Add latest changes from gitlab-org/gitlab@13-0-stable-ee

6 files changed, 136 insertions, 41 deletions

diff --git a/spec/features/admin/admin_appearance_spec.rb b/spec/features/admin/admin_appearance_spec.rb
index f6c498f7a4c..e711ee7d40e 100644
--- a/spec/features/admin/admin_appearance_spec.rb
+++ b/spec/features/admin/admin_appearance_spec.rb
@@ -12,6 +12,7 @@ describe 'Admin Appearance' do
     fill_in 'appearance_title', with: 'MyCompany'
     fill_in 'appearance_description', with: 'dev server'
     fill_in 'appearance_new_project_guidelines', with: 'Custom project guidelines'
+    fill_in 'appearance_profile_image_guidelines', with: 'Custom profile image guidelines'
     click_button 'Update appearance settings'
 
     expect(current_path).to eq admin_appearances_path
@@ -20,6 +21,7 @@ describe 'Admin Appearance' do
     expect(page).to have_field('appearance_title', with: 'MyCompany')
     expect(page).to have_field('appearance_description', with: 'dev server')
     expect(page).to have_field('appearance_new_project_guidelines', with: 'Custom project guidelines')
+    expect(page).to have_field('appearance_profile_image_guidelines', with: 'Custom profile image guidelines')
     expect(page).to have_content 'Last edit'
   end
 
@@ -86,6 +88,22 @@ describe 'Admin Appearance' do
     expect_custom_new_project_appearance(appearance)
   end
 
+  context 'Profile page with custom profile image guidelines' do
+    before do
+      sign_in(create(:admin))
+      visit admin_appearances_path
+      fill_in 'appearance_profile_image_guidelines', with: 'Custom profile image guidelines, please :smile:!'
+      click_button 'Update appearance settings'
+    end
+
+    it 'renders guidelines when set' do
+      sign_in create(:user)
+      visit profile_path
+
+      expect(page).to have_content 'Custom profile image guidelines, please 😄!'
+    end
+  end
+
   it 'Appearance logo' do
     sign_in(create(:admin))
     visit admin_appearances_path
diff --git a/spec/features/admin/admin_browses_logs_spec.rb b/spec/features/admin/admin_browses_logs_spec.rb
deleted file mode 100644
index 45e860e1536..00000000000
--- a/spec/features/admin/admin_browses_logs_spec.rb
+++ /dev/null
@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe 'Admin browses logs' do
-  before do
-    sign_in(create(:admin))
-  end
-
-  it 'shows available log files' do
-    visit admin_logs_path
-
-    expect(page).to have_link 'application_json.log'
-    expect(page).to have_link 'git_json.log'
-    expect(page).to have_link 'test.log'
-    expect(page).to have_link 'sidekiq.log'
-    expect(page).to have_link 'repocheck.log'
-    expect(page).to have_link 'kubernetes.log'
-  end
-end
diff --git a/spec/features/admin/admin_hooks_spec.rb b/spec/features/admin/admin_hooks_spec.rb
index 64326f3be32..40bcf4a31e4 100644
--- a/spec/features/admin/admin_hooks_spec.rb
+++ b/spec/features/admin/admin_hooks_spec.rb
@@ -36,6 +36,24 @@ describe 'Admin::Hooks' do
       expect(page).to have_content('foo.rb')
       expect(page).to have_content('bar.clj')
     end
+
+    context 'deprecation warning' do
+      it 'shows warning for plugins directory' do
+        allow(Gitlab::FileHook).to receive(:files).and_return(['plugins/foo.rb'])
+
+        visit admin_hooks_path
+
+        expect(page).to have_content('Plugins directory is deprecated and will be removed in 14.0')
+      end
+
+      it 'does not show warning for file_hooks directory' do
+        allow(Gitlab::FileHook).to receive(:files).and_return(['file_hooks/foo.rb'])
+
+        visit admin_hooks_path
+
+        expect(page).not_to have_content('Plugins directory is deprecated and will be removed in 14.0')
+      end
+    end
   end
 
