cover denied context for GitlabNet

author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-03-11 14:22:02 +0200
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-03-11 14:22:02 +0200
commit: b8ccc7a6b0160dc2e9a50c8949e384f7aea13823 (patch)
tree: 4bd297c52486fedb2104dce6c909fc95a28fca80 /spec
parent: a94d899692f3869c55bd9db5588b337b8fabdaf2 (diff)
download: gitlab-shell-b8ccc7a6b0160dc2e9a50c8949e384f7aea13823.tar.gz
3 files changed, 118 insertions, 8 deletions
diff --git a/spec/gitlab_net_spec.rb b/spec/gitlab_net_spec.rb
index 5bda95e..c2e194f 100644
--- a/spec/gitlab_net_spec.rb
+++ b/spec/gitlab_net_spec.rb
@@ -10,17 +10,35 @@ describe GitlabNet do
       gitlab_net.stub!(:host).and_return('https://dev.gitlab.org/api/v3/internal')
     end
 
-    it 'should allow pull access for dev.gitlab.org', vcr: true do
-      VCR.use_cassette("allowed-pull") do
-        access = gitlab_net.allowed?('git-receive-pack', 'gitlab/gitlabhq.git', 'key-1', 'master')
-        access.should be_true
+    context 'ssh key with access to project' do
+      it 'should allow pull access for dev.gitlab.org', vcr: true do
+        VCR.use_cassette("allowed-pull") do
+          access = gitlab_net.allowed?('git-receive-pack', 'gitlab/gitlabhq.git', 'key-1', 'master')
+          access.should be_true
+        end
+      end
+
+      it 'should allow push access for dev.gitlab.org', vcr: true do
+        VCR.use_cassette("allowed-push") do
+          access = gitlab_net.allowed?('git-upload-pack', 'gitlab/gitlabhq.git', 'key-1', 'master')
+          access.should be_true
+        end
       end
     end
 
-    it 'should allow push access for dev.gitlab.org', vcr: true do
-      VCR.use_cassette("allowed-push") do
-        access = gitlab_net.allowed?('git-upload-pack', 'gitlab/gitlabhq.git', 'key-1', 'master')
-        access.should be_true
+    context 'ssh key without access to project' do
+      it 'should deny pull access for dev.gitlab.org', vcr: true do
+        VCR.use_cassette("denied-pull") do
+          access = gitlab_net.allowed?('git-receive-pack', 'gitlab/gitlabhq.git', 'key-2', 'master')
+          access.should be_false
+        end
+      end
+
+      it 'should deny push access for dev.gitlab.org', vcr: true do
+        VCR.use_cassette("denied-push") do
+          access = gitlab_net.allowed?('git-upload-pack', 'gitlab/gitlabhq.git', 'key-2', 'master')
+          access.should be_false
+        end
       end
     end
   end
diff --git a/spec/vcr_cassettes/denied-pull.yml b/spec/vcr_cassettes/denied-pull.yml
new file mode 100644
index 0000000..ef71121
--- /dev/null
+++ b/spec/vcr_cassettes/denied-pull.yml
@@ -0,0 +1,46 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://dev.gitlab.org/api/v3/internal/allowed?action=git-receive-pack&key_id=2&project=gitlab/gitlabhq&ref=master
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Accept:
+      - ! '*/*'
+      User-Agent:
+      - Ruby
+  response:
+    status:
+      code: 404
+      message: Not Found
+    headers:
+      Server:
+      - nginx/1.1.19
+      Date:
+      - Mon, 11 Mar 2013 12:21:31 GMT
+      Content-Type:
+      - application/json
+      Content-Length:
+      - '27'
+      Connection:
+      - keep-alive
+      Status:
+      - 404 Not Found
+      X-Ua-Compatible:
+      - IE=Edge,chrome=1
+      Cache-Control:
+      - no-cache
+      X-Request-Id:
+      - bda6c4046ea050c5bad39a38337f5771
+      X-Runtime:
+      - '0.005632'
+      X-Rack-Cache:
+      - miss
+    body:
+      encoding: US-ASCII
+      string: ! '{"message":"404 Not found"}'
+    http_version: 
+  recorded_at: Mon, 11 Mar 2013 12:21:30 GMT
+recorded_with: VCR 2.4.0
diff --git a/spec/vcr_cassettes/denied-push.yml b/spec/vcr_cassettes/denied-push.yml
new file mode 100644
index 0000000..8116aa1
--- /dev/null
+++ b/spec/vcr_cassettes/denied-push.yml
@@ -0,0 +1,46 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&key_id=2&project=gitlab/gitlabhq&ref=master
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Accept:
+      - ! '*/*'
+      User-Agent:
+      - Ruby
+  response:
+    status:
+      code: 404
+      message: Not Found
+    headers:
+      Server:
+      - nginx/1.1.19
+      Date:
+      - Mon, 11 Mar 2013 12:21:31 GMT
+      Content-Type:
+      - application/json
+      Content-Length:
+      - '27'
+      Connection:
+      - keep-alive
+      Status:
+      - 404 Not Found
+      X-Ua-Compatible:
+      - IE=Edge,chrome=1
+      Cache-Control:
+      - no-cache
+      X-Request-Id:
+      - 6242870566154e17170c86ebb7f7a448
+      X-Runtime:
+      - '0.005174'
+      X-Rack-Cache:
+      - miss
+    body:
+      encoding: US-ASCII
+      string: ! '{"message":"404 Not found"}'
+    http_version: 
+  recorded_at: Mon, 11 Mar 2013 12:21:31 GMT
+recorded_with: VCR 2.4.0
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-03-11 14:22:02 +0200
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-03-11 14:22:02 +0200
commit	b8ccc7a6b0160dc2e9a50c8949e384f7aea13823 (patch)
tree	4bd297c52486fedb2104dce6c909fc95a28fca80 /spec
parent	a94d899692f3869c55bd9db5588b337b8fabdaf2 (diff)
download	gitlab-shell-b8ccc7a6b0160dc2e9a50c8949e384f7aea13823.tar.gz