diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-08-18 13:50:51 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-08-18 13:50:51 +0300 |
| commit | db384e6b19af03b4c3c82a5760d83a3fd79f7982 (patch) | |
| tree | 34beaef37df5f47ccbcf5729d7583aae093cffa0 /spec/requests/api/graphql | |
| parent | 54fd7b1bad233e3944434da91d257fa7f63c3996 (diff) | |
Add latest changes from gitlab-org/gitlab@16-3-stable-eev16.3.0-rc42
Diffstat (limited to 'spec/requests/api/graphql')
35 files changed, 1272 insertions, 192 deletions
diff --git a/spec/requests/api/graphql/abuse_report_labels_spec.rb b/spec/requests/api/graphql/abuse_report_labels_spec.rb new file mode 100644 index 00000000000..bae8a7937fa --- /dev/null +++ b/spec/requests/api/graphql/abuse_report_labels_spec.rb @@ -0,0 +1,58 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'abuse_report_labels', feature_category: :insider_threat do + include GraphqlHelpers + + let_it_be(:current_user) { create(:admin) } + let_it_be(:project_label) { create(:label) } + let_it_be(:label_one) { create(:abuse_report_label, title: 'Uno') } + let_it_be(:label_two) { create(:abuse_report_label, title: 'Dos') } + + let(:fields) do + <<~GRAPHQL + nodes { + id + title + description + color + textColor + } + GRAPHQL + end + + let(:arguments) { { searchTerm: '' } } + let(:query) { graphql_query_for('abuseReportLabels', arguments, fields) } + + before do + post_graphql(query, current_user: current_user) + end + + it_behaves_like 'a working graphql query that returns data' + + it 'returns abuse report labels sorted by title in ascending order' do + expect(graphql_data_at('abuseReportLabels', 'nodes').size).to eq 2 + expect(graphql_data_at('abuseReportLabels', 'nodes', 0)).to match(a_graphql_entity_for(label_two)) + expect(graphql_data_at('abuseReportLabels', 'nodes', 1)).to match(a_graphql_entity_for(label_one)) + end + + context 'when current user is not an admin' do + let_it_be(:current_user) { create(:user) } + + it_behaves_like 'a working graphql query' + + it 'does not contain any data' do + expect(graphql_data_at('abuseReportLabels', 'nodes')).to be_empty + end + end + + context 'with a search term param' do + let(:arguments) { { searchTerm: 'uno' } } + + it 'returns only matching abuse report labels' do + expect(graphql_data_at('abuseReportLabels', 'nodes').size).to eq 1 + expect(graphql_data_at('abuseReportLabels', 'nodes', 0)).to match(a_graphql_entity_for(label_one)) + end + end +end diff --git a/spec/requests/api/graphql/abuse_report_spec.rb b/spec/requests/api/graphql/abuse_report_spec.rb new file mode 100644 index 00000000000..7d0b8b35763 --- /dev/null +++ b/spec/requests/api/graphql/abuse_report_spec.rb @@ -0,0 +1,50 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'abuse_report', feature_category: :insider_threat do + include GraphqlHelpers + + let_it_be(:current_user) { create(:admin) } + let_it_be(:label) { create(:abuse_report_label, title: 'Uno') } + let_it_be(:report) { create(:abuse_report, labels: [label]) } + + let(:report_gid) { Gitlab::GlobalId.build(report, id: report.id).to_s } + + let(:fields) do + <<~GRAPHQL + labels { + nodes { + id + title + description + color + textColor + } + } + GRAPHQL + end + + let(:arguments) { { id: report_gid } } + let(:query) { graphql_query_for('abuseReport', arguments, fields) } + + before do + post_graphql(query, current_user: current_user) + end + + it_behaves_like 'a working graphql query that returns data' + + it 'returns abuse report with labels' do + expect(graphql_data_at('abuseReport', 'labels', 'nodes', 0)).to match(a_graphql_entity_for(label)) + end + + context 'when current user is not an admin' do + let_it_be(:current_user) { create(:user) } + + it_behaves_like 'a working graphql query' + + it 'does not contain any data' do + expect(graphql_data_at('abuseReportLabel')).to be_nil + end + end +end diff --git a/spec/requests/api/graphql/achievements/user_achievements_query_spec.rb b/spec/requests/api/graphql/achievements/user_achievements_query_spec.rb index 080f375245d..fa47cf4988a 100644 --- a/spec/requests/api/graphql/achievements/user_achievements_query_spec.rb +++ b/spec/requests/api/graphql/achievements/user_achievements_query_spec.rb @@ -14,8 +14,10 @@ RSpec.describe 'UserAchievements', feature_category: :user_profile do <<~HEREDOC id achievements { + count nodes { userAchievements { + count nodes { id achievement { @@ -58,6 +60,11 @@ RSpec.describe 'UserAchievements', feature_category: :user_profile do ) end + it 'returns the correct achievement and user_achievement counts' do + expect(graphql_data_at(:namespace, :achievements, :count)).to be(1) + expect(graphql_data_at(:namespace, :achievements, :nodes, :userAchievements, :count)).to contain_exactly(1) + end + it 'can lookahead to eliminate N+1 queries', :use_clean_rails_memory_store_caching do control_count = ActiveRecord::QueryRecorder.new(skip_cached: false) do post_graphql(query, current_user: user) diff --git a/spec/requests/api/graphql/ci/application_setting_spec.rb b/spec/requests/api/graphql/ci/application_setting_spec.rb index 42ab1786fee..a0c3bedd493 100644 --- a/spec/requests/api/graphql/ci/application_setting_spec.rb +++ b/spec/requests/api/graphql/ci/application_setting_spec.rb @@ -27,9 +27,7 @@ RSpec.describe 'getting Application Settings', feature_category: :continuous_int post_graphql(query, current_user: user) end - it_behaves_like 'a working graphql query' - - specify { expect(settings_data).to be nil } + it_behaves_like 'a working graphql query that returns no data' end context 'with admin permissions' do @@ -39,7 +37,7 @@ RSpec.describe 'getting Application Settings', feature_category: :continuous_int post_graphql(query, current_user: user) end - it_behaves_like 'a working graphql query' + it_behaves_like 'a working graphql query that returns data' it 'fetches the settings data' do # assert against hash to ensure no additional fields are exposed diff --git a/spec/requests/api/graphql/ci/group_environment_scopes_spec.rb b/spec/requests/api/graphql/ci/group_environment_scopes_spec.rb index 13a3a128979..d224fdbdc32 100644 --- a/spec/requests/api/graphql/ci/group_environment_scopes_spec.rb +++ b/spec/requests/api/graphql/ci/group_environment_scopes_spec.rb @@ -33,36 +33,55 @@ RSpec.describe 'Query.group(fullPath).environmentScopes', feature_category: :sec end before do - group.add_developer(user) expected_environment_scopes.each_with_index do |env, index| create(:ci_group_variable, group: group, key: "var#{index + 1}", environment_scope: env) end end - context 'when query has no parameters' do - let(:environment_scopes_params) { "" } + context 'when the user can administer the group' do + before do + group.add_owner(user) + end - it 'returns all avaiable environment scopes' do - post_graphql(query, current_user: user) + context 'when query has no parameters' do + let(:environment_scopes_params) { "" } - expect(graphql_data.dig('group', 'environmentScopes', 'nodes')).to eq( - expected_environment_scopes.map { |env_scope| { 'name' => env_scope } } - ) + it 'returns all avaiable environment scopes' do + post_graphql(query, current_user: user) + + expect(graphql_data.dig('group', 'environmentScopes', 'nodes')).to eq( + expected_environment_scopes.map { |env_scope| { 'name' => env_scope } } + ) + end + end + + context 'when query has search parameters' do + let(:environment_scopes_params) { "(search: \"group1\")" } + + it 'returns only environment scopes with group1 prefix' do + post_graphql(query, current_user: user) + + expect(graphql_data.dig('group', 'environmentScopes', 'nodes')).to eq( + [ + { 'name' => 'group1_environment1' }, + { 'name' => 'group1_environment2' } + ] + ) + end end end - context 'when query has search parameters' do - let(:environment_scopes_params) { "(search: \"group1\")" } + context 'when the user cannot administer the group' do + let(:environment_scopes_params) { "" } + + before do + group.add_developer(user) + end - it 'returns only environment scopes with group1 prefix' do + it 'returns nothing' do post_graphql(query, current_user: user) - expect(graphql_data.dig('group', 'environmentScopes', 'nodes')).to eq( - [ - { 'name' => 'group1_environment1' }, - { 'name' => 'group1_environment2' } - ] - ) + expect(graphql_data.dig('group', 'environmentScopes')).to be_nil end end end diff --git a/spec/requests/api/graphql/ci/runner_spec.rb b/spec/requests/api/graphql/ci/runner_spec.rb index 6acd705c982..3cfb98c57fd 100644 --- a/spec/requests/api/graphql/ci/runner_spec.rb +++ b/spec/requests/api/graphql/ci/runner_spec.rb @@ -109,9 +109,9 @@ RSpec.describe 'Query.runner(id)', feature_category: :runner_fleet do runner.maintainer_note.present? ? a_string_including('<strong>Test maintenance note</strong>') : '', job_count: runner.builds.count, jobs: a_hash_including( - "count" => runner.builds.count, - "nodes" => an_instance_of(Array), - "pageInfo" => anything + 'count' => runner.builds.count, + 'nodes' => an_instance_of(Array), + 'pageInfo' => anything ), project_count: nil, admin_url: "http://localhost/admin/runners/#{runner.id}", @@ -124,8 +124,21 @@ RSpec.describe 'Query.runner(id)', feature_category: :runner_fleet do 'assignRunner' => true }, managers: a_hash_including( - "count" => runner.runner_managers.count, - "nodes" => an_instance_of(Array), + 'count' => runner.runner_managers.count, + 'nodes' => runner.runner_managers.map do |runner_manager| + a_graphql_entity_for( + runner_manager, + system_id: runner_manager.system_xid, + version: runner_manager.version, + revision: runner_manager.revision, + ip_address: runner_manager.ip_address, + executor_name: runner_manager.executor_type&.dasherize, + architecture_name: runner_manager.architecture, + platform_name: runner_manager.platform, + status: runner_manager.status.to_s.upcase, + job_execution_status: runner_manager.builds.running.any? ? 