Merge branch 'master' into 6859-fix-invalid-manifests
[arvados.git] / services / api / test / unit / commit_test.rb
1 require 'test_helper'
2 require 'helpers/git_test_helper'
3
4 # NOTE: calling Commit.find_commit_range(nil, nil, 'rev')
5 # produces an error message "fatal: bad object 'rev'" on stderr if
6 # 'rev' does not exist in a given repository.  Many of these tests
7 # report such errors; their presence does not represent a fatal
8 # condition.
9
10 class CommitTest < ActiveSupport::TestCase
11   # See git_setup.rb for the commit log for test.git.tar
12   include GitTestHelper
13
14   setup do
15     authorize_with :active
16   end
17
18   test 'find_commit_range does not bypass permissions' do
19     authorize_with :inactive
20     assert_raises ArgumentError do
21       c = Commit.find_commit_range 'foo', nil, 'master', []
22     end
23   end
24
25   [
26    'https://github.com/curoverse/arvados.git',
27    'http://github.com/curoverse/arvados.git',
28    'git://github.com/curoverse/arvados.git',
29   ].each do |url|
30     test "find_commit_range uses fetch_remote_repository to get #{url}" do
31       fake_gitdir = repositories(:foo).server_path
32       Commit.expects(:cache_dir_for).once.with(url).returns fake_gitdir
33       Commit.expects(:fetch_remote_repository).once.with(fake_gitdir, url).returns true
34       c = Commit.find_commit_range url, nil, 'master', []
35       refute_empty c
36     end
37   end
38
39   [
40    'bogus/repo',
41    '/bogus/repo',
42    '/not/allowed/.git',
43    'file:///not/allowed.git',
44    'git.curoverse.com/arvados.git',
45    'github.com/curoverse/arvados.git',
46   ].each do |url|
47     test "find_commit_range skips fetch_remote_repository for #{url}" do
48       Commit.expects(:fetch_remote_repository).never
49       assert_raises ArgumentError do
50         Commit.find_commit_range url, nil, 'master', []
51       end
52     end
53   end
54
55   test 'fetch_remote_repository does not leak commits across repositories' do
56     url = "http://localhost:1/fake/fake.git"
57     fetch_remote_from_local_repo url, :foo
58     c = Commit.find_commit_range url, nil, 'master', []
59     assert_equal ['077ba2ad3ea24a929091a9e6ce545c93199b8e57'], c
60
61     url = "http://localhost:2/fake/fake.git"
62     fetch_remote_from_local_repo url, 'file://' + File.expand_path('../../.git', Rails.root)
63     c = Commit.find_commit_range url, nil, '077ba2ad3ea24a929091a9e6ce545c93199b8e57', []
64     assert_equal [], c
65   end
66
67   test 'tag_in_internal_repository creates and updates tags in internal.git' do
68     authorize_with :active
69     gitint = "git --git-dir #{Rails.configuration.git_internal_dir}"
70     IO.read("|#{gitint} tag -d testtag 2>/dev/null") # "no such tag", fine
71     assert_match /^fatal: /, IO.read("|#{gitint} show testtag 2>&1")
72     refute $?.success?
73     Commit.tag_in_internal_repository 'active/foo', '31ce37fe365b3dc204300a3e4c396ad333ed0556', 'testtag'
74     assert_match /^commit 31ce37f/, IO.read("|#{gitint} show testtag")
75     assert $?.success?
76   end
77
78   # In active/shabranchnames, "7387838c69a21827834586cc42b467ff6c63293b" is
79   # both a commit hash, and the name of a branch that begins from that same
80   # commit.
81   COMMIT_BRANCH_NAME = "7387838c69a21827834586cc42b467ff6c63293b"
82   # A commit that appears in the branch after 7387838c.
83   COMMIT_BRANCH_COMMIT_2 = "abec49829bf1758413509b7ffcab32a771b71e81"
84   # "738783" is another branch that starts from the above commit.
85   SHORT_COMMIT_BRANCH_NAME = COMMIT_BRANCH_NAME[0, 6]
86   # A commit that appears in branch 738783 after 7387838c.
