Add latest changes from gitlab-org/gitlab@master

8 files changed, 214 insertions, 26 deletions

diff --git a/spec/factories/users.rb b/spec/factories/users.rb
index 7ade859dcf2..6bad16f8176 100644
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@@ -23,6 +23,16 @@ FactoryBot.define do
       user.assign_personal_namespace if assign_ns
     end
 
+    trait :without_default_org do
+      after(:build) do
+        User.skip_callback(:commit, :after, :create_default_organization_user)
+      end
+
+      after(:create) do
+        User.set_callback(:commit, :after, :create_default_organization_user)
+      end
+    end
+
     trait :with_namespace do
       namespace { assign_personal_namespace }
     end
diff --git a/spec/lib/gitlab/blob_helper_spec.rb b/spec/lib/gitlab/blob_helper_spec.rb
index e18277ba8d2..6d1e6ea59a3 100644
--- a/spec/lib/gitlab/blob_helper_spec.rb
+++ b/spec/lib/gitlab/blob_helper_spec.rb
@@ -7,6 +7,7 @@ RSpec.describe Gitlab::BlobHelper do
 
   let(:project) { create(:project) }
   let(:blob) { fake_blob(path: 'file.txt') }
+  let(:bmp_blob) { fake_blob(path: 'file.bmp') }
   let(:webp_blob) { fake_blob(path: 'file.webp') }
   let(:large_blob) { fake_blob(path: 'test.pdf', size: 2.megabytes, binary: true) }
 
@@ -69,6 +70,12 @@ RSpec.describe Gitlab::BlobHelper do
       end
     end
 
+    context 'with a .bmp file' do
+      it 'returns true' do
+        expect(bmp_blob.image?).to be_truthy
+      end
+    end
+
     context 'with a .webp file' do
       it 'returns true' do
         expect(webp_blob.image?).to be_truthy
diff --git a/spec/migrations/fix_broken_user_achievements_awarded_spec.rb b/spec/migrations/fix_broken_user_achievements_awarded_spec.rb
index cb31ca44a9f..8f9d2d30c48 100644
--- a/spec/migrations/fix_broken_user_achievements_awarded_spec.rb
+++ b/spec/migrations/fix_broken_user_achievements_awarded_spec.rb
@@ -32,15 +32,27 @@ RSpec.describe FixBrokenUserAchievementsAwarded, migration: :gitlab_main, featur
       awarding_user.delete
     end
 
-    it 'migrates the invalid user achievement' do
-      expect { migrate! }
-        .to change { user_achievement_invalid.reload.awarded_by_user_id }
-        .from(nil).to(Users::Internal.ghost.id)
+    context 'when ghost user exists' do
+      let!(:ghost_user) do
+        users_table.create!(username: generate(:username), email: 'ghost@example.com', projects_limit: 0, user_type: 5)
+      end
+
+      it 'migrates the invalid user achievement' do
+        expect { migrate! }
+          .to change { user_achievement_invalid.reload.awarded_by_user_id }
+          .from(nil).to(ghost_user.id)
+      end
+
+      it 'does not migrate the valid user achievement' do
+        expect { migrate! }
+          .not_to change { user_achievement_valid.reload.awarded_by_user_id }
+      end
     end
 
-    it 'does not migrate the valid user achievement' do
-      expect { migrate! }
-        .not_to change { user_achievement_valid.reload.awarded_by_user_id }
+    context 'when ghost user does not exist' do
+      it 'does not migrate the invalid user achievement' do
+        expect { migrate! }.not_to change { user_achievement_invalid.reload.awarded_by_user_id }
+      end
     end
   end
 end
diff --git a/spec/migrations/fix_broken_user_achievements_revoked_spec.rb b/spec/migrations/fix_broken_user_achievements_revoked_spec.rb
index 34517ae67b4..dd8c4b75c7a 100644
--- a/spec/migrations/fix_broken_user_achievements_revoked_spec.rb
+++ b/spec/migrations/fix_broken_user_achievements_revoked_spec.rb
@@ -25,20 +25,32 @@ RSpec.describe FixBrokenUserAchievementsRevoked, migration: :gitlab_main, featur
   let(:not_revoked) { user_achievements_table.create!(user_id: user.id, achievement_id: achievement.id) }
 
   describe '#up' do
-    it 'migrates the invalid user achievement' do
-      expect { migrate! }
-        .to change { revoked_invalid.reload.revoked_by_user_id }
-        .from(nil).to(Users::Internal.ghost.id)
+    context 'when ghost user exists' do
+      let!(:ghost_user) do
+        users_table.create!(username: generate(:username), email: 'ghost@example.com', projects_limit: 0, user_type: 5)
+      end
+
+      it 'migrates the invalid user achievement' do
+        expect { migrate! }
+          .to change { revoked_invalid.reload.revoked_by_user_id }
+          .from(nil).to(ghost_user.id)
+      end
+
+      it 'does not migrate valid revoked user achievement' do
+        expect { migrate! }
+          .not_to change { revoked_valid.reload.revoked_by_user_id }
+      end
+
+      it 'does not migrate the not revoked user achievement' do
+        expect { migrate! }
+          .not_to change { not_revoked.reload.revoked_by_user_id }
+      end
     end
 
