diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-12-05 00:07:31 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-12-05 00:07:31 +0300 |
commit | 71221554dd9ddf30f73035c89f78164e001aa96d (patch) | |
tree | c56e0b2fc3dd16602183b78cb3f68aed211c5e77 /spec | |
parent | b41cd8cb92d53454b2b160ba922d33801933a9cf (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec')
-rw-r--r-- | spec/helpers/emails_helper_spec.rb | 22 | ||||
-rw-r--r-- | spec/lib/gitlab/usage_data_spec.rb | 18 | ||||
-rw-r--r-- | spec/models/active_session_spec.rb | 29 | ||||
-rw-r--r-- | spec/models/clusters/cluster_spec.rb | 34 | ||||
-rw-r--r-- | spec/rubocop/cop/put_group_routes_under_scope_spec.rb | 48 | ||||
-rw-r--r-- | spec/services/clusters/applications/ingress_modsecurity_usage_service_spec.rb | 196 |
6 files changed, 347 insertions, 0 deletions
diff --git a/spec/helpers/emails_helper_spec.rb b/spec/helpers/emails_helper_spec.rb index 931b7008173..0ff9080ef94 100644 --- a/spec/helpers/emails_helper_spec.rb +++ b/spec/helpers/emails_helper_spec.rb @@ -74,6 +74,28 @@ describe EmailsHelper do end end + describe 'notification_reason_text' do + subject { helper.notification_reason_text(reason_code) } + + using RSpec::Parameterized::TableSyntax + + where(:reason_code, :reason_text) do + NotificationReason::OWN_ACTIVITY | ' of your activity ' + NotificationReason::ASSIGNED | ' you have been assigned an item ' + NotificationReason::MENTIONED | ' you have been mentioned ' + "" | ' of your account ' + nil | ' of your account ' + end + + with_them do + it { is_expected.to start_with "You're receiving this email because" } + + it { is_expected.to include reason_text } + + it { is_expected.to end_with "on #{Gitlab.config.gitlab.host}." } + end + end + describe 'sanitize_name' do context 'when name contains a valid URL string' do it 'returns name with `.` replaced with `_` to prevent mail clients from auto-linking URLs' do diff --git a/spec/lib/gitlab/usage_data_spec.rb b/spec/lib/gitlab/usage_data_spec.rb index 713ddca6c2b..7a5d6f5ad5a 100644 --- a/spec/lib/gitlab/usage_data_spec.rb +++ b/spec/lib/gitlab/usage_data_spec.rb @@ -297,6 +297,24 @@ describe Gitlab::UsageData do end end + describe '#ingress_modsecurity_usage' do + subject { described_class.ingress_modsecurity_usage } + + it 'gathers variable data' do + allow_any_instance_of( + ::Clusters::Applications::IngressModsecurityUsageService + ).to receive(:execute).and_return( + { + ingress_modsecurity_blocking: 1, + ingress_modsecurity_disabled: 2 + } + ) + + expect(subject[:ingress_modsecurity_blocking]).to eq(1) + expect(subject[:ingress_modsecurity_disabled]).to eq(2) + end + end + describe '#license_usage_data' do subject { described_class.license_usage_data } diff --git a/spec/models/active_session_spec.rb b/spec/models/active_session_spec.rb index c26675e75bf..072d0fa86e5 100644 --- a/spec/models/active_session_spec.rb +++ b/spec/models/active_session_spec.rb @@ -329,6 +329,35 @@ RSpec.describe ActiveSession, :clean_gitlab_redis_shared_state do ) end end + + context 'when the number of active sessions is lower than the limit' do + before do + Gitlab::Redis::SharedState.with do |redis| + ((max_number_of_sessions_plus_two - 4)..max_number_of_sessions_plus_two).each do |number| + redis.del("session:user:gitlab:#{user.id}:#{number}") + end + end + end + + it 'does not remove active session entries, but removes lookup entries' do + lookup_entries_before_cleanup = Gitlab::Redis::SharedState.with do |redis| + redis.smembers("session:lookup:user:gitlab:#{user.id}") + end + + sessions_before_cleanup = Gitlab::Redis::SharedState.with do |redis| + redis.scan_each(match: "session:user:gitlab:#{user.id}:*").to_a + end + + ActiveSession.cleanup(user) + + Gitlab::Redis::SharedState.with do |redis| + lookup_entries = redis.smembers("session:lookup:user:gitlab:#{user.id}") + sessions = redis.scan_each(match: "session:user:gitlab:#{user.id}:*").to_a + expect(sessions.count).to eq(sessions_before_cleanup.count) + expect(lookup_entries.count).to be < lookup_entries_before_cleanup.count + end + end + end end end end diff --git a/spec/models/clusters/cluster_spec.rb b/spec/models/clusters/cluster_spec.rb index 7c419a195cd..807214dcc14 100644 --- a/spec/models/clusters/cluster_spec.rb +++ b/spec/models/clusters/cluster_spec.rb @@ -976,4 +976,38 @@ describe Clusters::Cluster, :use_clean_rails_memory_store_caching