deploy_keys_spec.rb 6.86 KB
Newer Older
1 2
require 'spec_helper'

3
describe API::DeployKeys do
4 5
  let(:user)        { create(:user) }
  let(:admin)       { create(:admin) }
6 7
  let(:project)     { create(:empty_project, creator_id: user.id) }
  let(:project2)    { create(:empty_project, creator_id: user.id) }
8 9 10 11 12
  let(:deploy_key)  { create(:deploy_key, public: true) }

  let!(:deploy_keys_project) do
    create(:deploy_keys_project, project: project, deploy_key: deploy_key)
  end
13 14 15

  describe 'GET /deploy_keys' do
    context 'when unauthenticated' do
16
      it 'returns authentication error' do
17 18 19 20 21 22 23
        get api('/deploy_keys')

        expect(response.status).to eq(401)
      end
    end

    context 'when authenticated as non-admin user' do
24
      it 'returns a 403 error' do
25 26 27 28 29 30 31
        get api('/deploy_keys', user)

        expect(response.status).to eq(403)
      end
    end

    context 'when authenticated as admin' do
32
      it 'returns all deploy keys' do
33 34 35
        get api('/deploy_keys', admin)

        expect(response.status).to eq(200)
36
        expect(response).to include_pagination_headers
37 38 39 40 41 42
        expect(json_response).to be_an Array
        expect(json_response.first['id']).to eq(deploy_keys_project.deploy_key.id)
      end
    end
  end

43 44 45
  describe 'GET /projects/:id/deploy_keys' do
    before { deploy_key }

46
    it 'returns array of ssh keys' do
47 48 49
      get api("/projects/#{project.id}/deploy_keys", admin)

      expect(response).to have_http_status(200)
50
      expect(response).to include_pagination_headers
51 52 53 54 55 56
      expect(json_response).to be_an Array
      expect(json_response.first['title']).to eq(deploy_key.title)
    end
  end

  describe 'GET /projects/:id/deploy_keys/:key_id' do
57
    it 'returns a single key' do
58 59 60 61 62 63
      get api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin)

      expect(response).to have_http_status(200)
      expect(json_response['title']).to eq(deploy_key.title)
    end

64
    it 'returns 404 Not Found with invalid ID' do
65 66 67 68 69 70 71
      get api("/projects/#{project.id}/deploy_keys/404", admin)

      expect(response).to have_http_status(404)
    end
  end

  describe 'POST /projects/:id/deploy_keys' do
72
    it 'does not create an invalid ssh key' do
73 74 75
      post api("/projects/#{project.id}/deploy_keys", admin), { title: 'invalid key' }

      expect(response).to have_http_status(400)
76
      expect(json_response['error']).to eq('key is missing')
77 78
    end

79
    it 'does not create a key without title' do
80 81 82
      post api("/projects/#{project.id}/deploy_keys", admin), key: 'some key'

      expect(response).to have_http_status(400)
83
      expect(json_response['error']).to eq('title is missing')
84 85
    end

86
    it 'creates new ssh key' do
87 88 89 90
      key_attrs = attributes_for :another_key

      expect do
        post api("/projects/#{project.id}/deploy_keys", admin), key_attrs
91
      end.to change { project.deploy_keys.count }.by(1)
92
    end
93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108

    it 'returns an existing ssh key when attempting to add a duplicate' do
      expect do
        post api("/projects/#{project.id}/deploy_keys", admin), { key: deploy_key.key, title: deploy_key.title }
      end.not_to change { project.deploy_keys.count }

      expect(response).to have_http_status(201)
    end

    it 'joins an existing ssh key to a new project' do
      expect do
        post api("/projects/#{project2.id}/deploy_keys", admin), { key: deploy_key.key, title: deploy_key.title }
      end.to change { project2.deploy_keys.count }.by(1)

      expect(response).to have_http_status(201)
    end
109 110 111 112 113 114 115 116 117

    it 'accepts can_push parameter' do
      key_attrs = attributes_for :write_access_key

      post api("/projects/#{project.id}/deploy_keys", admin), key_attrs

      expect(response).to have_http_status(201)
      expect(json_response['can_push']).to eq(true)
    end
118 119
  end

120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160
  describe 'PUT /projects/:id/deploy_keys/:key_id' do
    let(:private_deploy_key) { create(:another_deploy_key, public: false) }
    let(:project_private_deploy_key) do
      create(:deploy_keys_project, project: project, deploy_key: private_deploy_key)
    end

    it 'updates a public deploy key as admin' do
      expect do
        put api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin), { title: 'new title' }
      end.not_to change(deploy_key, :title)

      expect(response).to have_http_status(200)
    end

    it 'does not update a public deploy key as non admin' do
      expect do
        put api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", user), { title: 'new title' }
      end.not_to change(deploy_key, :title)

      expect(response).to have_http_status(404)
    end

    it 'does not update a private key with invalid title' do
      project_private_deploy_key

      expect do
        put api("/projects/#{project.id}/deploy_keys/#{private_deploy_key.id}", admin), { title: '' }
      end.not_to change(deploy_key, :title)

      expect(response).to have_http_status(400)
    end

    it 'updates a private ssh key with correct attributes' do
      project_private_deploy_key

      put api("/projects/#{project.id}/deploy_keys/#{private_deploy_key.id}", admin), { title: 'new title', can_push: true }

      expect(json_response['id']).to eq(private_deploy_key.id)
      expect(json_response['title']).to eq('new title')
      expect(json_response['can_push']).to eq(true)
    end
161 162 163 164 165 166 167 168 169 170

    it 'updates a private ssh key from projects user has access with correct attributes' do
      create(:deploy_keys_project, project: project2, deploy_key: private_deploy_key)

      put api("/projects/#{project.id}/deploy_keys/#{private_deploy_key.id}", admin), { title: 'new title', can_push: true }

      expect(json_response['id']).to eq(private_deploy_key.id)
      expect(json_response['title']).to eq('new title')
      expect(json_response['can_push']).to eq(true)
    end
171 172
  end

173 174 175
  describe 'DELETE /projects/:id/deploy_keys/:key_id' do
    before { deploy_key }

176
    it 'deletes existing key' do
177 178
      expect do
        delete api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin)
179 180

        expect(response).to have_http_status(204)
181 182 183
      end.to change{ project.deploy_keys.count }.by(-1)
    end

184
    it 'returns 404 Not Found with invalid ID' do
185 186 187 188 189 190
      delete api("/projects/#{project.id}/deploy_keys/404", admin)

      expect(response).to have_http_status(404)
    end
  end

191 192 193 194 195 196 197 198 199 200 201 202 203 204 205
  describe 'POST /projects/:id/deploy_keys/:key_id/enable' do
    let(:project2) { create(:empty_project) }

    context 'when the user can admin the project' do
      it 'enables the key' do
        expect do
          post api("/projects/#{project2.id}/deploy_keys/#{deploy_key.id}/enable", admin)
        end.to change { project2.deploy_keys.count }.from(0).to(1)

        expect(response).to have_http_status(201)
        expect(json_response['id']).to eq(deploy_key.id)
      end
    end

    context 'when authenticated as non-admin user' do
206
      it 'returns a 404 error' do
207 208 209 210 211 212 213
        post api("/projects/#{project2.id}/deploy_keys/#{deploy_key.id}/enable", user)

        expect(response).to have_http_status(404)
      end
    end
  end
end