   describe 'New Hook' do
diff --git a/spec/features/admin/admin_mode/login_spec.rb b/spec/features/admin/admin_mode/login_spec.rb
index b8a910d3a40..afc6f2ddb56 100644
--- a/spec/features/admin/admin_mode/login_spec.rb
+++ b/spec/features/admin/admin_mode/login_spec.rb
@@ -5,6 +5,7 @@ require 'spec_helper'
 describe 'Admin Mode Login', :clean_gitlab_redis_shared_state, :do_not_mock_admin_mode do
   include TermsHelper
   include UserLoginHelper
+  include LdapHelpers
 
   describe 'with two-factor authentication', :js do
     def enter_code(code)
@@ -179,6 +180,82 @@ describe 'Admin Mode Login', :clean_gitlab_redis_shared_state, :do_not_mock_admi
           gitlab_enable_admin_mode_sign_in_via('saml', user, 'my-uid', mock_saml_response)
         end
       end
+
+      context 'when logging in via ldap' do
+        let(:uid) { 'my-uid' }
+        let(:provider_label) { 'Main LDAP' }
+        let(:provider_name) { 'main' }
+        let(:provider) { "ldap#{provider_name}" }
+        let(:ldap_server_config) do
+          {
+            'label' => provider_label,
+            'provider_name' => provider,
+            'attributes' => {},
+            'encryption' => 'plain',
+            'uid' => 'uid',
+            'base' => 'dc=example,dc=com'
+          }
+        end
+        let(:user) { create(:omniauth_user, :admin, :two_factor, extern_uid: uid, provider: provider) }
+
+        before do
+          setup_ldap(provider, user, uid, ldap_server_config)
+        end
+
+        context 'when two factor authentication is required' do
+          it 'shows 2FA prompt after ldap login' do
+            sign_in_using_ldap!(user, provider_label)
+
+            expect(page).to have_content('Two-Factor Authentication')
+
+            enter_code(user.current_otp)
+            enable_admin_mode_using_ldap!(user)
+
+            expect(page).to have_content('Two-Factor Authentication')
+
+            # Cannot reuse the TOTP
+            Timecop.travel(30.seconds.from_now) do
+              enter_code(user.current_otp)
+
+              expect(current_path).to eq admin_root_path
+              expect(page).to have_content('Admin mode enabled')
+            end
+          end
+        end
+
+        def setup_ldap(provider, user, uid, ldap_server_config)
+          stub_ldap_setting(enabled: true)
+
+          allow(::Gitlab::Auth::Ldap::Config).to receive_messages(enabled: true, servers: [ldap_server_config])
+          allow(Gitlab::Auth::OAuth::Provider).to receive_messages(providers: [provider.to_sym])
+
+          Ldap::OmniauthCallbacksController.define_providers!
+          Rails.application.reload_routes!
+
+          mock_auth_hash(provider, uid, user.email)
+          allow(Gitlab::Auth::Ldap::Access).to receive(:allowed?).with(user).and_return(true)
+
+          allow_any_instance_of(ActionDispatch::Routing::RoutesProxy)
+            .to receive(:"user_#{provider}_omniauth_callback_path")
+            .and_return("/users/auth/#{provider}/callback")
+        end
+
+        def sign_in_using_ldap!(user, provider_label)
+          visit new_user_session_path
+          click_link provider_label
+          fill_in 'username', with: user.username
+          fill_in 'password', with: user.password
+          click_button 'Sign in'
+        end
+
+        def enable_admin_mode_using_ldap!(user)
+          visit new_admin_session_path
+          click_link provider_label
+          fill_in 'username', with: user.username
+          fill_in 'password', with: user.password
+          click_button 'Enter Admin Mode'
+        end
+      end
     end
   end
 end
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
index 1a3da8cb373..7ec3c2abb51 100644
--- a/spec/features/admin/admin_settings_spec.rb
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -212,12 +212,12 @@ describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_moc
         expect(current_settings.hide_third_party_offers).to be true
       end
 
