From 152e6d0ca7ac1f7e9962d4d82eb3e34f9552348f Mon Sep 17 00:00:00 2001 From: Borja Aparicio Date: Tue, 26 Apr 2016 15:04:32 +0200 Subject: [PATCH 1/2] Set KRB5 as default clone URL when Kerberos is enabled and user is logged in --- CHANGELOG | 1 + app/helpers/button_helper.rb | 15 +++++++-------- app/helpers/projects_helper.rb | 8 ++++++-- app/views/shared/_clone_panel.html.haml | 3 +-- features/project/create.feature | 19 +++++++++++++++---- features/steps/project/create.rb | 18 +++++++++++++++--- spec/helpers/projects_helper_spec.rb | 13 +++++++++++++ 7 files changed, 58 insertions(+), 19 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index f41010e6d65900..79ed91d9c25733 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -16,6 +16,7 @@ v 8.7.1 (unreleased) - Use the `can?` helper instead of `current_user.can?`. !3882 - Prevent users from deleting Webhooks via API they do not own - Fix Error 500 due to stale cache when projects are renamed or transferred + - Set KRB5 as default clone protocol when Kerberos is enabled and user is logged in (Borja Aparicio) v 8.7.0 - Gitlab::GitAccess and Gitlab::GitAccessWiki are now instrumented diff --git a/app/helpers/button_helper.rb b/app/helpers/button_helper.rb index 5c21bb6dfd8d31..b319a8700b0ed6 100644 --- a/app/helpers/button_helper.rb +++ b/app/helpers/button_helper.rb @@ -55,18 +55,17 @@ def ssh_clone_button(project) end def kerberos_clone_button(project) - klass = 'btn js-protocol-switch' - klass << ' active' if default_clone_protocol == 'kerberos' + klass = 'kerberos-selector' klass << ' has-tooltip' - content_tag :button, 'KRB5', + content_tag :a, 'KRB5', class: klass, + href: project.kerberos_url_to_repo, data: { - clone: project.kerberos_url_to_repo, - container: 'body', html: 'true', - title: 'Get a Kerberos token for your account with kinit
to pull or push via Kerberos.' - }, - type: :button + placement: 'right', + container: 'body', + title: 'Get a Kerberos token for your
account with kinit.' + } end end diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb index 9c7fa4fd070c43..a7c157985ca6e8 100644 --- a/app/helpers/projects_helper.rb +++ b/app/helpers/projects_helper.rb @@ -209,7 +209,9 @@ def repository_size(project = @project) end def default_url_to_repo(project = @project) - if default_clone_protocol == "ssh" + if default_clone_protocol == "krb5" + project.kerberos_url_to_repo + elsif default_clone_protocol == "ssh" project.ssh_url_to_repo else project.http_url_to_repo @@ -217,7 +219,9 @@ def default_url_to_repo(project = @project) end def default_clone_protocol - if !current_user || current_user.require_ssh_key? + if alternative_kerberos_url? && current_user + "krb5" + elsif !current_user || current_user.require_ssh_key? gitlab_config.protocol else "ssh" diff --git a/app/views/shared/_clone_panel.html.haml b/app/views/shared/_clone_panel.html.haml index 16504139c92d69..d47ccc55aa3ba2 100644 --- a/app/views/shared/_clone_panel.html.haml +++ b/app/views/shared/_clone_panel.html.haml @@ -13,8 +13,7 @@ = http_clone_button(project) - if alternative_kerberos_url? %li - %a#kerberos-btn{href: @project.kerberos_url_to_repo} - KRB5 + = kerberos_clone_button(project) = text_field_tag :project_clone, default_url_to_repo(project), class: "js-select-on-focus form-control", readonly: true .input-group-btn diff --git a/features/project/create.feature b/features/project/create.feature index 95a647be0c735a..1667ec36479891 100644 --- a/features/project/create.feature +++ b/features/project/create.feature @@ -5,13 +5,24 @@ Feature: Project Create Should be able to create a new one @javascript - Scenario: User create a project + Scenario: User create a project with Kerberos disabled Given I sign in as a user + And KRB5 disabled + When I visit new project page + And I have an ssh key + And fill project form with valid data + Then I should see project page + And I should see empty project instructions + + @javascript + Scenario: User create a project with Kerberos enabled + Given I sign in as a user + And KRB5 enabled When I visit new project page And I have an ssh key And fill project form with valid data Then I should see project page - And I should see empty project instuctions + And I should see empty project instructions with Kerberos as default url @javascript Scenario: Empty project instructions with Kerberos disabled @@ -20,7 +31,7 @@ Feature: Project Create And I have an ssh key When I visit new project page And fill project form with valid data - Then I see empty project instuctions + Then I see empty project instructions And I click on HTTP Then Remote url should update to http link And If I click on SSH @@ -33,7 +44,7 @@ Feature: Project Create And I have an ssh key When I visit new project page