Add latest changes from gitlab-org/gitlab@master

3 files changed, 72 insertions, 1 deletions

diff --git a/spec/services/notes/create_service_spec.rb b/spec/services/notes/create_service_spec.rb
index 5a5e8691a76..89114bf3fd0 100644
--- a/spec/services/notes/create_service_spec.rb
+++ b/spec/services/notes/create_service_spec.rb
@@ -30,6 +30,24 @@ RSpec.describe Notes::CreateService, feature_category: :team_planning do
         expect(note).to be_persisted
       end
 
+      it 'checks for spam' do
+        expect_next_instance_of(Note) do |instance|
+          expect(instance).to receive(:check_for_spam).with(action: :create, user: user)
+        end
+
+        note
+      end
+
+      it 'does not persist when spam' do
+        expect_next_instance_of(Note) do |instance|
+          expect(instance).to receive(:check_for_spam).with(action: :create, user: user) do
+            instance.spam!
+          end
+        end
+
+        expect(note).not_to be_persisted
+      end
+
       context 'with internal parameter' do
         context 'when confidential' do
           let(:opts) { base_opts.merge(internal: true) }
@@ -511,7 +529,7 @@ RSpec.describe Notes::CreateService, feature_category: :team_planning do
         end
       end
 
-      context 'when note only have commands' do
+      context 'when note only has commands' do
         it 'adds commands applied message to note errors' do
           note_text = %(/close)
           service = double(:service)
@@ -540,6 +558,15 @@ RSpec.describe Notes::CreateService, feature_category: :team_planning do
 
           expect(note.errors[:commands_only]).to contain_exactly('Closed this issue. Could not apply reopen command.')
         end
+
+        it 'does not check for spam' do
+          expect_next_instance_of(Note) do |instance|
+            expect(instance).not_to receive(:check_for_spam).with(action: :create, user: user)
+          end
+
+          note_text = %(/close)
+          described_class.new(project, user, opts.merge(note: note_text)).execute
+        end
       end
     end
 
diff --git a/spec/services/notes/update_service_spec.rb b/spec/services/notes/update_service_spec.rb
index 808ab46ef99..01b61acb476 100644
--- a/spec/services/notes/update_service_spec.rb
+++ b/spec/services/notes/update_service_spec.rb
@@ -90,6 +90,11 @@ RSpec.describe Notes::UpdateService, feature_category: :team_planning do
         end
       end
 
+      it 'checks for spam' do
+        expect(note).to receive(:check_for_spam).with(action: :update, user: user)
+        edit_note_text
+      end
+
       context 'when quick action only update' do
         it "delete note and return commands_only error" do
           updated_note = described_class.new(project, user, { note: "/close\n" }).execute(note)
@@ -118,6 +123,11 @@ RSpec.describe Notes::UpdateService, feature_category: :team_planning do
           expect { does_not_edit_note_text }.not_to change { note.reload.updated_by }
         end
       end
+
+      it 'does not check for spam' do
+        expect(note).not_to receive(:check_for_spam)
+        does_not_edit_note_text
+      end
     end
 
     context 'when the notable is a merge request' do
diff --git a/spec/services/spam/spam_action_service_spec.rb b/spec/services/spam/spam_action_service_spec.rb
index 7072f5879ea..15cb4977b61 100644
--- a/spec/services/spam/spam_action_service_spec.rb
+++ b/spec/services/spam/spam_action_service_spec.rb
@@ -55,6 +55,21 @@ RSpec.describe Spam::SpamActionService, feature_category: :instance_resiliency d
         expect(issue).not_to be_spam
       end
     end
+
+    context 'when user is nil' do
+      let(:spam_params) { true }
+      let(:user) { nil }
+      let(:expected_service_user_not_present_message) do
+        /Skipped spam check because user was not present/
+      end
+
+      it "returns success with a messaage" do
+        response = subject
+
+        expect(response.message).to match(expected_service_user_not_present_message)
+        expect(issue).not_to be_spam
+      end
+    end
   end
 
   shared_examples 'allows user' do
@@ -120,6 +135,7 @@ RSpec.describe Spam::SpamActionService, feature_category: :instance_resiliency d
     before do
       allow(Captcha::CaptchaVerificationService).to receive(:new).with(spam_params: spam_params) { fake_captcha_verification_service }
       allow(Spam::SpamVerdictService).to receive(:new).with(verdict_service_args).and_return(fake_verdict_service)
+      allow(fake_verdict_service).to receive(:execute).and_return({})
     end
 
     context 'when captcha response verification returns true' do
@@ -170,6 +186,24 @@ RSpec.describe Spam::SpamActionService, feature_category: :instance_resiliency d
           target.description = 'Lovely Spam! Wonderful Spam!'
         end
 
+        context 'when captcha is not supported' do
+          before do
+            allow(target).to receive(:supports_recaptcha?).and_return(false)
+          end
+
+          it "does not execute with captcha support" do
+            expect(Captcha::CaptchaVerificationService).not_to receive(:new)
+
+            subject
+          end
+
+          it "executes a spam check" do
+            expect(fake_verdict_service).to receive(:execute)
+
+            subject
+          end
+        end
+
         context 'when user is a gitlab bot' do
           before do
             allow(user).to receive(:gitlab_bot?).and_return(true)