Add latest changes from gitlab-org/security/gitlab@14-9-stable-ee

1 files changed, 30 insertions, 0 deletions

diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index d4e82b5798f..6ee38048025 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -5713,6 +5713,36 @@ RSpec.describe User do
     end
   end
 
+  describe '#valid_password?' do
+    subject { user.valid_password?(password) }
+
+    context 'user with password not in disallowed list' do
+      let(:user) { create(:user) }
+      let(:password) { user.password }
+
+      it { is_expected.to be_truthy }
+
+      context 'using a wrong password' do
+        let(:password) { 'WRONG PASSWORD' }
+
+        it { is_expected.to be_falsey }
+      end
+    end
+
+    context 'user with disallowed password' do
+      let(:user) { create(:user, :disallowed_password) }
+      let(:password) { user.password }
+
+      it { is_expected.to be_falsey }
+
+      context 'using a wrong password' do
+        let(:password) { 'WRONG PASSWORD' }
+
+        it { is_expected.to be_falsey }
+      end
+    end
+  end
+
   describe '#password_expired?' do
     let(:user) { build(:user, password_expires_at: password_expires_at) }