'RUNNING' : 'IDLE' + ) + end, "pageInfo" => anything ) ) @@ -215,11 +228,19 @@ RSpec.describe 'Query.runner(id)', feature_category: :runner_fleet do end end - context 'with build running' do + context 'with build running', :freeze_time do + let!(:pipeline) { create(:ci_pipeline, project: project1) } + let!(:runner_manager) do + create(:ci_runner_machine, + runner: runner, ip_address: '127.0.0.1', version: '16.3', revision: 'a', architecture: 'arm', platform: 'osx', + contacted_at: 1.second.ago, executor_type: 'docker') + end + + let!(:runner) { create(:ci_runner) } + let!(:build) { create(:ci_build, :running, runner: runner, pipeline: pipeline) } + before do - project = create(:project, :repository) - pipeline = create(:ci_pipeline, project: project) - create(:ci_build, :running, runner: runner, pipeline: pipeline) + create(:ci_runner_machine_build, runner_manager: runner_manager, build: build) end it_behaves_like 'runner details fetch' diff --git a/spec/requests/api/graphql/ci/runners_spec.rb b/spec/requests/api/graphql/ci/runners_spec.rb index c8706ae9698..3f6d39435fd 100644 --- a/spec/requests/api/graphql/ci/runners_spec.rb +++ b/spec/requests/api/graphql/ci/runners_spec.rb @@ -34,67 +34,116 @@ RSpec.describe 'Query.runners', feature_category: :runner_fleet do QUERY end - let(:query) do - %( - query { - runners(type:#{runner_type},status:#{status}) { - #{fields} + context 'with filters' do + let(:query) do + %( + query { + runners(type: #{runner_type}, status: #{status}) { + #{fields} + } } - } - ) - end - - before do - allow_next_instance_of(::Gitlab::Ci::RunnerUpgradeCheck) do |instance| - allow(instance).to receive(:check_runner_upgrade_suggestion) + ) end - post_graphql(query, current_user: current_user) - end - - shared_examples 'a working graphql query returning expected runner' do - it_behaves_like 'a working graphql query' + before do + allow_next_instance_of(::Gitlab::Ci::RunnerUpgradeCheck) do |instance| + allow(instance).to receive(:check_runner_upgrade_suggestion) + end - it 'returns expected runner' do - expect(runners_graphql_data['nodes']).to contain_exactly(a_graphql_entity_for(expected_runner)) + post_graphql(query, current_user: current_user) end - it 'does not execute more queries per runner', :aggregate_failures do - # warm-up license cache and so on: - personal_access_token = create(:personal_access_token, user: current_user) - args = { current_user: current_user, token: { personal_access_token: personal_access_token } } - post_graphql(query, **args) - expect(graphql_data_at(:runners, :nodes)).not_to be_empty + shared_examples 'a working graphql query returning expected runner' do + it_behaves_like 'a working graphql query' + + it 'returns expected runner' do + expect(runners_graphql_data['nodes']).to contain_exactly(a_graphql_entity_for(expected_runner)) + end + + it 'does not execute more queries per runner', :aggregate_failures do + # warm-up license cache and so on: + personal_access_token = create(:personal_access_token, user: current_user) + args = { current_user: current_user, token: { personal_access_token: personal_access_token } } + post_graphql(query, **args) + expect(graphql_data_at(:runners, :nodes)).not_to be_empty - admin2 = create(:admin) - personal_access_token = create(:personal_access_token, user: admin2) - args = { current_user: admin2, token: { personal_access_token: personal_access_token } } - control = ActiveRecord::QueryRecorder.new { post_graphql(query, **args) } + admin2 = create(:admin) + personal_access_token = create(:personal_access_token, user: admin2) + args = { current_user: admin2, token: { personal_access_token: personal_access_token } } + control = ActiveRecord::QueryRecorder.new { post_graphql(query, **args) } - create(:ci_runner, :instance, version: '14.0.0', tag_list: %w[tag5 tag6], creator: admin2) - create(:ci_runner, :project, version: '14.0.1', projects: [project], tag_list: %w[tag3 tag8], - creator: current_user) + create(:ci_runner, :instance, version: '14.0.0', tag_list: %w[tag5 tag6], creator: admin2) + create(:ci_runner, :project, version: '14.0.1', projects: [project], tag_list: %w[tag3 tag8], + creator: current_user) - expect { post_graphql(query, **args) }.not_to exceed_query_limit(control) + expect { post_graphql(query, **args) }.not_to exceed_query_limit(control) + end end - end - context 'runner_type is INSTANCE_TYPE and status is ACTIVE' do - let(:runner_type) { 'INSTANCE_TYPE' } - let(:status) { 'ACTIVE' } + context 'runner_type is INSTANCE_TYPE and status is ACTIVE' do + let(:runner_type) { 'INSTANCE_TYPE' } + let(:status) { 'ACTIVE' } - let!(:expected_runner) { instance_runner } + let!(:expected_runner) { instance_runner } - it_behaves_like 'a working graphql query returning expected runner' - end + it_behaves_like 'a working graphql query returning expected runner' + end - context 'runner_type is PROJECT_TYPE and status is NEVER_CONTACTED' do - let(:runner_type) { 'PROJECT_TYPE' } - let(:status) { 'NEVER_CONTACTED' } + context 'runner_type is PROJECT_TYPE and status is NEVER_CONTACTED' do + let(:runner_type) { 'PROJECT_TYPE' } + let(:status) { 'NEVER_CONTACTED' } - let!(:expected_runner) { project_runner } + let!(:expected_runner) { project_runner } + + it_behaves_like 'a working graphql query returning expected runner' + end + end - it_behaves_like 'a working graphql query returning expected runner' + context 'without filters' do + context 'with managers requested for multiple runners' do + let(:fields) do + <<~QUERY + nodes { + managers { + nodes { + #{all_graphql_fields_for('CiRunnerManager', max_depth: 1)} + } + } + } + QUERY + end + + let(:query) do + %( + query { + runners { + #{fields} + } + } + ) + end + + it 'does not execute more queries per runner', :aggregate_failures do + # warm-up license cache and so on: + personal_access_token = create(:personal_access_token, user: current_user) + args = { current_user: current_user, token: { personal_access_token: personal_access_token } } + post_graphql(query, **args) + expect(graphql_data_at(:runners, :nodes)).not_to be_empty + + admin2 = create(:admin) + personal_access_token = create(:personal_access_token, user: admin2) + args = { current_user: admin2, token: { personal_access_token: personal_access_token } } + control = ActiveRecord::QueryRecorder.new { post_graphql(query, **args) } + + create(:ci_runner, :instance, :with_runner_manager, version: '14.0.0', tag_list: %w[tag5 tag6], + creator: admin2) + create(:ci_runner, :project, :with_runner_manager, version: '14.0.1', projects: [project], + tag_list: %w[tag3 tag8], + creator: current_user) + + expect { post_graphql(query, **args) }.not_to exceed_query_limit(control) + end + end end end diff --git a/spec/requests/api/graphql/current_user/todos_query_spec.rb b/spec/requests/api/graphql/current_user/todos_query_spec.rb index ee019a99f8d..790ae4b955e 100644 --- a/spec/requests/api/graphql/current_user/todos_query_spec.rb +++ b/spec/requests/api/graphql/current_user/todos_query_spec.rb @@ -40,7 +40,7 @@ RSpec.describe 'Query current user todos', feature_category: :source_code_manage post_graphql(query, current_user: current_user) end - it_behaves_like 'a working graphql query' + it_behaves_like 'a working graphql query that returns data' it 'contains the expected ids' do is_expected.to contain_exactly( diff --git