root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2021-09-08 21:10:58 +00:00
parent acab9fc89c
commit 660688cfe2
17 changed files with 251 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/models/group.rb
View File

@ -18,6 +18,10 @@ class Group < Namespace
include EachBatch
include BulkMemberAccessLoad
def self.sti_name
'Group'
end
has_many :all_group_members, -> { where(requested_at: nil) }, dependent: :destroy, as: :source, class_name: 'GroupMember' # rubocop:disable Cop/ActiveRecordDependent
has_many :group_members, -> { where(requested_at: nil).where.not(members: { access_level: Gitlab::Access::MINIMAL_ACCESS }) }, dependent: :destroy, as: :source # rubocop:disable Cop/ActiveRecordDependent
alias_method :members, :group_members

38
app/models/namespace.rb
View File

@ -18,6 +18,11 @@ class Namespace < ApplicationRecord
ignore_column :delayed_project_removal, remove_with: '14.1', remove_after: '2021-05-22'
# Tells ActiveRecord not to store the full class name, in order to space some space
# https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69794
self.store_full_sti_class = false
self.store_full_class_name = false
# Prevent users from creating unreasonably deep level of nesting.
# The number 20 was taken based on maximum nesting level of
# Android repo (15) + some extra backup.
@ -131,6 +136,21 @@ class Namespace < ApplicationRecord
attr_writer :root_ancestor, :emails_disabled_memoized
class << self
def sti_class_for(type_name)
case type_name
when 'Group'
Group
when 'Project'
Namespaces::ProjectNamespace
when 'User'
# TODO: We create a normal Namespace until
# https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68894 is ready
Namespace
else
Namespace
end
end
def by_path(path)
find_by('lower(path) = :value', value: path.downcase)
end
@ -227,15 +247,23 @@ class Namespace < ApplicationRecord
end
def kind
type == 'Group' ? 'group' : 'user'
end
return 'group' if group?
return 'project' if project?
def user?
kind == 'user'
'user' # defaults to user
end
def group?
type == 'Group'
type == Group.sti_name
end
def project?
type == Namespaces::ProjectNamespace.sti_name
end
def user?
# That last bit ensures we're considered a user namespace as a default
type.nil? || type == Namespaces::UserNamespace.sti_name || !(group? || project?)
end
def find_fork_of(project)

4
app/models/namespaces/project_namespace.rb
View File

@ -3,5 +3,9 @@
module Namespaces
class ProjectNamespace < Namespace
has_one :project, foreign_key: :project_namespace_id, inverse_of: :project_namespace
def self.sti_name
'Project'
end
end
end

11
app/models/namespaces/user_namespace.rb Normal file
View File

@ -0,0 +1,11 @@
# frozen_string_literal: true
# TODO: currently not created/mapped in the database, will be done in another issue
# https://gitlab.com/gitlab-org/gitlab/-/issues/337102
module Namespaces
class UserNamespace < Namespace
def self.sti_name
'User'
end
end
end

7
app/models/repository.rb
View File

@ -627,7 +627,12 @@ class Repository
def license
return unless license_key
Licensee::License.new(license_key)
licensee_object = Licensee::License.new(license_key)
return if licensee_object.name.blank?
licensee_object
rescue Licensee::InvalidLicense
end
memoize_method :license

88
db/post_migrate/20210806131706_finalize_taggins_bigint_conversion.rb Normal file
View File

