Add latest changes from gitlab-org/gitlab@master

9 files changed, 248 insertions, 46 deletions

diff --git a/spec/controllers/registrations_controller_spec.rb b/spec/controllers/registrations_controller_spec.rb
index 51a26c351c3..b217b100349 100644
--- a/spec/controllers/registrations_controller_spec.rb
+++ b/spec/controllers/registrations_controller_spec.rb
@@ -8,6 +8,7 @@ RSpec.describe RegistrationsController, feature_category: :user_profile do
 
   before do
     stub_application_setting(require_admin_approval_after_user_signup: false)
+    stub_feature_flags(arkose_labs_signup_challenge: false)
   end
 
   describe '#new' do
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
index 34025e9dd14..da206086663 100644
--- a/spec/features/admin/admin_settings_spec.rb
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -365,11 +365,13 @@ RSpec.describe 'Admin updates settings', feature_category: :not_owned do
           page.within('#js-jira_connect-settings') do
             fill_in 'Jira Connect Application ID', with: '1234'
             fill_in 'Jira Connect Proxy URL', with: 'https://example.com'
+            check 'Enable public key storage'
             click_button 'Save changes'
           end
 
           expect(current_settings.jira_connect_application_key).to eq('1234')
           expect(current_settings.jira_connect_proxy_url).to eq('https://example.com')
+          expect(current_settings.jira_connect_public_key_storage_enabled).to eq(true)
           expect(page).to have_content "Application settings saved successfully"
         end
       end
diff --git a/spec/graphql/types/query_type_spec.rb b/spec/graphql/types/query_type_spec.rb
index f06759e30c8..100ecc94f35 100644
--- a/spec/graphql/types/query_type_spec.rb
+++ b/spec/graphql/types/query_type_spec.rb
@@ -2,49 +2,15 @@
 
 require 'spec_helper'
 
-RSpec.describe GitlabSchema.types['Query'] do
+RSpec.describe GitlabSchema.types['Query'], feature_category: :shared do
+  include_context 'with FOSS query type fields'
+
   it 'is called Query' do
     expect(described_class.graphql_name).to eq('Query')
   end
 
   it 'has the expected fields' do
-    expected_fields = [
-      :board_list,
-      :ci_application_settings,
-      :ci_config,
-      :ci_variables,
-      :container_repository,
-      :current_user,
-      :design_management,
-      :echo,
-      :gitpod_enabled,
-      :group,
-      :issue,
-      :issues,
-      :jobs,
-      :merge_request,
-      :metadata,
-      :milestone,
-      :namespace,
-      :package,
-      :project,
-      :projects,
-      :query_complexity,
-      :runner,
-      :runner_platforms,
-      :runner_setup,
-      :runners,
-      :snippets,
-      :timelogs,
-      :todo,
-      :topics,
-      :usage_trends_measurements,
-      :user,
-      :users,
-      :work_item
-    ]
-
-    expect(described_class).to have_graphql_fields(*expected_fields).at_least
+    expect(described_class).to have_graphql_fields(*expected_foss_fields).at_least
   end
 
   describe 'namespace field' do
diff --git a/spec/helpers/jira_connect_helper_spec.rb b/spec/helpers/jira_connect_helper_spec.rb
index 455120f86d5..31aeff85c70 100644
--- a/spec/helpers/jira_connect_helper_spec.rb
+++ b/spec/helpers/jira_connect_helper_spec.rb
@@ -9,7 +9,8 @@ RSpec.describe JiraConnectHelper, feature_category: :integrations do
 
     let(:user) { create(:user) }
     let(:client_id) { '123' }
-    let(:enable_public_keys_storage) { false }
+    let(:enable_public_keys_storage_config) { false }
+    let(:enable_public_keys_storage_setting) { false }
 
     before do
       stub_application_setting(jira_connect_application_key: client_id)
@@ -21,7 +22,9 @@ RSpec.describe JiraConnectHelper, feature_category: :integrations do
       before do
         allow(view).to receive(:current_user).and_return(nil)
         allow(Gitlab.config.gitlab).to receive(:url).and_return('http://test.host')
-        allow(Gitlab.config.jira_connect).to receive(:enable_public_keys_storage).and_return(enable_public_keys_storage)
+        allow(Gitlab.config.jira_connect).to receive(:enable_public_keys_storage)
+          .and_return(enable_public_keys_storage_config)
+        stub_application_setting(jira_connect_public_key_storage_enabled: enable_public_keys_storage_setting)
       end
 
       it 'includes Jira Connect app attributes' do
@@ -105,8 +108,16 @@ RSpec.describe JiraConnectHelper, feature_category: :integrations do
         expect(subject[:public_key_storage_enabled]).to eq(false)
       end
 
