| 1 | # frozen_string_literal: true |
| 2 | |
| 3 | require "rails_helper" |
| 4 | |
| 5 | # robots.txt and sitemap.xml must expose public content and exclude anything |
| 6 | # private or behind auth. |
| 7 | RSpec.describe "Sitemap and robots", type: :request do |
| 8 | let(:alice) { User.create!(smbcloud_id: 7001, email: "alice@example.com", username: "alice") } |
| 9 | let(:bob) { User.create!(smbcloud_id: 7002, email: "bob@example.com", username: "bob") } |
| 10 | |
| 11 | before do |
| 12 | alice.repositories.create!(name: "widget", kind: "code", default_branch: "main", |
| 13 | disk_path: "/nonexistent/alice/widget.git", is_private: false) |
| 14 | alice.repositories.create!(name: "Qwen2.5-GGUF", kind: "model", default_branch: "main", |
| 15 | disk_path: "/nonexistent/alice/qwen.git", is_private: false) |
| 16 | bob.repositories.create!(name: "secret-internal-tool", kind: "code", default_branch: "main", |
| 17 | disk_path: "/nonexistent/bob/secret.git", is_private: true) |
| 18 | end |
| 19 | |
| 20 | describe "sitemap.xml" do |
| 21 | before { get "/sitemap.xml" } |
| 22 | |
| 23 | it "lists public repos and their owners" do |
| 24 | expect(response).to have_http_status(:ok) |
| 25 | expect(response.media_type).to eq("application/xml") |
| 26 | expect(response.body).to include("http://www.example.com/alice/widget") |
| 27 | expect(response.body).to include("http://www.example.com/alice/Qwen2.5-GGUF") |
| 28 | expect(response.body).to include("http://www.example.com/alice") |
| 29 | end |
| 30 | |
| 31 | it "excludes private repos and private-only users" do |
| 32 | expect(response.body).not_to include("secret-internal-tool") |
| 33 | expect(response.body).not_to include("http://www.example.com/bob") |
| 34 | end |
| 35 | end |
| 36 | |
| 37 | describe "robots.txt" do |
| 38 | it "allows content and disallows auth/transactional routes" do |
| 39 | get "/robots.txt" |
| 40 | expect(response).to have_http_status(:ok) |
| 41 | body = response.body |
| 42 | expect(body).to include("Sitemap: https://sigit.si/sitemap.xml") |
| 43 | expect(body).to include("Disallow: /settings") |
| 44 | expect(body).to include("Disallow: /billing") |
| 45 | expect(body).to include("Disallow: /auth") |
| 46 | expect(body).to include("Disallow: /new") |
| 47 | expect(body).to include("Disallow: /api/") |
| 48 | end |
| 49 | end |
| 50 | end |