do expect(cluster.kubernetes_namespaces).to be_empty end end + + describe '#clusterable' do + subject { cluster.clusterable } + + context 'project type' do + let(:cluster) { create(:cluster, :project) } + + it { is_expected.to eq(cluster.project) } + end + + context 'group type' do + let(:cluster) { create(:cluster, :group) } + + it { is_expected.to eq(cluster.group) } + end + + context 'instance type' do + let(:cluster) { create(:cluster, :instance) } + + it { is_expected.to be_a(Clusters::Instance) } + end + + context 'unknown type' do + let(:cluster) { create(:cluster, :project) } + + before do + allow(cluster).to receive(:cluster_type).and_return('unknown_type') + end + + it 'raises NotImplementedError' do + expect { subject }.to raise_error(NotImplementedError) + end + end + end end diff --git a/spec/rubocop/cop/put_group_routes_under_scope_spec.rb b/spec/rubocop/cop/put_group_routes_under_scope_spec.rb new file mode 100644 index 00000000000..fc4d0015dde --- /dev/null +++ b/spec/rubocop/cop/put_group_routes_under_scope_spec.rb @@ -0,0 +1,48 @@ +# frozen_string_literal: true + +require 'spec_helper' +require 'rubocop' +require_relative '../../../rubocop/cop/put_group_routes_under_scope' + +describe RuboCop::Cop::PutGroupRoutesUnderScope do + include CopHelper + + subject(:cop) { described_class.new } + + before do + allow(cop).to receive(:in_group_routes?).and_return(true) + end + + it 'registers an offense when route is outside scope' do + expect_offense(<<~PATTERN.strip_indent) + scope(path: 'groups/*group_id/-', module: :groups) do + resource :issues + end + + resource :notes + ^^^^^^^^^^^^^^^ Put new group routes under /-/ scope + PATTERN + end + + it 'does not register an offense when resource inside the scope' do + expect_no_offenses(<<~PATTERN.strip_indent) + scope(path: 'groups/*group_id/-', module: :groups) do + resource :issues + resource :notes + end + PATTERN + end + + it 'does not register an offense when resource is deep inside the scope' do + expect_no_offenses(<<~PATTERN.strip_indent) + scope(path: 'groups/*group_id/-', module: :groups) do + resource :issues + resource :projects do + resource :issues do + resource :notes + end + end + end + PATTERN + end +end diff --git a/spec/services/clusters/applications/ingress_modsecurity_usage_service_spec.rb b/spec/services/clusters/applications/ingress_modsecurity_usage_service_spec.rb new file mode 100644 index 00000000000..d456284f76a --- /dev/null +++ b/spec/services/clusters/applications/ingress_modsecurity_usage_service_spec.rb @@ -0,0 +1,196 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe Clusters::Applications::IngressModsecurityUsageService do + describe '#execute' do + ADO_MODSEC_KEY = Clusters::Applications::IngressModsecurityUsageService::ADO_MODSEC_KEY + + let(:project_with_ci_var) { create(:environment).project } + let(:project_with_pipeline_var) { create(:environment).project } + + subject { described_class.new.execute } + + context 'with multiple projects' do + let(:pipeline1) { create(:ci_pipeline, :with_job, project: project_with_pipeline_var) } + let(:pipeline2) { create(:ci_pipeline, :with_job, project: project_with_ci_var) } + + let!(:deployment_with_pipeline_var) do + create( + :deployment, + :success, + environment: project_with_pipeline_var.environments.first, + project: project_with_pipeline_var, + deployable: pipeline1.builds.last + ) + end + let!(:deployment_with_project_var) do + create( + :deployment, + :success, + environment: project_with_ci_var.environments.first, + project: project_with_ci_var, + deployable: pipeline2.builds.last + ) + end + + context 'mixed data' do + let!(:ci_variable) { create(:ci_variable, project: project_with_ci_var, key: ADO_MODSEC_KEY, value: "On") } + let!(:pipeline_variable) { create(:ci_pipeline_variable, pipeline: pipeline1, key: ADO_MODSEC_KEY, value: "Off") } + + it 'gathers variable data' do + expect(subject[:ingress_modsecurity_blocking]).to eq(1) + expect(subject[:ingress_modsecurity_disabled]).to eq(1) + end + end + + context 'blocking' do + let(:modsec_values) { { key: ADO_MODSEC_KEY, value: "On" } } + + let!(:ci_variable) { create(:ci_variable, project: project_with_ci_var, **modsec_values) } + let!