From edf3ead18f4490f0c88d20fc417ce7d5ae5a4188 Mon Sep 17 00:00:00 2001
From: ghinfey <“ghinfey@gitlab.com”>
Date: Wed, 30 Aug 2023 15:29:24 +0100
Subject: [PATCH 1/6] Add username to push and pull mirroring form
Changelog: changed
EE: true
---
app/controllers/projects/mirrors_controller.rb | 1 +
.../mirrors/_authentication_method.html.haml | 9 ++++++---
app/views/projects/mirrors/_instructions.html.haml | 2 +-
ee/app/controllers/ee/projects/mirrors_controller.rb | 1 +
.../projects/mirrors/_mirror_repos_form.html.haml | 2 +-
ee/spec/features/projects/mirror_spec.rb | 12 ++++++++----
locale/gitlab.pot | 9 ++++++---
7 files changed, 24 insertions(+), 12 deletions(-)
diff --git a/app/controllers/projects/mirrors_controller.rb b/app/controllers/projects/mirrors_controller.rb
index acbd26cbdf69c1..a24273488fb086 100644
--- a/app/controllers/projects/mirrors_controller.rb
+++ b/app/controllers/projects/mirrors_controller.rb
@@ -81,6 +81,7 @@ def mirror_params_attributes
only_protected_branches
keep_divergent_refs
auth_method
+ user
password
ssh_known_hosts
regenerate_ssh_private_key
diff --git a/app/views/projects/mirrors/_authentication_method.html.haml b/app/views/projects/mirrors/_authentication_method.html.haml
index bc162458eae5ef..641b435c91c868 100644
--- a/app/views/projects/mirrors/_authentication_method.html.haml
+++ b/app/views/projects/mirrors/_authentication_method.html.haml
@@ -1,5 +1,5 @@
- mirror = f.object
-- auth_options = [[_('Password'), 'password'], [_('SSH public key'), 'ssh_public_key']]
+- auth_options = [[_('Username and Password'), 'password'], [_('SSH public key'), 'ssh_public_key']]
.form-group
= f.label :auth_method, _('Authentication method'), class: 'label-bold'
@@ -8,7 +8,10 @@
{}, { class: "custom-select gl-form-select js-mirror-auth-type gl-max-w-34 gl-display-block", data: { qa_selector: 'authentication_method_field' } }
= f.hidden_field :auth_method, value: "password", class: "js-hidden-mirror-auth-type"
-.form-group
- .well-password-auth.collapse.js-well-password-auth
+.well-password-auth.collapse.js-well-password-auth
+ .form-group
+ = f.label :user, _('Username'), class: 'label-bold'
+ = f.text_field :user, class: 'form-control gl-form-input js-mirror-password-field gl-form-input-xl', value: nil, autocomplete: 'off', required: false, autocorrect: 'off', autocapitalize: 'off', spellcheck: false
+ .form-group
= f.label :password, _("Password"), class: "label-bold"
= f.password_field :password, class: 'form-control gl-form-input js-mirror-password-field gl-form-input-xl', autocomplete: 'off', data: { qa_selector: 'password_field' }
diff --git a/app/views/projects/mirrors/_instructions.html.haml b/app/views/projects/mirrors/_instructions.html.haml
index 2bd2c7cac4424b..4a311a052a9c45 100644
--- a/app/views/projects/mirrors/_instructions.html.haml
+++ b/app/views/projects/mirrors/_instructions.html.haml
@@ -4,7 +4,7 @@
= html_escape(_('The repository must be accessible over %{code_open}http://%{code_close},
%{code_open}https://%{code_close}, %{code_open}ssh://%{code_close} or %{code_open}git://%{code_close}.')) % { code_open: ''.html_safe, code_close: ''.html_safe }
%li= html_escape(_('When using the %{code_open}http://%{code_close} or %{code_open}https://%{code_close} protocols, please provide the exact URL to the repository. HTTP redirects will not be followed.')) % { code_open: ''.html_safe, code_close: ''.html_safe }
- %li= html_escape(_('Include the username in the URL if required: %{code_open}https://username@gitlab.company.com/group/project.git%{code_close}.')) % { code_open: ''.html_safe, code_close: ''.html_safe }
+ %li= html_escape(_('Do not include the username in the URL, use the username field below: %{code_open}https://gitlab.company.com/group/project.git%{code_close}.')) % { code_open: ''.html_safe, code_close: ''.html_safe }
%li
- minutes = Gitlab.config.gitlab_shell.git_timeout / 60
= _("The update action will time out after %{number_of_minutes} minutes. For big repositories, use a clone/push combination.") % { number_of_minutes: minutes }