-    it 'does not migrate valid revoked user achievement' do
-      expect { migrate! }
-        .not_to change { revoked_valid.reload.revoked_by_user_id }
-    end
-
-    it 'does not migrate the not revoked user achievement' do
-      expect { migrate! }
-        .not_to change { not_revoked.reload.revoked_by_user_id }
+    context 'when ghost user does not exist' do
+      it 'does not migrate the invalid user achievement' do
+        expect { migrate! }.not_to change { revoked_invalid.reload.revoked_by_user_id }
+      end
     end
   end
 end
diff --git a/spec/models/member_spec.rb b/spec/models/member_spec.rb
index 3c15992bab2..eb227f22b8a 100644
--- a/spec/models/member_spec.rb
+++ b/spec/models/member_spec.rb
@@ -1086,6 +1086,8 @@ RSpec.describe Member, feature_category: :groups_and_projects do
 
   context 'for updating organization_users' do
     let_it_be(:group) { create(:group, :with_organization) }
+    let_it_be(:user) { create(:user) }
+    let(:member) { create(:group_member, source: group, user: user) }
     let(:update_organization_users_enabled) { true }
 
     subject(:commit_member) { member }
@@ -1102,8 +1104,6 @@ RSpec.describe Member, feature_category: :groups_and_projects do
     end
 
     context 'when creating' do
-      let(:member) { create(:group_member, source: group) }
-
       context 'when update_organization_users is enabled' do
         it 'inserts new record on member creation' do
           expect { member }.to change { Organizations::OrganizationUser.count }.by(1)
@@ -1175,13 +1175,13 @@ RSpec.describe Member, feature_category: :groups_and_projects do
       end
 
       context 'when member is an invite' do
-        let(:member) { create(:group_member, :invited, source: group) }
+        let(:member) { create(:group_member, :invited, source: group, user: nil) }
 
         it_behaves_like 'does not create an organization_user entry'
       end
 
       context 'when organization does not exist' do
-        let(:member) { create(:group_member) }
+        let(:member) { create(:group_member, user: user) }
 
         it_behaves_like 'does not create an organization_user entry'
       end
diff --git a/spec/models/organizations/organization_user_spec.rb b/spec/models/organizations/organization_user_spec.rb
index c3416c93ec9..da337c04bc5 100644
--- a/spec/models/organizations/organization_user_spec.rb
+++ b/spec/models/organizations/organization_user_spec.rb
@@ -44,4 +44,65 @@ RSpec.describe Organizations::OrganizationUser, type: :model, feature_category:
   end
 
   it_behaves_like 'having unique enum values'
+
+  describe '.create_default_organization_record_for' do
+    let_it_be(:default_organization) { create(:organization, :default) }
+    let_it_be(:user) { create(:user, :without_default_org) }
+    let(:access_level) { :default }
+    let(:user_id) { user.id }
+
+    subject(:create_entry) { described_class.create_default_organization_record_for(user_id, access_level) }
+
+    context 'when creating as as default user' do
+      it 'creates record with correct attributes' do
+        expect { create_entry }.to change { described_class.count }.by(1)
+        expect(default_organization.user?(user)).to be(true)
+      end
+    end
+
+    context 'when creating as an owner' do
+      let(:access_level) { :owner }
+
+      it 'creates record with correct attributes' do
+        expect { create_entry }.to change { described_class.count }.by(1)
+        expect(default_organization.owner?(user)).to be(true)
+      end
+    end
+
+    context 'when entry already exists' do
+      let_it_be(:organization_user) { create(:organization_user, user: user, organization: default_organization) }
+
+      it 'does not create or update existing record' do
+        expect { create_entry }.not_to change { described_class.count }
+      end
+
+      context 'when access_level changes' do
+        let(:access_level) { :owner }
+
+        it 'changes access_level on the existing record' do
+          expect(default_organization.owner?(user)).to be(false)
+
+          expect { create_entry }.not_to change { described_class.count }
+
+          expect(default_organization.owner?(user)).to be(true)
+        end
+      end
+    end
+
+    context 'when creating with invalid access_level' do
+      let(:access_level) { :foo }
+
+      it 'raises and error' do
+        expect { create_entry }.to raise_error(ActiveRecord::NotNullViolation)
+      end
+    end
+
+    context 'when creating with invalid user_id' do
+      let(:user_id) { nil }
+
+      it 'raises and error' do
+        expect { create_entry }.to raise_error(ActiveRecord::NotNullViolation)
+      end
+    end
+  end
 end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 670256c7e65..a17245495d6 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -1755,6 +1755,41 @@ RSpec.describe User, feature_category: :user_profile do
     end
   end
 
