Add latest changes from gitlab-org/gitlab@master

6 files changed, 323 insertions, 36 deletions

diff --git a/spec/requests/api/conan_packages_spec.rb b/spec/requests/api/conan_packages_spec.rb
index 5ad7fe5d579..6569ce91bb8 100644
--- a/spec/requests/api/conan_packages_spec.rb
+++ b/spec/requests/api/conan_packages_spec.rb
@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.describe API::ConanPackages do
diff --git a/spec/requests/api/generic_packages_spec.rb b/spec/requests/api/generic_packages_spec.rb
new file mode 100644
index 00000000000..e08637629cc
--- /dev/null
+++ b/spec/requests/api/generic_packages_spec.rb
@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe API::GenericPackages do
+  let_it_be(:personal_access_token) { create(:personal_access_token) }
+  let_it_be(:project) { create(:project) }
+
+  describe 'GET /api/v4/projects/:id/packages/generic/ping' do
+    let(:user) { personal_access_token.user }
+    let(:auth_token) { personal_access_token.token }
+
+    before do
+      project.add_developer(user)
+    end
+
+    context 'packages feature is disabled' do
+      it 'responds with 404 Not Found' do
+        stub_packages_setting(enabled: false)
+
+        ping(personal_access_token: auth_token)
+
+        expect(response).to have_gitlab_http_status(:not_found)
+      end
+    end
+
+    context 'generic_packages feature flag is disabled' do
+      it 'responds with 404 Not Found' do
+        stub_feature_flags(generic_packages: false)
+
+        ping(personal_access_token: auth_token)
+
+        expect(response).to have_gitlab_http_status(:not_found)
+      end
+    end
+
+    context 'generic_packages feature flag is enabled' do
+      before do
+        stub_feature_flags(generic_packages: true)
+      end
+
+      context 'authenticating using personal access token' do
+        it 'responds with 200 OK when valid personal access token is provided' do
+          ping(personal_access_token: auth_token)
+
+          expect(response).to have_gitlab_http_status(:ok)
+        end
+
+        it 'responds with 401 Unauthorized when invalid personal access token provided' do
+          ping(personal_access_token: 'invalid-token')
+
+          expect(response).to have_gitlab_http_status(:unauthorized)
+        end
+      end
+
+      context 'authenticating using job token' do
+        it 'responds with 200 OK when valid job token is provided' do
+          job_token = create(:ci_build, user: user).token
+
+          ping(job_token: job_token)
+
+          expect(response).to have_gitlab_http_status(:ok)
+        end
+
+        it 'responds with 401 Unauthorized when invalid job token provided' do
+          ping(job_token: 'invalid-token')
+
+          expect(response).to have_gitlab_http_status(:unauthorized)
+        end
+      end
+    end
+
+    def ping(personal_access_token: nil, job_token: nil)
+      headers = {
+        Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_HEADER => personal_access_token.presence,
+        Gitlab::Auth::AuthFinders::JOB_TOKEN_HEADER => job_token.presence
+      }.compact
+
+      get api('/projects/%d/packages/generic/ping' % project.id), headers: headers
+    end
+  end
+end
diff --git a/spec/requests/api/graphql/metrics/dashboard_query_spec.rb b/spec/requests/api/graphql/metrics/dashboard_query_spec.rb
index 456b0a5dea1..e01f59ee6a0 100644
--- a/spec/requests/api/graphql/metrics/dashboard_query_spec.rb
+++ b/spec/requests/api/graphql/metrics/dashboard_query_spec.rb
@@ -7,7 +7,7 @@ RSpec.describe 'Getting Metrics Dashboard' do
 
   let_it_be(:current_user) { create(:user) }
   let(:project) { create(:project) }
-  let!(:environment) { create(:environment, project: project) }
+  let(:environment) { create(:environment, project: project) }
 
   let(:query) do
     graphql_query_for(
@@ -25,73 +25,156 @@ RSpec.describe 'Getting Metrics Dashboard' do
     )
   end
 
-  context 'for anonymous user' do
+  context 'with metrics_dashboard_exhaustive_validations feature flag off' do
     before do
-      post_graphql(query, current_user: current_user)
+      stub_feature_flags(metrics_dashboard_exhaustive_validations: false)
     end
 