diff --git a/ee/app/controllers/ee/projects/mirrors_controller.rb b/ee/app/controllers/ee/projects/mirrors_controller.rb
index 8e725f0cc87da8..cc6dc2df234f8f 100644
--- a/ee/app/controllers/ee/projects/mirrors_controller.rb
+++ b/ee/app/controllers/ee/projects/mirrors_controller.rb
@@ -68,6 +68,7 @@ def mirror_params_attributes_ee
import_data_attributes: %i[
id
auth_method
+ user
password
ssh_known_hosts
regenerate_ssh_private_key
diff --git a/ee/app/views/projects/mirrors/_mirror_repos_form.html.haml b/ee/app/views/projects/mirrors/_mirror_repos_form.html.haml
index cc2e2d2ac0bf05..759748edeb3398 100644
--- a/ee/app/views/projects/mirrors/_mirror_repos_form.html.haml
+++ b/ee/app/views/projects/mirrors/_mirror_repos_form.html.haml
@@ -18,7 +18,7 @@
%template.js-pull-mirrors-form
= f.hidden_field :mirror, value: '1'
- = f.hidden_field :username_only_import_url, class: 'js-mirror-url-hidden', required: true, pattern: "(#{protocols}):\/\/.+", value: ''
+ = f.hidden_field :import_url, class: 'js-mirror-url-hidden', required: true, pattern: "(#{protocols}):\/\/.+", value: ''
= f.hidden_field :only_mirror_protected_branches, class: 'js-mirror-protected-hidden'
- if @project.licensed_feature_available?(:repository_mirrors)
= f.hidden_field :mirror_branch_regex, class: 'js-mirror-branch-regex-hidden'
diff --git a/ee/spec/features/projects/mirror_spec.rb b/ee/spec/features/projects/mirror_spec.rb
index 53f7b3a2cf8dff..8cc806061839c5 100644
--- a/ee/spec/features/projects/mirror_spec.rb
+++ b/ee/spec/features/projects/mirror_spec.rb
@@ -113,9 +113,10 @@
click_button('Add new')
page.within('.project-mirror-settings') do
- fill_and_wait_for_mirror_url_javascript('Git repository URL', 'http://user@example.com')
+ fill_and_wait_for_mirror_url_javascript('Git repository URL', 'http://example.com')
select 'Pull', from: 'Mirror direction'
+ fill_in 'Username', with: 'user'
fill_in 'Password', with: 'foo'
click_without_sidekiq 'Mirror repository'
end
@@ -153,9 +154,10 @@
click_button('Add new')
page.within('.project-mirror-settings') do
- fill_and_wait_for_mirror_url_javascript('Git repository URL', 'ssh://user@example.com')
+ fill_and_wait_for_mirror_url_javascript('Git repository URL', 'ssh://example.com')
select('Pull', from: 'Mirror direction')
+ fill_in 'Username', with: 'user'
select 'SSH public key', from: 'Authentication method'
# Generates an SSH public key with an asynchronous PUT and displays it
@@ -170,9 +172,10 @@
click_button('Add new')
page.within('.project-mirror-settings') do
- fill_and_wait_for_mirror_url_javascript('Git repository URL', 'http://git@example.com')
+ fill_and_wait_for_mirror_url_javascript('Git repository URL', 'http://example.com')
select('Pull', from: 'Mirror direction')
+ fill_in 'Username', with: 'git'
fill_in 'Password', with: 'test_password'
click_without_sidekiq 'Mirror repository'
end
@@ -187,7 +190,7 @@
end
describe 'SSH public key authentication' do
- let(:ssh_url) { 'ssh://user@example.com' }
+ let(:ssh_url) { 'ssh://example.com' }
it 'can be set up' do
visit project_settings_repository_path(project)
@@ -197,6 +200,7 @@
fill_and_wait_for_mirror_url_javascript('Git repository URL', ssh_url)
select('Pull', from: 'Mirror direction')
+ fill_in 'Username', with: 'user'
select 'SSH public key', from: 'Authentication method'
click_without_sidekiq 'Mirror repository'
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 7501db76a24594..0656972854bf29 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -17242,6 +17242,9 @@ msgstr ""
msgid "Do not force push over diverged refs. After the mirror is created, this setting can only be modified using the API. %{mirroring_docs_link_start}Learn more about this option%{link_closing_tag} and %{mirroring_api_docs_link_start}the API.%{link_closing_tag}"
msgstr ""
+msgid "Do not include the username in the URL, use the username field below: %{code_open}https://gitlab.company.com/group/project.git%{code_close}."