@ -0,0 +1,88 @@
# frozen_string_literal: true
class FinalizeTagginsBigintConversion < ActiveRecord::Migration[6.1]
include Gitlab::Database::MigrationHelpers
disable_ddl_transaction!
TABLE_NAME = 'taggings'
def up
ensure_batched_background_migration_is_finished(
job_class_name: 'CopyColumnUsingBackgroundMigrationJob',
table_name: TABLE_NAME,
column_name: 'id',
job_arguments: [%w[id taggable_id], %w[id_convert_to_bigint taggable_id_convert_to_bigint]]
)
swap
end
def down
swap
end
private
def swap
# rubocop:disable Migration/PreventIndexCreation
add_concurrent_index TABLE_NAME, :id_convert_to_bigint, unique: true, name: 'index_taggings_on_id_convert_to_bigint'
# This is to replace the existing "index_taggings_on_taggable_id_and_taggable_type" btree (taggable_id, taggable_type)
add_concurrent_index TABLE_NAME, [:taggable_id_convert_to_bigint, :taggable_type], name: 'i_taggings_on_taggable_id_convert_to_bigint_and_taggable_type'
# This is to replace the existing "index_taggings_on_taggable_id_and_taggable_type_and_context" btree (taggable_id, taggable_type, context)
add_concurrent_index TABLE_NAME, [:taggable_id_convert_to_bigint, :taggable_type, :context], name: 'i_taggings_on_taggable_bigint_and_taggable_type_and_context'
# This is to replace the existing "taggings_idx" btree (tag_id, taggable_id, taggable_type, context, tagger_id, tagger_type)
add_concurrent_index TABLE_NAME, [:tag_id, :taggable_id_convert_to_bigint, :taggable_type, :context, :tagger_id, :tagger_type], unique: true, name: 'taggings_idx_tmp'
# This is to replace the existing "tmp_index_taggings_on_id_where_taggable_type_project" btree (id) WHERE taggable_type::text = 'Project'::text
add_concurrent_index TABLE_NAME, :id_convert_to_bigint, where: "taggable_type = 'Project'", name: 'tmp_index_taggings_on_id_bigint_where_taggable_type_project'
# rubocop:enable Migration/PreventIndexCreation
with_lock_retries(raise_on_exhaustion: true) do
# We'll need ACCESS EXCLUSIVE lock on the related tables,
# lets make sure it can be acquired from the start
execute "LOCK TABLE #{TABLE_NAME} IN ACCESS EXCLUSIVE MODE"
# Swap column names
temp_name = 'taggable_id_tmp'
execute "ALTER TABLE #{quote_table_name(TABLE_NAME)} RENAME COLUMN #{quote_column_name(:taggable_id)} TO #{quote_column_name(temp_name)}"
execute "ALTER TABLE #{quote_table_name(TABLE_NAME)} RENAME COLUMN #{quote_column_name(:taggable_id_convert_to_bigint)} TO #{quote_column_name(:taggable_id)}"
execute "ALTER TABLE #{quote_table_name(TABLE_NAME)} RENAME COLUMN #{quote_column_name(temp_name)} TO #{quote_column_name(:taggable_id_convert_to_bigint)}"
temp_name = 'id_tmp'
execute "ALTER TABLE #{quote_table_name(TABLE_NAME)} RENAME COLUMN #{quote_column_name(:id)} TO #{quote_column_name(temp_name)}"
execute "ALTER TABLE #{quote_table_name(TABLE_NAME)} RENAME COLUMN #{quote_column_name(:id_convert_to_bigint)} TO #{quote_column_name(:id)}"
execute "ALTER TABLE #{quote_table_name(TABLE_NAME)} RENAME COLUMN #{quote_column_name(temp_name)} TO #{quote_column_name(:id_convert_to_bigint)}"
# We need to update the trigger function in order to make PostgreSQL to
# regenerate the execution plan for it. This is to avoid type mismatch errors like
# "type of parameter 15 (bigint) does not match that when preparing the plan (integer)"
function_name = Gitlab::Database::UnidirectionalCopyTrigger.on_table(TABLE_NAME).name([:id, :taggable_id], [:id_convert_to_bigint, :taggable_id_convert_to_bigint])
execute "ALTER FUNCTION #{quote_table_name(function_name)} RESET ALL"
# Swap defaults
execute "ALTER SEQUENCE taggings_id_seq OWNED BY #{TABLE_NAME}.id"
change_column_default TABLE_NAME, :id, -> { "nextval('taggings_id_seq'::regclass)" }
change_column_default TABLE_NAME, :id_convert_to_bigint, 0
# Swap PK constraint
execute "ALTER TABLE #{TABLE_NAME} DROP CONSTRAINT taggings_pkey CASCADE"
rename_index TABLE_NAME, 'index_taggings_on_id_convert_to_bigint', 'taggings_pkey'
execute "ALTER TABLE #{TABLE_NAME} ADD CONSTRAINT taggings_pkey PRIMARY KEY USING INDEX taggings_pkey"
# Rename the index on the `bigint` column to match the new column name
# (we already hold an exclusive lock, so no need to use DROP INDEX CONCURRENTLY here)
execute 'DROP INDEX index_taggings_on_taggable_id_and_taggable_type'
rename_index TABLE_NAME, 'i_taggings_on_taggable_id_convert_to_bigint_and_taggable_type', 'index_taggings_on_taggable_id_and_taggable_type'
execute 'DROP INDEX index_taggings_on_taggable_id_and_taggable_type_and_context'
rename_index TABLE_NAME, 'i_taggings_on_taggable_bigint_and_taggable_type_and_context', 'index_taggings_on_taggable_id_and_taggable_type_and_context'
execute 'DROP INDEX taggings_idx'
rename_index TABLE_NAME, 'taggings_idx_tmp', 'taggings_idx'
execute 'DROP INDEX tmp_index_taggings_on_id_where_taggable_type_project'
rename_index TABLE_NAME, 'tmp_index_taggings_on_id_bigint_where_taggable_type_project', 'tmp_index_taggings_on_id_where_taggable_type_project'
end
end
end

