Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
eed5c58d
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
eed5c58d
编写于
9月 15, 2016
作者:
K
Kamil Trzcinski
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Verify permission of build in context of dependent project
上级
e3a422c2
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
38 addition
and
8 deletion
+38
-8
spec/requests/lfs_http_spec.rb
spec/requests/lfs_http_spec.rb
+3
-3
spec/services/auth/container_registry_authentication_service_spec.rb
...es/auth/container_registry_authentication_service_spec.rb
+35
-5
未找到文件。
spec/requests/lfs_http_spec.rb
浏览文件 @
eed5c58d
...
...
@@ -14,6 +14,8 @@ describe 'Git LFS API and storage' do
end
let
(
:authorization
)
{
}
let
(
:sendfile
)
{
}
let
(
:pipeline
)
{
create
(
:ci_empty_pipeline
,
project:
project
)
}
let
(
:build
)
{
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
}
let
(
:sample_oid
)
{
lfs_object
.
oid
}
let
(
:sample_size
)
{
lfs_object
.
size
}
...
...
@@ -244,7 +246,7 @@ describe 'Git LFS API and storage' do
end
end
context
'when
CI
is authorized'
do
context
'when
build
is authorized'
do
let
(
:authorization
)
{
authorize_ci_project
}
let
(
:update_permissions
)
do
...
...
@@ -897,8 +899,6 @@ describe 'Git LFS API and storage' do
end
def
authorize_ci_project
pipeline
=
create
(
:ci_empty_pipeline
,
project:
project
)
build
=
create
(
:ci_build
,
:running
,
pipeline:
pipeline
)
ActionController
::
HttpAuthentication
::
Basic
.
encode_credentials
(
'gitlab-ci-token'
,
build
.
token
)
end
...
...
spec/services/auth/container_registry_authentication_service_spec.rb
浏览文件 @
eed5c58d
...
...
@@ -195,8 +195,9 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
end
end
context
'
project authorization
'
do
context
'
build authorized as user
'
do
let
(
:current_project
)
{
create
(
:empty_project
)
}
let
(
:current_user
)
{
create
(
:user
)
}
let
(
:capabilities
)
do
[
:build_read_container_image
,
...
...
@@ -204,10 +205,12 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
]
end
context
'allow to use scope-less authentication'
do
it_behaves_like
'a valid token'
before
do
current_project
.
team
<<
[
current_user
,
:developer
]
end
it_behaves_like
'a valid token'
context
'allow to pull and push images'
do
let
(
:current_params
)
do
{
scope:
"repository:
#{
current_project
.
path_with_namespace
}
:pull,push"
}
...
...
@@ -226,12 +229,34 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
context
'allow for public'
do
let
(
:project
)
{
create
(
:empty_project
,
:public
)
}
it_behaves_like
'a pullable'
end
context
'disallow for private'
do
shared_examples
'pullable for being team member'
do
context
'when you are not member'
do
it_behaves_like
'an inaccessible'
end
context
'when you are member'
do
before
do
project
.
team
<<
[
current_user
,
:developer
]
end
it_behaves_like
'a pullable'
end
end
context
'for private'
do
let
(
:project
)
{
create
(
:empty_project
,
:private
)
}
it_behaves_like
'an inaccessible'
it_behaves_like
'pullable for being team member'
context
'when you are admin'
do
let
(
:current_user
)
{
create
(
:admin
)
}
it_behaves_like
'pullable for being team member'
end
end
end
...
...
@@ -242,6 +267,11 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
context
'disallow for all'
do
let
(
:project
)
{
create
(
:empty_project
,
:public
)
}
before
do
project
.
team
<<
[
current_user
,
:developer
]
end
it_behaves_like
'an inaccessible'
end
end
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录