diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-09-20 02:18:09 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-09-20 02:18:09 +0300 |
commit | 6ed4ec3e0b1340f96b7c043ef51d1b33bbe85fde (patch) | |
tree | dc4d20fe6064752c0bd323187252c77e0a89144b /spec/controllers/admin | |
parent | 9868dae7fc0655bd7ce4a6887d4e6d487690eeed (diff) |
Add latest changes from gitlab-org/gitlab@15-4-stable-eev15.4.0-rc42
Diffstat (limited to 'spec/controllers/admin')
7 files changed, 247 insertions, 65 deletions
diff --git a/spec/controllers/admin/application_settings_controller_spec.rb b/spec/controllers/admin/application_settings_controller_spec.rb index e02589ddc83..ab0cad989cb 100644 --- a/spec/controllers/admin/application_settings_controller_spec.rb +++ b/spec/controllers/admin/application_settings_controller_spec.rb @@ -9,7 +9,7 @@ RSpec.describe Admin::ApplicationSettingsController, :do_not_mock_admin_mode_set let(:group) { create(:group) } let(:project) { create(:project, namespace: group) } let(:admin) { create(:admin) } - let(:user) { create(:user)} + let(:user) { create(:user) } before do stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false') @@ -362,6 +362,17 @@ RSpec.describe Admin::ApplicationSettingsController, :do_not_mock_admin_mode_set expect(application_settings.reload.pipeline_limit_per_project_user_sha).to eq(25) end end + + context 'invitation flow enforcement setting' do + let(:application_settings) { ApplicationSetting.current } + + it 'updates invitation_flow_enforcement setting' do + put :update, params: { application_setting: { invitation_flow_enforcement: true } } + + expect(response).to redirect_to(general_admin_application_settings_path) + expect(application_settings.reload.invitation_flow_enforcement).to eq(true) + end + end end describe 'PUT #reset_registration_token' do diff --git a/spec/controllers/admin/applications_controller_spec.rb b/spec/controllers/admin/applications_controller_spec.rb index 6c423097e70..bf7707f177c 100644 --- a/spec/controllers/admin/applications_controller_spec.rb +++ b/spec/controllers/admin/applications_controller_spec.rb @@ -39,17 +39,43 @@ RSpec.describe Admin::ApplicationsController do end describe 'POST #create' do - it 'creates the application' do - create_params = attributes_for(:application, trusted: true, confidential: false, scopes: ['api']) + context 'with hash_oauth_secrets flag off' do + before do + stub_feature_flags(hash_oauth_secrets: false) + end - expect do - post :create, params: { doorkeeper_application: create_params } - end.to change { Doorkeeper::Application.count }.by(1) + it 'creates the application' do + create_params = attributes_for(:application, trusted: true, confidential: false, scopes: ['api']) + + expect do + post :create, params: { doorkeeper_application: create_params } + end.to change { Doorkeeper::Application.count }.by(1) - application = Doorkeeper::Application.last + application = Doorkeeper::Application.last - expect(response).to redirect_to(admin_application_path(application)) - expect(application).to have_attributes(create_params.except(:uid, :owner_type)) + expect(response).to redirect_to(admin_application_path(application)) + expect(application).to have_attributes(create_params.except(:uid, :owner_type)) + end + end + + context 'with hash_oauth_secrets flag on' do + before do + stub_feature_flags(hash_oauth_secrets: true) + end + + it 'creates the application' do + create_params = attributes_for(:application, trusted: true, confidential: false, scopes: ['api']) + + expect do + post :create, params: { doorkeeper_application: create_params } + end.to change { Doorkeeper::Application.count }.by(1) + + application = Doorkeeper::Application.last + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template :show + expect(application).to have_attributes(create_params.except(:uid, :owner_type)) + end end it 'renders the application form on errors' do @@ -62,17 +88,43 @@ RSpec.describe Admin::ApplicationsController do end context 'when the params are for a confidential application' do - it 'creates a confidential application' do - create_params = attributes_for(:application, confidential: true, scopes: ['read_user']) + context 'with hash_oauth_secrets flag off' do + before do + stub_feature_flags(hash_oauth_secrets: false) + end - expect do - post :create, params: { doorkeeper_application: create_params } - end.to change { Doorkeeper::Application.count }.by(1) + it 'creates a confidential application' do + create_params = attributes_for(:application, confidential: true, scopes: ['read_user']) - application = Doorkeeper::Application.last + expect do + post :create, params: { doorkeeper_application: create_params } + end.to change { Doorkeeper::Application.count }.by(1) - expect(response).to redirect_to(admin_application_path(application)) - expect(application).to have_attributes(create_params.except(:uid, :owner_type)) + application = Doorkeeper::Application.last + + expect(response).to redirect_to(admin_application_path(application)) + expect(application).to have_attributes(create_params.except(:uid, :owner_type)) + end + end + + context 'with hash_oauth_secrets flag on' do + before do + stub_feature_flags(hash_oauth_secrets: true) + end + + it 'creates a confidential application' do + create_params = attributes_for(:application, confidential: true, scopes: ['read_user']) + + expect do + post :create, params: { doorkeeper_application: create_params } + end.to change { Doorkeeper::Application.count }.by(1) + + application = Doorkeeper::Application.last + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template :show + expect(application).to have_attributes(create_params.except(:uid, :owner_type)) + end end end diff --git a/spec/controllers/admin/cohorts_controller_spec.rb b/spec/controllers/admin/cohorts_controller_spec.rb index d271276a3e4..766073977c6 100644 --- a/spec/controllers/admin/cohorts_controller_spec.rb +++ b/spec/controllers/admin/cohorts_controller_spec.rb @@ -13,5 +13,17 @@ RSpec.describe Admin::CohortsController do it_behaves_like 'tracking unique visits', :index do let(:target_id) { 'i_analytics_cohorts' } end + + it_behaves_like 'Snowplow event tracking' do + subject { get :index } + + let(:feature_flag_name) { :route_hll_to_snowplow_phase2 } + let(:category) { described_class.name } + let(:action) { 'perform_analytics_usage_action' } + let(:label) { 'redis_hll_counters.analytics.analytics_total_unique_counts_monthly' } + let(:property) { 'i_analytics_cohorts' } + let(:namespace) { nil } + let(:project) { nil } + end end end diff --git a/spec/controllers/admin/runners_controller_spec.rb b/spec/controllers/admin/runners_controller_spec.rb index fea59969400..9e852cb28dd 100644 --- a/spec/controllers/admin/runners_controller_spec.rb +++ b/spec/controllers/admin/runners_controller_spec.rb @@ -74,7 +74,7 @@ RSpec.describe Admin::RunnersController do context 'with update succeeding' do before do expect_next_instance_of(Ci::Runners::UpdateRunnerService, runner) do |service| - expect(service).to receive(:update).with(anything).and_call_original + expect(service).to receive(:execute).with(anything).and_call_original end end @@ -91,7 +91,7 @@ RSpec.describe Admin::RunnersController do context 'with update failing' do before do expect_next_instance_of(Ci::Runners::UpdateRunnerService, runner) do |service| - expect(service).to receive(:update).with(anything).and_return(false) + expect(service).to receive(:execute).with(anything).and_return(ServiceResponse.error(message: 'failure')) end end diff --git a/spec/controllers/admin/spam_logs_controller_spec.rb b/spec/controllers/admin/spam_logs_controller_spec.rb index 13038339d08..48221f496fb 100644 --- a/spec/controllers/admin/spam_logs_controller_spec.rb +++ b/spec/controllers/admin/spam_logs_controller_spec.rb @@ -27,13 +27,34 @@ RSpec.describe Admin::SpamLogsController do expect(response).to have_gitlab_http_status(:ok) end - it 'removes user and their spam logs when removing the user', :sidekiq_might_not_need_inline do - delete :destroy, params: { id: first_spam.id, remove_user: true } + context 'when user_destroy_with_limited_execution_time_worker is enabled' do + it 'initiates user removal', :sidekiq_inline do + expect do + delete :destroy, params: { id: first_spam.id, remove_user: true } + end.not_to change { SpamLog.count } - expect(flash[:notice]).to eq "User #{user.username} was successfully removed." - expect(response).to have_gitlab_http_status(:found) - expect(SpamLog.count).to eq(0) - expect { User.find(user.id) }.to raise_error(ActiveRecord::RecordNotFound) + expect(response).to have_gitlab_http_status(:found) + expect( + Users::GhostUserMigration.where(user: user, + initiator_user: admin) + ).to be_exists + expect(flash[:notice]).to eq("User #{user.username} was successfully removed.") + end + end + + context 'when user_destroy_with_limited_execution_time_worker is disabled' do + before do + stub_feature_flags(user_destroy_with_limited_execution_time_worker: false) + end + + it 'removes user and their spam logs when removing the user', :sidekiq_inline do + delete :destroy, params: { id: first_spam.id, remove_user: true } + + expect(flash[:notice]).to eq "User #{user.username} was successfully removed." + expect(response).to have_gitlab_http_status(:found) + expect(SpamLog.count).to eq(0) + expect { User.find(user.id) }.to raise_error(ActiveRecord::RecordNotFound) + end end end diff --git a/spec/controllers/admin/topics_controller_spec.rb b/spec/controllers/admin/topics_controller_spec.rb index 87093e0263b..111fdcc3be6 100644 --- a/spec/controllers/admin/topics_controller_spec.rb +++ b/spec/controllers/admin/topics_controller_spec.rb @@ -194,7 +194,7 @@ RSpec.describe Admin::TopicsController do end it 'renders a 400 error for identical topic ids' do - post :merge, params: { source_topic_id: topic, target_topic_id: topic.id } + post :merge, params: { source_topic_id: topic.id, target_topic_id: topic.id } expect(response).to have_gitlab_http_status(:bad_request) expect { topic.reload }.not_to raise_error diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb index 515ad9daf36..682399f4dd9 100644 --- a/spec/controllers/admin/users_controller_spec.rb +++ b/spec/controllers/admin/users_controller_spec.rb @@ -73,51 +73,120 @@ RSpec.describe Admin::UsersController do project.add_developer(user) end - it 'deletes user and ghosts their contributions' do - delete :destroy, params: { id: user.username }, format: :json + context 'when user_destroy_with_limited_execution_time_worker is enabled' do + it 'initiates user removal' do + delete :destroy, params: { id: user.username }, format: :json - expect(response).to have_gitlab_http_status(:ok) - expect(User.exists?(user.id)).to be_falsy - expect(issue.reload.author).to be_ghost - end + expect(response).to have_gitlab_http_status(:ok) + expect( + Users::GhostUserMigration.where(user: user, + initiator_user: admin, + hard_delete: false) + ).to be_exists + end - it 'deletes the user and their contributions when hard delete is specified' do - delete :destroy, params: { id: user.username, hard_delete: true }, format: :json + it 'initiates user removal and passes hard delete option' do + delete :destroy, params: { id: user.username, hard_delete: true }, format: :json - expect(response).to have_gitlab_http_status(:ok) - expect(User.exists?(user.id)).to be_falsy - expect(Issue.exists?(issue.id)).to be_falsy - end + expect(response).to have_gitlab_http_status(:ok) + expect( + Users::GhostUserMigration.where(user: user, + initiator_user: admin, + hard_delete: true) + ).to be_exists + end - context 'prerequisites for account deletion' do - context 'solo-owned groups' do - let(:group) { create(:group) } + context 'prerequisites for account deletion' do + context 'solo-owned groups' do + let(:group) { create(:group) } - context 'if the user is the sole owner of at least one group' do - before do - create(:group_member, :owner, group: group, user: user) - end + context 'if the user is the sole owner of at least one group' do + before do + create(:group_member, :owner, group: group, user: user) + end + + context 'soft-delete' do + it 'fails' do + delete :destroy, params: { id: user.username } - context 'soft-delete' do - it 'fails' do - delete :destroy, params: { id: user.username } + message = s_('AdminUsers|You must transfer ownership or delete the groups owned by this user before you can delete their account') - message = s_('AdminUsers|You must transfer ownership or delete the groups owned by this user before you can delete their account') + expect(flash[:alert]).to eq(message) + expect(response).to have_gitlab_http_status(:see_other) + expect(response).to redirect_to admin_user_path(user) + expect(Users::GhostUserMigration).not_to exist + end + end - expect(flash[:alert]).to eq(message) - expect(response).to have_gitlab_http_status(:see_other) - expect(response).to redirect_to admin_user_path(user) - expect(User.exists?