+msgstr ""
+
msgid "Do you want to remove this deploy key?"
msgstr ""
@@ -24795,9 +24798,6 @@ msgstr ""
msgid "Include the name of the author of the issue, merge request or comment in the email body. By default, GitLab overrides the email sender's name. Some email servers don't support that option."
msgstr ""
-msgid "Include the username in the URL if required: %{code_open}https://username@gitlab.company.com/group/project.git%{code_close}."
-msgstr ""
-
msgid "Includes LFS objects. It can be overridden per group, or per project. Set to 0 for no limit."
msgstr ""
@@ -51531,6 +51531,9 @@ msgstr ""
msgid "Username (optional)"
msgstr ""
+msgid "Username and Password"
+msgstr ""
+
msgid "Username is already taken."
msgstr ""
--
GitLab
From d2f4f782887e2b9987968b5f343ef5a003dfae82 Mon Sep 17 00:00:00 2001
From: Nataliia Radina
Date: Mon, 4 Sep 2023 12:23:06 +0200
Subject: [PATCH 2/6] Add username field for SSH auth
---
app/views/projects/mirrors/_authentication_method.html.haml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/app/views/projects/mirrors/_authentication_method.html.haml b/app/views/projects/mirrors/_authentication_method.html.haml
index 641b435c91c868..a282dfe1de3dbc 100644
--- a/app/views/projects/mirrors/_authentication_method.html.haml
+++ b/app/views/projects/mirrors/_authentication_method.html.haml
@@ -8,10 +8,10 @@
{}, { class: "custom-select gl-form-select js-mirror-auth-type gl-max-w-34 gl-display-block", data: { qa_selector: 'authentication_method_field' } }
= f.hidden_field :auth_method, value: "password", class: "js-hidden-mirror-auth-type"
+.form-group
+ = f.label :user, _('Username'), class: 'label-bold'
+ = f.text_field :user, class: 'form-control gl-form-input js-mirror-password-field gl-form-input-xl', autocomplete: 'off', required: false, autocorrect: 'off', autocapitalize: 'off', spellcheck: false
.well-password-auth.collapse.js-well-password-auth
- .form-group
- = f.label :user, _('Username'), class: 'label-bold'
- = f.text_field :user, class: 'form-control gl-form-input js-mirror-password-field gl-form-input-xl', value: nil, autocomplete: 'off', required: false, autocorrect: 'off', autocapitalize: 'off', spellcheck: false
.form-group
= f.label :password, _("Password"), class: "label-bold"
= f.password_field :password, class: 'form-control gl-form-input js-mirror-password-field gl-form-input-xl', autocomplete: 'off', data: { qa_selector: 'password_field' }
--
GitLab
From 0ec80033cd02c183ac67a753d32716fb1334ca24 Mon Sep 17 00:00:00 2001
From: ghinfey <“ghinfey@gitlab.com”>
Date: Wed, 6 Sep 2023 12:20:26 +0100
Subject: [PATCH 3/6] Dont display persisted username on frontend
---
app/views/projects/mirrors/_authentication_method.html.haml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/app/views/projects/mirrors/_authentication_method.html.haml b/app/views/projects/mirrors/_authentication_method.html.haml
index a282dfe1de3dbc..e40290de136ae0 100644
--- a/app/views/projects/mirrors/_authentication_method.html.haml
+++ b/app/views/projects/mirrors/_authentication_method.html.haml
@@ -10,7 +10,7 @@
.form-group
= f.label :user, _('Username'), class: 'label-bold'
- = f.text_field :user, class: 'form-control gl-form-input js-mirror-password-field gl-form-input-xl', autocomplete: 'off', required: false, autocorrect: 'off', autocapitalize: 'off', spellcheck: false
+ = f.text_field :user, class: 'form-control gl-form-input js-mirror-password-field gl-form-input-xl', value: nil, autocomplete: 'off', required: false, autocorrect: 'off', autocapitalize: 'off', spellcheck: false