a/spec/requests/api/graphql/current_user_query_spec.rb b/spec/requests/api/graphql/current_user_query_spec.rb index aceef77920d..b4e570bcaaa 100644 --- a/spec/requests/api/graphql/current_user_query_spec.rb +++ b/spec/requests/api/graphql/current_user_query_spec.rb @@ -25,7 +25,7 @@ RSpec.describe 'getting project information', feature_category: :system_access d context 'when there is a current_user' do let_it_be(:current_user) { create(:user) } - it_behaves_like 'a working graphql query' + it_behaves_like 'a working graphql query that returns data' it { is_expected.to include('name' => current_user.name, 'namespace' => { 'id' => current_user.namespace.to_global_id.to_s }) } end @@ -33,8 +33,6 @@ RSpec.describe 'getting project information', feature_category: :system_access d context 'when there is no current_user' do let(:current_user) { nil } - it_behaves_like 'a working graphql query' - - it { is_expected.to be_nil } + it_behaves_like 'a working graphql query that returns no data' end end diff --git a/spec/requests/api/graphql/environments/deployments_spec.rb b/spec/requests/api/graphql/environments/deployments_spec.rb index 0022a38d2d3..a4abf3f583a 100644 --- a/spec/requests/api/graphql/environments/deployments_spec.rb +++ b/spec/requests/api/graphql/environments/deployments_spec.rb @@ -314,14 +314,17 @@ RSpec.describe 'Environments Deployments query', feature_category: :continuous_d end def create_deployments - create_list(:deployment, 3, environment: environment, project: project).each do |deployment| - deployment.user = create(:user).tap { |u| project.add_developer(u) } - deployment.deployable = - create(:ci_build, project: project, environment: environment.name, deployment: deployment, - user: deployment.user) + deployments = create_list(:deployment, 2, environment: environment, project: project) + set_deployment_attributes(deployments.first, :ci_build) + set_deployment_attributes(deployments.second, :ci_bridge) + deployments.each(&:save!) + end - deployment.save! - end + def set_deployment_attributes(deployment, factory_type) + deployment.user = create(:user).tap { |u| project.add_developer(u) } + deployment.deployable = + create(factory_type, project: project, environment: environment.name, deployment: deployment, + user: deployment.user) end end @@ -432,7 +435,7 @@ RSpec.describe 'Environments Deployments query', feature_category: :continuous_d deployments.each do |deployment| deployment_in_record = project.deployments.find_by_iid(deployment['iid']) - expect(deployment_in_record.build.to_global_id.to_s).to eq(deployment['job']['id']) + expect(deployment_in_record.job.to_global_id.to_s).to eq(deployment['job']['id']) end end end diff --git a/spec/requests/api/graphql/group/autocomplete_users_spec.rb b/spec/requests/api/graphql/group/autocomplete_users_spec.rb new file mode 100644 index 00000000000..708604885c9 --- /dev/null +++ b/spec/requests/api/graphql/group/autocomplete_users_spec.rb @@ -0,0 +1,48 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'autocomplete users for a group', feature_category: :team_planning do + include GraphqlHelpers + + let_it_be(:parent_group) { create(:group) } + let_it_be(:group) { create(:group, parent: parent_group) } + + let_it_be(:parent_group_member) { create(:user).tap { |u| parent_group.add_guest(u) } } + let_it_be(:group_member) { create(:user).tap { |u| group.add_guest(u) } } + + let_it_be(:other_group) { create(:group) } + let_it_be(:other_group_member) { create(:user).tap { |u| other_group.add_guest(u) } } + + let(:params) { {} } + let(:query) do + graphql_query_for( + 'group', + { 'fullPath' => group.full_path }, + query_graphql_field('autocompleteUsers', params, 'id') + ) + end + + let(:response_user_ids) { graphql_data.dig('group', 'autocompleteUsers').pluck('id') } + + it 'returns members of the group and its ancestors' do + post_graphql(query, current_user: group_member) + + expected_user_ids = [ + parent_group_member, + group_member + ].map { |u| u.to_global_id.to_s } + + expect(response_user_ids).to match_array(expected_user_ids) + end + + context 'with search param' do + let(:params) { { search: group_member.username } } + + it 'only returns users matching the search query' do + post_graphql(query, current_user: group_member) + + expect(response_user_ids).to contain_exactly(group_member.to_global_id.to_s) + end + end +end diff --git a/spec/requests/api/graphql/group/work_items_spec.rb b/spec/requests/api/graphql/group/work_items_spec.rb new file mode 100644 index 00000000000..f6dad577b5e --- /dev/null +++ b/spec/requests/api/graphql/group/work_items_spec.rb @@ -0,0 +1,106 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'getting a work_item list for a group', feature_category: :team_planning do + include GraphqlHelpers + + let_it_be(:group) { create(:group, :public) } + let_it_be(:sub_group) { create(:group, parent: group) } + let_it_be(:project) { create(:project, :repository, :public, group: group) } + let_it_be(:user) { create(:user) } + let_it_be(:reporter) { create(:user).tap { |user| group.add_reporter(user) } } + + let_it_be(:project_work_item) { create(:work_item, project: project) } + let_it_be(:sub_group_work_item) do + create( + :work_item, + namespace: sub_group, + author: reporter + ) + end + + let_it_be(:group_work_item) do + create( + :work_item, + namespace: group, + author: reporter + ) + end + + let_it_be(:confidential_work_item) do + create(:work_item, :confidential, namespace: group, author: reporter) + end + + let_it_be(:other_work_item) { create(:work_item) } + + let(:work_items_data) { graphql_data['group']['workItems']['nodes'] } + let(:work_item_filter_params) { {} } + let(:current_user) { user } + let(:query_group) { group } + + let(:fields) do + <<~QUERY + nodes { + #{all_graphql_fields_for('workItems'.classify, max_depth: 2)} + } + QUERY + end + + context 'when the user can not see confidential work_items' do + it_behaves_like 'a working graphql query' do + before do + post_graphql(query, current_user: current_user) + end + end + + it 'does not return confidential issues' do + post_graphql(query, current_user: current_user) + + expect(work_item_ids).to contain_exactly( + group_work_item.to_global_id.to_s + ) + end + end + + context 'when the user can see confidential work_items' do + let(:current_user) { reporter } + + it_behaves_like 'a working graphql query' do + before do + post_graphql(query, current_user: current_user) + end + end + + it 'returns also confidential work_items' do + post_graphql(query, current_user: current_user) + + expect(work_item_ids).to eq([ + confidential_work_item.to_global_id.to_s, group_work_item.to_global_id.to_s + ]) + end + + context 'when the namespace_level_work_items feature flag is disabled' do + before do + stub_feature_flags(namespace_level_work_items: false) + post_graphql(query, current_user: current_user) + end + + it 'returns null in the workItems field' do + expect(graphql_data['group']['workItems']).to be_nil + end + end + end + + def work_item_ids + graphql_dig_at(work_items_data, :id) + end + + def query(params = work_item_filter_params) + graphql_query_for( + 'group', + { 'fullPath' => query_group.full_path }, + query_graphql_field('workItems', params, fields) + ) + end +end diff --git a/spec/requests/api/graphql/mutations/award_emojis/add_spec.rb b/spec/requests/api/graphql/mutations/award_emojis/add_spec.rb index 18cc85d36e0..dbace8f2b53 100644 --- a/spec/requests/api/graphql/mutations/award_emojis/add_spec.rb +++ b/spec/requests/api/graphql/mutations/award_emojis/add_spec.rb @@ -57,7 +57,7 @@ RSpec.describe 'Adding an AwardEmoji', feature_category: :shared do it_behaves_like 'a mutation that does not create an AwardEmoji' it_behaves_like 'a mutation that returns top-level errors', - errors: ['You cannot award emoji to this resource.'] + errors: ['You cannot add emoji reactions to this resource.'] end context 'when the given awardable is an Awardable' do diff --git a/spec/requests/api/graphql/mutations/award_emojis/toggle_spec.rb b/spec/requests/api/graphql/mutations/award_emojis/toggle_spec.rb index 7c6a487cdd0..65a5fb87f9a 100644 --- a/spec/requests/api/graphql/mutations/award_emojis/toggle_spec.rb +++ b/spec/requests/api/graphql/mutations/award_emojis/toggle_spec.rb @@ -56,7 +56,7 @@ RSpec.describe 'Toggling an AwardEmoji', feature_category: :shared do it_behaves_like 'a mutation that does not create or destroy an AwardEmoji' it_behaves_like 'a mutation that returns top-level errors', - errors: ['You cannot award emoji to this resource.'] + errors: ['You cannot add emoji reactions to this