Merge remote-tracking branch 'origin/master' into ci-permissions

# Conflicts: # app/views/projects/builds/index.html.haml
author: Kamil Trzcinski <ayufan@ayufan.eu> 2016-02-04 15:16:48 +0300
committer: Kamil Trzcinski <ayufan@ayufan.eu> 2016-02-04 15:16:48 +0300
commit: 6fea7c386ff27e5081ff3532b06f71d29eee956b (patch)
tree: e1a1035725399135e86a6341c8349dfdab417107 /spec
parent: d231b6b9182ce9f68f267af0a073136c898f6892 (diff)
parent: e933a50b6b8e7feec76bcc71313c14736967cd7a (diff)
15 files changed, 278 insertions, 31 deletions
diff --git a/spec/controllers/admin/spam_logs_controller_spec.rb b/spec/controllers/admin/spam_logs_controller_spec.rb
new file mode 100644
index 00000000000..b51b303a714
--- /dev/null
+++ b/spec/controllers/admin/spam_logs_controller_spec.rb
@@ -0,0 +1,37 @@
+require 'spec_helper'
+
+describe Admin::SpamLogsController do
+  let(:admin) { create(:admin) }
+  let(:user) { create(:user) }
+  let!(:first_spam) { create(:spam_log, user: user) }
+  let!(:second_spam) { create(:spam_log, user: user) }
+
+  before do
+    sign_in(admin)
+  end
+
+  describe '#index' do
+    it 'lists all spam logs' do
+      get :index
+
+      expect(response.status).to eq(200)
+    end
+  end
+
+  describe '#destroy' do
+    it 'removes only the spam log when removing log' do
+      expect { delete :destroy, id: first_spam.id }.to change { SpamLog.count }.by(-1)
+      expect(User.find(user.id)).to be_truthy
+      expect(response.status).to eq(200)
+    end
+
+    it 'removes user and his spam logs when removing the user' do
+      delete :destroy, id: first_spam.id, remove_user: true
+
+      expect(flash[:notice]).to eq "User #{user.username} was successfully removed."
+      expect(response.status).to eq(302)
+      expect(SpamLog.count).to eq(0)
+      expect { User.find(user.id) }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+end
diff --git a/spec/factories/spam_logs.rb b/spec/factories/spam_logs.rb
new file mode 100644
index 00000000000..d90e5d6bf26
--- /dev/null
+++ b/spec/factories/spam_logs.rb
@@ -0,0 +1,11 @@
+# Read about factories at https://github.com/thoughtbot/factory_girl
+
+FactoryGirl.define do
+  factory :spam_log do
+    user
+    source_ip { FFaker::Internet.ip_v4_address }
+    noteable_type 'Issue'
+    title { FFaker::Lorem.sentence }
+    description { FFaker::Lorem.paragraph(5) }
+  end
+end
diff --git a/spec/features/builds_spec.rb b/spec/features/builds_spec.rb
index 22e38151bd8..6da3a857b3f 100644
--- a/spec/features/builds_spec.rb
+++ b/spec/features/builds_spec.rb
@@ -18,7 +18,7 @@ describe "Builds" do
         visit namespace_project_builds_path(@project.namespace, @project, scope: :running)
       end
 
-      it { expect(page).to have_selector('.project-issuable-filter li.active', text: 'Running') }
+      it { expect(page).to have_selector('.nav-links li.active', text: 'Running') }
       it { expect(page).to have_link 'Cancel running' }
       it { expect(page).to have_content @build.short_sha }
       it { expect(page).to have_content @build.ref }
@@ -31,7 +31,7 @@ describe "Builds" do
         visit namespace_project_builds_path(@project.namespace, @project, scope: :finished)
       end
 
-      it { expect(page).to have_selector('.project-issuable-filter li.active', text: 'Finished') }
+      it { expect(page).to have_selector('.nav-links li.active', text: 'Finished') }
