root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
gitlab-ce/spec/controllers/groups/uploads_controller_spec.rb

146 lines
4.2 KiB
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Groups::UploadsController, feature_category: :portfolio_management do
include WorkhorseHelpers
let(:model) { create(:group, :public) }
let(:params) do
{ group_id: model }
end
let(:other_model) { create(:group, :public) }
let(:other_params) do
{ group_id: other_model }
end
let(:legacy_version) { UploadsActions::ID_BASED_UPLOAD_PATH_VERSION - 1 }
it_behaves_like 'handle uploads' do
let(:uploader_class) { NamespaceFileUploader }
end
context 'with a moved group' do
let!(:upload) { create(:upload, :issuable_upload, :with_file, model: model) }
let(:group) { model }
let(:old_path) { group.to_param + 'old' }
let!(:redirect_route) { model.redirect_routes.create!(path: old_path) }
let(:upload_path) { File.basename(upload.path) }
it 'redirects to a file with the proper extension' do
get :show, params: { group_id: old_path, filename: upload_path, secret: upload.secret }
expect(response.location).to eq(show_group_uploads_url(group, upload.secret, upload_path))
expect(response.location).to end_with(upload.path)
expect(response).to have_gitlab_http_status(:redirect)
end
end
describe "GET #show" do
let(:user) { create(:user) }
let(:filename) { "rails_sample.jpg" }
let!(:upload) { create(:upload, :namespace_upload, :with_file, model: model, filename: filename) }
let(:show_upload) do
get :show, params: params.merge(secret: upload.secret, filename: filename)
end
it 'responds with status 404' do
show_upload
expect(response).to have_gitlab_http_status(:not_found)
end
context 'with legacy upload' do
let!(:upload) do
create(:upload, :namespace_upload, :with_file, model: model, filename: filename, version: legacy_version)
end
context 'when the group is public' do
before do
model.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PUBLIC)
end
context "when not signed in" do
it "responds with appropriate status" do
show_upload
expect(response).to have_gitlab_http_status(:ok)
end
context 'when uploader class does not match the upload' do
let!(:upload) do
create(:upload, :issuable_upload, :with_file, model: model, filename: filename, version: legacy_version)
end
it 'responds with status 404' do
show_upload
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'when filename does not match' do
let(:invalid_filename) { 'invalid_filename.jpg' }
it 'responds with status 404' do
get :show, params: params.merge(secret: upload.secret, filename: invalid_filename)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context "when signed in" do
before do
sign_in(user)
end
context "when the user doesn't have access to the model" do
it "responds with status 200" do
show_upload
expect(response).to have_gitlab_http_status(:ok)
end
end
end
end
context 'when the group is private' do
before do
model.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PRIVATE)
end
context "when not signed in" do
it "responds with appropriate status" do
show_upload
expect(response).to have_gitlab_http_status(:ok)
end
end
context "when signed in" do
before do
sign_in(user)
end
context "when the user doesn't have access to the model" do
it "responds with status 200" do
show_upload
expect(response).to have_gitlab_http_status(:ok)
end
end
end
end
end
end
def post_authorize(verified: true)
request.headers.merge!(workhorse_internal_api_request_header) if verified
post :authorize, params: { group_id: model.full_path }, format: :json
end
end
Reference in New Issue View Git Blame Copy Permalink