.well-password-auth.collapse.js-well-password-auth
.form-group
= f.label :password, _("Password"), class: "label-bold"
--
GitLab
From 7754514863c3f5cb0c132026e72b8817ce2d1e32 Mon Sep 17 00:00:00 2001
From: ghinfey <“ghinfey@gitlab.com”>
Date: Thu, 7 Sep 2023 10:39:14 +0100
Subject: [PATCH 4/6] add spec to check special characters
---
.../mirrors/_authentication_method.html.haml | 2 +-
.../projects/mirrors/_instructions.html.haml | 2 +-
ee/spec/features/projects/mirror_spec.rb | 70 +++++++++++++++++++
locale/gitlab.pot | 2 +-
4 files changed, 73 insertions(+), 3 deletions(-)
diff --git a/app/views/projects/mirrors/_authentication_method.html.haml b/app/views/projects/mirrors/_authentication_method.html.haml
index e40290de136ae0..ab039bdead254e 100644
--- a/app/views/projects/mirrors/_authentication_method.html.haml
+++ b/app/views/projects/mirrors/_authentication_method.html.haml
@@ -10,7 +10,7 @@
.form-group
= f.label :user, _('Username'), class: 'label-bold'
- = f.text_field :user, class: 'form-control gl-form-input js-mirror-password-field gl-form-input-xl', value: nil, autocomplete: 'off', required: false, autocorrect: 'off', autocapitalize: 'off', spellcheck: false
+ = f.text_field :user, class: 'form-control gl-form-input gl-form-input-xl', value: nil, autocomplete: 'off', required: false, autocorrect: 'off', autocapitalize: 'off', spellcheck: false
.well-password-auth.collapse.js-well-password-auth
.form-group
= f.label :password, _("Password"), class: "label-bold"
diff --git a/app/views/projects/mirrors/_instructions.html.haml b/app/views/projects/mirrors/_instructions.html.haml
index 4a311a052a9c45..5a8710a64b02f2 100644
--- a/app/views/projects/mirrors/_instructions.html.haml
+++ b/app/views/projects/mirrors/_instructions.html.haml
@@ -4,7 +4,7 @@
= html_escape(_('The repository must be accessible over %{code_open}http://%{code_close},
%{code_open}https://%{code_close}, %{code_open}ssh://%{code_close} or %{code_open}git://%{code_close}.')) % { code_open: ''.html_safe, code_close: ''.html_safe }
%li= html_escape(_('When using the %{code_open}http://%{code_close} or %{code_open}https://%{code_close} protocols, please provide the exact URL to the repository. HTTP redirects will not be followed.')) % { code_open: ''.html_safe, code_close: ''.html_safe }
- %li= html_escape(_('Do not include the username in the URL, use the username field below: %{code_open}https://gitlab.company.com/group/project.git%{code_close}.')) % { code_open: ''.html_safe, code_close: ''.html_safe }
+ %li= html_escape(_('Do not include the username in the URL, use the username field below if required: %{code_open}https://gitlab.company.com/group/project.git%{code_close}.')) % { code_open: ''.html_safe, code_close: ''.html_safe }
%li
- minutes = Gitlab.config.gitlab_shell.git_timeout / 60
= _("The update action will time out after %{number_of_minutes} minutes. For big repositories, use a clone/push combination.") % { number_of_minutes: minutes }
diff --git a/ee/spec/features/projects/mirror_spec.rb b/ee/spec/features/projects/mirror_spec.rb
index 8cc806061839c5..41eca0508a7268 100644
--- a/ee/spec/features/projects/mirror_spec.rb
+++ b/ee/spec/features/projects/mirror_spec.rb
@@ -187,6 +187,76 @@
expect(import_data.password).to eq('test_password')
expect(project.import_url).to eq('http://git:test_password@example.com')
end
+
+ context 'when given special characters' do
+ def add_mirror
+ visit project_settings_repository_path(project)
+ click_button('Add new')
+
+ page.within('.project-mirror-settings') do
