More tests, better descriptions

ccb29955 · Jacob Vosmaer · 91226c20 · ccb29955
Commit ccb29955 authored 9 years ago by Jacob Vosmaer
--- a/spec/requests/git_http_spec.rb
+++ b/spec/requests/git_http_spec.rb
@@ -12,7 +12,7 @@ describe 'Git HTTP requests', lib: true do
  
  context "when the project doesn't exist" do
    context "when no authentication is provided" do
-      it "responds with status 401" do
+      it "responds with status 401 (no project existence information leak)" do
        download('doesnt/exist.git') do |response|
          expect(response.status).to eq(401)
        end
@@ -110,11 +110,17 @@ describe 'Git HTTP requests', lib: true do
      end
  
      context "when no authentication is provided" do
-        it "responds with status 401" do
+        it "responds with status 401 to downloads" do
          download(path, env) do |response|
            expect(response.status).to eq(401)
          end
        end
+
+        it "responds with status 401 to uploads" do
+          upload(path, env) do |response|
+            expect(response.status).to eq(401)
+          end
+        end
      end
  
      context "when username and password are provided" do
@@ -159,7 +165,7 @@ describe 'Git HTTP requests', lib: true do
            end
  
            context "when the user isn't blocked" do
-              it "downloads status 200" do
+              it "downloads get status 200" do
                expect(Rack::Attack::Allow2Ban).to receive(:reset)
  
                clone_get(path, env)
@@ -222,15 +228,24 @@ describe 'Git HTTP requests', lib: true do
      end
  
      context "when a gitlab ci token is provided" do
-        it "responds with status 200" do
-          token = "123"
-          project = FactoryGirl.create :empty_project
+        let(:token) { 123 }
+        let(:project) { FactoryGirl.create :empty_project }
+
+        before do
          project.update_attributes(runners_token: token, builds_enabled: true)
+        end
  
+        it "downloads get status 200" do
          clone_get "#{project.path_with_namespace}.git", user: 'gitlab-ci-token', password: token
  
          expect(response.status).to eq(200)
        end
+
+        it "uploads get status 401 (no project existence information leak)" do
+          push_get "#{project.path_with_namespace}.git", user: 'gitlab-ci-token', password: token
+
+          expect(response.status).to eq(401)
+        end
      end
    end
  end