       it { expect(page).to have_content 'No builds to show' }
       it { expect(page).to have_link 'Cancel running' }
     end
@@ -42,7 +42,7 @@ describe "Builds" do
         visit namespace_project_builds_path(@project.namespace, @project)
       end
 
-      it { expect(page).to have_selector('.project-issuable-filter li.active', text: 'All') }
+      it { expect(page).to have_selector('.nav-links li.active', text: 'All') }
       it { expect(page).to have_content @build.short_sha }
       it { expect(page).to have_content @build.ref }
       it { expect(page).to have_content @build.name }
@@ -57,7 +57,7 @@ describe "Builds" do
       click_link "Cancel running"
     end
 
-    it { expect(page).to have_selector('.project-issuable-filter li.active', text: 'All') }
+    it { expect(page).to have_selector('.nav-links li.active', text: 'All') }
     it { expect(page).to have_content 'canceled' }
     it { expect(page).to have_content @build.short_sha }
     it { expect(page).to have_content @build.ref }
diff --git a/spec/features/projects_spec.rb b/spec/features/projects_spec.rb
index 9a01c89ae2a..ed97b6cb577 100644
--- a/spec/features/projects_spec.rb
+++ b/spec/features/projects_spec.rb
@@ -82,7 +82,26 @@ feature 'Project', feature: true do
 
     it 'click project-settings and find leave project' do
       find('#project-settings-button').click
-      expect(page).to have_link('Leave Project') 
+      expect(page).to have_link('Leave Project')
+    end
+  end
+
+  describe 'project title' do
+    include WaitForAjax
+
+    let(:user)    { create(:user) }
+    let(:project) { create(:project, namespace: user.namespace) }
+
+    before do
+      login_with(user)
+      project.team.add_user(user, Gitlab::Access::MASTER)
+      visit namespace_project_path(project.namespace, project)
+    end
+
+    it 'click toggle and show dropdown', js: true do
+      find('.js-projects-dropdown-toggle').click
+      wait_for_ajax
+      expect(page).to have_css('.select2-results li', count: 1)
     end
   end
 
diff --git a/spec/javascripts/fixtures/project_title.html.haml b/spec/javascripts/fixtures/project_title.html.haml
new file mode 100644
index 00000000000..4286d1be669
--- /dev/null
+++ b/spec/javascripts/fixtures/project_title.html.haml
@@ -0,0 +1,7 @@
+%h1.title
+  %a
+    GitLab Org
+  %a.project-item-select-holder.js-projects-dropdown-toggle{href: "/gitlab-org/gitlab-test"}
+    GitLab Test
+    %span.fa.fa-chevron-down.dropdown-toggle-caret
+    %input#project_path.project-item-select.js-projects-dropdown.ajax-project-select{type: "hidden", name: "project_path", "data-include-groups" => "false"}
diff --git a/spec/javascripts/fixtures/projects.json b/spec/javascripts/fixtures/projects.json
new file mode 100644
index 00000000000..84e8d0ba1e4
--- /dev/null
+++ b/spec/javascripts/fixtures/projects.json
@@ -0,0 +1 @@
