diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-18 12:11:01 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-18 12:11:01 +0300 |
commit | 7bbc9509dc0567d2a2d8314e99179aaad33ba361 (patch) | |
tree | baa7501af6efe7a0f2f6e20f683e9da39fa96607 /spec/models | |
parent | f6d22c8ba7c3f900a3843b1336e2ade1d8d90c1f (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/models')
-rw-r--r-- | spec/models/hooks/web_hook_spec.rb | 10 | ||||
-rw-r--r-- | spec/models/user_detail_spec.rb | 135 | ||||
-rw-r--r-- | spec/models/user_spec.rb | 35 |
3 files changed, 180 insertions, 0 deletions
diff --git a/spec/models/hooks/web_hook_spec.rb b/spec/models/hooks/web_hook_spec.rb index 6419a9fc9d9..da8c10b67a6 100644 --- a/spec/models/hooks/web_hook_spec.rb +++ b/spec/models/hooks/web_hook_spec.rb @@ -139,6 +139,16 @@ RSpec.describe WebHook do it { is_expected.to contain_exactly(:token, :url, :url_variables) } end + describe '.web_hooks_disable_failed?' do + it 'returns true when feature is enabled for parent' do + second_hook = build(:project_hook, project: create(:project)) + stub_feature_flags(web_hooks_disable_failed: [false, second_hook.project]) + + expect(described_class.web_hooks_disable_failed?(hook)).to eq(false) + expect(described_class.web_hooks_disable_failed?(second_hook)).to eq(true) + end + end + describe 'execute' do let(:data) { { key: 'value' } } let(:hook_name) { 'project hook' } diff --git a/spec/models/user_detail_spec.rb b/spec/models/user_detail_spec.rb index 9189b9a1469..04964d36dcd 100644 --- a/spec/models/user_detail_spec.rb +++ b/spec/models/user_detail_spec.rb @@ -25,5 +25,140 @@ RSpec.describe UserDetail do describe '#bio' do it { is_expected.to validate_length_of(:bio).is_at_most(255) } end + + describe '#linkedin' do + it { is_expected.to validate_length_of(:linkedin).is_at_most(500) } + end + + describe '#twitter' do + it { is_expected.to validate_length_of(:twitter).is_at_most(500) } + end + + describe '#skype' do + it { is_expected.to validate_length_of(:skype).is_at_most(500) } + end + + describe '#location' do + it { is_expected.to validate_length_of(:location).is_at_most(500) } + end + + describe '#organization' do + it { is_expected.to validate_length_of(:organization).is_at_most(500) } + end + + describe '#website_url' do + it { is_expected.to validate_length_of(:website_url).is_at_most(500) } + end + end + + describe '.user_fields_changed?' do + let(:user) { create(:user) } + + context 'when user detail fields unchanged' do + it 'returns false' do + expect(described_class.user_fields_changed?(user)).to be false + end + + %i[linkedin location organization skype twitter website_url].each do |attr| + context "when #{attr} is changed" do + before do + user[attr] = 'new value' + end + + it 'returns true' do + expect(described_class.user_fields_changed?(user)).to be true + end + end + end + end + end + + describe '#sanitize_attrs' do + shared_examples 'sanitizes html' do |attr| + it 'sanitizes html tags' do + details = build_stubbed(:user_detail, attr => '<a href="//evil.com">https://example.com<a>') + expect { details.sanitize_attrs }.to change { details[attr] }.to('https://example.com') + end + + it 'sanitizes iframe scripts' do + details = build_stubbed(:user_detail, attr => '<iframe src=javascript:alert()><iframe>') + expect { details.sanitize_attrs }.to change { details[attr] }.to('') + end + + it 'sanitizes js scripts' do + details = build_stubbed(:user_detail, attr => '<script>alert("Test")</script>') + expect { details.sanitize_attrs }.to change { details[attr] }.to('') + end + end + + %i[linkedin skype twitter website_url].each do |attr| + it_behaves_like 'sanitizes html', attr + + it 'encodes HTML entities' do + details = build_stubbed(:user_detail, attr => 'test&attr') + expect { details.sanitize_attrs }.to change { details[attr] }.to('test&attr') + end + end + + %i[location organization].each do |attr| + it_behaves_like 'sanitizes html', attr + + it 'does not encode HTML entities' do + details = build_stubbed(:user_detail, attr => 'test&attr') + expect { details.sanitize_attrs }.not_to change { details[attr] } + end + end + + it 'sanitizes on validation' do + details = build(:user_detail) + + expect(details) + .to receive(:sanitize_attrs) + .at_least(:once) + .and_call_original + + details.save! + end + end + + describe '#assign_changed_fields_from_user' do + let(:user_detail) { build(:user_detail) } + + shared_examples 'syncs field with `user_details`' do |field| + it 'does not sync the field to `user_details` if unchanged' do + expect { user_detail.assign_changed_fields_from_user } + .to not_change { user_detail.public_send(field) } + end + + it 'syncs the field to `user_details` if changed' do + user_detail.user[field] = "new_value" + expect { user_detail.assign_changed_fields_from_user } + .to change { user_detail.public_send(field) } + .to("new_value") + end + + it 'truncates the field if too long' do + user_detail.user[field] = 'a' * (UserDetail::DEFAULT_FIELD_LENGTH + 1) + expect { user_detail.assign_changed_fields_from_user } + .to change { user_detail.public_send(field) } + .to('a' * UserDetail::DEFAULT_FIELD_LENGTH) + end + + it 'properly syncs nil field to `user_details' do + user_detail.user[field] = 'Test' + user_detail.user.save!(validate: false) + user_detail.user[field] = nil + expect { user_detail.assign_changed_fields_from_user } + .to change { user_detail.public_send(field) } + .to('') + end + end + + it_behaves_like 'syncs field with `user_details`', :linkedin + it_behaves_like 'syncs field with `user_details`', :location + it_behaves_like 'syncs field with `user_details`', :organization + it_behaves_like 'syncs field with `user_details`', :skype + it_behaves_like 'syncs field with `user_details`', :twitter + it_behaves_like 'syncs field with `user_details`', :website_url end end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index e6d4e9cc2f6..73ac4e7d3f2 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -5421,6 +5421,41 @@ RSpec.describe User do end end + describe '#ensure_user_detail_assigned' do + let(:user) { build(:user) } + + context 'when no user detail field has been changed' do + before do + allow(UserDetail) + .to receive(:user_fields_changed?) + .and_return(false) + end + + it 'does not assign user details before save' do + expect(user.user_detail) + .not_to receive(:assign_changed_fields_from_user) + + user.save! + end + end + + context 'when a user detail field has been changed' do + before do + allow(UserDetail) + .to receive(:user_fields_changed?) + .and_return(true) + end + + it 'assigns user details before save' do + expect(user.user_detail) + .to receive(:assign_changed_fields_from_user) + .and_call_original + + user.save! + end + end + end + describe '#username_changed_hook' do context 'for a new user' do let(:user) { build(:user) } |