resource.'] end context 'when the given awardable is an Awardable' do diff --git a/spec/requests/api/graphql/mutations/ci/pipeline_schedule/create_spec.rb b/spec/requests/api/graphql/mutations/ci/pipeline_schedule/create_spec.rb index 0d5e5f5d2fb..b2fe2754198 100644 --- a/spec/requests/api/graphql/mutations/ci/pipeline_schedule/create_spec.rb +++ b/spec/requests/api/graphql/mutations/ci/pipeline_schedule/create_spec.rb @@ -68,8 +68,7 @@ RSpec.describe 'PipelineSchedulecreate', feature_category: :continuous_integrati end end - # Move this from `shared_context` to `context` when `ci_refactoring_pipeline_schedule_create_service` is removed. - shared_context 'when authorized' do # rubocop:disable RSpec/ContextWording + context 'when authorized' do before_all do project.add_developer(user) end @@ -149,14 +148,4 @@ RSpec.describe 'PipelineSchedulecreate', feature_category: :continuous_integrati end end end - - it_behaves_like 'when authorized' - - context 'when the FF ci_refactoring_pipeline_schedule_create_service is disabled' do - before do - stub_feature_flags(ci_refactoring_pipeline_schedule_create_service: false) - end - - it_behaves_like 'when authorized' - end end diff --git a/spec/requests/api/graphql/mutations/ci/pipeline_trigger/create_spec.rb b/spec/requests/api/graphql/mutations/ci/pipeline_trigger/create_spec.rb new file mode 100644 index 00000000000..1af12d51e1e --- /dev/null +++ b/spec/requests/api/graphql/mutations/ci/pipeline_trigger/create_spec.rb @@ -0,0 +1,75 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'PipelineTriggerCreate', feature_category: :continuous_integration do + include GraphqlHelpers + + let_it_be(:user) { create(:user) } + let_it_be_with_reload(:project) { create(:project) } + + let(:mutation) { graphql_mutation(:pipeline_trigger_create, params) } + let(:project_path) { project.full_path } + let(:description) { 'Ye old pipeline trigger token' } + + let(:params) do + { + project_path: project_path, + description: description + } + end + + subject { post_graphql_mutation(mutation, current_user: user) } + + context 'when unauthorized' do + it 'returns an error' do + subject + + expect(graphql_errors).not_to be_empty + expect(graphql_errors[0]['message']) + .to eq( + "The resource that you are attempting to access does not exist " \ + "or you don't have permission to perform this action" + ) + end + end + + context 'when authorized' do + before_all do + project.add_owner(user) + end + + context 'when the params are invalid' do + let(:description) { nil } + + it 'does not create a pipeline trigger token and returns an error' do + expect { subject }.not_to change { project.triggers.count } + expect(response).to have_gitlab_http_status(:success) + expect(graphql_errors.to_s).to include('provided invalid value for description (Expected value to not be null)') + end + end + + context 'when the params are valid' do + it 'creates a pipeline trigger token' do + expect { subject }.to change { project.triggers.count }.by(1) + expect(graphql_errors.to_s).to eql("") + end + + it 'returns the new pipeline trigger token' do + subject + + expect(graphql_data_at(:pipeline_trigger_create, :pipeline_trigger)).to match a_hash_including( + 'owner' => a_hash_including( + 'id' => user.to_global_id.to_s, + 'username' => user.username, + 'name' => user.name + ), + 'description' => description, + "canAccessProject" => true, + "hasTokenExposed" => true, + "lastUsed" => nil + ) + end + end + end +end diff --git a/spec/requests/api/graphql/mutations/ci/pipeline_trigger/delete_spec.rb b/spec/requests/api/graphql/mutations/ci/pipeline_trigger/delete_spec.rb new file mode 100644 index 00000000000..5ff2da30cb6 --- /dev/null +++ b/spec/requests/api/graphql/mutations/ci/pipeline_trigger/delete_spec.rb @@ -0,0 +1,63 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'PipelineTriggerDelete', feature_category: :continuous_integration do + include GraphqlHelpers + + let_it_be(:current_user) { build(:user) } + let_it_be(:project) { build(:project) } + + let(:mutation) { graphql_mutation(:pipeline_trigger_delete, params) } + + let_it_be(:trigger) { create(:ci_trigger, owner: current_user, project: project) } + let(:id) { trigger.to_global_id.to_s } + + let(:params) do + { + id: id + } + end + + subject { post_graphql_mutation(mutation, current_user: current_user) } + + context 'when unauthorized' do + it_behaves_like 'a mutation on an unauthorized resource' + end + + context 'when authorized' do + before_all do + project.add_owner(current_user) + end + + context 'when the id is invalid' do + let(:id) { non_existing_record_id } + + it_behaves_like 'an invalid argument to the mutation', argument_name: :id + + it 'does not delete a pipeline trigger token' do + expect { subject }.not_to change { project.triggers.count } + expect(response).to have_gitlab_http_status(:success) + end + end + + context 'when the id is nil' do + let(:id) { nil } + + it_behaves_like 'an invalid argument to the mutation', argument_name: :id + + it 'does not delete a pipeline trigger token' do + expect { subject }.not_to change { project.triggers.count } + expect(response).to have_gitlab_http_status(:success) + end + end + + context 'when the params are valid' do + it_behaves_like 'a working GraphQL mutation' + + it 'deletes the pipeline trigger token' do + expect { subject }.to change { project.triggers.count }.by(-1) + end + end + end +end diff --git a/spec/requests/api/graphql/mutations/ci/pipeline_trigger/update_spec.rb b/spec/requests/api/graphql/mutations/ci/pipeline_trigger/update_spec.rb new file mode 100644 index 00000000000..ce6e20c088e --- /dev/null +++ b/spec/requests/api/graphql/mutations/ci/pipeline_trigger/update_spec.rb @@ -0,0 +1,71 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'PipelineTriggerUpdate', feature_category: :continuous_integration do + include GraphqlHelpers + + let_it_be(:current_user) { build(:user) } + let_it_be(:project) { build(:project) } + + let(:mutation) { graphql_mutation(:pipeline_trigger_update, params) } + let_it_be(:old_description) { "Boring old description." } + let(:new_description) { 'Awesome new description!' } + let_it_be(:trigger) { create(:ci_trigger, owner: current_user, project: project, description: old_description) } + + let(:params) do + { + id: trigger.to_global_id.to_s, + description: new_description + } + end + + subject { post_graphql_mutation(mutation, current_user: current_user) } + + context 'when unauthorized' do + it_behaves_like 'a mutation on an unauthorized resource' + end + + context 'when authorized' do + before_all do + project.add_owner(current_user) + end + + context 'when the params are invalid' do + let(:new_description) { nil } + + it_behaves_like 'an invalid argument to the mutation', argument_name: 'description' + + it 'does not update a pipeline trigger token' do + expect { subject }.not_to change { trigger } + expect(response).to have_gitlab_http_status(:success) + end + end + + context 'when the params are valid' do + it_behaves_like 'a working GraphQL mutation' + + it 'updates the pipeline trigger token' do + expect { subject }.to change { trigger.reload.description }.to(new_description) + + expect(graphql_errors).to be_blank + end + + it 'returns the updated trigger token' do + subject + + expect(graphql_data_at(:pipeline_trigger_update, :pipeline_trigger)).to match a_hash_including( + 'owner' => a_hash_including( + 'id' => current_user.to_global_id.to_s, + 'username' => current_user.username, + 'name' => current_user.name + ), + 'description' => new_description, + "canAccessProject" => true, + "hasTokenExposed" => true, + "lastUsed" => nil + ) + end + end + end +end diff --git a/spec/requests/api/graphql/mutations/issues/update_spec.rb b/spec/requests/api/graphql/mutations/issues/update_spec.rb index 97ead687a82..ff100d99628 100644 --- a/spec/requests/api/graphql/mutations/issues/update_spec.rb +++ b/spec/requests/api/graphql/mutations/issues/update_spec.rb @@ -147,5 +147,10 @@ RSpec.describe 'Update of an existing issue', feature_category: :team_planning d end end end + + it_behaves_like 'updating time estimate' do + let(:resource) { issue } + let(:mutation_name) { 'updateIssue' } + end end end diff --git a/spec/requests/api/graphql/mutations/merge_requests/set_time_estimate_spec.rb b/spec/requests/api/graphql/mutations/merge_requests/set_time_estimate_spec.rb new file mode 100644 index 00000000000..6bc130a97cf --- /dev/null +++ b/spec/requests/api/graphql/mutations/merge_requests/set_time_estimate_spec.