+[{"id":9,"description":"","default_branch":null,"tag_list":[],"public":true,"archived":false,"visibility_level":20,"ssh_url_to_repo":"phil@localhost:root/test.git","http_url_to_repo":"http://localhost:3000/root/test.git","web_url":"http://localhost:3000/root/test","owner":{"name":"Administrator","username":"root","id":1,"state":"active","avatar_url":"http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80\u0026d=identicon","web_url":"http://localhost:3000/u/root"},"name":"test","name_with_namespace":"Administrator / test","path":"test","path_with_namespace":"root/test","issues_enabled":true,"merge_requests_enabled":true,"wiki_enabled":true,"builds_enabled":true,"snippets_enabled":false,"created_at":"2016-01-14T19:08:05.364Z","last_activity_at":"2016-01-14T19:08:07.418Z","shared_runners_enabled":true,"creator_id":1,"namespace":{"id":1,"name":"root","path":"root","owner_id":1,"created_at":"2016-01-13T20:19:44.439Z","updated_at":"2016-01-13T20:19:44.439Z","description":"","avatar":null},"avatar_url":null,"star_count":0,"forks_count":0,"open_issues_count":0,"permissions":{"project_access":null,"group_access":null}},{"id":8,"description":"Voluptatem quae nulla eius numquam ullam voluptatibus quia modi.","default_branch":"master","tag_list":[],"public":false,"archived":false,"visibility_level":0,"ssh_url_to_repo":"phil@localhost:h5bp/html5-boilerplate.git","http_url_to_repo":"http://localhost:3000/h5bp/html5-boilerplate.git","web_url":"http://localhost:3000/h5bp/html5-boilerplate","name":"Html5 Boilerplate","name_with_namespace":"H5bp / Html5 Boilerplate","path":"html5-boilerplate","path_with_namespace":"h5bp/html5-boilerplate","issues_enabled":true,"merge_requests_enabled":true,"wiki_enabled":true,"builds_enabled":true,"snippets_enabled":false,"created_at":"2016-01-13T20:19:57.525Z","last_activity_at":"2016-01-13T20:27:57.280Z","shared_runners_enabled":true,"creator_id":1,"namespace":{"id":5,"name":"H5bp","path":"h5bp","owner_id":null,"created_at":"2016-01-13T20:19:57.239Z","updated_at":"2016-01-13T20:19:57.239Z","description":"Tempore accusantium possimus aut libero.","avatar":{"url":null}},"avatar_url":null,"star_count":0,"forks_count":0,"open_issues_count":5,"permissions":{"project_access":{"access_level":10,"notification_level":3},"group_access":{"access_level":50,"notification_level":3}}},{"id":7,"description":"Modi odio mollitia dolorem qui.","default_branch":"master","tag_list":[],"public":false,"archived":false,"visibility_level":0,"ssh_url_to_repo":"phil@localhost:twitter/typeahead-js.git","http_url_to_repo":"http://localhost:3000/twitter/typeahead-js.git","web_url":"http://localhost:3000/twitter/typeahead-js","name":"Typeahead.Js","name_with_namespace":"Twitter / Typeahead.Js","path":"typeahead-js","path_with_namespace":"twitter/typeahead-js","issues_enabled":true,"merge_requests_enabled":true,"wiki_enabled":true,"builds_enabled":true,"snippets_enabled":false,"created_at":"2016-01-13T20:19:56.212Z","last_activity_at":"2016-01-13T20:27:51.496Z","shared_runners_enabled":true,"creator_id":1,"namespace":{"id":4,"name":"Twitter","path":"twitter","owner_id":null,"created_at":"2016-01-13T20:19:54.480Z","updated_at":"2016-01-13T20:19:54.480Z","description":"Id voluptatem ipsa maiores omnis repudiandae et et.","avatar":{"url":null}},"avatar_url":null,"star_count":0,"forks_count":0,"open_issues_count":4,"permissions":{"project_access":null,"group_access":{"access_level":10,"notification_level":3}}},{"id":6,"description":"Omnis asperiores ipsa et beatae quidem necessitatibus quia.","default_branch":"master","tag_list":[],"public":true,"archived":false,"visibility_level":20,"ssh_url_to_repo":"phil@localhost:twitter/flight.git","http_url_to_repo":"http://localhost:3000/twitter/flight.git","web_url":"http://localhost:3000/twitter/flight","name":"Flight","name_with_namespace":"Twitter / Flight","path":"flight","path_with_namespace":"twitter/flight","issues_enabled":true,"merge_requests_enabled":true,"wiki_enabled":true,"builds_enabled":true,"snippets_enabled":false,"created_at":"2016-01-13T20:19:54.754Z","last_activity_at":"2016-01-13T20:27:50.502Z","shared_runners_enabled":true,"creator_id":1,"namespace":{"id":4,"name":"Twitter","path":"twitter","owner_id":null,"created_at":"2016-01-13T20:19:54.480Z","updated_at":"2016-01-13T20:19:54.480Z","description":"Id voluptatem ipsa maiores omnis repudiandae et et.","avatar":{"url":null}},"avatar_url":null,"star_count":0,"forks_count":0,"open_issues_count":4,"permissions":{"project_access":null,"group_access":{"access_level":10,"notification_level":3}}},{"id":5,"description":"Voluptatem commodi voluptate placeat architecto beatae illum dolores fugiat.","default_branch":"master","tag_list":[],"public":false,"archived":false,"visibility_level":0,"ssh_url_to_repo":"phil@localhost:gitlab-org/gitlab-test.git","http_url_to_repo":"http://localhost:3000/gitlab-org/gitlab-test.git","web_url":"http://localhost:3000/gitlab-org/gitlab-test","name":"Gitlab Test","name_with_namespace":"Gitlab Org / Gitlab Test","path":"gitlab-test","path_with_namespace":"gitlab-org/gitlab-test","issues_enabled":true,"merge_requests_enabled":true,"wiki_enabled":true,"builds_enabled":true,"snippets_enabled":false,"created_at":"2016-01-13T20:19:53.202Z","last_activity_at":"2016-01-13T20:27:41.626Z","shared_runners_enabled":true,"creator_id":1,"namespace":{"id":3,"name":"Gitlab Org","path":"gitlab-org","owner_id":null,"created_at":"2016-01-13T20:19:48.851Z","updated_at":"2016-01-13T20:19:48.851Z","description":"Magni mollitia quod quidem soluta nesciunt impedit.","avatar":{"url":null}},"avatar_url":null,"star_count":0,"forks_count":0,"open_issues_count":5,"permissions":{"project_access":null,"group_access":{"access_level":50,"notification_level":3}}},{"id":4,"description":"Aut molestias quas est ut aperiam officia quod libero.","default_branch":"master","tag_list":[],"public":true,"archived":false,"visibility_level":20,"ssh_url_to_repo":"phil@localhost:gitlab-org/gitlab-shell.git","http_url_to_repo":"http://localhost:3000/gitlab-org/gitlab-shell.git","web_url":"http://localhost:3000/gitlab-org/gitlab-shell","name":"Gitlab Shell","name_with_namespace":"Gitlab Org / Gitlab Shell","path":"gitlab-shell","path_with_namespace":"gitlab-org/gitlab-shell","issues_enabled":true,"merge_requests_enabled":true,"wiki_enabled":true,"builds_enabled":true,"snippets_enabled":false,"created_at":"2016-01-13T20:19:51.882Z","last_activity_at":"2016-01-13T20:27:35.678Z","shared_runners_enabled":true,"creator_id":1,"namespace":{"id":3,"name":"Gitlab Org","path":"gitlab-org","owner_id":null,"created_at":"2016-01-13T20:19:48.851Z","updated_at":"2016-01-13T20:19:48.851Z","description":"Magni mollitia quod quidem soluta nesciunt impedit.","avatar":{"url":null}},"avatar_url":null,"star_count":0,"forks_count":0,"open_issues_count":5,"permissions":{"project_access":{"access_level":20,"notification_level":3},"group_access":{"access_level":50,"notification_level":3}}},{"id":3,"description":"Excepturi molestiae quia repellendus omnis est illo illum