BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
d26d4f9e
Commit
d26d4f9e
authored
Apr 17, 2018
by
Rémy Coutable
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'replace-build-permissions' into 'master'
Replace project builds permissions spinach with RSpec See merge request gitlab-org/gitlab-ce!18306
parents
e86923eb
eafa1b9f
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
130 additions
and
123 deletions
+130
-123
permissions.feature
features/project/builds/permissions.feature
+0
-54
permissions.rb
features/steps/project/builds/permissions.rb
+0
-7
builds.rb
features/steps/shared/builds.rb
+0
-25
paths.rb
features/steps/shared/paths.rb
+0
-8
project.rb
features/steps/shared/project.rb
+0
-29
permissions_spec.rb
spec/features/projects/jobs/permissions_spec.rb
+130
-0
No files found.
features/project/builds/permissions.feature
deleted
100644 → 0
View file @
e86923eb
Feature
:
Project Builds Permissions
Background
:
Given
I sign in as a user
And
project exists in some group namespace
And
project has CI enabled
And
project has a recent build
Scenario
:
I
try to visit build details as guest
Given
I am member of a project with a guest role
When
I visit recent build details page
Then
page status code should be 404
Scenario
:
I
try to visit project builds page as guest
Given
I am member of a project with a guest role
When
I visit project builds page
Then
page status code should be 404
Scenario
:
I
try to visit build details of internal project without access to builds
Given
The project is internal
And
public access for builds is disabled
When
I visit recent build details page
Then
page status code should be 404
Scenario
:
I
try to visit internal project builds page without access to builds
Given
The project is internal
And
public access for builds is disabled
When
I visit project builds page
Then
page status code should be 404
@javascript
Scenario
:
I
try to visit build details of internal project with access to builds
Given
The project is internal
And
public access for builds is enabled
When
I visit recent build details page
Then
I see details of a build
And
I see build trace
Scenario
:
I
try to visit internal project builds page with access to builds
Given
The project is internal
And
public access for builds is enabled
When
I visit project builds page
Then
I see the build
Scenario
:
I
try to download build artifacts as guest
Given
I am member of a project with a guest role
And
recent build has artifacts available
When
I access artifacts download page
Then
page status code should be 404
Scenario
:
I
try to download build artifacts as reporter
Given
I am member of a project with a reporter role
And
recent build has artifacts available
When
I access artifacts download page
Then
download of build artifacts archive starts
features/steps/project/builds/permissions.rb
deleted
100644 → 0
View file @
e86923eb
class
Spinach
::
Features
::
ProjectBuildsPermissions
<
Spinach
::
FeatureSteps
include
SharedAuthentication
include
SharedProject
include
SharedBuilds
include
SharedPaths
include
RepoHelpers
end
features/steps/shared/builds.rb
View file @
d26d4f9e
...
...
@@ -30,10 +30,6 @@ module SharedBuilds
visit
project_job_path
(
@project
,
@build
)
end
step
'I visit project builds page'
do
visit
project_jobs_path
(
@project
)
end
step
'recent build has artifacts available'
do
artifacts
=
Rails
.
root
+
'spec/fixtures/ci_build_artifacts.zip'
archive
=
fixture_file_upload
(
artifacts
,
'application/zip'
)
...
...
@@ -54,25 +50,4 @@ module SharedBuilds
expect
(
page
.
response_headers
[
'Content-Type'
]).
to
eq
'application/zip'
expect
(
page
.
response_headers
[
'Content-Transfer-Encoding'
]).
to
eq
'binary'
end
step
'I access artifacts download page'
do
visit
download_project_job_artifacts_path
(
@project
,
@build
)
end
step
'I see details of a build'
do
expect
(
page
).
to
have_content
"Job #
#{
@build
.
id
}
"
end
step
'I see build trace'
do
expect
(
page
).
to
have_css
'#build-trace'
end
step
'I see the build'
do
page
.
within
(
'.build'
)
do
expect
(
page
).
to
have_content
"#
#{
@build
.
id
}
"
expect
(
page
).
to
have_content
@build
.
sha
[
0
..
7
]
expect
(
page
).
to
have_content
@build
.
ref
expect
(
page
).
to
have_content
@build
.
name
end
end
end
features/steps/shared/paths.rb
View file @
d26d4f9e
...
...
@@ -435,12 +435,4 @@ module SharedPaths
mr
=
MergeRequest
.
find_by
(
title:
title
)
project_merge_request_path
(
mr
.
target_project
,
mr
)
end
# ----------------------------------------
# Errors
# ----------------------------------------
step
'page status code should be 404'
do
expect
(
status_code
).
to
eq
404
end
end
features/steps/shared/project.rb
View file @
d26d4f9e
...
...
@@ -13,11 +13,6 @@ module SharedProject
@project
.
add_master
(
@user
)
end
step
"project exists in some group namespace"
do
@group
=
create
(
:group
,
name:
'some group'
)
@project
=
create
(
:project
,
:repository
,
namespace:
@group
,
public_builds:
false
)
end
# Create a specific project called "Shop"
step
'I own project "Shop"'
do
@project
=
Project
.
find_by
(
name:
"Shop"
)
...
