diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-03 15:10:00 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-03 15:10:00 +0300 |
| commit | 14a32c2d551a646525b1fabd93cb70a0e6924478 (patch) | |
| tree | 782ba91ba786aee2cda379704e7f2ebcb5b46748 /spec/controllers | |
| parent | 11c2f3b08c3bab4718a97360d1502f90793d028b (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/controllers')
| -rw-r--r-- | spec/controllers/admin/sessions_controller_spec.rb | 10 | ||||
| -rw-r--r-- | spec/controllers/graphql_controller_spec.rb | 35 |
2 files changed, 35 insertions, 10 deletions
diff --git a/spec/controllers/admin/sessions_controller_spec.rb b/spec/controllers/admin/sessions_controller_spec.rb index 5fa7a7f278d..e0890f4d160 100644 --- a/spec/controllers/admin/sessions_controller_spec.rb +++ b/spec/controllers/admin/sessions_controller_spec.rb @@ -268,16 +268,6 @@ RSpec.describe Admin::SessionsController, :do_not_mock_admin_mode do end end - context 'when using two-factor authentication via U2F' do - it_behaves_like 'when using two-factor authentication via hardware device' do - let(:user) { create(:admin, :two_factor_via_u2f) } - - before do - stub_feature_flags(webauthn: false) - end - end - end - context 'when using two-factor authentication via WebAuthn' do it_behaves_like 'when using two-factor authentication via hardware device' do let(:user) { create(:admin, :two_factor_via_webauthn) } diff --git a/spec/controllers/graphql_controller_spec.rb b/spec/controllers/graphql_controller_spec.rb index 1f8845a55bf..be5dd4f961a 100644 --- a/spec/controllers/graphql_controller_spec.rb +++ b/spec/controllers/graphql_controller_spec.rb @@ -109,6 +109,41 @@ RSpec.describe GraphqlController, feature_category: :integrations do ]) end + it 'executes a multiplexed queries with variables with no errors' do + query = <<~GQL + mutation($a: String!, $b: String!) { + echoCreate(input: { messages: [$a, $b] }) { echoes } + } + GQL + multiplex = [ + { query: query, variables: { a: 'A', b: 'B' } }, + { query: query, variables: { a: 'a', b: 'b' } } + ] + + post :execute, params: { _json: multiplex } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to eq( + [ + { 'data' => { 'echoCreate' => { 'echoes' => %w[A B] } } }, + { 'data' => { 'echoCreate' => { 'echoes' => %w[a b] } } } + ]) + end + + it 'does not allow string as _json parameter' do + post :execute, params: { _json: 'bad' } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to eq({ + "errors" => [ + { + "message" => "Unexpected end of document", + "locations" => [] + } + ] + }) + end + it 'sets a limit on the total query size' do graphql_query = "{#{(['__typename'] * 1000).join(' ')}}" |