BigW Consortium Gitlab

pages_domain_spec.rb 3.93 KB
Newer Older
1 2 3 4 5 6
require 'spec_helper'

describe PagesDomain, models: true do
  describe 'associations' do
    it { is_expected.to belong_to(:project) }
  end
7

8
  describe 'validate domain' do
9
    subject(:pages_domain) { build(:pages_domain, domain: domain) }
10 11 12 13 14 15 16

    context 'is unique' do
      let(:domain) { 'my.domain.com' }

      it { is_expected.to validate_uniqueness_of(:domain) }
    end

17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
    {
      'my.domain.com'    => true,
      '123.456.789'      => true,
      '0x12345.com'      => true,
      '0123123'          => true,
      '_foo.com'         => false,
      'reserved.com'     => false,
      'a.reserved.com'   => false,
      nil                => false
    }.each do |value, validity|
      context "domain #{value.inspect} validity" do
        before do
          allow(Settings.pages).to receive(:host).and_return('reserved.com')
        end

        let(:domain) { value }

        it { expect(pages_domain.valid?).to eq(validity) }
      end
36 37 38 39 40 41 42 43 44
    end
  end

  describe 'validate certificate' do
    subject { domain }

    context 'when only certificate is specified' do
      let(:domain) { build(:pages_domain, :with_certificate) }

Grzegorz Bizon committed
45
      it { is_expected.not_to be_valid }
46 47 48 49 50
    end

    context 'when only key is specified' do
      let(:domain) { build(:pages_domain, :with_key) }

Grzegorz Bizon committed
51
      it { is_expected.not_to be_valid }
52 53 54 55 56 57 58 59 60
    end

    context 'with matching key' do
      let(:domain) { build(:pages_domain, :with_certificate, :with_key) }

      it { is_expected.to be_valid }
    end

    context 'for not matching key' do
61
      let(:domain) { build(:pages_domain, :with_missing_chain, :with_key) }
62

Grzegorz Bizon committed
63
      it { is_expected.not_to be_valid }
64 65 66
    end
  end

67
  describe '#url' do
68 69 70 71 72 73 74 75 76 77 78 79 80 81 82
    subject { domain.url }

    context 'without the certificate' do
      let(:domain) { build(:pages_domain) }

      it { is_expected.to eq('http://my.domain.com') }
    end

    context 'with a certificate' do
      let(:domain) { build(:pages_domain, :with_certificate) }

      it { is_expected.to eq('https://my.domain.com') }
    end
  end

83
  describe '#has_matching_key?' do
84 85 86 87 88 89 90 91 92
    subject { domain.has_matching_key? }

    context 'for matching key' do
      let(:domain) { build(:pages_domain, :with_certificate, :with_key) }

      it { is_expected.to be_truthy }
    end

    context 'for invalid key' do
93
      let(:domain) { build(:pages_domain, :with_missing_chain, :with_key) }
94 95 96 97 98

      it { is_expected.to be_falsey }
    end
  end

99
  describe '#has_intermediates?' do
100 101 102 103 104 105 106 107
    subject { domain.has_intermediates? }

    context 'for self signed' do
      let(:domain) { build(:pages_domain, :with_certificate) }

      it { is_expected.to be_truthy }
    end

108 109
    context 'for missing certificate chain' do
      let(:domain) { build(:pages_domain, :with_missing_chain) }
110 111 112

      it { is_expected.to be_falsey }
    end
113 114

    context 'for trusted certificate chain' do
Kamil Trzcinski committed
115 116 117 118
      # We only validate that we can to rebuild the trust chain, for certificates
      # We assume that 'AddTrustExternalCARoot' needed to validate the chain is in trusted store.
      # It will be if ca-certificates is installed on Debian/Ubuntu/Alpine

119 120 121 122
      let(:domain) { build(:pages_domain, :with_trusted_chain) }

      it { is_expected.to be_truthy }
    end
123 124
  end

125
  describe '#expired?' do
126 127 128 129 130 131 132 133 134 135 136 137 138 139 140
    subject { domain.expired? }

    context 'for valid' do
      let(:domain) { build(:pages_domain, :with_certificate) }

      it { is_expected.to be_falsey }
    end

    context 'for expired' do
      let(:domain) { build(:pages_domain, :with_expired_certificate) }

      it { is_expected.to be_truthy }
    end
  end

141
  describe '#subject' do
142 143 144 145 146 147 148
    let(:domain) { build(:pages_domain, :with_certificate) }

    subject { domain.subject }

    it { is_expected.to eq('/CN=test-certificate') }
  end

149
  describe '#certificate_text' do
150 151 152 153 154
    let(:domain) { build(:pages_domain, :with_certificate) }

    subject { domain.certificate_text }

    # We test only existence of output, since the output is long
Grzegorz Bizon committed
155
    it { is_expected.not_to be_empty }
156 157
  end
end