject.execute).to eq({
|
|
status: :error,
|
|
message: "LFS file with oid #{oid} cannot be linked with an existing LFS object"
|
|
})
|
|
end
|
|
|
|
it 'does not change lfs objects' do
|
|
expect { subject.execute }.not_to change { project.lfs_objects }
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|