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'Setting time estimate of a merge request', feature_category: :code_review_workflow do + include GraphqlHelpers + + let_it_be(:current_user) { create(:user) } + let_it_be(:project) { create(:project, :public) } + let_it_be(:merge_request) { create(:merge_request, source_project: project) } + + let(:input) do + { + iid: merge_request.iid.to_s + } + end + + let(:extra_params) { { project_path: project.full_path } } + let(:input_params) { input.merge(extra_params) } + let(:mutation) { graphql_mutation(:merge_request_update, input_params, nil, ['productAnalyticsState']) } + let(:mutation_response) { graphql_mutation_response(:merge_request_update) } + + context 'when the user is not allowed to update a merge request' do + before_all do + project.add_reporter(current_user) + end + + it_behaves_like 'a mutation that returns a top-level access error' + end + + context 'when updating a time estimate' do + before_all do + project.add_developer(current_user) + end + + it_behaves_like 'updating time estimate' do + let(:resource) { merge_request } + let(:mutation_name) { 'mergeRequestUpdate' } + end + end +end diff --git a/spec/requests/api/graphql/mutations/metrics/dashboard/annotations/create_spec.rb b/spec/requests/api/graphql/mutations/metrics/dashboard/annotations/create_spec.rb index d81744abe1b..0e55b6f2c9f 100644 --- a/spec/requests/api/graphql/mutations/metrics/dashboard/annotations/create_spec.rb +++ b/spec/requests/api/graphql/mutations/metrics/dashboard/annotations/create_spec.rb @@ -43,9 +43,6 @@ RSpec.describe Mutations::Metrics::Dashboard::Annotations::Create, feature_categ project.add_reporter(current_user) end - it_behaves_like 'a mutation that returns top-level errors', - errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR] - it 'does not create the annotation' do expect do post_graphql_mutation(mutation, current_user: current_user) @@ -58,25 +55,6 @@ RSpec.describe Mutations::Metrics::Dashboard::Annotations::Create, feature_categ project.add_developer(current_user) end - it 'creates the annotation' do - expect do - post_graphql_mutation(mutation, current_user: current_user) - end.to change { Metrics::Dashboard::Annotation.count }.by(1) - end - - it 'returns the created annotation' do - post_graphql_mutation(mutation, current_user: current_user) - - annotation = Metrics::Dashboard::Annotation.first - annotation_id = GitlabSchema.id_from_object(annotation).to_s - - expect(mutation_response['annotation']['description']).to match(description) - expect(mutation_response['annotation']['startingAt'].to_time).to match(starting_at.to_time) - expect(mutation_response['annotation']['endingAt'].to_time).to match(ending_at.to_time) - expect(mutation_response['annotation']['id']).to match(annotation_id) - expect(annotation.environment_id).to eq(environment.id) - end - context 'when environment_id is missing' do let(:mutation) do variables = { @@ -137,25 +115,6 @@ RSpec.describe Mutations::Metrics::Dashboard::Annotations::Create, feature_categ project.add_developer(current_user) end - it 'creates the annotation' do - expect do - post_graphql_mutation(mutation, current_user: current_user) - end.to change { Metrics::Dashboard::Annotation.count }.by(1) - end - - it 'returns the created annotation' do - post_graphql_mutation(mutation, current_user: current_user) - - annotation = Metrics::Dashboard::Annotation.first - annotation_id = GitlabSchema.id_from_object(annotation).to_s - - expect(mutation_response['annotation']['description']).to match(description) - expect(mutation_response['annotation']['startingAt'].to_time).to match(starting_at.to_time) - expect(mutation_response['annotation']['endingAt'].to_time).to match(ending_at.to_time) - expect(mutation_response['annotation']['id']).to match(annotation_id) - expect(annotation.cluster_id).to eq(cluster.id) - end - context 'when cluster_id is missing' do let(:mutation) do variables = { @@ -177,9 +136,6 @@ RSpec.describe Mutations::Metrics::Dashboard::Annotations::Create, feature_categ project.add_guest(current_user) end - it_behaves_like 'a mutation that returns top-level errors', - errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR] - it 'does not create the annotation' do expect do post_graphql_mutation(mutation, current_user: current_user) diff --git a/spec/requests/api/graphql/mutations/metrics/dashboard/annotations/delete_spec.rb b/spec/requests/api/graphql/mutations/metrics/dashboard/annotations/delete_spec.rb index 09977cd19d7..c81f6381398 100644 --- a/spec/requests/api/graphql/mutations/metrics/dashboard/annotations/delete_spec.rb +++ b/spec/requests/api/graphql/mutations/metrics/dashboard/annotations/delete_spec.rb @@ -7,8 +7,7 @@ RSpec.describe Mutations::Metrics::Dashboard::Annotations::Delete, feature_categ let_it_be(:current_user) { create(:user) } let_it_be(:project) { create(:project, :private, :repository) } - let_it_be(:environment) { create(:environment, project: project) } - let_it_be(:annotation) { create(:metrics_dashboard_annotation, environment: environment) } + let_it_be(:annotation) { create(:metrics_dashboard_annotation) } let(:variables) { { id: GitlabSchema.id_from_object(annotation).to_s } } let(:mutation) { graphql_mutation(:delete_annotation, variables) } @@ -28,14 +27,6 @@ RSpec.describe Mutations::Metrics::Dashboard::Annotations::Delete, feature_categ project.add_developer(current_user) end - context 'with valid params' do - it 'deletes the annotation' do - expect do - post_graphql_mutation(mutation, current_user: current_user) - end.to change { Metrics::Dashboard::Annotation.count }.by(-1) - end - end - context 'with invalid params' do let(:variables) { { id: GitlabSchema.id_from_object(project).to_s } } @@ -44,21 +35,6 @@ RSpec.describe Mutations::Metrics::Dashboard::Annotations::Delete, feature_categ end end - context 'when the delete fails' do - let(:service_response) { { message: 'Annotation has not been deleted', status: :error, last_step: :delete } } - - before do - allow_next_instance_of(Metrics::Dashboard::Annotations::DeleteService) do |delete_service| - allow(delete_service).to receive(:execute).and_return(service_response) - end - end - it 'returns the error' do - post_graphql_mutation(mutation, current_user: current_user) - - expect(mutation_response['errors']).to eq([service_response[:message]]) - end - end - context 'when metrics dashboard feature is unavailable' do before do stub_feature_flags(remove_monitor_metrics: true) diff --git a/spec/requests/api/graphql/mutations/namespace/package_settings/update_spec.rb b/spec/requests/api/graphql/mutations/namespace/package_settings/update_spec.rb index 2f26a2f92b2..480e184a60c 100644 --- a/spec/requests/api/graphql/mutations/namespace/package_settings/update_spec.rb +++ b/spec/requests/api/graphql/mutations/namespace/package_settings/update_spec.rb @@ -15,6 +15,8 @@ RSpec.describe 'Updating the package settings', feature_category: :package_regis maven_duplicate_exception_regex: 'foo-.*', generic_duplicates_allowed: false, generic_duplicate_exception_regex: 'bar-.*', + nuget_duplicates_allowed: false, + nuget_duplicate_exception_regex: 'bar-.*', maven_package_requests_forwarding: true, lock_maven_package_requests_forwarding: true, npm_package_requests_forwarding: true, @@ -32,6 +34,8 @@ RSpec.describe 'Updating the package settings', feature_category: :package_regis mavenDuplicateExceptionRegex genericDuplicatesAllowed genericDuplicateExceptionRegex + nugetDuplicatesAllowed + nugetDuplicateExceptionRegex mavenPackageRequestsForwarding lockMavenPackageRequestsForwarding npmPackageRequestsForwarding @@ -58,6 +62,8 @@ RSpec.describe 'Updating the package settings', feature_category: :package_regis expect(package_settings_response['mavenDuplicateExceptionRegex']).to eq(params[:maven_duplicate_exception_regex]) expect(package_settings_response['genericDuplicatesAllowed']).to eq(params[:generic_duplicates_allowed]) expect(package_settings_response['genericDuplicateExceptionRegex']).to eq(params[:generic_duplicate_exception_regex]) + expect(package_settings_response['nugetDuplicatesAllowed']).to eq(params[:nuget_duplicates_allowed]) + expect(package_settings_response['nugetDuplicateExceptionRegex']).to eq(params[:nuget_duplicate_exception_regex]) expect(package_settings_response['mavenPackageRequestsForwarding']).to eq(params[:maven_package_requests_forwarding]) expect(package_settings_response['lockMavenPackageRequestsForwarding']).to eq(params[:lock_maven_package_requests_forwarding]) expect(package_settings_response['pypiPackageRequestsForwarding']).to eq(params[:pypi_package_requests_forwarding]) @@ -98,6 +104,8 @@ RSpec.describe 'Updating the package settings', feature_category: :package_regis maven_duplicate_exception_regex: 'SNAPSHOT', generic_duplicates_allowed: true, generic_duplicate_exception_regex: 'foo', + nuget_duplicates_allowed: true, + nuget_duplicate_exception_regex: 'foo', maven_package_requests_forwarding: nil, lock_maven_package_requests_forwarding: false, npm_package_requests_forwarding: nil, @@ -109,6 +117,8 @@ RSpec.describe 'Updating the package settings', feature_category: :package_regis maven_duplicate_exception_regex: 'foo-.