-      it 'Change Slack Notifications Service template settings' do
+      it 'Change Slack Notifications Service template settings', :js do
         first(:link, 'Service Templates').click
         click_link 'Slack notifications'
         fill_in 'Webhook', with: 'http://localhost'
         fill_in 'Username', with: 'test_user'
-        fill_in 'service_push_channel', with: '#test_channel'
+        fill_in 'service[push_channel]', with: '#test_channel'
         page.check('Notify only broken pipelines')
         page.select 'All branches', from: 'Branches to be notified'
 
@@ -231,10 +231,10 @@ describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_moc
         expect(page.all('input[type=checkbox]')).to all(be_checked)
         expect(find_field('Webhook').value).to eq 'http://localhost'
         expect(find_field('Username').value).to eq 'test_user'
-        expect(find('#service_push_channel').value).to eq '#test_channel'
+        expect(find('[name="service[push_channel]"]').value).to eq '#test_channel'
       end
 
-      it 'defaults Deployment events to false for chat notification template settings' do
+      it 'defaults Deployment events to false for chat notification template settings', :js do
         first(:link, 'Service Templates').click
         click_link 'Slack notifications'
 
@@ -302,16 +302,6 @@ describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_moc
         visit metrics_and_profiling_admin_application_settings_path
       end
 
-      it 'Change Influx settings' do
-        page.within('.as-influx') do
-          check 'Enable InfluxDB Metrics'
-          click_button 'Save changes'
-        end
-
-        expect(current_settings.metrics_enabled?).to be true
-        expect(page).to have_content "Application settings saved successfully"
-      end
-
       it 'Change Prometheus settings' do
         page.within('.as-prometheus') do
           check 'Enable Prometheus Metrics'
@@ -382,6 +372,18 @@ describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_moc
         expect(current_settings.allow_local_requests_from_system_hooks).to be false
         expect(current_settings.dns_rebinding_protection_enabled).to be false
       end
+
+      it 'Changes Issues rate limits settings' do
+        visit network_admin_application_settings_path
+
+        page.within('.as-issue-limits') do
+          fill_in 'Max requests per second per user', with: 0
+          click_button 'Save changes'
+        end
+
+        expect(page).to have_content "Application settings saved successfully"
+        expect(current_settings.issues_create_limit).to eq(0)
+      end
     end
 
     context 'Preferences page' do
@@ -498,13 +500,13 @@ describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_moc
   def check_all_events
     page.check('Push')
     page.check('Issue')
-    page.check('Confidential issue')
-    page.check('Merge request')
+    page.check('Confidential Issue')
+    page.check('Merge Request')
     page.check('Note')
-    page.check('Confidential note')
-    page.check('Tag push')
+    page.check('Confidential Note')
+    page.check('Tag Push')
     page.check('Pipeline')
-    page.check('Wiki page')
+    page.check('Wiki Page')
     page.check('Deployment')
   end
 
diff --git a/spec/features/admin/admin_users_impersonation_tokens_spec.rb b/spec/features/admin/admin_users_impersonation_tokens_spec.rb
index 27f2436108c..b9de858e3b9 100644
--- a/spec/features/admin/admin_users_impersonation_tokens_spec.rb
+++ b/spec/features/admin/admin_users_impersonation_tokens_spec.rb
@@ -70,7 +70,7 @@ describe 'Admin > Users > Impersonation Tokens', :js do
       accept_confirm { click_on "Revoke" }
 
       expect(page).to have_selector(".settings-message")
-      expect(no_personal_access_tokens_message).to have_text("This user has no active Impersonation Tokens.")
+      expect(no_personal_access_tokens_message).to have_text("This user has no active impersonation tokens.")
     end
 
     it "removes expired tokens from 'active' section" do
@@ -79,7 +79,7 @@ describe 'Admin > Users > Impersonation Tokens', :js do
       visit admin_user_impersonation_tokens_path(user_id: user.username)
 
       expect(page).to have_selector(".settings-message")
-      expect(no_personal_access_tokens_message).to have_text("This user has no active Impersonation Tokens.")
+      expect(no_personal_access_tokens_message).to have_text("This user has no active impersonation tokens.")
     end
   end
 end