87   SHORT_BRANCH_COMMIT_2 = "77e1a93093663705a63bb4d505698047e109dedd"
88
89   test "find_commit_range min_version prefers commits over branch names" do
90     assert_equal([COMMIT_BRANCH_NAME],
91                  Commit.find_commit_range("active/shabranchnames",
92                                           COMMIT_BRANCH_NAME, nil, nil))
93   end
94
95   test "find_commit_range max_version prefers commits over branch names" do
96     assert_equal([COMMIT_BRANCH_NAME],
97                  Commit.find_commit_range("active/shabranchnames",
98                                           nil, COMMIT_BRANCH_NAME, nil))
99   end
100
101   test "find_commit_range min_version with short branch name" do
102     assert_equal([SHORT_BRANCH_COMMIT_2],
103                  Commit.find_commit_range("active/shabranchnames",
104                                           SHORT_COMMIT_BRANCH_NAME, nil, nil))
105   end
106
107   test "find_commit_range max_version with short branch name" do
108     assert_equal([SHORT_BRANCH_COMMIT_2],
109                  Commit.find_commit_range("active/shabranchnames",
110                                           nil, SHORT_COMMIT_BRANCH_NAME, nil))
111   end
112
113   test "find_commit_range min_version with disambiguated branch name" do
114     assert_equal([COMMIT_BRANCH_COMMIT_2],
115                  Commit.find_commit_range("active/shabranchnames",
116                                           "heads/#{COMMIT_BRANCH_NAME}",
117                                           nil, nil))
118   end
119
120   test "find_commit_range max_version with disambiguated branch name" do
121     assert_equal([COMMIT_BRANCH_COMMIT_2],
122                  Commit.find_commit_range("active/shabranchnames", nil,
123                                           "heads/#{COMMIT_BRANCH_NAME}", nil))
124   end
125
126   test "find_commit_range min_version with unambiguous short name" do
127     assert_equal([COMMIT_BRANCH_NAME],
128                  Commit.find_commit_range("active/shabranchnames",
129                                           COMMIT_BRANCH_NAME[0..-2], nil, nil))
130   end
131
132   test "find_commit_range max_version with unambiguous short name" do
133     assert_equal([COMMIT_BRANCH_NAME],
134                  Commit.find_commit_range("active/shabranchnames", nil,
135                                           COMMIT_BRANCH_NAME[0..-2], nil))
136   end
137
138   test "find_commit_range laundry list" do
139     authorize_with :active
140
141     # single
142     a = Commit.find_commit_range('active/foo', nil, '31ce37fe365b3dc204300a3e4c396ad333ed0556', nil)
143     assert_equal ['31ce37fe365b3dc204300a3e4c396ad333ed0556'], a
144
145     #test "test_branch1" do
146     a = Commit.find_commit_range('active/foo', nil, 'master', nil)
147     assert_includes(a, '077ba2ad3ea24a929091a9e6ce545c93199b8e57')
148
149     #test "test_branch2" do
150     a = Commit.find_commit_range('active/foo', nil, 'b1', nil)
151     assert_equal ['1de84a854e2b440dc53bf42f8548afa4c17da332'], a
152
153     #test "test_branch3" do
154     a = Commit.find_commit_range('active/foo', nil, 'HEAD', nil)
155     assert_equal ['1de84a854e2b440dc53bf42f8548afa4c17da332'], a
156
157     #test "test_single_revision_repo" do
158     a = Commit.find_commit_range('active/foo', nil, '31ce37fe365b3dc204300a3e4c396ad333ed0556', nil)
159     assert_equal ['31ce37fe365b3dc204300a3e4c396ad333ed0556'], a
160     a = Commit.find_commit_range('arvados', nil, '31ce37fe365b3dc204300a3e4c396ad333ed0556', nil)
161     assert_equal [], a
162
163     #test "test_multi_revision" do
164     # complains "fatal: bad object 077ba2ad3ea24a929091a9e6ce545c93199b8e57"
165     a = Commit.find_commit_range('active/foo', '31ce37fe365b3dc204300a3e4c396ad333ed0556', '077ba2ad3ea24a929091a9e6ce545c93199b8e57', nil)
166     assert_equal ['077ba2ad3ea24a929091a9e6ce545c93199b8e57', '4fe459abe02d9b365932b8f5dc419439ab4e2577', '31ce37fe365b3dc204300a3e4c396ad333ed0556'], a
167
168     #test "test_tag" do
169     # complains "fatal: ambiguous argument 'tag1': unknown revision or path
170     # not in the working tree."
