BigW Consortium Gitlab

pages_domain_spec.rb 4.02 KB
Newer Older
1 2 3 4 5 6
require 'spec_helper'

describe PagesDomain, models: true do
  describe 'associations' do
    it { is_expected.to belong_to(:project) }
  end
7

8
  describe 'validate domain' do
9 10 11 12 13 14 15 16 17 18 19 20 21 22
    subject { build(:pages_domain, domain: domain) }

    context 'is unique' do
      let(:domain) { 'my.domain.com' }

      it { is_expected.to validate_uniqueness_of(:domain) }
    end

    context 'valid domain' do
      let(:domain) { 'my.domain.com' }

      it { is_expected.to be_valid }
    end

23 24 25 26 27 28
    context 'valid hexadecimal-looking domain' do
      let(:domain) { '0x12345.com'}

      it { is_expected.to be_valid }
    end

29 30 31
    context 'no domain' do
      let(:domain) { nil }

Grzegorz Bizon committed
32
      it { is_expected.not_to be_valid }
33 34 35 36 37
    end

    context 'invalid domain' do
      let(:domain) { '0123123' }

Grzegorz Bizon committed
38
      it { is_expected.not_to be_valid }
39 40 41 42 43 44 45
    end

    context 'domain from .example.com' do
      let(:domain) { 'my.domain.com' }

      before { allow(Settings.pages).to receive(:host).and_return('domain.com') }

Grzegorz Bizon committed
46
      it { is_expected.not_to be_valid }
47 48 49 50 51 52 53 54 55
    end
  end

  describe 'validate certificate' do
    subject { domain }

    context 'when only certificate is specified' do
      let(:domain) { build(:pages_domain, :with_certificate) }

Grzegorz Bizon committed
56
      it { is_expected.not_to be_valid }
57 58 59 60 61
    end

    context 'when only key is specified' do
      let(:domain) { build(:pages_domain, :with_key) }

Grzegorz Bizon committed
62
      it { is_expected.not_to be_valid }
63 64 65 66 67 68 69 70 71
    end

    context 'with matching key' do
      let(:domain) { build(:pages_domain, :with_certificate, :with_key) }

      it { is_expected.to be_valid }
    end

    context 'for not matching key' do
72
      let(:domain) { build(:pages_domain, :with_missing_chain, :with_key) }
73

Grzegorz Bizon committed
74
      it { is_expected.not_to be_valid }
75 76 77
    end
  end

78
  describe '#url' do
79 80 81 82 83 84 85 86 87 88 89 90 91 92 93
    subject { domain.url }

    context 'without the certificate' do
      let(:domain) { build(:pages_domain) }

      it { is_expected.to eq('http://my.domain.com') }
    end

    context 'with a certificate' do
      let(:domain) { build(:pages_domain, :with_certificate) }

      it { is_expected.to eq('https://my.domain.com') }
    end
  end

94
  describe '#has_matching_key?' do
95 96 97 98 99 100 101 102 103
    subject { domain.has_matching_key? }

    context 'for matching key' do
      let(:domain) { build(:pages_domain, :with_certificate, :with_key) }

      it { is_expected.to be_truthy }
    end

    context 'for invalid key' do
104
      let(:domain) { build(:pages_domain, :with_missing_chain, :with_key) }
105 106 107 108 109

      it { is_expected.to be_falsey }
    end
  end

110
  describe '#has_intermediates?' do
111 112 113 114 115 116 117 118
    subject { domain.has_intermediates? }

    context 'for self signed' do
      let(:domain) { build(:pages_domain, :with_certificate) }

      it { is_expected.to be_truthy }
    end

119 120
    context 'for missing certificate chain' do
      let(:domain) { build(:pages_domain, :with_missing_chain) }
121 122 123

      it { is_expected.to be_falsey }
    end
124 125

    context 'for trusted certificate chain' do
Kamil Trzcinski committed
126 127 128 129
      # We only validate that we can to rebuild the trust chain, for certificates
      # We assume that 'AddTrustExternalCARoot' needed to validate the chain is in trusted store.
      # It will be if ca-certificates is installed on Debian/Ubuntu/Alpine

130 131 132 133
      let(:domain) { build(:pages_domain, :with_trusted_chain) }

      it { is_expected.to be_truthy }
    end
134 135
  end

136
  describe '#expired?' do
137 138 139 140 141 142 143 144 145 146 147 148 149 150 151
    subject { domain.expired? }

    context 'for valid' do
      let(:domain) { build(:pages_domain, :with_certificate) }

      it { is_expected.to be_falsey }
    end

    context 'for expired' do
      let(:domain) { build(:pages_domain, :with_expired_certificate) }

      it { is_expected.to be_truthy }
    end
  end

152
  describe '#subject' do
153 154 155 156 157 158 159
    let(:domain) { build(:pages_domain, :with_certificate) }

    subject { domain.subject }

    it { is_expected.to eq('/CN=test-certificate') }
  end

160
  describe '#certificate_text' do
161 162 163 164 165
    let(:domain) { build(:pages_domain, :with_certificate) }

    subject { domain.certificate_text }

    # We test only existence of output, since the output is long
Grzegorz Bizon committed
166
    it { is_expected.not_to be_empty }
167 168
  end
end