VladPolskiy/gitlab-ce
1
0
Fork 0
mirror of https://github.com/gitlabhq/gitlabhq.git synced 2025-08-01 15:53:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
950e7b01af4c2b83cd6d722649637f19ea24c060
gitlab-ce/spec/lib/gitlab/shell_spec.rb
GitLab Bot 5a5540954c Add latest changes from gitlab-org/gitlab@master
2024-05-21 12:23:42 +00:00

142 lines
3.9 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
require 'spec_helper'
require 'stringio'
RSpec.describe Gitlab::Shell, feature_category: :source_code_management do
let_it_be(:project) { create(:project, :repository) }
let(:repository) { project.repository }
let(:gitlab_shell) { described_class.new }
before do
described_class.instance_variable_set(:@secret_token, nil)
end
describe '.verify_api_request' do
subject { described_class.verify_api_request(headers) }
let(:encoded_token) { JWT.encode(payload, described_class.secret_token, 'HS256') }
let(:payload) { { 'iss' => described_class::JWT_ISSUER } }
let(:headers) { { described_class::API_HEADER => encoded_token } }
it 'returns the decoded JWT' do
is_expected.to eq([
{ 'iss' => described_class::JWT_ISSUER },
{ 'alg' => 'HS256' }
])
end
context 'when secret is wrong' do
let(:encoded_token) { JWT.encode(payload, 'wrong secret', 'HS256') }
it 'returns nil' do
is_expected.to be_nil
end
end
context 'when issuer is wrong' do
let(:payload) { { 'iss' => 'wrong issuer' } }
it 'returns nil' do
is_expected.to be_nil
end
end
end
describe '.header_set?' do
subject { described_class.header_set?(headers) }
let(:headers) { { described_class::API_HEADER => 'token' } }
it { is_expected.to be_truthy }
context 'when header is missing' do
let(:headers) { { 'another_header' => 'token' } }
it { is_expected.to be_falsey }
end
end
describe '.secret_token' do
let(:secret_file) { 'tmp/tests/.secret_shell_test' }
let(:link_file) { 'tmp/tests/shell-secret-test/.gitlab_shell_secret' }
before do
allow(Gitlab.config.gitlab_shell).to receive(:secret_file).and_return(secret_file)
allow(Gitlab.config.gitlab_shell).to receive(:path).and_return('tmp/tests/shell-secret-test')
FileUtils.mkdir('tmp/tests/shell-secret-test')
end
after do
FileUtils.rm_rf('tmp/tests/shell-secret-test')
FileUtils.rm_rf(secret_file)
end
shared_examples 'creates and links the secret token file' do
it 'creates and links the secret token file' do
secret_token = described_class.secret_token
expect(File.exist?(secret_file)).to be(true)
expect(File.read(secret_file).chomp).to eq(secret_token)
expect(File.symlink?(link_file)).to be(true)
expect(File.readlink(link_file)).to eq(secret_file)
end
end
describe 'memoized secret_token' do
before do
described_class.ensure_secret_token!
end
it_behaves_like 'creates and links the secret token file'
end
context 'when link_file is a broken symbolic link' do
before do
File.symlink('tmp/tests/non_existing_file', link_file)
described_class.ensure_secret_token!
end
it_behaves_like 'creates and links the secret token file'
end
context 'when secret_file exists' do
let(:secret_token) { 'secret-token' }
before do
File.write(secret_file, 'secret-token')
described_class.ensure_secret_token!
end
it_behaves_like 'creates and links the secret token file'
it 'reads the token from the existing file' do
expect(described_class.secret_token).to eq(secret_token)
end
end
end
describe 'namespace actions' do
subject { described_class.new }
let(:storage) { Gitlab.config.repositories.storages.each_key.first }
describe '#repository_exists?' do
context 'when the repository does not exist' do
it 'returns false' do
expect(subject.repository_exists?(storage, "non-existing.git")).to be(false)
end
end
context 'when the repository exists' do
it 'returns true' do
project = create(:project, :repository, :legacy_storage)
expect(subject.repository_exists?(storage, project.repository.disk_path + ".git")).to be(true)
end
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink