Add tests for the unmodified header

915dd57f · Robert Schilling · dcd4ea47 · 915dd57f · 915dd57f · 915dd57f
26 changed file
--- a/spec/requests/api/award_emoji_spec.rb
+++ b/spec/requests/api/award_emoji_spec.rb
@@ -253,6 +253,10 @@ describe API::AwardEmoji do

        expect(response).to have_http_status(404)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/issues/#{issue.iid}/award_emoji/#{award_emoji.id}", user) }
+      end
    end

    context 'when the awardable is a Merge Request' do
@@ -269,6 +273,10 @@ describe API::AwardEmoji do

        expect(response).to have_http_status(404)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/award_emoji/#{downvote.id}", user) }
+      end
    end

    context 'when the awardable is a Snippet' do
@@ -282,6 +290,10 @@ describe API::AwardEmoji do
          expect(response).to have_http_status(204)
        end.to change { snippet.award_emoji.count }.from(1).to(0)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/snippets/#{snippet.id}/award_emoji/#{award.id}", user) }
+      end
    end
  end

@@ -295,5 +307,9 @@ describe API::AwardEmoji do
        expect(response).to have_http_status(204)
      end.to change { note.award_emoji.count }.from(1).to(0)
    end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/issues/#{issue.iid}/notes/#{note.id}/award_emoji/#{rocket.id}", user) }
+    end
  end
 end
--- a/spec/requests/api/boards_spec.rb
+++ b/spec/requests/api/boards_spec.rb
@@ -195,6 +195,10 @@ describe API::Boards do

        expect(response).to have_http_status(204)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("#{base_url}/#{dev_list.id}", owner) }
+      end
    end
  end
 end
--- a/spec/requests/api/branches_spec.rb
+++ b/spec/requests/api/branches_spec.rb
@@ -499,6 +499,10 @@ describe API::Branches do

      expect(response).to have_gitlab_http_status(404)
    end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/repository/branches/#{branch_name}", user) }
+    end
  end

  describe 'DELETE /projects/:id/repository/merged_branches' do

--- a/spec/requests/api/broadcast_messages_spec.rb
+++ b/spec/requests/api/broadcast_messages_spec.rb
@@ -171,6 +171,10 @@ describe API::BroadcastMessages do
      expect(response).to have_http_status(403)
    end

+    it_behaves_like '412 response' do
+      let(:request) { api("/broadcast_messages/#{message.id}", admin) }
+    end
+
    it 'deletes the broadcast message for admins' do
      expect do
        delete api("/broadcast_messages/#{message.id}", admin)

--- a/spec/requests/api/deploy_keys_spec.rb
+++ b/spec/requests/api/deploy_keys_spec.rb
@@ -190,6 +190,10 @@ describe API::DeployKeys do

      expect(response).to have_http_status(404)
    end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin) }
+    end
  end

  describe 'POST /projects/:id/deploy_keys/:key_id/enable' do

--- a/spec/requests/api/environments_spec.rb
+++ b/spec/requests/api/environments_spec.rb
@@ -138,6 +138,10 @@ describe API::Environments do
        expect(response).to have_http_status(404)
        expect(json_response['message']).to eq('404 Not found')
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/environments/#{environment.id}", user) }
+      end
    end

    context 'a non member' do

--- a/spec/requests/api/group_variables_spec.rb
+++ b/spec/requests/api/group_variables_spec.rb
@@ -200,6 +200,10 @@ describe API::GroupVariables do

        expect(response).to have_http_status(404)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/groups/#{group.id}/variables/#{variable.key}", user) }
+      end
    end

    context 'authorized user with invalid permissions' do

--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -488,6 +488,10 @@ describe API::Groups do
        expect(response).to have_http_status(204)
      end

+      it_behaves_like '412 response' do
+        let(:request) { api("/groups/#{group1.id}", user1) }
+      end
+
      it "does not remove a group if not an owner" do
        user4 = create(:user)
        group1.add_master(user4)

--- a/spec/requests/api/issues_spec.rb
+++ b/spec/requests/api/issues_spec.rb
@@ -1304,6 +1304,10 @@ describe API::Issues, :mailer do

        expect(response).to have_http_status(204)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/issues/#{issue.iid}", owner) }
+      end
    end

    context 'when issue does not exist' do

--- a/spec/requests/api/labels_spec.rb
+++ b/spec/requests/api/labels_spec.rb
@@ -189,6 +189,11 @@ describe API::Labels do
      delete api("/projects/#{project.id}/labels", user)
      expect(response).to have_http_status(400)
    end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/labels", user) }
+      let(:params) { { name: 'label1' } }
+    end
  end

  describe 'PUT /projects/:id/labels' do

--- a/spec/requests/api/members_spec.rb
+++ b/spec/requests/api/members_spec.rb
@@ -284,6 +284,10 @@ describe API::Members do
            expect(response).to have_http_status(204)
          end.to change { source.members.count }.by(-1)
        end
+
+        it_behaves_like '412 response' do
+          let(:request) { api("/#{source_type.pluralize}/#{source.id}/members/#{developer.id}", master) }
+        end
      end

      it 'returns 404 if member does not exist' do

--- a/spec/requests/api/merge_requests_spec.rb
+++ b/spec/requests/api/merge_requests_spec.rb
@@ -698,6 +698,10 @@ describe API::MergeRequests do

        expect(response).to have_gitlab_http_status(404)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user) }
+      end
    end
  end


--- a/spec/requests/api/notes_spec.rb
+++ b/spec/requests/api/notes_spec.rb
@@ -390,6 +390,10 @@ describe API::Notes do

        expect(response).to have_http_status(404)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/issues/#{issue.iid}/notes/#{issue_note.id}", user) }
+      end
    end

    context 'when noteable is a Snippet' do
@@ -410,6 +414,10 @@ describe API::Notes do

        expect(response).to have_http_status(404)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/snippets/#{snippet.id}/notes/#{snippet_note.id}", user) }
+      end
    end

    context 'when noteable is a Merge Request' do
@@ -430,6 +438,10 @@ describe API::Notes do

        expect(response).to have_http_status(404)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/notes/#{merge_request_note.id}", user) }
+      end
    end
  end
 end
--- a/spec/requests/api/pipeline_schedules_spec.rb
+++ b/spec/requests/api/pipeline_schedules_spec.rb
@@ -275,6 +275,10 @@ describe API::PipelineSchedules do

        expect(response).to have_http_status(:not_found)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", master) }
+      end
    end

    context 'authenticated user with invalid permissions' do

--- a/spec/requests/api/project_hooks_spec.rb
+++ b/spec/requests/api/project_hooks_spec.rb
@@ -212,5 +212,9 @@ describe API::ProjectHooks, 'ProjectHooks' do
      expect(response).to have_http_status(404)
      expect(WebHook.exists?(hook.id)).to be_truthy
    end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/hooks/#{hook.id}", user) }
+    end
  end
 end
--- a/spec/requests/api/project_snippets_spec.rb
+++ b/spec/requests/api/project_snippets_spec.rb
@@ -228,9 +228,6 @@ describe API::ProjectSnippets do
    let(:snippet) { create(:project_snippet, author: admin) }

    it 'deletes snippet' do
-      admin = create(:admin)
-      snippet = create(:project_snippet, author: admin)
-
      delete api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin)

      expect(response).to have_http_status(204)
@@ -242,6 +239,10 @@ describe API::ProjectSnippets do
      expect(response).to have_http_status(404)
      expect(json_response['message']).to eq('404 Snippet Not Found')
    end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin) }
+    end
  end

  describe 'GET /projects/:project_id/snippets/:id/raw' do

--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -1029,6 +1029,10 @@ describe API::Projects do
      delete api("/projects/#{project.id}/snippets/1234", user)
      expect(response).to have_http_status(404)
    end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/snippets/#{snippet.id}", user) }
+    end
  end

  describe 'GET /projects/:id/snippets/:snippet_id/raw' do
@@ -1104,23 +1108,31 @@ describe API::Projects do
          project_fork_target.group.add_developer user2
        end

-        it 'is forbidden to non-owner users' do
-          delete api("/projects/#{project_fork_target.id}/fork", user2)
-          expect(response).to have_http_status(403)
-        end
+        context 'for a forked project' do
+          before do
+            post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
+            project_fork_target.reload
+            expect(project_fork_target.forked_from_project).not_to be_nil
+            expect(project_fork_target.forked?).to be_truthy
+          end

-        it 'makes forked project unforked' do
-          post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
-          project_fork_target.reload
-          expect(project_fork_target.forked_from_project).not_to be_nil
-          expect(project_fork_target.forked?).to be_truthy
+          it 'makes forked project unforked' do
+            delete api("/projects/#{project_fork_target.id}/fork", admin)

-          delete api("/projects/#{project_fork_target.id}/fork", admin)
+            expect(response).to have_http_status(204)
+            project_fork_target.reload
+            expect(project_fork_target.forked_from_project).to be_nil
+            expect(project_fork_target.forked?).not_to be_truthy
+          end

-          expect(response).to have_http_status(204)
-          project_fork_target.reload
-          expect(project_fork_target.forked_from_project).to be_nil
-          expect(project_fork_target.forked?).not_to be_truthy
+          it_behaves_like '412 response' do
+            let(:request) { api("/projects/#{project_fork_target.id}/fork", admin) }
+          end
+        end
+
+        it 'is forbidden to non-owner users' do
+          delete api("/projects/#{project_fork_target.id}/fork", user2)
+          expect(response).to have_http_status(403)
        end

        it 'is idempotent if not forked' do
@@ -1188,14 +1200,23 @@ describe API::Projects do
  end

  describe 'DELETE /projects/:id/share/:group_id' do
-    it 'returns 204 when deleting a group share' do
-      group = create(:group, :public)
-      create(:project_group_link, group: group, project: project)
+    context 'for a valid group' do
+      let(:group) { create(:group, :public) }
+
+      before do
+        create(:project_group_link, group: group, project: project)
+      end
+
+      it 'returns 204 when deleting a group share' do
+        delete api("/projects/#{project.id}/share/#{group.id}", user)

-      delete api("/projects/#{project.id}/share/#{group.id}", user)
+        expect(response).to have_http_status(204)
+        expect(project.project_group_links).to be_empty
+      end

-      expect(response).to have_http_status(204)
-      expect(project.project_group_links).to be_empty
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/share/#{group.id}", user) }
+      end
    end

    it 'returns a 400 when group id is not an integer' do
@@ -1519,6 +1540,10 @@ describe API::Projects do
        expect(json_response['message']).to eql('202 Accepted')
      end

+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}", user) }
+      end
+
      it 'does not remove a project if not an owner' do
        user3 = create(:user)
        project.team << [user3, :developer]
@@ -1549,6 +1574,10 @@ describe API::Projects do
        delete api('/projects/1328', admin)
        expect(response).to have_http_status(404)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}", admin) }
+      end
    end
  end


--- a/spec/requests/api/protected_branches_spec.rb
+++ b/spec/requests/api/protected_branches_spec.rb
@@ -213,6 +213,10 @@ describe API::ProtectedBranches do
      expect(response).to have_gitlab_http_status(204)
    end

+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/protected_branches/#{branch_name}", user) }
+    end
+
    it "returns 404 if branch does not exist" do
      delete api("/projects/#{project.id}/protected_branches/barfoo", user)


--- a/spec/requests/api/runner_spec.rb
+++ b/spec/requests/api/runner_spec.rb
@@ -149,6 +149,11 @@ describe API::Runner do
          expect(response).to have_http_status 204
          expect(Ci::Runner.count).to eq(0)
        end
+
+        it_behaves_like '412 response' do
+          let(:request) { api('/runners') }
+          let(:params) { { token: runner.token } }
+        end
      end
    end


--- a/spec/requests/api/runners_spec.rb
+++ b/spec/requests/api/runners_spec.rb
@@ -279,6 +279,10 @@ describe API::Runners do
            expect(response).to have_http_status(204)
          end.to change { Ci::Runner.shared.count }.by(-1)
        end
+
+        it_behaves_like '412 response' do
+          let(:request) { api("/runners/#{shared_runner.id}", admin) }
+        end
      end

      context 'when runner is not shared' do
@@ -332,6 +336,10 @@ describe API::Runners do
            expect(response).to have_http_status(204)
          end.to change { Ci::Runner.specific.count }.by(-1)
        end
+
+        it_behaves_like '412 response' do
+          let(:request) { api("/runners/#{specific_runner.id}", user) }
+        end
      end
    end

@@ -463,6 +471,10 @@ describe API::Runners do
            expect(response).to have_http_status(204)
          end.to change { project.runners.count }.by(-1)
        end
+
+        it_behaves_like '412 response' do
+          let(:request) { api("/projects/#{project.id}/runners/#{two_projects_runner.id}", user) }
+        end
      end

      context 'when runner have one associated projects' do

--- a/spec/requests/api/snippets_spec.rb
+++ b/spec/requests/api/snippets_spec.rb
@@ -270,6 +270,10 @@ describe API::Snippets do
      expect(response).to have_http_status(404)
      expect(json_response['message']).to eq('404 Snippet Not Found')
    end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/snippets/#{public_snippet.id}", user) }
+    end
  end

  describe "GET /snippets/:id/user_agent_detail" do

--- a/spec/requests/api/system_hooks_spec.rb
+++ b/spec/requests/api/system_hooks_spec.rb
@@ -102,5 +102,9 @@ describe API::SystemHooks do

      expect(response).to have_http_status(404)
    end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/hooks/#{hook.id}", admin) }
+    end
  end
 end
--- a/spec/requests/api/tags_spec.rb
+++ b/spec/requests/api/tags_spec.rb
@@ -278,6 +278,10 @@ describe API::Tags do
        expect(response).to have_gitlab_http_status(204)
      end

+      it_behaves_like '412 response' do
+        let(:request) { api(route, current_user) }
+      end
+
      context 'when tag does not exist' do
        let(:tag_name) { 'unknown' }


--- a/spec/requests/api/triggers_spec.rb
+++ b/spec/requests/api/triggers_spec.rb
@@ -293,6 +293,10 @@ describe API::Triggers do

        expect(response).to have_http_status(404)
      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/triggers/#{trigger.id}", user) }
+      end
    end

    context 'authenticated user with invalid permissions' do

--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -733,6 +733,10 @@ describe API::Users do
        end.to change { user.keys.count }.by(-1)
      end

+      it_behaves_like '412 response' do
+        let(:request) { api("/users/#{user.id}/keys/#{key.id}", admin) }
+      end
+
      it 'returns 404 error if user not found' do
        user.keys << key
        user.save
@@ -838,6 +842,10 @@ describe API::Users do
        end.to change { user.emails.count }.by(-1)
      end

+      it_behaves_like '412 response' do
+        let(:request) { api("/users/#{user.id}/emails/#{email.id}", admin) }
+      end
+
      it 'returns 404 error if user not found' do
        user.emails << email
        user.save
@@ -876,6 +884,10 @@ describe API::Users do
      expect { Namespace.find(namespace.id) }.to raise_error ActiveRecord::RecordNotFound
    end

+    it_behaves_like '412 response' do
+      let(:request) { api("/users/#{user.id}", admin) }
+    end
+
    it "does not delete for unauthenticated user" do
      Sidekiq::Testing.inline! { delete api("/users/#{user.id}") }
      expect(response).to have_http_status(401)
@@ -1116,6 +1128,10 @@ describe API::Users do
      end.to change { user.keys.count}.by(-1)
    end

+    it_behaves_like '412 response' do
+      let(:request) { api("/user/keys/#{key.id}", user) }
+    end
+
    it "returns 404 if key ID not found" do
      delete api("/user/keys/42", user)

@@ -1239,6 +1255,10 @@ describe API::Users do
      end.to change { user.emails.count}.by(-1)
    end

+    it_behaves_like '412 response' do
+      let(:request) { api("/user/emails/#{email.id}", user) }
+    end
+
    it "returns 404 if email ID not found" do
      delete api("/user/emails/42", user)

@@ -1551,6 +1571,10 @@ describe API::Users do
      expect(json_response['message']).to eq('403 Forbidden')
    end

+    it_behaves_like '412 response' do
+      let(:request) { api("/users/#{user.id}/impersonation_tokens/#{impersonation_token.id}", admin) }
+    end
+
    it 'revokes a impersonation token' do
      delete api("/users/#{user.id}/impersonation_tokens/#{impersonation_token.id}", admin)


--- a/spec/support/shared_examples/requests/api/status_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/status_shared_examples.rb
@@ -40,3 +40,14 @@ shared_examples_for '404 response' do
    end
  end
 end
+
+shared_examples_for '412 response' do
+  let(:params) { nil }
+  before do
+    delete request, params, { 'HTTP_IF_UNMODIFIED_SINCE' => '1990-01-12T00:00:48-0600' }
+  end
+
+  it 'returns 412' do
+    expect(response).to have_gitlab_http_status(412)
+  end
+end