+ fill_and_wait_for_mirror_url_javascript('Git repository URL', 'http://example.com')
+
+ select direction, from: 'Mirror direction'
+ fill_in 'Username', with: username
+ fill_in 'Password', with: password
+ click_without_sidekiq 'Mirror repository'
+ end
+ end
+
+ context 'in the username' do
+ let(:username) { 'u@s+e/r' }
+ let(:password) { 'foo' }
+
+ context 'when adding a pull mirror' do
+ let(:direction) { 'Pull' }
+
+ it 'escapes special characters in username' do
+ add_mirror
+
+ project.reload
+ expect(project.import_url).to eq('http://u%40s%2Be%2Fr:foo@example.com')
+ end
+ end
+
+ context 'when adding a push mirror' do
+ let(:direction) { 'Push' }
+
+ it 'escapes special characters in username' do
+ add_mirror
+
+ project.reload
+ expect(project.remote_mirrors.first.url).to eq('http://u%40s%2Be%2Fr:foo@example.com')
+ end
+ end
+ end
+
+ context 'in the password' do
+ let(:username) { 'user' }
+ let(:password) { 'f@o+o/' }
+
+ context 'when adding a pull mirror' do
+ let(:direction) { 'Pull' }
+
+ it 'escapes special characters in password' do
+ add_mirror
+
+ project.reload
+ expect(project.import_url).to eq('http://user:f%40o%2Bo%2F@example.com')
+ end
+ end
+
+ context 'when adding a push mirror' do
+ let(:direction) { 'Push' }
+
+ it 'escapes special characters in the password' do
+ add_mirror
+
+ project.reload
+ expect(project.remote_mirrors.first.url).to eq('http://user:f%40o%2Bo%2F@example.com')
+ end
+ end
+ end
+ end
end
describe 'SSH public key authentication' do
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 0656972854bf29..66a352e947ba84 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -17242,7 +17242,7 @@ msgstr ""
msgid "Do not force push over diverged refs. After the mirror is created, this setting can only be modified using the API. %{mirroring_docs_link_start}Learn more about this option%{link_closing_tag} and %{mirroring_api_docs_link_start}the API.%{link_closing_tag}"
msgstr ""
-msgid "Do not include the username in the URL, use the username field below: %{code_open}https://gitlab.company.com/group/project.git%{code_close}."
+msgid "Do not include the username in the URL, use the username field below if required: %{code_open}https://gitlab.company.com/group/project.git%{code_close}."
msgstr ""
msgid "Do you want to remove this deploy key?"
--
GitLab
From 38455212d95443c96d3d64fd40b8a7a18aff5839 Mon Sep 17 00:00:00 2001
From: ghinfey <“ghinfey@gitlab.com”>
Date: Thu, 14 Sep 2023 16:11:00 +0100
Subject: [PATCH 5/6] add spec and revert method call
---
.../mirrors/_mirror_repos_form.html.haml | 2 +-
ee/spec/features/projects/mirror_spec.rb | 45 ++++++++++++++++++-
2 files changed, 44 insertions(+), 3 deletions(-)
diff --git a/ee/app/views/projects/mirrors/_mirror_repos_form.html.haml b/ee/app/views/projects/mirrors/_mirror_repos_form.html.haml
index 759748edeb3398..cc2e2d2ac0bf05 100644
--- a/ee/app/views/projects/mirrors/_mirror_repos_form.html.haml
+++ b/ee/app/views/projects/mirrors/_mirror_repos_form.html.haml
@@ -18,7 +18,7 @@
%template.js-pull-mirrors-form
= f.hidden_field :mirror, value: '1'
- = f.hidden_field :import_url, class: 'js-mirror-url-hidden', required: true, pattern: "(#{protocols}):\/\/.+", value: ''
+ = f.hidden_field :username_only_import_url, class: 'js-mirror-url-hidden', required: true, pattern: "(#{protocols}):\/\/.+", value: ''
= f.hidden_field :only_mirror_protected_branches, class: 'js-mirror-protected-hidden'
- if @project.licensed_feature_available?(:repository_mirrors)
= f.hidden_field :mirror_branch_regex, class: 'js-mirror-branch-regex-hidden'