+  context 'when after_create_commit :create_default_organization_user on default organization' do
+    let_it_be(:default_organization) { create(:organization, :default) }
+    let(:user) { create(:user) }
+
+    subject(:create_user) { user }
+
+    context 'when user is created as an instance admin' do
+      let(:user) { create(:admin) }
+
+      it 'adds user to organization_users as an owner of default organization' do
+        expect { create_user }.to change { Organizations::OrganizationUser.count }.by(1)
+        expect(default_organization.owner?(user)).to be(true)
+      end
+    end
+
+    context 'when user is created as a regular user' do
+      it 'adds user to organization_users as a regular user of default organization' do
+        expect { create_user }.to change { Organizations::OrganizationUser.count }.by(1)
+        expect(default_organization.owner?(user)).to be(false)
+        expect(default_organization.user?(user)).to be(true)
+      end
+    end
+
+    context 'when feature flag update_default_organization_users is disabled' do
+      before do
+        stub_feature_flags(update_default_organization_users: false)
+      end
+
+      it 'adds user to organization_users as a regular user of default organization' do
+        expect { create_user }.not_to change { Organizations::OrganizationUser.count }
+        expect(default_organization.user?(user)).to be(false)
+      end
+    end
+  end
+
   describe 'name getters' do
     let(:user) { create(:user, name: 'Kane Martin William') }
 
diff --git a/spec/requests/api/integrations_spec.rb b/spec/requests/api/integrations_spec.rb
index 36667022fc5..3ae9e6b5229 100644
--- a/spec/requests/api/integrations_spec.rb
+++ b/spec/requests/api/integrations_spec.rb
@@ -44,9 +44,8 @@ RSpec.describe API::Integrations, feature_category: :integrations do
     end
 
     where(:integration) do
-      # The Project Integrations API supports all integrations except:
-      # - The GitLab Slack Application integration, as it must be installed via the UI.
-      # - ZenTao integration, as new integration is blocked from being created.
+      # The integrations API supports all project integrations.
+      # You cannot create a GitLab for Slack app. You must install the app from the GitLab UI.
       unavailable_integration_names = [
         Integrations::GitlabSlackApplication.to_param,
         Integrations::Zentao.to_param
@@ -402,6 +401,58 @@ RSpec.describe API::Integrations, feature_category: :integrations do
       end
     end
 
+    describe 'GitLab for Slack app integration' do
+      before do
+        stub_application_setting(slack_app_enabled: true)
+        create(:gitlab_slack_application_integration, project: project)
+      end
+
+      describe "PUT /projects/:id/#{endpoint}/gitlab-slack-application" do
+        context 'for integration creation' do
+          before do
+            project.gitlab_slack_application_integration.destroy!
+          end
+
+          it 'returns 422' do
+            put api("/projects/#{project.id}/#{endpoint}/gitlab-slack-application", user)
+
+            expect(response).to have_gitlab_http_status(:unprocessable_entity)
+          end
+        end
+
+        context 'for integration update' do
+          before do
+            project.gitlab_slack_application_integration.update!(active: false)
+          end
+
+          it "does not enable the integration" do
+            put api("/projects/#{project.id}/#{endpoint}/gitlab-slack-application", user)
+
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(project.gitlab_slack_application_integration.reload).to have_attributes(active: false)
+          end
+        end
+      end
+
+      describe "GET /projects/:id/#{endpoint}/gitlab-slack-application" do
+        it "fetches the integration and returns the correct fields" do
+          get api("/projects/#{project.id}/#{endpoint}/gitlab-slack-application", user)
+
+          expect(response).to have_gitlab_http_status(:ok)
+          assert_correct_response_fields(json_response['properties'].keys, project.gitlab_slack_application_integration)
+        end
+      end
+
+      describe "DELETE /projects/:id/#{endpoint}/gitlab-slack-application" do
+        it "disables the integration" do
+          expect { delete api("/projects/#{project.id}/#{endpoint}/gitlab-slack-application", user) }
+            .to change { project.gitlab_slack_application_integration.reload.activated? }.from(true).to(false)
+
+          expect(response).to have_gitlab_http_status(:no_content)
+        end
+      end
+    end
+
     private
 
     def assert_correct_response_fields(response_keys, integration)