(user.id)).to be_truthy + context 'hard-delete' do + it 'succeeds' do + delete :destroy, params: { id: user.username, hard_delete: true } + + expect(response).to redirect_to(admin_users_path) + expect(flash[:notice]).to eq(_('The user is being deleted.')) + expect( + Users::GhostUserMigration.where(user: user, + initiator_user: admin, + hard_delete: true) + ).to be_exists + end end end + end + end + end + + context 'when user_destroy_with_limited_execution_time_worker is disabled' do + before do + stub_feature_flags(user_destroy_with_limited_execution_time_worker: false) + end + + it 'deletes user and ghosts their contributions' do + delete :destroy, params: { id: user.username }, format: :json - context 'hard-delete' do - it 'succeeds' do - delete :destroy, params: { id: user.username, hard_delete: true } + expect(response).to have_gitlab_http_status(:ok) + expect(User.exists?(user.id)).to be_falsy + expect(issue.reload.author).to be_ghost + end + + it 'deletes the user and their contributions when hard delete is specified' do + delete :destroy, params: { id: user.username, hard_delete: true }, format: :json - expect(response).to redirect_to(admin_users_path) - expect(flash[:notice]).to eq(_('The user is being deleted.')) - expect(User.exists?(user.id)).to be_falsy + expect(response).to have_gitlab_http_status(:ok) + expect(User.exists?(user.id)).to be_falsy + expect(Issue.exists?(issue.id)).to be_falsy + end + + context 'prerequisites for account deletion' do + context 'solo-owned groups' do + let(:group) { create(:group) } + + context 'if the user is the sole owner of at least one group' do + before do + create(:group_member, :owner, group: group, user: user) + end + + context 'soft-delete' do + it 'fails' do + delete :destroy, params: { id: user.username } + + message = s_('AdminUsers|You must transfer ownership or delete the groups owned by this user before you can delete their account') + + expect(flash[:alert]).to eq(message) + expect(response).to have_gitlab_http_status(:see_other) + expect(response).to redirect_to admin_user_path(user) + expect(User.exists?(user.id)).to be_truthy + end + end + + context 'hard-delete' do + it 'succeeds' do + delete :destroy, params: { id: user.username, hard_delete: true } + + expect(response).to redirect_to(admin_users_path) + expect(flash[:notice]).to eq(_('The user is being deleted.')) + expect(User.exists?(user.id)).to be_falsy + end end end end @@ -131,10 +200,27 @@ RSpec.describe Admin::UsersController do context 'when rejecting a pending user' do let(:user) { create(:user, :blocked_pending_approval) } - it 'hard deletes the user', :sidekiq_inline do - subject + context 'when user_destroy_with_limited_execution_time_worker is enabled' do + it 'initiates user removal', :sidekiq_inline do + subject - expect(User.exists?(user.id)).to be_falsy + expect( + Users::GhostUserMigration.where(user: user, + initiator_user: admin) + ).to be_exists + end + end + + context 'when user_destroy_with_limited_execution_time_worker is disabled' do + before do + stub_feature_flags(user_destroy_with_limited_execution_time_worker: false) + end + + it 'hard deletes the user', :sidekiq_inline do + subject + + expect(User.exists?(user.id)).to be_falsy + end end it 'displays the rejection message' do @@ -270,19 +356,19 @@ RSpec.describe Admin::UsersController do let(:user) { create(:user, **activity) } context 'with no recent activity' do - let(:activity) { { last_activity_on: ::User::MINIMUM_INACTIVE_DAYS.next.days.ago } } + let(:activity) { { last_activity_on: Gitlab::CurrentSettings.deactivate_dormant_users_period.next.days.ago } } it_behaves_like 'a request that deactivates the user' end context 'with recent activity' do - let(:activity) { { last_activity_on: ::User::MINIMUM_INACTIVE_DAYS.pred.days.ago } } + let(:activity) { { last_activity_on: Gitlab::CurrentSettings.deactivate_dormant_users_period.pred.days.ago } } it 'does not deactivate the user' do put :deactivate, params: { id: user.username } user.reload expect(user.deactivated?).to be_falsey - expect(flash[:notice]).to eq("The user you are trying to deactivate has been active in the past #{::User::MINIMUM_INACTIVE_DAYS} days and cannot be deactivated") + expect(flash[:notice]).to eq("The user you are trying to deactivate has been active in the past #{Gitlab::CurrentSettings.deactivate_dormant_users_period} days and cannot be deactivated") end end end |