1
db/schema_migrations/20210806131706 Normal file
View File

@ -0,0 +1 @@
2539e3e09682f1d7a0902b495a140151a5debef40623348d3cc552d4ba00722f

8
db/structure.sql
View File

@ -19412,16 +19412,16 @@ CREATE SEQUENCE system_note_metadata_id_seq
ALTER SEQUENCE system_note_metadata_id_seq OWNED BY system_note_metadata.id;
CREATE TABLE taggings (
id integer NOT NULL,
id_convert_to_bigint integer DEFAULT 0 NOT NULL,
tag_id integer,
taggable_id integer,
taggable_id_convert_to_bigint integer,
taggable_type character varying,
tagger_id integer,
tagger_type character varying,
context character varying,
created_at timestamp without time zone,
id_convert_to_bigint bigint DEFAULT 0 NOT NULL,
taggable_id_convert_to_bigint bigint
id bigint NOT NULL,
taggable_id bigint
);
CREATE SEQUENCE taggings_id_seq

2
doc/administration/auth/ldap/google_secure_ldap.md
View File

@ -215,7 +215,7 @@ values obtained during the LDAP client configuration earlier:
## Using encrypted credentials
You can optionally store the `bind_dn` and `password` in a separate encrypted configuration file using the
[same steps as the regular LDAP integration](index.md#using-encrypted-credentials).
[same steps as the regular LDAP integration](index.md#use-encrypted-credentials).
<!-- ## Troubleshooting