-      context 'when public_key_storage is enabled' do
-        let(:enable_public_keys_storage) { true }
+      context 'when public_key_storage is enabled via config' do
+        let(:enable_public_keys_storage_config) { true }
+
+        it 'assignes public_key_storage_enabled to true' do
+          expect(subject[:public_key_storage_enabled]).to eq(true)
+        end
+      end
+
+      context 'when public_key_storage is enabled via setting' do
+        let(:enable_public_keys_storage_setting) { true }
 
         it 'assignes public_key_storage_enabled to true' do
           expect(subject[:public_key_storage_enabled]).to eq(true)
diff --git a/spec/requests/api/graphql/notes/note_spec.rb b/spec/requests/api/graphql/notes/note_spec.rb
new file mode 100644
index 00000000000..180e54290f8
--- /dev/null
+++ b/spec/requests/api/graphql/notes/note_spec.rb
@@ -0,0 +1,103 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'Query.note(id)', feature_category: :team_planning do
+  include GraphqlHelpers
+
+  let_it_be(:current_user) { create(:user) }
+  let_it_be(:project) { create(:project, :private) }
+  let_it_be(:issue) { create(:issue, project: project) }
+  let_it_be(:note) { create(:note, noteable: issue, project: project) }
+  let_it_be(:system_note) { create(:note, :system, noteable: issue, project: project) }
+
+  let(:note_params) { { 'id' => global_id_of(note) } }
+  let(:note_data) { graphql_data['note'] }
+  let(:note_fields) { all_graphql_fields_for('Note'.classify) }
+
+  let(:query) do
+    graphql_query_for('note', note_params, note_fields)
+  end
+
+  it_behaves_like 'a working graphql query' do
+    before do
+      post_graphql(query, current_user: current_user)
+    end
+  end
+
+  context 'when the user does not have access to read the note' do
+    it 'returns nil' do
+      post_graphql(query, current_user: current_user)
+
+      expect(note_data).to be nil
+    end
+
+    context 'when it is a system note' do
+      let(:note_params) { { 'id' => global_id_of(system_note) } }
+
+      it 'returns nil' do
+        post_graphql(query, current_user: current_user)
+
+        expect(note_data).to be nil
+      end
+    end
+  end
+
+  context 'when the user has access to read the note' do
+    before do
+      project.add_guest(current_user)
+    end
+
+    it 'returns note' do
+      post_graphql(query, current_user: current_user)
+
+      expect(note_data['id']).to eq(global_id_of(note).to_s)
+    end
+
+    context 'when it is a system note' do
+      let(:note_params) { { 'id' => global_id_of(system_note) } }
+
+      it 'returns note' do
+        post_graphql(query, current_user: current_user)
+
+        expect(note_data['id']).to eq(global_id_of(system_note).to_s)
+      end
+    end
+
+    context 'and notes widget is not available' do
+      before do
+        stub_const('WorkItems::Type::WIDGETS_FOR_TYPE', { issue: [::WorkItems::Widgets::Description] })
+      end
+
+      it 'returns nil' do
+        post_graphql(query, current_user: current_user)
+
+        expect(note_data).to be nil
+      end
+    end
+
+    context 'when note is internal' do
+      let_it_be(:note) { create(:note, :confidential, noteable: issue, project: project) }
+
+      it 'returns nil' do
+        post_graphql(query, current_user: current_user)
+
+        expect(note_data).to be nil
+      end
+
+      context 'and user can read confidential notes' do
+        let_it_be(:developer) { create(:user) }
+
+        before do
+          project.add_developer(developer)
+        end
+
+        it 'returns note' do
+          post_graphql(query, current_user: developer)
+
+          expect(note_data['id']).to eq(global_id_of(note).to_s)
+        end
+      end
+    end
+  end
+end
diff --git a/spec/requests/api/graphql/notes/synthetic_note_resolver_spec.rb b/spec/requests/api/graphql/notes/synthetic_note_resolver_spec.rb
new file mode 100644
index 00000000000..9b11406ae00
--- /dev/null
+++ b/spec/requests/api/graphql/notes/synthetic_note_resolver_spec.rb
@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'Query.synthetic_note(noteable_id, sha)', feature_category: :team_planning do
+  include GraphqlHelpers
+
+  let_it_be(:current_user) { create(:user) }
+  let_it_be(:project) { create(:project, :private) }
+  let_it_be(:issue) { create(:issue, project: project) }
+  let_it_be(:label) { create(:label, project: project) }
+  let_it_be(:label_event, refind: true) do
+    create(:resource_label_event, user: current_user, issue: issue, label: label, action: 'add', created_at: 2.days.ago)
+  end
+
+  let(:label_note) { LabelNote.from_events([label_event]) }
+  let(:global_id) { ::Gitlab::GlobalId.build(label_note, model_name: LabelNote.to_s, id: label_note.discussion_id) }
+  let(:note_params) { { sha: label_note.discussion_id, noteable_id: global_id_of(issue) } }
+  let(:note_data) { graphql_data['syntheticNote'] }
+  let(:note_fields) { all_graphql_fields_for('Note'.classify) }
+
+  let(:query) do
+    graphql_query_for('synthetic_note', note_params, note_fields)
+  end
+
+  context 'when the user does not have access to read the note' do
+    it 'returns nil' do
+      post_graphql(query, current_user: current_user)
+
+      expect(note_data).to be nil
+    end
+  end
+
+  context 'when the user has access to read the note' do
+    before do
+      project.add_guest(current_user)
+    end
+
+    it 'returns synthetic note' do
+      post_graphql(query, current_user: current_user)
+
+      expect(note_data['id']).to eq(global_id.to_s)
+    end
+
+    context 'and notes widget is not available' do
+      before do
+        stub_const('WorkItems::Type::WIDGETS_FOR_TYPE', { issue: [::WorkItems::Widgets::Description] })
+      end
+
+      it 'returns nil' do
+        post_graphql(query, current_user: current_user)
+
+        expect(note_data).to be nil
+      end
+    end
+  end
+end
diff --git a/spec/requests/jira_connect/public_keys_controller_spec.rb b/spec/requests/jira_connect/public_keys_controller_spec.rb
index 31977f34d0f..7f0262eaf65 100644
--- a/spec/requests/jira_connect/public_keys_controller_spec.rb
+++ b/spec/requests/jira_connect/public_keys_controller_spec.rb
@@ -5,10 +5,11 @@ require 'spec_helper'
 RSpec.describe JiraConnect::PublicKeysController, feature_category: :integrations do
   describe 'GET /-/jira_connect/public_keys/:uuid' do
     let(:uuid) { non_existing_record_id }
-    let(:public_key_storage_enabled) { true }
+    let(:public_key_storage_enabled_config) { true }
 
     before do
-      allow(Gitlab.config.jira_connect).to receive(:enable_public_keys_storage).and_return(public_key_storage_enabled)
+      allow(Gitlab.config.jira_connect).to receive(:enable_public_keys_storage)
+        .and_return(public_key_storage_enabled_config)
     end
 
     it 'renders 404' do
@@ -29,14 +30,26 @@ RSpec.describe JiraConnect::PublicKeysController, feature_category: :integration
         expect(response.body).to eq(public_key.key)
       end
 
-      context 'when public key storage disabled' do
-        let(:public_key_storage_enabled) { false }
+      context 'when public key storage config disabled' do
+        let(:public_key_storage_enabled_config) { false }
 
         it 'renders 404' do
           get jira_connect_public_key_path(id: uuid)
 
           expect(response).to have_gitlab_http_status(:not_found)
         end
+
+        context 'when public key storage setting is enabled' do
+          before do
+            stub_application_setting(jira_connect_public_key_storage_enabled: true)
+          end
+
+          it 'renders 404' do
+            get jira_connect_public_key_path(id: uuid)
+
+            expect(response).to have_gitlab_http_status(:ok)
+          end
+        end
       end
     end
   end
diff --git a/spec/support/shared_contexts/graphql/types/query_type_shared_context.rb b/spec/support/shared_contexts/graphql/types/query_type_shared_context.rb
new file mode 100644
index 00000000000..15a67661cca
--- /dev/null
+++ b/spec/support/shared_contexts/graphql/types/query_type_shared_context.rb
@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+RSpec.shared_context 'with FOSS query type fields' do
+  # extracted these fields into a shared variable so that we can define FOSS fields once and use them on EE spec as well
+  let(:expected_foss_fields) do
+    [
+      :board_list,
+      :ci_application_settings,
+      :ci_config,
+      :ci_variables,
+      :container_repository,
+      :current_user,
+      :design_management,
+      :echo,
+      :gitpod_enabled,
+      :group,
+      :issue,
+      :issues,
+      :jobs,
+      :merge_request,
+      :metadata,
+      :milestone,
+      :namespace,
+      :note,
+      :package,
+      :project,
+      :projects,
+      :query_complexity,
+      :runner,
+      :runner_platforms,
+      :runner_setup,
+      :runners,
+      :snippets,
+      :synthetic_note,
+      :timelogs,
+      :todo,
+      :topics,
+      :usage_trends_measurements,
+      :user,
+      :users,
+      :work_item
+    ]
+  end
+end
diff --git a/spec/views/admin/application_settings/_jira_connect.html.haml_spec.rb b/spec/views/admin/application_settings/_jira_connect.html.haml_spec.rb
index 1739fb3d8b9..af411261aa0 100644
--- a/spec/views/admin/application_settings/_jira_connect.html.haml_spec.rb
+++ b/spec/views/admin/application_settings/_jira_connect.html.haml_spec.rb
@@ -20,4 +20,9 @@ RSpec.describe 'admin/application_settings/_jira_connect.html.haml', feature_cat
     render
     expect(rendered).to have_field('Jira Connect Proxy URL', type: 'text')
   end
+
+  it 'renders the enable public key storage checkbox' do
+    render
+    expect(rendered).to have_field('Enable public key storage', type: 'checkbox')
+  end
 end