diff --git a/ee/spec/features/projects/mirror_spec.rb b/ee/spec/features/projects/mirror_spec.rb
index 41eca0508a7268..aa6f51aafd5249 100644
--- a/ee/spec/features/projects/mirror_spec.rb
+++ b/ee/spec/features/projects/mirror_spec.rb
@@ -108,18 +108,24 @@
end
describe 'password authentication' do
- it 'can be set up' do
+ let(:url) { 'http://example.com' }
+
+ def add_mirror
visit project_settings_repository_path(project)
click_button('Add new')
page.within('.project-mirror-settings') do
- fill_and_wait_for_mirror_url_javascript('Git repository URL', 'http://example.com')
+ fill_and_wait_for_mirror_url_javascript('Git repository URL', url)
select 'Pull', from: 'Mirror direction'
fill_in 'Username', with: 'user'
fill_in 'Password', with: 'foo'
click_without_sidekiq 'Mirror repository'
end
+ end
+
+ it 'can be set up' do
+ add_mirror
expect(page).to have_content('Mirroring settings were successfully updated')
@@ -129,6 +135,21 @@
expect(project.import_url).to eq('http://user:foo@example.com')
end
+ context 'when username is provided in url' do
+ let(:url) { 'http://urlusername@example.com' }
+
+ it 'will be ignored' do
+ add_mirror
+
+ expect(page).to have_content('Mirroring settings were successfully updated')
+
+ project.reload
+ expect(project.mirror?).to be_truthy
+ expect(import_data.auth_method).to eq('password')
+ expect(project.import_url).to eq('http://user:foo@example.com')
+ end
+ end
+
it 'can be changed to unauthenticated', quarantine: 'https://gitlab.com/gitlab-org/quality/engineering-productivity/master-broken-incidents/-/issues/1486' do # rubocop:disable Layout/LineLength
project.update!(import_url: 'http://user:password@example.com')
@@ -285,6 +306,26 @@ def add_mirror
expect(import_data.auth_method).to eq('ssh_public_key')
expect(import_data.password).to be_blank
end
+
+ context 'when no username is provided' do
+ it 'import url has no delimiting colon' do
+ visit project_settings_repository_path(project)
+ click_button('Add new')
+
+ page.within('.project-mirror-settings') do
+ fill_and_wait_for_mirror_url_javascript('Git repository URL', ssh_url)
+
+ select('Pull', from: 'Mirror direction')
+ select 'SSH public key', from: 'Authentication method'
+
+ click_without_sidekiq 'Mirror repository'
+ end
+ project.reload
+ expect(project.username_only_import_url).to eq('ssh://example.com')
+ expect(import_data.auth_method).to eq('ssh_public_key')
+ expect(import_data.password).to be_blank
+ end
+ end
end
describe 'host key management', :use_clean_rails_memory_store_caching do
--
GitLab
From 6e182adbba37453d53947f7be08e4636a39b14c6 Mon Sep 17 00:00:00 2001
From: ghinfey <“ghinfey@gitlab.com”>
Date: Fri, 15 Sep 2023 09:30:43 +0100
Subject: [PATCH 6/6] combine add mirror methods
---
ee/spec/features/projects/mirror_spec.rb | 131 ++++++++++-------------
1 file changed, 58 insertions(+), 73 deletions(-)
diff --git a/ee/spec/features/projects/mirror_spec.rb b/ee/spec/features/projects/mirror_spec.rb
index aa6f51aafd5249..05e58158f95390 100644
--- a/ee/spec/features/projects/mirror_spec.rb
+++ b/ee/spec/features/projects/mirror_spec.rb
@@ -109,6 +109,9 @@
describe 'password authentication' do
let(:url) { 'http://example.com' }
+ let(:username) { 'user' }
+ let(:password) { 'foo' }
+ let(:direction) { 'Pull' }
def add_mirror
visit project_settings_repository_path(project)
@@ -117,9 +120,9 @@ def add_mirror
page.within('.project-mirror-settings') do
fill_and_wait_for_mirror_url_javascript('Git repository URL', url)
- select 'Pull', from: 'Mirror direction'
- fill_in 'Username', with: 'user'
