From 06cb4bddaaceb58437b27abf7c3485ea8a56919f Mon Sep 17 00:00:00 2001
From: Joseph Schorr <joseph.schorr@coreos.com>
Date: Tue, 5 Jun 2018 19:42:16 -0400
Subject: [PATCH] Add a test to ensure we don't hit the database when accessing
 a private catalog with no auth

---
 test/registry/registry_tests.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/test/registry/registry_tests.py b/test/registry/registry_tests.py
index 6d3529893..4be4c781d 100644
--- a/test/registry/registry_tests.py
+++ b/test/registry/registry_tests.py
@@ -674,6 +674,19 @@ def test_push_disabled_namespace(pusher, basic_images, liveserver_session,
               credentials=credentials, expected_failure=Failures.NAMESPACE_DISABLED)
 
 
+def test_private_catalog_no_access(v2_protocol, liveserver_session, app_reloader, liveserver,
+                                   registry_server_executor):
+  """ Test: Ensure that accessing a private catalog with anonymous access results in no database
+      connections.
+  """
+  with FeatureFlagValue('PUBLIC_CATALOG', False, registry_server_executor.on(liveserver)):
+    # Disconnect the server from the database.
+    registry_server_executor.on(liveserver).break_database()
+
+    results = v2_protocol.catalog(liveserver_session)
+    assert not results
+
+
 @pytest.mark.parametrize('public_catalog, credentials, expected_repos', [
   # No public access and no credentials => No results.
   (False, None, None),