main
rb 50 lines 2.13 KB
Raw
1 # frozen_string_literal: true
2
3 require "rails_helper"
4
5 # robots.txt and sitemap.xml must expose public content and exclude anything
6 # private or behind auth.
7 RSpec.describe "Sitemap and robots", type: :request do
8 let(:alice) { User.create!(smbcloud_id: 7001, email: "alice@example.com", username: "alice") }
9 let(:bob) { User.create!(smbcloud_id: 7002, email: "bob@example.com", username: "bob") }
10
11 before do
12 alice.repositories.create!(name: "widget", kind: "code", default_branch: "main",
13 disk_path: "/nonexistent/alice/widget.git", is_private: false)
14 alice.repositories.create!(name: "Qwen2.5-GGUF", kind: "model", default_branch: "main",
15 disk_path: "/nonexistent/alice/qwen.git", is_private: false)
16 bob.repositories.create!(name: "secret-internal-tool", kind: "code", default_branch: "main",
17 disk_path: "/nonexistent/bob/secret.git", is_private: true)
18 end
19
20 describe "sitemap.xml" do
21 before { get "/sitemap.xml" }
22
23 it "lists public repos and their owners" do
24 expect(response).to have_http_status(:ok)
25 expect(response.media_type).to eq("application/xml")
26 expect(response.body).to include("http://www.example.com/alice/widget")
27 expect(response.body).to include("http://www.example.com/alice/Qwen2.5-GGUF")
28 expect(response.body).to include("http://www.example.com/alice")
29 end
30
31 it "excludes private repos and private-only users" do
32 expect(response.body).not_to include("secret-internal-tool")
33 expect(response.body).not_to include("http://www.example.com/bob")
34 end
35 end
36
37 describe "robots.txt" do
38 it "allows content and disallows auth/transactional routes" do
39 get "/robots.txt"
40 expect(response).to have_http_status(:ok)
41 body = response.body
42 expect(body).to include("Sitemap: https://sigit.si/sitemap.xml")
43 expect(body).to include("Disallow: /settings")
44 expect(body).to include("Disallow: /billing")
45 expect(body).to include("Disallow: /auth")
46 expect(body).to include("Disallow: /new")
47 expect(body).to include("Disallow: /api/")
48 end
49 end
50 end