-    context 'requested dashboard is available' do
-      let(:path) { 'config/prometheus/common_metrics.yml' }
+    context 'for anonymous user' do
+      before do
+        post_graphql(query, current_user: current_user)
+      end
+
+      context 'requested dashboard is available' do
+        let(:path) { 'config/prometheus/common_metrics.yml' }
+
+        it_behaves_like 'a working graphql query'
+
+        it 'returns nil' do
+          dashboard = graphql_data.dig('project', 'environments', 'nodes')
+
+          expect(dashboard).to be_nil
+        end
+      end
+    end
+
+    context 'for user with developer access' do
+      before do
+        project.add_developer(current_user)
+        post_graphql(query, current_user: current_user)
+      end
+
+      context 'requested dashboard is available' do
+        let(:path) { 'config/prometheus/common_metrics.yml' }
+
+        it_behaves_like 'a working graphql query'
+
+        it 'returns metrics dashboard' do
+          dashboard = graphql_data.dig('project', 'environments', 'nodes', 0, 'metricsDashboard')
+
+          expect(dashboard).to eql("path" => path, "schemaValidationWarnings" => nil)
+        end
+
+        context 'invalid dashboard' do
+          let(:path) { '.gitlab/dashboards/metrics.yml' }
+          let(:project) { create(:project, :repository, :custom_repo, namespace: current_user.namespace, files: { path => "---\ndashboard: 'test'" }) }
+
+          it 'returns metrics dashboard' do
+            dashboard = graphql_data.dig('project', 'environments', 'nodes', 0, 'metricsDashboard')
+
+            expect(dashboard).to eql("path" => path, "schemaValidationWarnings" => ["panel_groups: should be an array of panel_groups objects"])
+          end
+        end
+
+        context 'empty dashboard' do
+          let(:path) { '.gitlab/dashboards/metrics.yml' }
+          let(:project) { create(:project, :repository, :custom_repo, namespace: current_user.namespace, files: { path => "" }) }
+
+          it 'returns metrics dashboard' do
+            dashboard = graphql_data.dig('project', 'environments', 'nodes', 0, 'metricsDashboard')
 
-      it_behaves_like 'a working graphql query'
+            expect(dashboard).to eql("path" => path, "schemaValidationWarnings" => ["dashboard: can't be blank", "panel_groups: should be an array of panel_groups objects"])
+          end
+        end
+      end
+
+      context 'requested dashboard can not be found' do
+        let(:path) { 'config/prometheus/i_am_not_here.yml' }
 
-      it 'returns nil' do
-        dashboard = graphql_data.dig('project', 'environments', 'nodes')
+        it_behaves_like 'a working graphql query'
 
-        expect(dashboard).to be_nil
+        it 'returns nil' do
+          dashboard = graphql_data.dig('project', 'environments', 'nodes', 0, 'metricsDashboard')
+
+          expect(dashboard).to be_nil
+        end
       end
     end
   end
 
-  context 'for user with developer access' do
+  context 'with metrics_dashboard_exhaustive_validations feature flag on' do
     before do
-      project.add_developer(current_user)
-      post_graphql(query, current_user: current_user)
+      stub_feature_flags(metrics_dashboard_exhaustive_validations: true)
     end
 
-    context 'requested dashboard is available' do
-      let(:path) { 'config/prometheus/common_metrics.yml' }
+    context 'for anonymous user' do
+      before do
+        post_graphql(query, current_user: current_user)
+      end
+
+      context 'requested dashboard is available' do
+        let(:path) { 'config/prometheus/common_metrics.yml' }
+
+        it_behaves_like 'a working graphql query'
 
-      it_behaves_like 'a working graphql query'
+        it 'returns nil' do
+          dashboard = graphql_data.dig('project', 'environments', 'nodes')
 
-      it 'returns metrics dashboard' do
-        dashboard = graphql_data.dig('project', 'environments', 'nodes')[0]['metricsDashboard']
+          expect(dashboard).to be_nil
+        end
+      end
+    end
 