- fill_in 'Password', with: 'foo'
+ select direction, from: 'Mirror direction'
+ fill_in 'Username', with: username
+ fill_in 'Password', with: password
click_without_sidekiq 'Mirror repository'
end
end
@@ -150,6 +153,58 @@ def add_mirror
end
end
+ context 'when given special characters' do
+ context 'in the username' do
+ let(:username) { 'u@s+e/r' }
+ let(:password) { 'foo' }
+
+ context 'when adding a pull mirror' do
+ it 'escapes special characters in username' do
+ add_mirror
+
+ project.reload
+ expect(project.import_url).to eq('http://u%40s%2Be%2Fr:foo@example.com')
+ end
+ end
+
+ context 'when adding a push mirror' do
+ let(:direction) { 'Push' }
+
+ it 'escapes special characters in username' do # this one
+ add_mirror
+
+ project.reload
+ expect(project.remote_mirrors.first.url).to eq('http://u%40s%2Be%2Fr:foo@example.com')
+ end
+ end
+ end
+
+ context 'in the password' do
+ let(:username) { 'user' }
+ let(:password) { 'f@o+o/' }
+
+ context 'when adding a pull mirror' do
+ it 'escapes special characters in password' do
+ add_mirror
+
+ project.reload
+ expect(project.import_url).to eq('http://user:f%40o%2Bo%2F@example.com')
+ end
+ end
+
+ context 'when adding a push mirror' do
+ let(:direction) { 'Push' }
+
+ it 'escapes special characters in the password' do # this one
+ add_mirror
+
+ project.reload
+ expect(project.remote_mirrors.first.url).to eq('http://user:f%40o%2Bo%2F@example.com')
+ end
+ end
+ end
+ end
+
it 'can be changed to unauthenticated', quarantine: 'https://gitlab.com/gitlab-org/quality/engineering-productivity/master-broken-incidents/-/issues/1486' do # rubocop:disable Layout/LineLength
project.update!(import_url: 'http://user:password@example.com')
@@ -208,76 +263,6 @@ def add_mirror
expect(import_data.password).to eq('test_password')
expect(project.import_url).to eq('http://git:test_password@example.com')
end
-
- context 'when given special characters' do
- def add_mirror
- visit project_settings_repository_path(project)
- click_button('Add new')
-
- page.within('.project-mirror-settings') do
- fill_and_wait_for_mirror_url_javascript('Git repository URL', 'http://example.com')
-
- select direction, from: 'Mirror direction'
- fill_in 'Username', with: username
- fill_in 'Password', with: password
- click_without_sidekiq 'Mirror repository'
- end
- end
-
- context 'in the username' do
- let(:username) { 'u@s+e/r' }
- let(:password) { 'foo' }
-
- context 'when adding a pull mirror' do
- let(:direction) { 'Pull' }
-
- it 'escapes special characters in username' do
- add_mirror
-
- project.reload
- expect(project.import_url).to eq('http://u%40s%2Be%2Fr:foo@example.com')
- end
- end
-
- context 'when adding a push mirror' do
- let(:direction) { 'Push' }
-
- it 'escapes special characters in username' do
- add_mirror
-
- project.reload
- expect(project.remote_mirrors.first.url).to eq('http://u%40s%2Be%2Fr:foo@example.com')
- end
- end
- end
-
- context 'in the password' do
- let(:username) { 'user' }
- let(:password) { 'f@o+o/' }
-
- context 'when adding a pull mirror' do
- let(:direction) { 'Pull' }
-
- it 'escapes special characters in password' do
- add_mirror
-
- project.reload
- expect(project.import_url).to eq('http://user:f%40o%2Bo%2F@example.com')
- end
- end
-
- context 'when adding a push mirror' do
- let(:direction) { 'Push' }
-
- it 'escapes special characters in the password' do
- add_mirror
-
- project.reload
- expect(project.remote_mirrors.first.url).to eq('http://user:f%40o%2Bo%2F@example.com')
- end
- end
- end
- end
end
describe 'SSH public key authentication' do
--
GitLab