*', generic_duplicates_allowed: false, generic_duplicate_exception_regex: 'bar-.*', + nuget_duplicates_allowed: false, + nuget_duplicate_exception_regex: 'bar-.*', maven_package_requests_forwarding: true, lock_maven_package_requests_forwarding: true, npm_package_requests_forwarding: true, @@ -119,6 +129,26 @@ RSpec.describe 'Updating the package settings', feature_category: :package_regis it_behaves_like 'returning a success' it_behaves_like 'rejecting invalid regex' + + context 'when nuget_duplicates_option FF is disabled' do + let(:params) do + { + namespace_path: namespace.full_path, + 'nugetDuplicatesAllowed' => false + } + end + + before do + stub_feature_flags(nuget_duplicates_option: false) + end + + it 'raises an error', :aggregate_failures do + subject + + expect(graphql_errors.size).to eq(1) + expect(graphql_errors.first['message']).to include('feature flag is disabled') + end + end end RSpec.shared_examples 'accepting the mutation request creating the package settings' do diff --git a/spec/requests/api/graphql/mutations/snippets/update_spec.rb b/spec/requests/api/graphql/mutations/snippets/update_spec.rb index 7c5ab691b51..06594d89338 100644 --- a/spec/requests/api/graphql/mutations/snippets/update_spec.rb +++ b/spec/requests/api/graphql/mutations/snippets/update_spec.rb @@ -188,16 +188,10 @@ RSpec.describe 'Updating a Snippet', feature_category: :source_code_management d stub_session('warden.user.user.key' => [[current_user.id], current_user.authenticatable_salt]) end - it_behaves_like 'Snowplow event tracking with RedisHLL context' do + it_behaves_like 'internal event tracking' do + let(:action) { ::Gitlab::UsageDataCounters::EditorUniqueCounter::EDIT_BY_SNIPPET_EDITOR } let(:user) { current_user } - let(:property) { 'g_edit_by_snippet_ide' } let(:namespace) { project.namespace } - let(:category) { 'Gitlab::UsageDataCounters::EditorUniqueCounter' } - let(:action) { 'ide_edit' } - let(:label) { 'usage_activity_by_stage_monthly.create.action_monthly_active_users_ide_edit' } - let(:context) do - [Gitlab::Tracking::ServicePingContext.new(data_source: :redis_hll, event: event_name).to_context] - end end end end diff --git a/spec/requests/api/graphql/mutations/work_items/create_spec.rb b/spec/requests/api/graphql/mutations/work_items/create_spec.rb index fca3c84e534..78b93c3210b 100644 --- a/spec/requests/api/graphql/mutations/work_items/create_spec.rb +++ b/spec/requests/api/graphql/mutations/work_items/create_spec.rb @@ -140,7 +140,7 @@ RSpec.describe 'Create a work item', feature_category: :team_planning do } end - before(:all) do + before_all do create(:parent_link, work_item_parent: parent, work_item: adjacent, relative_position: 0) end @@ -264,6 +264,14 @@ RSpec.describe 'Create a work item', feature_category: :team_planning do let(:mutation) { graphql_mutation(:workItemCreate, input.merge('namespacePath' => project.full_path), fields) } it_behaves_like 'creates work item' + + context 'when the namespace_level_work_items feature flag is disabled' do + before do + stub_feature_flags(namespace_level_work_items: false) + end + + it_behaves_like 'creates work item' + end end end @@ -272,6 +280,16 @@ RSpec.describe 'Create a work item', feature_category: :team_planning do let(:mutation) { graphql_mutation(:workItemCreate, input.merge(namespacePath: group.full_path), fields) } it_behaves_like 'creates work item' + + context 'when the namespace_level_work_items feature flag is disabled' do + before do + stub_feature_flags(namespace_level_work_items: false) + end + + it_behaves_like 'a mutation that returns top-level errors', errors: [ + Mutations::WorkItems::Create::DISABLED_FF_ERROR + ] + end end context 'when both projectPath and namespacePath are passed' do diff --git a/spec/requests/api/graphql/mutations/work_items/linked_items/add_spec.rb b/spec/requests/api/graphql/mutations/work_items/linked_items/add_spec.rb new file mode 100644 index 00000000000..f18e0e44905 --- /dev/null +++ b/spec/requests/api/graphql/mutations/work_items/linked_items/add_spec.rb @@ -0,0 +1,131 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe "Add linked items to a work item", feature_category: :portfolio_management do + include GraphqlHelpers + + let_it_be(:project) { create(:project, :private) } + let_it_be(:reporter) { create(:user).tap { |user| project.add_reporter(user) } } + let_it_be(:work_item) { create(:work_item, project: project) } + let_it_be(:related1) { create(:work_item, project: project) } + let_it_be(:related2) { create(:work_item, project: project) } + + let(:mutation_response) { graphql_mutation_response(:work_item_add_linked_items) } + let(:mutation) { graphql_mutation(:workItemAddLinkedItems, input, fields) } + + let(:ids_to_link) { [related1.to_global_id.to_s, related2.to_global_id.to_s] } + let(:input) { { 'id' => work_item.to_global_id.to_s, 'workItemsIds' => ids_to_link } } + + let(:fields) do + <<~FIELDS + workItem { + id + widgets { + type + ... on WorkItemWidgetLinkedItems { + linkedItems { + edges { + node { + linkType + workItem { + id + } + } + } + } + } + } + } + errors + message + FIELDS + end + + context 'when the user is not allowed to read the work item' do + let(:current_user) { create(:user) } + + it_behaves_like 'a mutation that returns a top-level access error' + end + + context 'when user has permissions to read the work item' do + let(:current_user) { reporter } + + it 'links the work items' do + expect do + post_graphql_mutation(mutation, current_user: current_user) + end.to change { WorkItems::RelatedWorkItemLink.count }.by(2) + + expect(response).to have_gitlab_http_status(:success) + expect(mutation_response['workItem']).to include('id' => work_item.to_global_id.to_s) + expect(mutation_response['message']).to eq("Successfully linked ID(s): #{related1.id} and #{related2.id}.") + expect(mutation_response['workItem']['widgets']).to include( + { + 'linkedItems' => { 'edges' => match_array([ + { 'node' => { 'linkType' => 'relates_to', 'workItem' => { 'id' => related1.to_global_id.to_s } } }, + { 'node' => { 'linkType' => 'relates_to', 'workItem' => { 'id' => related2.to_global_id.to_s } } } + ]) }, + 'type' => 'LINKED_ITEMS' + } + ) + end + + context 'when linking a work item fails' do + let_it_be(:private_project) { create(:project, :private) } + let_it_be(:related2) { create(:work_item, project: private_project) } + + it 'adds valid items and returns an error message for failed item' do + expect do + post_graphql_mutation(mutation, current_user: current_user) + end.to change { WorkItems::RelatedWorkItemLink.count }.by(1) + + expect(mutation_response['errors']).to contain_exactly( + "Item with ID: #{related2.id} cannot be added. " \ + "You don't have permission to perform this action." + ) + end + + context 'when a work item does not exist' do + let(:input) do + { + 'id' => work_item.to_global_id.to_s, + 'workItemsIds' => ["gid://gitlab/WorkItem/#{non_existing_record_id}"] + } + end + + it 'returns an error message' do + expect do + post_graphql_mutation(mutation, current_user: current_user) + end.not_to change { WorkItems::RelatedWorkItemLink.count } + + expect_graphql_errors_to_include("Couldn't find WorkItem with 'id'=#{non_existing_record_id}") + end + end + + context 'when there are more than the max allowed items to link' do + let(:max_work_items) { Mutations::WorkItems::LinkedItems::Base::MAX_WORK_ITEMS } + let(:error_msg) { "No more than #{max_work_items} work items can be linked at the same time." } + + before do + max_work_items.times { |i| ids_to_link.push("gid://gitlab/WorkItem/#{i}") } + end + + it 'returns an error message' do + expect do + post_graphql_mutation(mutation, current_user: current_user) + end.not_to change { WorkItems::RelatedWorkItemLink.count } + + expect_graphql_errors_to_include("No more than #{max_work_items} work items can be linked at the same time.") + end + end + end + + context 'when `linked_work_items` feature flag is disabled' do + before do + stub_feature_flags(linked_work_items: false) + end + + it_behaves_like 'a mutation that returns a top-level