diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-10-09 03:08:41 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-10-09 03:08:41 +0300 |
commit | c02e2a5ef6b928da420e844b54fc6bbce16754c8 (patch) | |
tree | 1f738c4c0c7fc04a3235e8bad807972a740611f2 /spec/views | |
parent | b0980f5557a8621fb08785b06be950ee46796c18 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/views')
-rw-r--r-- | spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb | 26 | ||||
-rw-r--r-- | spec/views/projects/settings/operations/show.html.haml_spec.rb | 76 |
2 files changed, 87 insertions, 15 deletions
diff --git a/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb b/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb index bf5b5785b8d..3dda971ae0e 100644 --- a/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb +++ b/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb @@ -3,7 +3,7 @@ require 'spec_helper' RSpec.describe 'layouts/nav/sidebar/_project' do - let(:project) { create(:project, :repository) } + let_it_be_with_reload(:project) { create(:project, :repository) } before do assign(:project, project) @@ -246,6 +246,30 @@ RSpec.describe 'layouts/nav/sidebar/_project' do end end + describe 'Tracing' do + it 'is not visible to unauthorized user' do + allow(view).to receive(:can?).and_return(false) + + render + + expect(rendered).not_to have_text 'Tracing' + end + + it 'links to Tracing page' do + render + + expect(rendered).to have_link('Tracing', href: project_tracing_path(project)) + end + + context 'without project.tracing_external_url' do + it 'links to Tracing page' do + render + + expect(rendered).to have_link('Tracing', href: project_tracing_path(project)) + end + end + end + describe 'Alert Management' do it 'shows the Alerts sidebar entry' do render diff --git a/spec/views/projects/settings/operations/show.html.haml_spec.rb b/spec/views/projects/settings/operations/show.html.haml_spec.rb index b4d20da0a5c..24ab64b20f5 100644 --- a/spec/views/projects/settings/operations/show.html.haml_spec.rb +++ b/spec/views/projects/settings/operations/show.html.haml_spec.rb @@ -6,37 +6,85 @@ RSpec.describe 'projects/settings/operations/show' do let_it_be(:project) { create(:project) } let_it_be(:user) { create(:user) } + let_it_be(:error_tracking_setting) do + create(:project_error_tracking_setting, project: project) + end + + let_it_be_with_reload(:tracing_setting) do + create(:project_tracing_setting, project: project) + end + + let_it_be(:prometheus_service) { create(:prometheus_service, project: project) } + let_it_be(:alerts_service) { create(:alerts_service, project: project) } + let(:operations_show_locals) do { - prometheus_service: project.find_or_initialize_service('prometheus'), - alerts_service: project.find_or_initialize_service('alerts') + prometheus_service: prometheus_service, + alerts_service: alerts_service } end + before_all do + project.add_reporter(user) + end + before do assign :project, project + + allow(view).to receive(:error_tracking_setting) + .and_return(error_tracking_setting) + allow(view).to receive(:tracing_setting) + .and_return(tracing_setting) + allow(view).to receive(:current_user).and_return(user) end describe 'Operations > Error Tracking' do - before do - project.add_reporter(user) + context 'Settings page ' do + it 'renders the Operations Settings page' do + render template: 'projects/settings/operations/show', locals: operations_show_locals - allow(view).to receive(:error_tracking_setting) - .and_return(error_tracking_setting) - allow(view).to receive(:current_user).and_return(user) - allow(view).to receive(:incident_management_available?) { false } + expect(rendered).to have_content _('Error tracking') + expect(rendered).to have_content _('To link Sentry to GitLab, enter your Sentry URL and Auth Token') + end end + end - let_it_be(:error_tracking_setting) do - create(:project_error_tracking_setting, project: project) + describe 'Operations > Tracing' do + context 'with project.tracing_external_url' do + it 'links to project.tracing_external_url' do + render template: 'projects/settings/operations/show', locals: operations_show_locals + + expect(rendered).to have_link('Tracing', href: tracing_setting.external_url) + end + + context 'with malicious external_url' do + let(:malicious_tracing_url) { "https://replaceme.com/'><script>alert(document.cookie)</script>" } + let(:cleaned_url) { "https://replaceme.com/'>" } + + before do + tracing_setting.update_column(:external_url, malicious_tracing_url) + end + + it 'sanitizes external_url' do + render template: 'projects/settings/operations/show', locals: operations_show_locals + + expect(tracing_setting.external_url).to eq(malicious_tracing_url) + expect(rendered).to have_link('Tracing', href: cleaned_url) + end + end end - context 'Settings page ' do - it 'renders the Operations Settings page' do + context 'without project.tracing_external_url' do + let(:tracing_setting) { build(:project_tracing_setting, project: project) } + + before do + tracing_setting.external_url = nil + end + + it 'links to Tracing page' do render template: 'projects/settings/operations/show', locals: operations_show_locals - expect(rendered).to have_content _('Error tracking') - expect(rendered).to have_content _('To link Sentry to GitLab, enter your Sentry URL and Auth Token') + expect(rendered).to have_link('Tracing', href: project_tracing_path(project)) end end end |