-        expect(dashboard).to eql("path" => path, "schemaValidationWarnings" => nil)
+    context 'for user with developer access' do
+      before do
+        project.add_developer(current_user)
+        post_graphql(query, current_user: current_user)
       end
 
-      context 'invalid dashboard' do
-        let(:path) { '.gitlab/dashboards/metrics.yml' }
-        let(:project) { create(:project, :repository, :custom_repo, namespace: current_user.namespace, files: { path => "---\ndashboard: 'test'" }) }
+      context 'requested dashboard is available' do
+        let(:path) { 'config/prometheus/common_metrics.yml' }
+
+        it_behaves_like 'a working graphql query'
 
         it 'returns metrics dashboard' do
           dashboard = graphql_data.dig('project', 'environments', 'nodes', 0, 'metricsDashboard')
 
-          expect(dashboard).to eql("path" => path, "schemaValidationWarnings" => ["panel_groups: should be an array of panel_groups objects"])
+          expect(dashboard).to eql("path" => path, "schemaValidationWarnings" => nil)
         end
-      end
 
-      context 'empty dashboard' do
-        let(:path) { '.gitlab/dashboards/metrics.yml' }
-        let(:project) { create(:project, :repository, :custom_repo, namespace: current_user.namespace, files: { path => "" }) }
+        context 'invalid dashboard' do
+          let(:path) { '.gitlab/dashboards/metrics.yml' }
+          let(:project) { create(:project, :repository, :custom_repo, namespace: current_user.namespace, files: { path => "---\ndashboard: 'test'" }) }
 
-        it 'returns metrics dashboard' do
-          dashboard = graphql_data.dig('project', 'environments', 'nodes', 0, 'metricsDashboard')
+          it 'returns metrics dashboard' do
+            dashboard = graphql_data.dig('project', 'environments', 'nodes', 0, 'metricsDashboard')
 
-          expect(dashboard).to eql("path" => path, "schemaValidationWarnings" => ["dashboard: can't be blank", "panel_groups: should be an array of panel_groups objects"])
+            expect(dashboard).to eql("path" => path, "schemaValidationWarnings" => ["root is missing required keys: panel_groups"])
+          end
+        end
+
+        context 'empty dashboard' do
+          let(:path) { '.gitlab/dashboards/metrics.yml' }
+          let(:project) { create(:project, :repository, :custom_repo, namespace: current_user.namespace, files: { path => "" }) }
+
+          it 'returns metrics dashboard' do
+            dashboard = graphql_data.dig('project', 'environments', 'nodes', 0, 'metricsDashboard')
+
+            expect(dashboard).to eql("path" => path, "schemaValidationWarnings" => ["root is missing required keys: dashboard, panel_groups"])
+          end
         end
       end
-    end
 
-    context 'requested dashboard can not be found' do
-      let(:path) { 'config/prometheus/i_am_not_here.yml' }
+      context 'requested dashboard can not be found' do
+        let(:path) { 'config/prometheus/i_am_not_here.yml' }
 
-      it_behaves_like 'a working graphql query'
+        it_behaves_like 'a working graphql query'
 
-      it 'returns nil' do
-        dashboard = graphql_data.dig('project', 'environments', 'nodes')[0]['metricsDashboard']
+        it 'returns nil' do
+          dashboard = graphql_data.dig('project', 'environments', 'nodes', 0, 'metricsDashboard')
 