eligendi.","default_branch":"master","tag_list":[],"public":true,"archived":false,"visibility_level":20,"ssh_url_to_repo":"phil@localhost:gitlab-org/gitlab-ci.git","http_url_to_repo":"http://localhost:3000/gitlab-org/gitlab-ci.git","web_url":"http://localhost:3000/gitlab-org/gitlab-ci","name":"Gitlab Ci","name_with_namespace":"Gitlab Org / Gitlab Ci","path":"gitlab-ci","path_with_namespace":"gitlab-org/gitlab-ci","issues_enabled":true,"merge_requests_enabled":true,"wiki_enabled":true,"builds_enabled":true,"snippets_enabled":false,"created_at":"2016-01-13T20:19:50.346Z","last_activity_at":"2016-01-13T20:27:30.115Z","shared_runners_enabled":true,"creator_id":1,"namespace":{"id":3,"name":"Gitlab Org","path":"gitlab-org","owner_id":null,"created_at":"2016-01-13T20:19:48.851Z","updated_at":"2016-01-13T20:19:48.851Z","description":"Magni mollitia quod quidem soluta nesciunt impedit.","avatar":{"url":null}},"avatar_url":null,"star_count":0,"forks_count":0,"open_issues_count":3,"permissions":{"project_access":null,"group_access":{"access_level":50,"notification_level":3}}},{"id":2,"description":"Adipisci quaerat dignissimos enim sed ipsam dolorem quia.","default_branch":"master","tag_list":[],"public":false,"archived":false,"visibility_level":10,"ssh_url_to_repo":"phil@localhost:gitlab-org/gitlab-ce.git","http_url_to_repo":"http://localhost:3000/gitlab-org/gitlab-ce.git","web_url":"http://localhost:3000/gitlab-org/gitlab-ce","name":"Gitlab Ce","name_with_namespace":"Gitlab Org / Gitlab Ce","path":"gitlab-ce","path_with_namespace":"gitlab-org/gitlab-ce","issues_enabled":true,"merge_requests_enabled":true,"wiki_enabled":true,"builds_enabled":true,"snippets_enabled":false,"created_at":"2016-01-13T20:19:49.065Z","last_activity_at":"2016-01-13T20:26:58.454Z","shared_runners_enabled":true,"creator_id":1,"namespace":{"id":3,"name":"Gitlab Org","path":"gitlab-org","owner_id":null,"created_at":"2016-01-13T20:19:48.851Z","updated_at":"2016-01-13T20:19:48.851Z","description":"Magni mollitia quod quidem soluta nesciunt impedit.","avatar":{"url":null}},"avatar_url":null,"star_count":0,"forks_count":0,"open_issues_count":5,"permissions":{"project_access":{"access_level":30,"notification_level":3},"group_access":{"access_level":50,"notification_level":3}}},{"id":1,"description":"Vel voluptatem maxime saepe ex quia.","default_branch":"master","tag_list":[],"public":false,"archived":false,"visibility_level":0,"ssh_url_to_repo":"phil@localhost:documentcloud/underscore.git","http_url_to_repo":"http://localhost:3000/documentcloud/underscore.git","web_url":"http://localhost:3000/documentcloud/underscore","name":"Underscore","name_with_namespace":"Documentcloud / Underscore","path":"underscore","path_with_namespace":"documentcloud/underscore","issues_enabled":true,"merge_requests_enabled":true,"wiki_enabled":true,"builds_enabled":true,"snippets_enabled":false,"created_at":"2016-01-13T20:19:45.862Z","last_activity_at":"2016-01-13T20:25:03.106Z","shared_runners_enabled":true,"creator_id":1,"namespace":{"id":2,"name":"Documentcloud","path":"documentcloud","owner_id":null,"created_at":"2016-01-13T20:19:44.464Z","updated_at":"2016-01-13T20:19:44.464Z","description":"Aut impedit perferendis fuga et ipsa repellat cupiditate et.","avatar":{"url":null}},"avatar_url":null,"star_count":0,"forks_count":0,"open_issues_count":5,"permissions":{"project_access":null,"group_access":{"access_level":50,"notification_level":3}}}]