access error' + end + end +end diff --git a/spec/requests/api/graphql/mutations/work_items/subscribe_spec.rb b/spec/requests/api/graphql/mutations/work_items/subscribe_spec.rb new file mode 100644 index 00000000000..00672332082 --- /dev/null +++ b/spec/requests/api/graphql/mutations/work_items/subscribe_spec.rb @@ -0,0 +1,73 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'Subscribe to a work item', feature_category: :team_planning do + include GraphqlHelpers + + let_it_be(:project) { create(:project, :private) } + let_it_be(:guest) { create(:user).tap { |user| project.add_guest(user) } } + let_it_be(:work_item) { create(:work_item, project: project) } + + let(:subscribed_state) { true } + let(:mutation_input) { { 'id' => work_item.to_global_id.to_s, 'subscribed' => subscribed_state } } + let(:mutation) { graphql_mutation(:workItemSubscribe, mutation_input, fields) } + let(:mutation_response) { graphql_mutation_response(:work_item_subscribe) } + let(:fields) do + <<~FIELDS + workItem { + widgets { + type + ... on WorkItemWidgetNotifications { + subscribed + } + } + } + errors + FIELDS + end + + context 'when user is not allowed to update subscription work items' do + let(:current_user) { create(:user) } + + it_behaves_like 'a mutation that returns a top-level access error' + end + + context + + context 'when user has permissions to update its subscription to the work items' do + let(:current_user) { guest } + + it "subscribe the user to the work item's notifications" do + expect do + post_graphql_mutation(mutation, current_user: current_user) + end.to change { work_item.subscribed?(current_user, project) }.to(true) + + expect(response).to have_gitlab_http_status(:success) + expect(mutation_response['workItem']['widgets']).to include({ + 'type' => 'NOTIFICATIONS', + 'subscribed' => true + }) + end + + context 'when unsunscribing' do + let(:subscribed_state) { false } + + before do + create(:subscription, project: project, user: current_user, subscribable: work_item, subscribed: true) + end + + it "unsubscribe the user from the work item's notifications" do + expect do + post_graphql_mutation(mutation, current_user: current_user) + end.to change { work_item.subscribed?(current_user, project) }.to(false) + + expect(response).to have_gitlab_http_status(:success) + expect(mutation_response['workItem']['widgets']).to include({ + 'type' => 'NOTIFICATIONS', + 'subscribed' => false + }) + end + end + end +end diff --git a/spec/requests/api/graphql/mutations/work_items/update_spec.rb b/spec/requests/api/graphql/mutations/work_items/update_spec.rb index ea9516f256c..cff21c10a5a 100644 --- a/spec/requests/api/graphql/mutations/work_items/update_spec.rb +++ b/spec/requests/api/graphql/mutations/work_items/update_spec.rb @@ -573,7 +573,7 @@ RSpec.describe 'Update a work item', feature_category: :team_planning do end context 'when updating relative position' do - before(:all) do + before_all do create(:parent_link, work_item_parent: valid_parent, work_item: valid_child1) create(:parent_link, work_item_parent: valid_parent, work_item: valid_child2) end @@ -655,7 +655,7 @@ RSpec.describe 'Update a work item', feature_category: :team_planning do let_it_be(:work_item, reload: true) { create(:work_item, :task, project: project) } context "when parent is already assigned" do - before(:all) do + before_all do create(:parent_link, work_item_parent: valid_parent, work_item: work_item) create(:parent_link, work_item_parent: valid_parent, work_item: valid_child1) create(:parent_link, work_item_parent: valid_parent, work_item: valid_child2) diff --git a/spec/requests/api/graphql/project/alert_management/alerts_spec.rb b/spec/requests/api/graphql/project/alert_management/alerts_spec.rb index 7f586edd510..55d223daf27 100644 --- a/spec/requests/api/graphql/project/alert_management/alerts_spec.rb +++ b/spec/requests/api/graphql/project/alert_management/alerts_spec.rb @@ -74,6 +74,7 @@ RSpec.describe 'getting Alert Management Alerts', feature_category: :incident_ma 'details' => { 'custom.alert' => 'payload', 'runbook' => 'runbook' }, 'createdAt' => triggered_alert.created_at.strftime('%Y-%m-%dT%H:%M:%SZ'), 'updatedAt' => triggered_alert.updated_at.strftime('%Y-%m-%dT%H:%M:%SZ'), + 'metricsDashboardUrl' => nil, 'detailsUrl' => triggered_alert.details_url, 'prometheusAlert' => nil, 'runbook' => 'runbook' diff --git a/spec/requests/api/graphql/project/autocomplete_users_spec.rb b/spec/requests/api/graphql/project/autocomplete_users_spec.rb new file mode 100644 index 00000000000..7c416465ed4 --- /dev/null +++ b/spec/requests/api/graphql/project/autocomplete_users_spec.rb @@ -0,0 +1,99 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'autocomplete users for a project', feature_category: :team_planning do + include GraphqlHelpers + + let_it_be(:group) { create(:group) } + let_it_be(:project) { create(:project, :repository, :public, group: group) } + + let_it_be(:direct_member) { create(:user).tap { |u| project.add_guest(u) } } + let_it_be(:indirect_member) { create(:user).tap { |u| group.add_guest(u) } } + + let_it_be(:group_invited_to_project) do + create(:group).tap { |g| create(:project_group_link, project: project, group: g) } + end + + let_it_be(:member_from_project_share) { create(:user).tap { |u| group_invited_to_project.add_guest(u) } } + + let_it_be(:group_invited_to_parent_group) do + create(:group).tap { |g| create(:group_group_link, shared_group: group, shared_with_group: g) } + end + + let_it_be(:member_from_parent_group_share) { create(:user).tap { |u| group_invited_to_parent_group.add_guest(u) } } + + let_it_be(:sibling_project) { create(:project, :repository, :public, group: group) } + let_it_be(:sibling_member) { create(:user).tap { |u| sibling_project.add_guest(u) } } + + let(:params) { {} } + let(:query) do + graphql_query_for( + 'project', + { 'fullPath' => project.full_path }, + query_graphql_field('autocompleteUsers', params, 'id') + ) + end + + let(:response_user_ids) { graphql_data.dig('project', 'autocompleteUsers').pluck('id') } + + it 'returns members of the project' do + post_graphql(query, current_user: direct_member) + + expected_user_ids = [ + direct_member, + indirect_member, + member_from_project_share, + member_from_parent_group_share + ].map { |u| u.to_global_id.to_s } + + expect(response_user_ids).to match_array(expected_user_ids) + end + + context 'with search param' do + let(:params) { { search: indirect_member.username } } + + it 'only returns users matching the search query' do + post_graphql(query, current_user: direct_member) + + expect(response_user_ids).to contain_exactly(indirect_member.to_global_id.to_s) + end + end + + context 'with merge request interaction' do + let(:merge_request) { create(:merge_request, source_project: project) } + let(:fields) do + <<~FIELDS + id + mergeRequestInteraction(id: "#{merge_request.to_global_id}") { + canMerge + } + FIELDS + end + + let(:query) do + graphql_query_for( + 'project', + { 'fullPath' => project.full_path }, + query_graphql_field('autocompleteUsers', params, fields) + ) + end + + it 'returns MR state related to the users' do + project.add_maintainer(direct_member) + + post_graphql(query, current_user: direct_member) + + expect(graphql_data.dig('project', 'autocompleteUsers')).to include( + a_hash_including( + 'id' => direct_member.to_global_id.to_s, + 'mergeRequestInteraction' => { 'canMerge' => true } + ), + a_hash_including( + 'id' => indirect_member.to_global_id.to_s, + 'mergeRequestInteraction' => { 'canMerge' => false } + ) + ) + end + end +end diff --git a/spec/requests/api/graphql/project/merge_requests_spec.rb b/spec/requests/api/graphql/project/merge_requests_spec.rb index e3c4396e7d8..05ed0ed8729 100644 --- a/spec/requests/api/graphql/project/merge_requests_spec.rb +++ b/spec/requests/api/graphql/project/merge_requests_spec.rb @@ -396,6 +396,28 @@ RSpec.describe 'getting merge request listings nested in a project', feature_cat include_examples 'N+1 query check', skip_cached: false end + + context 'when requesting diffStats' do + let(:requested_fields) { ['diffStats { path }'] } + + before do + create_list(:merge_request_diff, 2, merge_request: merge_request_a) + create_list(:merge_request_diff, 2, merge_request: merge_request_b) + create_list(:merge_request_diff, 2, merge_request: merge_request_c) + end + + include_examples 'N+1 query check', skip_cached: false + + context 'when each merge request diff has no head_commit_sha' do + before do + [merge_request_a, merge_request_b, merge_request_c].each do |mr| + mr.merge_request_diffs.update!