Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/qa
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-04-23 21:09:46 +0300
committerGitLab Bot <gitlab-bot@gitlab.com>2020-04-23 21:09:46 +0300
commitfdd0b0fd4592c74257980d07878db75705d22192 (patch)
treefcf923555aed86fea3842f1074ec45d2864db20c /qa
parent9a9415ab127d5e660c09113238a6fb0a895218e9 (diff)
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'qa')
-rw-r--r--qa/qa/page/component/select2.rb2
-rw-r--r--qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb39
2 files changed, 16 insertions, 25 deletions
diff --git a/qa/qa/page/component/select2.rb b/qa/qa/page/component/select2.rb
index e667fad1dd3..7e3308c0c8f 100644
--- a/qa/qa/page/component/select2.rb
+++ b/qa/qa/page/component/select2.rb
@@ -36,7 +36,7 @@ module QA
end
def dropdown_open?
- has_css?('.select2-input')
+ find('.select2-focusser').disabled?
end
end
end
diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
index 9ae7f566452..57d2c02a27b 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
@@ -3,42 +3,33 @@
module QA
context 'Plan', :reliable do
describe 'check xss occurence in @mentions in issues', :requires_admin do
- let(:user) do
- Resource::User.fabricate_via_api! do |user|
- user.name = "eve <img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;"
- user.password = "test1234"
- end
- end
-
- let(:project) do
- Resource::Project.fabricate_via_api! do |project|
- project.name = 'xss-test-for-mentions-project'
- project.add_member(user)
- end
- end
-
- let(:issue) do
- Resource::Issue.fabricate_via_api! do |issue|
- issue.project = project
- end
- end
-
- before do
+ it 'mentions a user in a comment' do
QA::Runtime::Env.personal_access_token = QA::Runtime::Env.admin_personal_access_token
unless QA::Runtime::Env.personal_access_token
Flow::Login.sign_in_as_admin
end
+ user = Resource::User.fabricate_via_api! do |user|
+ user.name = "eve <img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;"
+ user.password = "test1234"
+ end
+
QA::Runtime::Env.personal_access_token = nil
Page::Main::Menu.perform(&:sign_out) if Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
Flow::Login.sign_in
- end
- it 'mentions a user in a comment' do
- issue.visit!
+ project = Resource::Project.fabricate_via_api! do |project|
+ project.name = 'xss-test-for-mentions-project'
+ end
+
+ Flow::Project.add_member(project: project, username: user.username)
+
+ Resource::Issue.fabricate_via_api! do |issue|
+ issue.project = project
+ end.visit!
Page::Project::Issue::Show.perform do |show|
show.select_all_activities_filter
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-14 04:15:24 +0300