-        expect(dashboard).to be_nil
+          expect(dashboard).to be_nil
+        end
       end
     end
   end
diff --git a/spec/requests/api/graphql/mutations/ci/pipeline_cancel_spec.rb b/spec/requests/api/graphql/mutations/ci/pipeline_cancel_spec.rb
new file mode 100644
index 00000000000..5a4dc3ce187
--- /dev/null
+++ b/spec/requests/api/graphql/mutations/ci/pipeline_cancel_spec.rb
@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'PipelineCancel' do
+  include GraphqlHelpers
+
+  let_it_be(:user) { create(:user) }
+  let_it_be(:project) { create(:project) }
+  let_it_be(:pipeline) { create(:ci_pipeline, :running, project: project, user: user) }
+
+  let(:mutation) { graphql_mutation(:pipeline_cancel, {}, 'errors') }
+
+  let(:mutation_response) { graphql_mutation_response(:pipeline_cancel) }
+
+  before_all do
+    project.add_maintainer(user)
+  end
+
+  it 'reports the service-level error' do
+    service = double(execute: ServiceResponse.error(message: 'Error canceling pipeline'))
+    allow(::Ci::CancelUserPipelinesService).to receive(:new).and_return(service)
+
+    post_graphql_mutation(mutation, current_user: create(:user))
+
+    expect(mutation_response).to include('errors' => ['Error canceling pipeline'])
+  end
+
+  it 'does not change any pipelines not owned by the current user' do
+    build = create(:ci_build, :running, pipeline: pipeline)
+
+    post_graphql_mutation(mutation, current_user: create(:user))
+
+    expect(build).not_to be_canceled
+  end
+
+  it "cancels all of the current user's cancelable pipelines" do
+    build = create(:ci_build, :running, pipeline: pipeline)
+
+    post_graphql_mutation(mutation, current_user: user)
+
+    expect(response).to have_gitlab_http_status(:success)
+    expect(build.reload).to be_canceled
+  end
+end
diff --git a/spec/requests/api/graphql/mutations/ci/pipeline_destroy_spec.rb b/spec/requests/api/graphql/mutations/ci/pipeline_destroy_spec.rb
new file mode 100644
index 00000000000..08959d354e2
--- /dev/null
+++ b/spec/requests/api/graphql/mutations/ci/pipeline_destroy_spec.rb
@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'PipelineDestroy' do
+  include GraphqlHelpers
+
+  let_it_be(:project) { create(:project) }
+  let_it_be(:user) { project.owner }
+  let_it_be(:pipeline) { create(:ci_pipeline, :success, project: project, user: user) }
+
+  let(:mutation) do
+    variables = {
+      id: pipeline.to_global_id.to_s
+    }
+    graphql_mutation(:pipeline_destroy, variables, 'errors')
+  end
+
+  it 'returns an error if the user is not allowed to destroy the pipeline' do
+    post_graphql_mutation(mutation, current_user: create(:user))
+
+    expect(graphql_errors).not_to be_empty
+  end
+
+  it 'destroys a pipeline' do
+    post_graphql_mutation(mutation, current_user: user)
+
+    expect(response).to have_gitlab_http_status(:success)
+    expect { pipeline.reload }.to raise_error(ActiveRecord::RecordNotFound)
+  end
+end
diff --git a/spec/requests/api/graphql/mutations/ci/pipeline_retry_spec.rb b/spec/requests/api/graphql/mutations/ci/pipeline_retry_spec.rb
new file mode 100644
index 00000000000..f6acf29c321
--- /dev/null
+++ b/spec/requests/api/graphql/mutations/ci/pipeline_retry_spec.rb
@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'PipelineRetry' do
+  include GraphqlHelpers
+
+  let_it_be(:user) { create(:user) }
+  let_it_be(:project) { create(:project) }
+  let_it_be(:pipeline) { create(:ci_pipeline, project: project, user: user) }
+
+  let(:mutation) do
+    variables = {
+      id: pipeline.to_global_id.to_s
+    }
+    graphql_mutation(:pipeline_retry, variables,
+                     <<-QL
+                       errors
+                       pipeline {
+                         id
+                       }
+                     QL
+    )
+  end
+
+  let(:mutation_response) { graphql_mutation_response(:pipeline_retry) }
+
+  before_all do
+    project.add_maintainer(user)
+  end
+
+  it 'returns an error if the user is not allowed to retry the pipeline' do
+    post_graphql_mutation(mutation, current_user: create(:user))
+
+    expect(graphql_errors).not_to be_empty
+  end
+
+  it 'retries a pipeline' do
+    pipeline_id = ::Gitlab::GlobalId.build(pipeline, id: pipeline.id).to_s
+    post_graphql_mutation(mutation, current_user: user)
+
+    expect(response).to have_gitlab_http_status(:success)
+    expect(mutation_response['pipeline']['id']).to eq(pipeline_id)
+  end
+end