1 files changed, 35 insertions, 2 deletions

diff --git a/spec/gitlab_shell_spec.rb b/spec/gitlab_shell_spec.rb
index da91c36..44dca6d 100644
--- a/spec/gitlab_shell_spec.rb
+++ b/spec/gitlab_shell_spec.rb
@@ -11,13 +11,15 @@ describe GitlabShell do
   end
   let(:api) do
     double(GitlabNet).tap do |api|
-      api.stub(discover: 'John Doe')
+      api.stub(discover: { 'name' => 'John Doe' })
       api.stub(allowed?: true)
     end
   end
   let(:key_id) { "key-#{rand(100) + 100}" }
   let(:repository_path) { "/home/git#{rand(100)}/repos" }
-  before { GitlabConfig.any_instance.stub(:repos_path).and_return(repository_path) }
+  before do
+    GitlabConfig.any_instance.stub(repos_path: repository_path, audit_usernames: false)
+  end
 
   describe :initialize do
     before { ssh_cmd 'git-receive-pack' }
@@ -64,6 +66,18 @@ describe GitlabShell do
       it "should set the GL_ID environment variable" do
         ENV.should_receive("[]=").with("GL_ID", key_id)
       end
+
+      it "should log the command execution" do
+        message = "gitlab-shell: executing git command "
+        message << "<git-upload-pack #{File.join(repository_path, 'gitlab-ci.git')}> "
+        message << "for user with key #{key_id}."
+        $logger.should_receive(:info).with(message)
+      end
+
+      it "should use usernames if configured to do so" do
+        GitlabConfig.any_instance.stub(audit_usernames: true)
+        $logger.should_receive(:info) { |msg| msg.should =~ /for John Doe/ }
+      end
     end
 
     context 'git-receive-pack' do
@@ -77,6 +91,13 @@ describe GitlabShell do
       it "should execute the command" do
         subject.should_receive(:exec_cmd).with("git-receive-pack #{File.join(repository_path, 'gitlab-ci.git')}")
       end
+
+      it "should log the command execution" do
+        message = "gitlab-shell: executing git command "
+        message << "<git-receive-pack #{File.join(repository_path, 'gitlab-ci.git')}> "
+        message << "for user with key #{key_id}."
+        $logger.should_receive(:info).with(message)
+      end
     end
 
     context 'arbitrary command' do
@@ -90,6 +111,11 @@ describe GitlabShell do
       it "should not execute the command" do
         subject.should_not_receive(:exec_cmd)
       end
+
+      it "should log the attempt" do
+        message = "gitlab-shell: Attempt to execute disallowed command <arbitrary command> by user with key #{key_id}."
+        $logger.should_receive(:warn).with(message)
+      end
     end
 
     context 'no command' do
@@ -110,6 +136,13 @@ describe GitlabShell do
       api.should_receive(:allowed?).
         with('git-upload-pack', 'gitlab-ci.git', key_id, '_any')
     end
+
+    it "should disallow access and log the attempt if allowed? returns false" do
+      api.stub(allowed?: false)
+      message = "gitlab-shell: Access denied for git command <git-upload-pack gitlab-ci.git> "
+      message << "by user with key #{key_id}."
+      $logger.should_receive(:warn).with(message)
+    end
   end
 
   def ssh_cmd(cmd)