50
doc/administration/auth/ldap/index.md
View File

@ -12,24 +12,22 @@ to support user authentication.
This integration works with most LDAP-compliant directory servers, including:
- Microsoft Active Directory
- [Microsoft Active Directory Trusts](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc771568(v=ws.10)) are not supported.
- Apple Open Directory
- Open LDAP
- 389 Server
- Microsoft Active Directory.
[Microsoft Active Directory Trusts](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc771568(v=ws.10))
are not supported.
- Apple Open Directory.
- Open LDAP.
- 389 Server.
Users added through LDAP take a [licensed seat](../../../subscriptions/self_managed/index.md#billable-users).
GitLab Enterprise Editions (EE) include enhanced integration,
including group membership syncing and multiple LDAP server support.
## Security
GitLab assumes that LDAP users:
- Are not able to change their LDAP `mail`, `email`, or `userPrincipalName` attributes.
An LDAP user allowed to change their email on the LDAP server can potentially
[take over any account](#enabling-ldap-sign-in-for-existing-gitlab-users)
[take over any account](#enable-ldap-sign-in-for-existing-gitlab-users)
on your GitLab server.
- Have unique email addresses. If not, it's possible for LDAP users with the same
email address to share the same GitLab account.
@ -42,7 +40,7 @@ the LDAP server, or share email addresses.
Users deleted from the LDAP server are immediately blocked from signing in
to GitLab. However, there's an LDAP check cache time of one hour (which is
[configurable](#adjusting-ldap-user-sync-schedule) for GitLab Premium users).
[configurable](#adjust-ldap-user-sync-schedule) for GitLab Premium users).
This means users already signed-in or who are using Git over SSH can access
GitLab for up to one hour. Manually block the user in the GitLab Admin Area
to immediately block all access.
@ -53,7 +51,7 @@ LDAP-enabled users can authenticate with Git using their GitLab username or
email and LDAP password, even if password authentication for Git is disabled
in the application settings.
## Enabling LDAP sign-in for existing GitLab users
## Enable LDAP sign-in for existing GitLab users
When a user signs in to GitLab with LDAP for the first time and their LDAP
email address is the primary email address of an existing GitLab user, the
@ -155,7 +153,7 @@ production:
...
```
### Basic Configuration Settings
### Basic configuration settings
| Setting | Description | Required | Examples |
|--------------------|-------------|----------|----------|
@ -174,7 +172,7 @@ production:
| `base` | Base where we can search for users. | **{check-circle}** Yes | `'ou=people,dc=gitlab,dc=example'` or `'DC=mydomain,DC=com'` |
| `user_filter` | Filter LDAP users. Format: [RFC 4515](https://tools.ietf.org/search/rfc4515) Note: GitLab does not support `omniauth-ldap`'s custom filter syntax. | **{dotted-circle}** No | For examples, read [Examples of user filters](#examples-of-user-filters). |
| `lowercase_usernames` | If enabled, GitLab converts the name to lower case. | **{dotted-circle}** No | boolean |
| `retry_empty_result_with_codes` | An array of LDAP query response code that will attempt to retry the operation if the result/content is empty. For Google Secure LDAP, set this value to `[80]`. | **{dotted-circle}** No | `[80]` |
| `retry_empty_result_with_codes` | An array of LDAP query response code that attempt to retry the operation if the result/content is empty. For Google Secure LDAP, set this value to `[80]`. | **{dotted-circle}** No | `[80]` |
#### Examples of user filters
@ -183,7 +181,7 @@ Some examples of the `user_filter` field syntax:
- `'(employeeType=developer)'`
- `'(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'`
### SSL Configuration Settings
### SSL configuration settings
| Setting | Description | Required | Examples |
|---------------|-------------|----------|----------|
@ -193,7 +191,7 @@ Some examples of the `user_filter` field syntax:
| `cert` | Client certificate. | **{dotted-circle}** No | `'-----BEGIN CERTIFICATE----- <REDACTED> -----END CERTIFICATE -----'` |
| `key` | Client private key. | **{dotted-circle}** No | `'-----BEGIN PRIVATE KEY----- <REDACTED> -----END PRIVATE KEY -----'` |