(:pipeline_variable) { create(:ci_pipeline_variable, pipeline: pipeline1, **modsec_values) } + + it 'gathers variable data' do + expect(subject[:ingress_modsecurity_blocking]).to eq(2) + expect(subject[:ingress_modsecurity_disabled]).to eq(0) + end + end + + context 'disabled' do + let(:modsec_values) { { key: ADO_MODSEC_KEY, value: "Off" } } + + let!(:ci_variable) { create(:ci_variable, project: project_with_ci_var, **modsec_values) } + let!(:pipeline_variable) { create(:ci_pipeline_variable, pipeline: pipeline1, **modsec_values) } + + it 'gathers variable data' do + expect(subject[:ingress_modsecurity_blocking]).to eq(0) + expect(subject[:ingress_modsecurity_disabled]).to eq(2) + end + end + end + + context 'when set as both ci and pipeline variables' do + let(:modsec_values) { { key: ADO_MODSEC_KEY, value: "Off" } } + + let(:pipeline) { create(:ci_pipeline, :with_job, project: project_with_ci_var) } + let!(:deployment) do + create( + :deployment, + :success, + environment: project_with_ci_var.environments.first, + project: project_with_ci_var, + deployable: pipeline.builds.last + ) + end + + let!(:ci_variable) { create(:ci_variable, project: project_with_ci_var, **modsec_values) } + let!(:pipeline_variable) { create(:ci_pipeline_variable, pipeline: pipeline, **modsec_values) } + + it 'wont double-count projects' do + expect(subject[:ingress_modsecurity_blocking]).to eq(0) + expect(subject[:ingress_modsecurity_disabled]).to eq(1) + end + + it 'gives precedence to pipeline variable' do + pipeline_variable.update(value: "On") + + expect(subject[:ingress_modsecurity_blocking]).to eq(1) + expect(subject[:ingress_modsecurity_disabled]).to eq(0) + end + end + + context 'when a project has multiple environments' do + let(:modsec_values) { { key: ADO_MODSEC_KEY, value: "On" } } + + let!(:env1) { project_with_pipeline_var.environments.first } + let!(:env2) { create(:environment, project: project_with_pipeline_var) } + + let!(:pipeline_with_2_deployments) do + create(:ci_pipeline, :with_job, project: project_with_ci_var).tap do |pip| + pip.builds << build(:ci_build, pipeline: pip, project: project_with_pipeline_var) + end + end + + let!(:deployment1) do + create( + :deployment, + :success, + environment: env1, + project: project_with_pipeline_var, + deployable: pipeline_with_2_deployments.builds.last + ) + end + let!(:deployment2) do + create( + :deployment, + :success, + environment: env2, + project: project_with_pipeline_var, + deployable: pipeline_with_2_deployments.builds.last + ) + end + + context 'when set as ci variable' do + let!(:ci_variable) { create(:ci_variable, project: project_with_pipeline_var, **modsec_values) } + + it 'gathers variable data' do + expect(subject[:ingress_modsecurity_blocking]).to eq(2) + expect(subject[:ingress_modsecurity_disabled]).to eq(0) + end + end + + context 'when set as pipeline variable' do + let!(:pipeline_variable) { create(:ci_pipeline_variable, pipeline: pipeline_with_2_deployments, **modsec_values) } + + it 'gathers variable data' do + expect(subject[:ingress_modsecurity_blocking]).to eq(2) + expect(subject[:ingress_modsecurity_disabled]).to eq(0) + end + end + end + + context 'when an environment has multiple deployments' do + let!(:env) { project_with_pipeline_var.environments.first } + + let!(:pipeline_first) do + create(:ci_pipeline, :with_job, project: project_with_pipeline_var).tap do |pip| + pip.builds << build(:ci_build, pipeline: pip, project: project_with_pipeline_var) + end + end + let!(:pipeline_last) do + create(:ci_pipeline, :with_job, project: project_with_pipeline_var).tap do |pip| + pip.builds << build(:ci_build, pipeline: pip, project: project_with_pipeline_var) + end + end + + let!(:deployment_first) do + create( + :deployment, + :success, + environment: env, + project: project_with_pipeline_var, + deployable: pipeline_first.builds.last + ) + end + let!(:deployment_last) do + create( + :deployment, + :success, + environment: env, + project: project_with_pipeline_var, + deployable: pipeline_last.builds.last + ) + end + + context 'when set as pipeline variable' do + let!(:first_pipeline_variable) { create(:ci_pipeline_variable, pipeline: pipeline_first, key: ADO_MODSEC_KEY, value: "On") } + let!(:last_pipeline_variable) { create(:ci_pipeline_variable, pipeline: pipeline_last, key: ADO_MODSEC_KEY, value: "Off") } + + it 'gives precedence to latest deployment' do + expect(subject[:ingress_modsecurity_blocking]).to eq(0) + expect(subject[:ingress_modsecurity_disabled]).to eq(1) + end + end + end + end +end |