Add latest changes from gitlab-org/gitlab@15-4-stable-eev15.4.0-rc42

4 files changed, 91 insertions, 20 deletions

diff --git a/spec/controllers/groups/group_members_controller_spec.rb b/spec/controllers/groups/group_members_controller_spec.rb
index c6fd184ede0..a3659ae9163 100644
--- a/spec/controllers/groups/group_members_controller_spec.rb
+++ b/spec/controllers/groups/group_members_controller_spec.rb
@@ -97,6 +97,25 @@ RSpec.describe Groups::GroupMembersController do
         expect(assigns(:members).map(&:user_id)).to contain_exactly(user.id)
       end
     end
+
+    context 'when webui_members_inherited_users is disabled' do
+      let_it_be(:shared_group) { create(:group) }
+      let_it_be(:shared_group_user) { create(:user) }
+      let_it_be(:group_link) { create(:group_group_link, shared_group: shared_group, shared_with_group: group) }
+
+      before do
+        group.add_owner(user)
+        shared_group.add_owner(shared_group_user)
+        stub_feature_flags(webui_members_inherited_users: false)
+        sign_in(user)
+      end
+
+      it 'lists inherited group members only' do
+        get :index, params: { group_id: shared_group }
+
+        expect(assigns(:members).map(&:user_id)).to contain_exactly(shared_group_user.id)
+      end
+    end
   end
 
   describe 'PUT update' do
diff --git a/spec/controllers/groups/labels_controller_spec.rb b/spec/controllers/groups/labels_controller_spec.rb
index 90da40cd5f0..37db26096d3 100644
--- a/spec/controllers/groups/labels_controller_spec.rb
+++ b/spec/controllers/groups/labels_controller_spec.rb
@@ -20,7 +20,7 @@ RSpec.describe Groups::LabelsController do
     it 'returns group and project labels by default' do
       get :index, params: { group_id: group }, format: :json
 
-      label_ids = json_response.map {|label| label['title']}
+      label_ids = json_response.map { |label| label['title'] }
       expect(label_ids).to match_array([label_1.title, group_label_1.title])
     end
 
@@ -36,7 +36,7 @@ RSpec.describe Groups::LabelsController do
         params = { group_id: subgroup, only_group_labels: true }
         get :index, params: params, format: :json
 
-        label_ids = json_response.map {|label| label['title']}
+        label_ids = json_response.map { |label| label['title'] }
         expect(label_ids).to match_array([group_label_1.title, subgroup_label_1.title])
       end
     end
diff --git a/spec/controllers/groups/releases_controller_spec.rb b/spec/controllers/groups/releases_controller_spec.rb
index 9d372114d62..7dd0bc6206a 100644
--- a/spec/controllers/groups/releases_controller_spec.rb
+++ b/spec/controllers/groups/releases_controller_spec.rb
@@ -42,7 +42,7 @@ RSpec.describe Groups::ReleasesController do
         end
 
         it 'does not return any releases' do
-          expect(json_response.map {|r| r['tag'] } ).to be_empty
+          expect(json_response.map { |r| r['tag'] } ).to be_empty
         end
 
         it 'returns OK' do
@@ -56,7 +56,7 @@ RSpec.describe Groups::ReleasesController do
 
           index
 
-          expect(json_response.map {|r| r['tag'] } ).to match_array(%w(p2 p1 v2 v1))
+          expect(json_response.map { |r| r['tag'] } ).to match_array(%w(p2 p1 v2 v1))
         end
       end
 
diff --git a/spec/controllers/groups/settings/applications_controller_spec.rb b/spec/controllers/groups/settings/applications_controller_spec.rb
index 0804a5536e0..b9457770ed6 100644
--- a/spec/controllers/groups/settings/applications_controller_spec.rb
+++ b/spec/controllers/groups/settings/applications_controller_spec.rb
@@ -71,17 +71,43 @@ RSpec.describe Groups::Settings::ApplicationsController do
         group.add_owner(user)
       end
 
-      it 'creates the application' do
-        create_params = attributes_for(:application, trusted: false, confidential: false, scopes: ['api'])
+      context 'with hash_oauth_secrets flag on' do
+        before do
+          stub_feature_flags(hash_oauth_secrets: true)
+        end
 
-        expect do
-          post :create, params: { group_id: group, doorkeeper_application: create_params }
-        end.to change { Doorkeeper::Application.count }.by(1)
+        it 'creates the application' do
+          create_params = attributes_for(:application, trusted: false, confidential: false, scopes: ['api'])
+
+          expect do
+            post :create, params: { group_id: group, doorkeeper_application: create_params }
+          end.to change { Doorkeeper::Application.count }.by(1)
 
-        application = Doorkeeper::Application.last
+          application = Doorkeeper::Application.last
 
-        expect(response).to redirect_to(group_settings_application_path(group, application))
-        expect(application).to have_attributes(create_params.except(:uid, :owner_type))
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(response).to render_template :show
+          expect(application).to have_attributes(create_params.except(:uid, :owner_type))
+        end
+      end
+
+      context 'with hash_oauth_secrets flag off' do
+        before do
+          stub_feature_flags(hash_oauth_secrets: false)
+        end
+
+        it 'creates the application' do
+          create_params = attributes_for(:application, trusted: false, confidential: false, scopes: ['api'])
+
+          expect do
+            post :create, params: { group_id: group, doorkeeper_application: create_params }
+          end.to change { Doorkeeper::Application.count }.by(1)
+
+          application = Doorkeeper::Application.last
+
+          expect(response).to redirect_to(group_settings_application_path(group, application))
+          expect(application).to have_attributes(create_params.except(:uid, :owner_type))
+        end
       end
 
       it 'renders the application form on errors' do
@@ -94,17 +120,43 @@ RSpec.describe Groups::Settings::ApplicationsController do
       end
 
       context 'when the params are for a confidential application' do
-        it 'creates a confidential application' do
-          create_params = attributes_for(:application, confidential: true, scopes: ['read_user'])
+        context 'with hash_oauth_secrets flag off' do
+          before do
+            stub_feature_flags(hash_oauth_secrets: false)
+          end
 
-          expect do
-            post :create, params: { group_id: group, doorkeeper_application: create_params }
-          end.to change { Doorkeeper::Application.count }.by(1)
+          it 'creates a confidential application' do
+            create_params = attributes_for(:application, confidential: true, scopes: ['read_user'])
 
-          application = Doorkeeper::Application.last
+            expect do
+              post :create, params: { group_id: group, doorkeeper_application: create_params }
+            end.to change { Doorkeeper::Application.count }.by(1)
 
-          expect(response).to redirect_to(group_settings_application_path(group, application))
-          expect(application).to have_attributes(create_params.except(:uid, :owner_type))
+            application = Doorkeeper::Application.last
+
+            expect(response).to redirect_to(group_settings_application_path(group, application))
+            expect(application).to have_attributes(create_params.except(:uid, :owner_type))
+          end
+        end
+
+        context 'with hash_oauth_secrets flag on' do
+          before do
+            stub_feature_flags(hash_oauth_secrets: true)
+          end
+
+          it 'creates a confidential application' do
+            create_params = attributes_for(:application, confidential: true, scopes: ['read_user'])
+
+            expect do
+              post :create, params: { group_id: group, doorkeeper_application: create_params }
+            end.to change { Doorkeeper::Application.count }.by(1)
+
+            application = Doorkeeper::Application.last
+
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(response).to render_template :show
+            expect(application).to have_attributes(create_params.except(:uid, :owner_type))
+          end
         end
       end