...
@@ -30,18 +25,6 @@ module SharedProject
end
# ----------------------------------------
# Project permissions
# ----------------------------------------
step
'I am member of a project with a guest role'
do
@project
.
add_guest
(
@user
)
end
step
'I am member of a project with a reporter role'
do
@project
.
add_reporter
(
@user
)
end
# ----------------------------------------
# Visibility of archived project
# ----------------------------------------
...
...
@@ -140,18 +123,6 @@ module SharedProject
create
(
:label
,
project:
project
,
title:
'enhancement'
)
end
step
'The project is internal'
do
@project
.
update
(
visibility_level:
Gitlab
::
VisibilityLevel
::
INTERNAL
)
end
step
'public access for builds is enabled'
do
@project
.
update
(
public_builds:
true
)
end
step
'public access for builds is disabled'
do
@project
.
update
(
public_builds:
false
)
end
def
user_owns_project
(
user_name
:,
project_name
:,
visibility: :private
)
user
=
user_exists
(
user_name
,
username:
user_name
.
gsub
(
/\s/
,
''
).
underscore
)
project
=
Project
.
find_by
(
name:
project_name
)
...
...
spec/features/projects/jobs/permissions_spec.rb
0 → 100644
View file @
d26d4f9e
require
'spec_helper'
describe
'Project Jobs Permissions'
do
let
(
:user
)
{
create
(
:user
)
}
let
(
:group
)
{
create
(
:group
,
name:
'some group'
)
}
let
(
:project
)
{
create
(
:project
,
:repository
,
namespace:
group
)
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
project
,
sha:
project
.
commit
.
sha
,
ref:
'master'
)
}
let!
(
:job
)
{
create
(
:ci_build
,
:running
,
:coverage
,
:trace_artifact
,
pipeline:
pipeline
)
}
before
do
sign_in
(
user
)
project
.
enable_ci
end
describe
'jobs pages'
do
shared_examples
'recent job page details responds with status'
do
|
status
|
before
do
visit
project_job_path
(
project
,
job
)
end
it
{
expect
(
status_code
).
to
eq
(
status
)
}
end
shared_examples
'project jobs page responds with status'
do
|
status
|
before
do
visit
project_jobs_path
(
project
)
end
it
{
expect
(
status_code
).
to
eq
(
status
)
}
end
context
'when public access for jobs is disabled'
do
before
do
project
.
update
(
public_builds:
false
)
end
context
'when user is a guest'
do
before
do
project
.
add_guest
(
user
)
end
it_behaves_like
'recent job page details responds with status'
,
404
it_behaves_like
'project jobs page responds with status'
,
404
end
context
'when project is internal'
do
before
do
project
.
update
(
visibility_level:
Gitlab
::
VisibilityLevel
::
INTERNAL
)
end
it_behaves_like
'recent job page details responds with status'
,
404
it_behaves_like
'project jobs page responds with status'
,
404
end
end
context
'when public access for jobs is enabled'
do
before
do
project
.
update
(
public_builds:
true
)
end
context
'when project is internal'
do
before
do
project
.
update
(
visibility_level:
Gitlab
::
VisibilityLevel
::
INTERNAL
)
end
it_behaves_like
'recent job page details responds with status'
,
200
do
it
'renders job details'
,
:js
do
expect
(
page
).
to
have_content
"Job #
#{
job
.
id
}
"
expect
(
page
).
to
have_css
'#build-trace'
end
end
it_behaves_like
'project jobs page responds with status'
,
200
do
it
'renders job'
do
page
.
within
(
'.build'
)
do
expect
(
page
).
to
have_content
(
"#
#{
job
.
id
}
"
)
.
and
have_content
(
job
.
sha
[
0
..
7
])
.
and
have_content
(
job
.
ref
)
.
and
have_content
(
job
.
name
)
end
end
end
end
end
end
describe
'artifacts page'
do
context
'when recent job has artifacts available'
do
before
do
artifacts
=
Rails
.
root
.
join
(
'spec/fixtures/ci_build_artifacts.zip'
)
archive
=
fixture_file_upload
(
artifacts
,
'application/zip'
)
job
.
update_attributes
(
legacy_artifacts_file:
archive
)
end
context
'when public access for jobs is disabled'
do
before
do
project
.
update
(
public_builds:
false
)
end
context
'when user with guest role'
do
before
do
project
.
add_guest
(
user
)
end
it
'responds with 404 status'
do
visit
download_project_job_artifacts_path
(
project
,
job
)
expect
(
status_code
).
to
eq
(
404
)
end
end
context
'when user with reporter role'
do
before
do
project
.
add_reporter
(
user
)
end
it
'starts download artifact'
do
visit
download_project_job_artifacts_path
(
project
,
job
)
expect
(
status_code
).
to
eq
(
200
)
expect
(
page
.
response_headers
[
'Content-Type'
]).
to
eq
'application/zip'
expect
(
page
.
response_headers
[
'Content-Transfer-Encoding'
]).
to
eq
'binary'
end
end
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment