Add latest changes from gitlab-org/gitlab@master

4 files changed, 149 insertions, 0 deletions

diff --git a/spec/requests/api/ml/mlflow/model_versions_spec.rb b/spec/requests/api/ml/mlflow/model_versions_spec.rb
new file mode 100644
index 00000000000..f59888ec70f
--- /dev/null
+++ b/spec/requests/api/ml/mlflow/model_versions_spec.rb
@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe API::Ml::Mlflow::ModelVersions, feature_category: :mlops do
+  let_it_be(:project) { create(:project) }
+  let_it_be(:developer) { create(:user).tap { |u| project.add_developer(u) } }
+  let_it_be(:another_project) { build(:project).tap { |p| p.add_developer(developer) } }
+
+  let_it_be(:name) { 'a-model-name' }
+  let_it_be(:version) { '0.0.1' }
+  let_it_be(:model) { create(:ml_models, project: project, name: name) }
+  let_it_be(:model_version) { create(:ml_model_versions, project: project, model: model, version: version) }
+
+  let_it_be(:tokens) do
+    {
+      write: create(:personal_access_token, scopes: %w[read_api api], user: developer),
+      read: create(:personal_access_token, scopes: %w[read_api], user: developer),
+      no_access: create(:personal_access_token, scopes: %w[read_user], user: developer),
+      different_user: create(:personal_access_token, scopes: %w[read_api api], user: build(:user))
+    }
+  end
+
+  let(:current_user) { developer }
+  let(:access_token) { tokens[:write] }
+  let(:headers) { { 'Authorization' => "Bearer #{access_token.token}" } }
+  let(:project_id) { project.id }
+  let(:default_params) { {} }
+  let(:params) { default_params }
+  let(:request) { get api(route), params: params, headers: headers }
+  let(:json_response) { Gitlab::Json.parse(api_response.body) }
+
+  subject(:api_response) do
+    request
+    response
+  end
+
+  describe 'GET /projects/:id/ml/mlflow/api/2.0/mlflow/model_versions/get' do
+    let(:route) do
+      "/projects/#{project_id}/ml/mlflow/api/2.0/mlflow/model_versions/get?name=#{name}&version=#{version}"
+    end
+
+    it 'returns the model version', :aggregate_failures do
+      is_expected.to have_gitlab_http_status(:ok)
+      expect(json_response['model_version']).not_to be_nil
+      expect(json_response['model_version']['name']).to eq(name)
+      expect(json_response['model_version']['version']).to eq(version)
+    end
+
+    describe 'Error States' do
+      context 'when has access' do
+        context 'and model name in incorrect' do
+          let(:route) do
+            "/projects/#{project_id}/ml/mlflow/api/2.0/mlflow/model_versions/get?name=--&version=#{version}"
+          end
+
+          it_behaves_like 'MLflow|Not Found - Resource Does Not Exist'
+        end
+
+        context 'and version in incorrect' do
+          let(:route) do
+            "/projects/#{project_id}/ml/mlflow/api/2.0/mlflow/model_versions/get?name=#{name}&version=--"
+          end
+
+          it_behaves_like 'MLflow|Not Found - Resource Does Not Exist'
+        end
+
+        context 'when user lacks read_model_registry rights' do
+          before do
+            allow(Ability).to receive(:allowed?).and_call_original
+            allow(Ability).to receive(:allowed?)
+                                .with(current_user, :read_model_registry, project)
+                                .and_return(false)
+          end
+
+          it "is Not Found" do
+            is_expected.to have_gitlab_http_status(:not_found)
+          end
+        end
+      end
+
+      it_behaves_like 'MLflow|shared model registry error cases'
+      it_behaves_like 'MLflow|Requires read_api scope'
+    end
+  end
+end
diff --git a/spec/requests/api/project_repository_storage_moves_spec.rb b/spec/requests/api/project_repository_storage_moves_spec.rb
index 96ed3042d00..7b5dc0d5ef8 100644
--- a/spec/requests/api/project_repository_storage_moves_spec.rb
+++ b/spec/requests/api/project_repository_storage_moves_spec.rb
@@ -8,5 +8,29 @@ RSpec.describe API::ProjectRepositoryStorageMoves, feature_category: :gitaly do
     let_it_be(:storage_move) { create(:project_repository_storage_move, :scheduled, container: container) }
     let(:repository_storage_move_factory) { :project_repository_storage_move }
     let(:bulk_worker_klass) { Projects::ScheduleBulkRepositoryShardMovesWorker }
+
+    context 'when project is hidden' do
+      let_it_be(:container) { create(:project, :hidden) }
+      let_it_be(:storage_move) { create(:project_repository_storage_move, :scheduled, container: container) }
+
+      it_behaves_like 'get single container repository storage move' do
+        let(:container_id) { container.id }
+        let(:url) { "/projects/#{container_id}/repository_storage_moves/#{repository_storage_move_id}" }
+      end
+
+      it_behaves_like 'post single container repository storage move'
+    end
+
+    context 'when project is pending delete' do
+      let_it_be(:container) { create(:project, pending_delete: true) }
+      let_it_be(:storage_move) { create(:project_repository_storage_move, :scheduled, container: container) }
+
+      it_behaves_like 'get single container repository storage move' do
+        let(:container_id) { container.id }
+        let(:url) { "/projects/#{container_id}/repository_storage_moves/#{repository_storage_move_id}" }
+      end
+
+      it_behaves_like 'post single container repository storage move'
+    end
   end
 end
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index ce90b9f1474..94ed527d9d8 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -286,6 +286,32 @@ RSpec.describe API::Projects, :aggregate_failures, feature_category: :groups_and
         expect(json_response.map { |p| p['id'] }).not_to include(project.id)
       end
 
+      context 'when user requests pending_delete projects' do
+        before do
+          project.update!(pending_delete: true)
+        end
+
+        let(:params) { { include_pending_delete: true } }
+
+        it 'does not return projects marked for deletion' do
+          get api(path, user), params: params
+
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(json_response).to be_an Array
+          expect(json_response.map { |p| p['id'] }).not_to include(project.id)
+        end
+
+        context 'when user is an admin' do
+          it 'returns projects marked for deletion' do
+            get api(path, admin, admin_mode: true), params: params
+
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(json_response).to be_an Array
+            expect(json_response.map { |p| p['id'] }).to include(project.id)
+          end
+        end
+      end
+
       it 'does not include open_issues_count if issues are disabled' do
         project.project_feature.update_attribute(:issues_access_level, ProjectFeature::DISABLED)
 
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index 1abb02cd9f0..ce8e7ae1b6f 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -227,6 +227,19 @@ RSpec.describe API::Users, :aggregate_failures, feature_category: :user_profile
           end
         end
 
+        context 'with search parameter' do
+          let_it_be(:first_user) { create(:user, username: 'a-user') }
+          let_it_be(:second_user) { create(:user, username: 'a-user2') }
+
+          it 'prioritizes username match' do
+            get api(path, user, admin_mode: true), params: { search: first_user.username }
+
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(json_response.first['username']).to eq('a-user')
+            expect(json_response.second['username']).to eq('a-user2')
+          end
+        end
+
         context 'N+1 queries' do
           before do
             create_list(:user, 2)