(head_commit_sha: nil) + end + end + + include_examples 'N+1 query check', skip_cached: false + end + end end describe 'performance' do diff --git a/spec/requests/api/graphql/project/work_items_spec.rb b/spec/requests/api/graphql/project/work_items_spec.rb index 478112b687a..4aba83dae92 100644 --- a/spec/requests/api/graphql/project/work_items_spec.rb +++ b/spec/requests/api/graphql/project/work_items_spec.rb @@ -361,6 +361,59 @@ RSpec.describe 'getting a work item list for a project', feature_category: :team end end + context 'when fetching work item linked items widget' do + let_it_be(:related_items) { create_list(:work_item, 3, project: project, milestone: milestone1) } + + let(:fields) do + <<~GRAPHQL + nodes { + widgets { + type + ... on WorkItemWidgetLinkedItems { + linkedItems { + nodes { + linkId + linkType + linkCreatedAt + linkUpdatedAt + workItem { + id + widgets { + ... on WorkItemWidgetMilestone { + milestone { + id + } + } + } + } + } + } + } + } + } + GRAPHQL + end + + before do + create(:work_item_link, source: item1, target: related_items[0], link_type: 'relates_to') + end + + it 'executes limited number of N+1 queries', :use_sql_query_cache do + control = ActiveRecord::QueryRecorder.new(skip_cached: false) do + post_graphql(query, current_user: current_user) + end + + create(:work_item_link, source: item1, target: related_items[1], link_type: 'relates_to') + create(:work_item_link, source: item1, target: related_items[2], link_type: 'relates_to') + + expect_graphql_errors_to_be_empty + # TODO: Fix N+1 queries executed for the linked work item widgets + # https://gitlab.com/gitlab-org/gitlab/-/issues/420605 + expect { post_graphql(query, current_user: current_user) } + .not_to exceed_all_query_limit(control).with_threshold(11) + end + end + def item_ids graphql_dig_at(items_data, :node, :id) end diff --git a/spec/requests/api/graphql/project_query_spec.rb b/spec/requests/api/graphql/project_query_spec.rb index 54f141d9401..783e96861b1 100644 --- a/spec/requests/api/graphql/project_query_spec.rb +++ b/spec/requests/api/graphql/project_query_spec.rb @@ -8,6 +8,7 @@ RSpec.describe 'getting project information', feature_category: :groups_and_proj let_it_be(:group) { create(:group) } let_it_be(:project, reload: true) { create(:project, :repository, group: group) } let_it_be(:current_user) { create(:user) } + let_it_be(:other_user) { create(:user) } let(:project_fields) { all_graphql_fields_for('project'.to_s.classify, max_depth: 1) } @@ -23,7 +24,60 @@ RSpec.describe 'getting project information', feature_category: :groups_and_proj it 'includes the project', :use_clean_rails_memory_store_caching, :request_store do post_graphql(query, current_user: current_user) - expect(graphql_data['project']).not_to be_nil + expect(graphql_data['project']).to include('id' => global_id_of(project).to_s) + end + + context 'when querying for pipeline triggers' do + let(:project_fields) { query_nodes(:pipeline_triggers) } + let(:pipeline_trigger) { project.triggers.first } + + before do + create(:ci_trigger, project: project, owner: current_user) + end + + it 'fetches the pipeline trigger tokens' do + post_graphql(query, current_user: current_user) + + expect(graphql_data_at(:project, :pipeline_triggers, :nodes).first).to match({ + 'id' => pipeline_trigger.to_global_id.to_s, + 'canAccessProject' => true, + 'description' => pipeline_trigger.description, + 'hasTokenExposed' => true, + 'lastUsed' => nil, + 'token' => pipeline_trigger.token + }) + end + + it 'does not produce N+1 queries' do + baseline = ActiveRecord::QueryRecorder.new { post_graphql(query, current_user: current_user) } + + build_list(:ci_trigger, 2, owner: current_user, project: project) + + expect { post_graphql(query, current_user: current_user) }.not_to exceed_query_limit(baseline) + end + + context 'when other project member is not authorized to see the full token' do + before do + project.add_maintainer(other_user) + post_graphql(query, current_user: other_user) + end + + it 'shows truncated token' do + expect(graphql_data_at(:project, :pipeline_triggers, + :nodes).first['token']).to eql pipeline_trigger.token[0, 4] + end + end + + context 'when user is not a member of a public project' do + before do + project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC) + post_graphql(query, current_user: other_user) + end + + it 'cannot read the token' do + expect(graphql_data_at(:project, :pipeline_triggers, :nodes)).to eql([]) + end + end end end @@ -35,10 +89,10 @@ RSpec.describe 'getting project information', feature_category: :groups_and_proj it 'includes the project' do post_graphql(query, current_user: current_user) - expect(graphql_data['project']).not_to be_nil + expect(graphql_data['project']).to include('id' => global_id_of(project).to_s) end - it_behaves_like 'a working graphql query' do + it_behaves_like 'a working graphql query that returns data' do before do post_graphql(query, current_user: current_user) end @@ -239,13 +293,7 @@ RSpec.describe 'getting project information', feature_category: :groups_and_proj end context 'when the user does not have access to the project' do - it 'returns an empty field' do - post_graphql(query, current_user: current_user) - - expect(graphql_data['project']).to be_nil - end - - it_behaves_like 'a working graphql query' do + it_behaves_like 'a working graphql query that returns no data' do before do post_graphql(query, current_user: current_user) end diff --git a/spec/requests/api/graphql/user/user_achievements_query_spec.rb b/spec/requests/api/graphql/user/user_achievements_query_spec.rb index 27d32d07372..2e6c3dcba61 100644 --- a/spec/requests/api/graphql/user/user_achievements_query_spec.rb +++ b/spec/requests/api/graphql/user/user_achievements_query_spec.rb @@ -13,6 +13,7 @@ RSpec.describe 'UserAchievements', feature_category: :user_profile do let_it_be(:fields) do <<~HEREDOC userAchievements { + count nodes { id achievement { @@ -54,6 +55,10 @@ RSpec.describe 'UserAchievements', feature_category: :user_profile do ) end + it 'returns the correct user_achievement count' do + expect(graphql_data_at(:user, :userAchievements, :count)).to be(1) + end + it 'can lookahead to eliminate N+1 queries', :use_clean_rails_memory_store_caching do control_count = ActiveRecord::QueryRecorder.new(skip_cached: false) do post_graphql(query, current_user: user) diff --git a/spec/requests/api/graphql/work_item_spec.rb b/spec/requests/api/graphql/work_item_spec.rb index 6702224f303..fa354bc1f66 100644 --- a/spec/requests/api/graphql/work_item_spec.rb +++ b/spec/requests/api/graphql/work_item_spec.rb @@ -539,6 +539,79 @@ RSpec.describe 'Query.work_item(id)', feature_category: :team_planning do ) end end + + describe 'linked items widget' do + let_it_be(:related_item1) { create(:work_item, project: project) } + let_it_be(:related_item2) { create(:work_item, project: project) } + let_it_be(:related_item3) { create(:work_item) } + let_it_be(:link1) { create(:work_item_link, source: work_item, target: related_item1, link_type: 'relates_to') } + let_it_be(:link2) { create(:work_item_link, source: work_item, target: related_item2, link_type: 'relates_to') } + let_it_be(:link3) { create(:work_item_link, source: work_item, target: related_item3, link_type: 'relates_to') } + + let(:work_item_fields) do + <<~GRAPHQL + id + widgets { + type + ... on WorkItemWidgetLinkedItems { + linkedItems { + nodes { + linkId + linkType + linkCreatedAt + linkUpdatedAt + workItem { + id + } + } + } + } + } + GRAPHQL + end + + it 'returns widget information' do + expect(work_item_data).to include( + 'widgets' => include( + hash_including( + 'type' => 'LINKED_ITEMS', + 'linkedItems' => { 'nodes' => match_array( + [ + hash_including( + 'linkId' => link1.to_gid.to_s, 'linkType' => 'relates_to', + 'linkCreatedAt' => link1.created_at.iso8601, 'linkUpdatedAt' => link1.updated_at.iso8601, + 'workItem' => { 'id' => related_item1.to_gid.to_s } + ), + hash_including( + 'linkId' => link2.to_gid.to_s, 'linkType' => 'relates_to', + 'linkCreatedAt' => link2.created_at.iso8601, 'linkUpdatedAt' => link2.updated_at.iso8601, + 'workItem' => { 'id' => related_item2.to_gid.to_s } + ) + ] + ) } + ) + ) + ) + end + + context 'when `linked_work_items` feature flag is disabled' do + before do + stub_feature_flags(linked_work_items: false) + post_graphql(query, current_user: current_user) + end + + it 'returns empty result' do + expect(work_item_data).to include( + 'widgets' => include( + hash_including( + 'type' => 'LINKED_ITEMS', + 'linkedItems' => { "nodes" => [] } + ) + ) + ) + end + end + end end describe 'notes widget' do |