### Attribute Configuration Settings
### Attribute configuration settings
LDAP attributes that GitLab uses to create an account for the LDAP user. The specified
attribute can either be the attribute name as a string (for example, `'mail'`), or an
@ -208,7 +206,7 @@ The user's LDAP sign-in is the attribute specified as `uid` above.
| `first_name` | LDAP attribute for user first name. Used when the attribute configured for `name` does not exist. | **{dotted-circle}** No | `'givenName'` |
| `last_name` | LDAP attribute for user last name. Used when the attribute configured for `name` does not exist. | **{dotted-circle}** No | `'sn'` |
### LDAP Sync Configuration Settings **(PREMIUM SELF)**
### LDAP Sync configuration settings **(PREMIUM SELF)**
| Setting | Description | Required | Examples |
|-------------------|-------------|----------|----------|
@ -261,7 +259,7 @@ Support for nested members in the user filter shouldn't be confused with
GitLab does not support the custom filter syntax used by OmniAuth LDAP.
#### Escaping special characters
#### Escape special characters
The `user_filter` DN can contain special characters. For example:
@ -292,7 +290,7 @@ The `user_filter` DN can contain special characters. For example:
OU=Gitlab \28Inc\29,DC=gitlab,DC=com
```
### Enabling LDAP username lowercase
### Enable LDAP username lowercase
Some LDAP servers, depending on their configurations, can return uppercase usernames.
This can lead to several confusing issues such as creating links or namespaces with uppercase names.
@ -362,7 +360,7 @@ This does not disable [using LDAP credentials for Git access](#git-password-auth
1. [Restart GitLab](../../restart_gitlab.md#installations-from-source) for the changes to take effect.
### Using encrypted credentials
### Use encrypted credentials
Instead of having the LDAP integration credentials stored in plaintext in the configuration files, you can optionally
use an encrypted file for the LDAP credentials. To use this feature, first you must enable
@ -451,7 +449,7 @@ If initially your LDAP configuration looked like:
## Encryption
### TLS Server Authentication
### TLS server authentication
There are two encryption methods, `simple_tls` and `start_tls`.
@ -461,7 +459,7 @@ exchanged but no validation of the LDAP server's SSL certificate is performed.
### Limitations
#### TLS Client Authentication
#### TLS client authentication
Not implemented by `Net::LDAP`.
@ -555,7 +553,7 @@ The LDAP sync process:
- Updates existing users.
- Creates new users on first sign in.
### Adjusting LDAP user sync schedule **(PREMIUM SELF)**
### Adjust LDAP user sync schedule **(PREMIUM SELF)**
By default, GitLab runs a worker once per day at 01:30 a.m. server time to
check and update GitLab users against LDAP.
@ -592,7 +590,7 @@ sync to run once every 12 hours at the top of the hour.
If your LDAP supports the `memberof` property, when the user signs in for the
first time GitLab triggers a sync for groups the user should be a member of.
That way they don't need to wait for the hourly sync to be granted
That way they don't have to wait for the hourly sync to be granted
access to their groups and projects.
A group sync process runs every hour on the hour, and `group_base` must be set
@ -636,9 +634,9 @@ following.
1. [Restart GitLab](../../restart_gitlab.md#installations-from-source) for the changes to take effect.
To take advantage of group sync, group owners or maintainers must [create one
or more LDAP group links](#adding-group-links).
or more LDAP group links](#add-group-links).
### Adding group links **(PREMIUM SELF)**
### Add group links **(PREMIUM SELF)**
For information on adding group links by using CNs and filters, refer to the
[GitLab groups documentation](../../../user/group/index.md#manage-group-memberships-via-ldap).
@ -710,7 +708,7 @@ To enable it, you must:
1. Expand the **Visibility and access controls** section.
1. Ensure the **Lock memberships to LDAP synchronization** checkbox is selected.
### Adjusting LDAP group sync schedule **(PREMIUM SELF)**
### Adjust LDAP group sync schedule **(PREMIUM SELF)**
By default, GitLab runs a group sync process every hour, on the hour.
The values shown are in cron format. If needed, you can use a

