Skip to content

Commit 9980106

Browse files
author
Scott Bommarito
authored
UI should return Forbidden when symbols feature flag is disabled (#7162)
1 parent 0adfac3 commit 9980106

3 files changed

Lines changed: 39 additions & 2 deletions

File tree

src/NuGetGallery/Controllers/PackagesController.cs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2520,7 +2520,7 @@ private JsonResult GetJsonResultOrNull(SymbolPackageValidationResult validationR
25202520
httpStatusCode = HttpStatusCode.Conflict;
25212521
break;
25222522
case SymbolPackageValidationResultType.UserNotAllowedToUpload:
2523-
httpStatusCode = HttpStatusCode.Unauthorized;
2523+
httpStatusCode = HttpStatusCode.Forbidden;
25242524
break;
25252525
default:
25262526
throw new NotImplementedException($"The symbol package validation result type {validationResult.Type} is not supported.");

src/NuGetGallery/Scripts/gallery/async-file-upload.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -216,7 +216,7 @@
216216
}
217217

218218
function displayErrors(errors) {
219-
if (errors == null || errors.length < 1) {
219+
if (!errors || errors.length < 1) {
220220
return;
221221
}
222222

tests/NuGetGallery.Facts/Controllers/PackagesControllerFacts.cs

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5613,6 +5613,43 @@ public async Task WillPreventSymbolsUploadIfOriginalPackageIsLocked()
56135613
Assert.Equal(string.Format(Strings.PackageIsLocked, packageId), (result.Data as JsonValidationMessage[])[0].PlainTextMessage);
56145614
}
56155615

5616+
[Fact]
5617+
public async Task WillPreventSymbolsUploadIfUserNotAllowedToUpload()
5618+
{
5619+
var packageId = "theId";
5620+
var package = new Package()
5621+
{
5622+
PackageRegistration = new PackageRegistration()
5623+
{
5624+
Id = packageId,
5625+
Owners = new List<User>() { TestUtility.FakeUser },
5626+
IsLocked = true
5627+
}
5628+
};
5629+
5630+
var fakeUploadedFile = new Mock<HttpPostedFileBase>();
5631+
fakeUploadedFile.Setup(x => x.FileName).Returns("theFile.snupkg");
5632+
var fakeFileStream = TestPackage.CreateTestSymbolPackageStream("theId", "1.0.0");
5633+
fakeUploadedFile.Setup(x => x.InputStream).Returns(fakeFileStream);
5634+
var symbolPackageUploadService = new Mock<ISymbolPackageUploadService>();
5635+
var message = "message";
5636+
symbolPackageUploadService
5637+
.Setup(x => x.ValidateUploadedSymbolsPackage(It.IsAny<Stream>(), It.IsAny<User>()))
5638+
.ReturnsAsync(SymbolPackageValidationResult.UserNotAllowedToUpload(message));
5639+
5640+
var controller = CreateController(
5641+
GetConfigurationService(),
5642+
fakeNuGetPackage: fakeFileStream,
5643+
symbolPackageUploadService: symbolPackageUploadService);
5644+
controller.SetCurrentUser(TestUtility.FakeUser);
5645+
5646+
var result = await controller.UploadPackage(fakeUploadedFile.Object) as JsonResult;
5647+
5648+
Assert.NotNull(result);
5649+
Assert.Equal((int)HttpStatusCode.Forbidden, controller.Response.StatusCode);
5650+
Assert.Equal(message, (result.Data as JsonValidationMessage[])[0].PlainTextMessage);
5651+
}
5652+
56165653
public static IEnumerable<object[]> SymbolValidationResultTypes => Enum
56175654
.GetValues(typeof(SymbolPackageValidationResultType))
56185655
.Cast<SymbolPackageValidationResultType>()

0 commit comments

Comments
 (0)