171     a = Commit.find_commit_range('active/foo', 'tag1', 'master', nil)
172     assert_equal ['077ba2ad3ea24a929091a9e6ce545c93199b8e57', '4fe459abe02d9b365932b8f5dc419439ab4e2577'], a
173
174     #test "test_multi_revision_exclude" do
175     a = Commit.find_commit_range('active/foo', '31ce37fe365b3dc204300a3e4c396ad333ed0556', '077ba2ad3ea24a929091a9e6ce545c93199b8e57', ['4fe459abe02d9b365932b8f5dc419439ab4e2577'])
176     assert_equal ['077ba2ad3ea24a929091a9e6ce545c93199b8e57', '31ce37fe365b3dc204300a3e4c396ad333ed0556'], a
177
178     #test "test_multi_revision_tagged_exclude" do
179     # complains "fatal: bad object 077ba2ad3ea24a929091a9e6ce545c93199b8e57"
180     a = Commit.find_commit_range('active/foo', '31ce37fe365b3dc204300a3e4c396ad333ed0556', '077ba2ad3ea24a929091a9e6ce545c93199b8e57', ['tag1'])
181     assert_equal ['077ba2ad3ea24a929091a9e6ce545c93199b8e57', '31ce37fe365b3dc204300a3e4c396ad333ed0556'], a
182
183     Dir.mktmpdir do |touchdir|
184       # invalid input to maximum
185       a = Commit.find_commit_range('active/foo', nil, "31ce37fe365b3dc204300a3e4c396ad333ed0556 ; touch #{touchdir}/uh_oh", nil)
186       assert !File.exists?("#{touchdir}/uh_oh"), "#{touchdir}/uh_oh should not exist, 'maximum' parameter of find_commit_range is exploitable"
187       assert_equal [], a
188
189       # invalid input to maximum
190       a = Commit.find_commit_range('active/foo', nil, "$(uname>#{touchdir}/uh_oh)", nil)
191       assert !File.exists?("#{touchdir}/uh_oh"), "#{touchdir}/uh_oh should not exist, 'maximum' parameter of find_commit_range is exploitable"
192       assert_equal [], a
193
194       # invalid input to minimum
195       a = Commit.find_commit_range('active/foo', "31ce37fe365b3dc204300a3e4c396ad333ed0556 ; touch #{touchdir}/uh_oh", "31ce37fe365b3dc204300a3e4c396ad333ed0556", nil)
196       assert !File.exists?("#{touchdir}/uh_oh"), "#{touchdir}/uh_oh should not exist, 'minimum' parameter of find_commit_range is exploitable"
197       assert_equal [], a
198
199       # invalid input to minimum
200       a = Commit.find_commit_range('active/foo', "$(uname>#{touchdir}/uh_oh)", "31ce37fe365b3dc204300a3e4c396ad333ed0556", nil)
201       assert !File.exists?("#{touchdir}/uh_oh"), "#{touchdir}/uh_oh should not exist, 'minimum' parameter of find_commit_range is exploitable"
202       assert_equal [], a
203
204       # invalid input to 'excludes'
205       # complains "fatal: bad object 077ba2ad3ea24a929091a9e6ce545c93199b8e57"
206       a = Commit.find_commit_range('active/foo', "31ce37fe365b3dc204300a3e4c396ad333ed0556", "077ba2ad3ea24a929091a9e6ce545c93199b8e57", ["4fe459abe02d9b365932b8f5dc419439ab4e2577 ; touch #{touchdir}/uh_oh"])
207       assert !File.exists?("#{touchdir}/uh_oh"), "#{touchdir}/uh_oh should not exist, 'excludes' parameter of find_commit_range is exploitable"
208       assert_equal [], a
209
210       # invalid input to 'excludes'
211       # complains "fatal: bad object 077ba2ad3ea24a929091a9e6ce545c93199b8e57"
212       a = Commit.find_commit_range('active/foo', "31ce37fe365b3dc204300a3e4c396ad333ed0556", "077ba2ad3ea24a929091a9e6ce545c93199b8e57", ["$(uname>#{touchdir}/uh_oh)"])
213       assert !File.exists?("#{touchdir}/uh_oh"), "#{touchdir}/uh_oh should not exist, 'excludes' parameter of find_commit_range is exploitable"
214       assert_equal [], a
215     end
216   end
217 end