4
doc/administration/auth/ldap/ldap-troubleshooting.md
View File

@ -345,7 +345,7 @@ things to check to debug the situation.
- Ensure LDAP configuration has a `group_base` specified.
[This configuration](index.md#group-sync) is required for group sync to work properly.
- Ensure the correct [LDAP group link is added to the GitLab
group](index.md#adding-group-links).
group](index.md#add-group-links).
- Check that the user has an LDAP identity:
1. Sign in to GitLab as an administrator user.
1. On the top bar, select **Menu > Admin**.
@ -356,7 +356,7 @@ things to check to debug the situation.
an LDAP DN as the 'Identifier'. If not, this user hasn't signed in with
LDAP yet and must do so first.
- You've waited an hour or [the configured
interval](index.md#adjusting-ldap-group-sync-schedule) for the group to
interval](index.md#adjust-ldap-group-sync-schedule) for the group to
sync. To speed up the process, either go to the GitLab group **Group information > Members**
and press **Sync now** (sync one group) or [run the group sync Rake
task](../../raketasks/ldap.md#run-a-group-sync) (sync all groups).

6
doc/administration/encrypted_configuration.md
View File

@ -11,8 +11,8 @@ type: reference
GitLab can read settings for certain features from encrypted settings files. The supported features are:
- [LDAP `user_bn` and `password`](auth/ldap/index.md#using-encrypted-credentials)
- [SMTP `user_name` and `password`](raketasks/smtp.md#secrets)
- [LDAP `user_bn` and `password`](auth/ldap/index.md#use-encrypted-credentials).
- [SMTP `user_name` and `password`](raketasks/smtp.md#secrets).
In order to enable the encrypted configuration settings, a new base key needs to be generated for
`encrypted_settings_key_base`. The secret can be generated in the following ways:
@ -35,4 +35,4 @@ The new secret can be generated by running:
bundle exec rake gitlab:env:info RAILS_ENV=production GITLAB_GENERATE_ENCRYPTED_SETTINGS_KEY_BASE=true
```
This prints general information on the GitLab instance, but also causes the key to be generated in `<path-to-gitlab-rails>/config/secrets.yml`
This prints general information on the GitLab instance, but also causes the key to be generated in `<path-to-gitlab-rails>/config/secrets.yml`.

5
doc/administration/raketasks/ldap.md
View File

@ -44,7 +44,7 @@ waiting for the next scheduled group sync to be run.
NOTE:
If you'd like to change the frequency at which a group sync is performed,
[adjust the cron schedule](../auth/ldap/index.md#adjusting-ldap-group-sync-schedule)
[adjust the cron schedule](../auth/ldap/index.md#adjust-ldap-group-sync-schedule)
instead.
**Omnibus Installation**
@ -151,7 +151,8 @@ sudo gitlab-rake gitlab:ldap:rename_provider[old_provider,new_provider] force=ye
## Secrets
GitLab can use [LDAP configuration secrets](../auth/ldap/index.md#using-encrypted-credentials) to read from an encrypted file. The following Rake tasks are provided for updating the contents of the encrypted file.
GitLab can use [LDAP configuration secrets](../auth/ldap/index.md#use-encrypted-credentials) to read from an encrypted file.
The following Rake tasks are provided for updating the contents of the encrypted file.
### Show secret

6
doc/subscriptions/bronze_starter.md
View File

@ -51,13 +51,13 @@ the tiers are no longer mentioned in GitLab documentation:
- Syncing information through LDAP:
- Groups: [one group](../administration/auth/ldap/ldap-troubleshooting.md#sync-one-group),
[all groups programmatically](../administration/auth/ldap/index.md#group-sync),
[group sync schedule](../administration/auth/ldap/index.md#adjusting-ldap-group-sync-schedule), and
[group sync schedule](../administration/auth/ldap/index.md#adjust-ldap-group-sync-schedule), and
[all groups manually](../administration/auth/ldap/ldap-troubleshooting.md#sync-all-groups)
- [Configuration settings](../administration/auth/ldap/index.md#ldap-sync-configuration-settings)
- Users: [all users](../administration/auth/ldap/index.md#user-sync),
[administrators](../administration/auth/ldap/index.md#administrator-sync),
[user sync schedule](../administration/auth/ldap/index.md#adjusting-ldap-user-sync-schedule)
- [Adding group links](../administration/auth/ldap/index.md#adding-group-links)
[user sync schedule](../administration/auth/ldap/index.md#adjust-ldap-user-sync-schedule)
- [Adding group links](../administration/auth/ldap/index.md#add-group-links)
- [Lock memberships to LDAP synchronization](../administration/auth/ldap/index.md#global-group-memberships-lock)
- Rake tasks for [LDAP tasks](../administration/raketasks/ldap.md), including
[syncing groups](../administration/raketasks/ldap.md#run-a-group-sync)

2
doc/user/project/repository/index.md
View File

@ -34,7 +34,7 @@ You can [commit your changes](https://git-scm.com/book/en/v2/Git-Basics-Recordin
to a branch in the repository. When you use the command line, you can commit multiple times before you push.
- **Commit message:**
A commit message identities what is being changed and why.
A commit message identifies what is being changed and why.
In GitLab, you can add keywords to the commit
message to perform one of the following actions:
- **Trigger a GitLab CI/CD pipeline:**

57
spec/models/namespace_spec.rb
View File

@ -157,6 +157,63 @@ RSpec.describe Namespace do
end
end
describe 'handling STI', :aggregate_failures do
let(:namespace_type) { nil }
let(:namespace) { Namespace.find(create(:namespace, type: namespace_type).id) }
context 'creating a Group' do
let(:namespace_type) { 'Group' }
it 'is valid' do
expect(namespace).to be_a(Group)
expect(namespace.kind).to eq('group')
expect(namespace.group?).to be_truthy
end
end
context 'creating a ProjectNamespace' do
let(:namespace_type) { 'Project' }
it 'is valid' do
expect(Namespace.find(namespace.id)).to be_a(Namespaces::ProjectNamespace)
expect(namespace.kind).to eq('project')
expect(namespace.project?).to be_truthy
end
end
context 'creating a UserNamespace' do
let(:namespace_type) { 'User' }
it 'is valid' do
# TODO: We create a normal Namespace until
# https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68894 is ready
expect(Namespace.find(namespace.id)).to be_a(Namespace)
expect(namespace.kind).to eq('user')
expect(namespace.user?).to be_truthy
end
end
context 'creating a default Namespace' do
let(:namespace_type) { nil }
it 'is valid' do
expect(Namespace.find(namespace.id)).to be_a(Namespace)
expect(namespace.kind).to eq('user')
expect(namespace.user?).to be_truthy
end
end
context 'creating an unknown Namespace type' do
let(:namespace_type) { 'One' }
it 'defaults to a Namespace' do
expect(Namespace.find(namespace.id)).to be_a(Namespace)
expect(namespace.kind).to eq('user')
expect(namespace.user?).to be_truthy
end
end
end
describe 'scopes', :aggregate_failures do
let_it_be(:namespace1) { create(:group, name: 'Namespace 1', path: 'namespace-1') }
let_it_be(:namespace2) { create(:group, name: 'Namespace 2', path: 'namespace-2') }

6
spec/models/repository_spec.rb
View File

@ -1338,6 +1338,12 @@ RSpec.describe Repository do
expect(repository.license).to be_nil
end
it 'returns nil when license_key is not recognized' do
expect(repository).to receive(:license_key).twice.and_return('not-recognized')
expect(repository.license).to be_nil
end
it 'returns other when the content is not recognizable' do
license = Licensee::License.new('other')
repository.create_file(user, 'LICENSE', 'Gitlab B.V.',