And fill project form with valid data - Then I see empty project instuctions + Then I see empty project instructions with Kerberos as default url And I click on HTTP Then Remote url should update to http link And If I click on SSH diff --git a/features/steps/project/create.rb b/features/steps/project/create.rb index aab646c7c1d5c7..a8dfd5b1e522b8 100644 --- a/features/steps/project/create.rb +++ b/features/steps/project/create.rb @@ -13,12 +13,18 @@ class Spinach::Features::ProjectCreate < Spinach::FeatureSteps expect(current_path).to eq namespace_project_path(Project.last.namespace, Project.last) end - step 'I should see empty project instuctions' do + step 'I should see empty project instructions' do expect(page).to have_content "git init" expect(page).to have_content "git remote" expect(page).to have_content Project.last.url_to_repo end + step 'I should see empty project instructions with Kerberos as default url' do + expect(page).to have_content "git init" + expect(page).to have_content "git remote" + expect(page).to have_content Project.last.kerberos_url_to_repo + end + step 'KRB5 enabled' do # Enable Kerberos in an alternative port to force Kerberos button and URL to show up in the UI allow(Gitlab.config.kerberos).to receive(:enabled).and_return(true) @@ -29,12 +35,18 @@ class Spinach::Features::ProjectCreate < Spinach::FeatureSteps allow(Gitlab.config.kerberos).to receive(:enabled).and_return(false) end - step 'I see empty project instuctions' do + step 'I see empty project instructions' do expect(page).to have_content "git init" expect(page).to have_content "git remote" expect(page).to have_content Project.last.url_to_repo end + step 'I see empty project instructions with Kerberos as default url' do + expect(page).to have_content "git init" + expect(page).to have_content "git remote" + expect(page).to have_content Project.last.kerberos_url_to_repo + + end step 'I click on HTTP' do find('#clone-dropdown').click find('.http-selector').click @@ -55,7 +67,7 @@ class Spinach::Features::ProjectCreate < Spinach::FeatureSteps step 'If I click on KRB5' do find('#clone-dropdown').click - find('#kerberos-btn').click + find('.kerberos-selector').click end step 'Remote url should update to kerberos link' do diff --git a/spec/helpers/projects_helper_spec.rb b/spec/helpers/projects_helper_spec.rb index 62389188d2c8ad..ae9ca96a8da86e 100644 --- a/spec/helpers/projects_helper_spec.rb +++ b/spec/helpers/projects_helper_spec.rb @@ -104,6 +104,19 @@ expect(helper.send(:default_clone_protocol)).to eq('https') end end + + describe 'using KRB5' do + let(:user) { create(:user, username: 'brj') } + + before do + expect(helper).to receive(:current_user).and_return(user) + end + + it 'returns KRB5' do + allow(Gitlab.config.kerberos).to receive(:enabled).and_return('true') + expect(helper.send(:default_clone_protocol)).to eq('krb5') + end + end end describe '#license_short_name' do -- GitLab From ffa842b7ae6d6305a1c0fc5467bd32099f5b3905 Mon Sep 17 00:00:00 2001 From: Borja Aparicio Date: Fri, 29 Apr 2016 12:31:19 +0200 Subject: [PATCH 2/2] Default_url specs. Replace 'describe' by 'context' --- spec/helpers/projects_helper_spec.rb | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/spec/helpers/projects_helper_spec.rb b/spec/helpers/projects_helper_spec.rb index ae9ca96a8da86e..32da52023eaa82 100644 --- a/spec/helpers/projects_helper_spec.rb +++ b/spec/helpers/projects_helper_spec.rb @@ -88,32 +88,30 @@ end describe 'default_clone_protocol' do - describe 'using HTTP' do + context 'when user is not logged in and gitlab protocol is HTTP' do + before do + allow(helper).to receive(:current_user).and_return(nil) + end it 'returns HTTP' do - expect(helper).to receive(:current_user).and_return(nil) - expect(helper.send(:default_clone_protocol)).to eq('http') end end - describe 'using HTTPS' do - it 'returns HTTPS' do + context 'when user is not logged in and gitlab protocol is HTTPS' do + before do allow(Gitlab.config.gitlab).to receive(:protocol).and_return('https') - expect(helper).to receive(:current_user).and_return(nil) - + allow(helper).to receive(:current_user).and_return(nil) + end + it 'returns HTTPS' do expect(helper.send(:default_clone_protocol)).to eq('https') end end - describe 'using KRB5' do - let(:user) { create(:user, username: 'brj') } - - before do - expect(helper).to receive(:current_user).and_return(user) - end - - it 'returns KRB5' do + context 'when gitlab.config.kerberos is enabled and user is logged in' do + it 'returns krb5 as default protocol' do allow(Gitlab.config.kerberos).to receive(:enabled).and_return('true') + allow(helper).to receive(:current_user).and_return(double) + expect(helper.send(:default_clone_protocol)).to eq('krb5') end end -- GitLab