diff --git a/spec/javascripts/project_title_spec.js.coffee b/spec/javascripts/project_title_spec.js.coffee
new file mode 100644
index 00000000000..47c7b7febe3
--- /dev/null
+++ b/spec/javascripts/project_title_spec.js.coffee
@@ -0,0 +1,46 @@
+#= require select2
+#= require api
+#= require project_select
+#= require project
+
+window.gon = {}
+window.gon.api_version = 'v3'
+
+describe 'Project Title', ->
+  fixture.preload('project_title.html')
+  fixture.preload('projects.json')
+
+  beforeEach ->
+    fixture.load('project_title.html')
+    @project = new Project()
+
+    spyOn(@project, 'changeProject').and.callFake (url) ->
+      window.current_project_url = url
+
+  describe 'project list', ->
+    beforeEach =>
+      @projects_data = fixture.load('projects.json')[0]
+
+      spyOn(jQuery, 'ajax').and.callFake (req) =>
+        expect(req.url).toBe('/api/v3/projects.json')
+        d = $.Deferred()
+        d.resolve @projects_data
+        d.promise()
+
+    it 'to show on toggle click', =>
+      $('.js-projects-dropdown-toggle').click()
+
+      expect($('.title .select2-container').hasClass('select2-dropdown-open')).toBe(true)
+      expect($('.ajax-project-dropdown li').length).toBe(@projects_data.length)
+
+    it 'hide dropdown', ->
+      $("#select2-drop-mask").click()
+
+      expect($('.title .select2-container').hasClass('select2-dropdown-open')).toBe(false)
+
+    it 'change project when clicking item', ->
+      $('.js-projects-dropdown-toggle').click()
+      $('.ajax-project-dropdown li:nth-child(2)').trigger('mouseup')
+
+      expect($('.title .select2-container').hasClass('select2-dropdown-open')).toBe(false)
+      expect(window.current_project_url).toBe('http://localhost:3000/h5bp/html5-boilerplate')
diff --git a/spec/lib/banzai/filter/sanitization_filter_spec.rb b/spec/lib/banzai/filter/sanitization_filter_spec.rb
index 9c63d227044..e14a6dbf922 100644
--- a/spec/lib/banzai/filter/sanitization_filter_spec.rb
+++ b/spec/lib/banzai/filter/sanitization_filter_spec.rb
@@ -177,26 +177,4 @@ describe Banzai::Filter::SanitizationFilter, lib: true do
       expect(act.to_html).to eq exp
     end
   end
-
-  context 'when inline_sanitization is true' do
-    it 'uses a stricter whitelist' do
-      doc = filter('<h1>Description</h1>', inline_sanitization: true)
-      expect(doc.to_html.strip).to eq 'Description'
-    end
-
-    %w(pre code img ol ul li).each do |elem|
-      it "removes '#{elem}' elements" do
-        act = "<#{elem}>Description</#{elem}>"
-        expect(filter(act, inline_sanitization: true).to_html.strip).
-          to eq 'Description'
-      end
-    end
-
-    %w(b i strong em a ins del sup sub p).each do |elem|
-      it "still allows '#{elem}' elements" do
-        exp = act = "<#{elem}>Description</#{elem}>"
-        expect(filter(act, inline_sanitization: true).to_html).to eq exp
-      end
-    end
-  end
 end
diff --git a/spec/lib/banzai/pipeline/description_pipeline_spec.rb b/spec/lib/banzai/pipeline/description_pipeline_spec.rb
new file mode 100644
index 00000000000..76f42071810
--- /dev/null
+++ b/spec/lib/banzai/pipeline/description_pipeline_spec.rb
@@ -0,0 +1,37 @@
+require 'rails_helper'
+
+describe Banzai::Pipeline::DescriptionPipeline do
+  def parse(html)
+    # When we pass HTML to Redcarpet, it gets wrapped in `p` tags...
+    # ...except when we pass it pre-wrapped text. Rabble rabble.
+    unwrap = !html.start_with?('<p>')
+
+    output = described_class.to_html(html, project: spy)
+
+    output.gsub!(%r{\A<p>(.*)</p>(.*)\z}, '\1\2') if unwrap
+
+    output
+  end
+
+  it 'uses a limited whitelist' do
+    doc = parse('# Description')
+
+    expect(doc.strip).to eq 'Description'
+  end
+
+  %w(pre code img ol ul li).each do |elem|
+    it "removes '#{elem}' elements" do
+      act = "<#{elem}>Description</#{elem}>"
+
+      expect(parse(act).strip).to eq 'Description'
+    end
+  end
+
+  %w(b i strong em a ins del sup sub p).each do |elem|
+    it "still allows '#{elem}' elements" do
+      exp = act = "<#{elem}>Description</#{elem}>"
+
+      expect(parse(act).strip).to eq exp
+    end
+  end
+end
diff --git a/spec/lib/gitlab/akismet_helper_spec.rb b/spec/lib/gitlab/akismet_helper_spec.rb
new file mode 100644
index 00000000000..9858935180a
--- /dev/null
+++ b/spec/lib/gitlab/akismet_helper_spec.rb
@@ -0,0 +1,35 @@
+require 'spec_helper'
+
+describe Gitlab::AkismetHelper, type: :helper do
+  let(:project) { create(:project) }
+  let(:user) { create(:user) }
+
+  before do
+    allow(Gitlab.config.gitlab).to receive(:url).and_return(Settings.send(:build_gitlab_url))
+    current_application_settings.akismet_enabled = true
+    current_application_settings.akismet_api_key = '12345'
+  end
+
+  describe '#check_for_spam?' do
+    it 'returns true for non-member' do
+      expect(helper.check_for_spam?(project, user)).to eq(true)
+    end
+
+    it 'returns false for member' do
+      project.team << [user, :guest]
+      expect(helper.check_for_spam?(project, user)).to eq(false)
+    end
+  end
+
+  describe '#is_spam?' do
+    it 'returns true for spam' do
+      environment = {
+        'REMOTE_ADDR' => '127.0.0.1',
+        'HTTP_USER_AGENT' => 'Test User Agent'
+      }
+
+      allow_any_instance_of(::Akismet::Client).to receive(:check).and_return([true, true])
+      expect(helper.is_spam?(environment, user, 'Is this spam?')).to eq(true)
+    end
+  end
+end
diff --git a/spec/lib/gitlab/regex_spec.rb b/spec/lib/gitlab/regex_spec.rb
index d67ee423b9b..c51b10bdc69 100644
--- a/spec/lib/gitlab/regex_spec.rb
+++ b/spec/lib/gitlab/regex_spec.rb
@@ -21,4 +21,12 @@ describe Gitlab::Regex, lib: true do
     it { expect('Dash – is this').to match(Gitlab::Regex.project_name_regex) }
     it { expect('?gitlab').not_to match(Gitlab::Regex.project_name_regex) }
   end
+
+  describe 'file name regex' do
+    it { expect('foo@bar').to match(Gitlab::Regex.file_name_regex) }
+  end
+
+  describe 'file path regex' do
+    it { expect('foo@/bar').to match(Gitlab::Regex.file_path_regex) }
+  end
 end
diff --git a/spec/models/merge_request_spec.rb b/spec/models/merge_request_spec.rb
index 46f2f20b986..c61ddf01118 100644
--- a/spec/models/merge_request_spec.rb
+++ b/spec/models/merge_request_spec.rb
@@ -188,6 +188,11 @@ describe MergeRequest, models: true do
       expect(subject).to be_work_in_progress
     end
 
+    it "detects the '[WIP]' prefix" do
+      subject.title = "[WIP]#{subject.title}"
+      expect(subject).to be_work_in_progress
+    end
+
     it "doesn't detect WIP for words starting with WIP" do
       subject.title = "Wipwap #{subject.title}"
       expect(subject).not_to be_work_in_progress
@@ -226,9 +231,15 @@ describe MergeRequest, models: true do
       expect(subject.can_remove_source_branch?(user2)).to be_falsey
     end
 
-    it "is can be removed in all other cases" do
+    it "can be removed if the last commit is the head of the source branch" do
+      allow(subject.source_project).to receive(:commit).and_return(subject.last_commit)
+
       expect(subject.can_remove_source_branch?(user)).to be_truthy
     end
+
+    it "cannot be removed if the last commit is not also the head of the source branch" do
+      expect(subject.can_remove_source_branch?(user)).to be_falsey
+    end
   end
 
   describe "#reset_merge_when_build_succeeds" do
diff --git a/spec/models/spam_log_spec.rb b/spec/models/spam_log_spec.rb
new file mode 100644
index 00000000000..c4ec7625cb0
--- /dev/null
+++ b/spec/models/spam_log_spec.rb
@@ -0,0 +1,25 @@
+require 'spec_helper'
+
+describe SpamLog, models: true do
+  describe 'associations' do
+    it { is_expected.to belong_to(:user) }
+  end
+
+  describe 'validations' do
+    it { is_expected.to validate_presence_of(:user) }
+  end
+
+  describe '#remove_user' do
+    it 'blocks the user' do
+      spam_log = build(:spam_log)
+
+      expect { spam_log.remove_user }.to change { spam_log.user.blocked? }.to(true)
+    end
+
+    it 'removes the user' do
+      spam_log = build(:spam_log)
+
+      expect { spam_log.remove_user }.to change { User.count }.by(-1)
+    end
+  end
+end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 0bef68e2885..cee051f5732 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -91,6 +91,7 @@ describe User, models: true do
     it { is_expected.to have_many(:assigned_merge_requests).dependent(:destroy) }
     it { is_expected.to have_many(:identities).dependent(:destroy) }
     it { is_expected.to have_one(:abuse_report) }
+    it { is_expected.to have_many(:spam_logs).dependent(:destroy) }
   end
 
   describe 'validations' do
diff --git a/spec/requests/api/issues_spec.rb b/spec/requests/api/issues_spec.rb
index 5e65ad18c0e..571ea2dae4c 100644
--- a/spec/requests/api/issues_spec.rb
+++ b/spec/requests/api/issues_spec.rb
@@ -46,10 +46,10 @@ describe API::API, api: true  do
         expect(json_response.first['title']).to eq(issue.title)
       end
 
-      it "should add pagination headers" do
-        get api("/issues?per_page=3", user)
+      it "should add pagination headers and keep query params" do
+        get api("/issues?state=closed&per_page=3", user)
         expect(response.headers['Link']).to eq(
-          '<http://www.example.com/api/v3/issues?page=1&per_page=3>; rel="first", <http://www.example.com/api/v3/issues?page=1&per_page=3>; rel="last"'
+          '<http://www.example.com/api/v3/issues?page=1&per_page=3&private_token=%s&state=closed>; rel="first", <http://www.example.com/api/v3/issues?page=1&per_page=3&private_token=%s&state=closed>; rel="last"' % [user.private_token, user.private_token]
         )
       end
 
@@ -241,6 +241,37 @@ describe API::API, api: true  do
     end
   end
 
+  describe 'POST /projects/:id/issues with spam filtering' do
+    before do
+      Grape::Endpoint.before_each do |endpoint|
+        allow(endpoint).to receive(:check_for_spam?).and_return(true)
+        allow(endpoint).to receive(:is_spam?).and_return(true)
+      end
+    end
+
+    let(:params) do
+      {
+        title: 'new issue',
+        description: 'content here',
+        labels: 'label, label2'
+      }
+    end
+
+    it "should not create a new project issue" do
+      expect { post api("/projects/#{project.id}/issues", user), params }.not_to change(Issue, :count)
+      expect(response.status).to eq(400)
+      expect(json_response['message']).to eq({ "error" => "Spam detected" })
+
+      spam_logs = SpamLog.all
+      expect(spam_logs.count).to eq(1)
+      expect(spam_logs[0].title).to eq('new issue')
+      expect(spam_logs[0].description).to eq('content here')
+      expect(spam_logs[0].user).to eq(user)
+      expect(spam_logs[0].noteable_type).to eq('Issue')
+      expect(spam_logs[0].project_id).to eq(project.id)
+    end
+  end
+
   describe "PUT /projects/:id/issues/:issue_id to update only title" do
     it "should update a project issue" do
       put api("/projects/#{project.id}/issues/#{issue.id}", user),
author	Kamil Trzcinski <ayufan@ayufan.eu>	2016-02-04 15:16:48 +0300
committer	Kamil Trzcinski <ayufan@ayufan.eu>	2016-02-04 15:16:48 +0300
commit	6fea7c386ff27e5081ff3532b06f71d29eee956b (patch)
tree	e1a1035725399135e86a6341c8349dfdab417107 /spec
parent	d231b6b9182ce9f68f267af0a073136c898f6892 (diff)
parent	e933a50b6b8e7feec76bcc71313c14736967cd7a (diff)