diff options
Diffstat (limited to 'spec/controllers/admin')
| -rw-r--r-- | spec/controllers/admin/groups_controller_spec.rb | 8 | ||||
| -rw-r--r-- | spec/controllers/admin/hooks_controller_spec.rb | 24 | ||||
| -rw-r--r-- | spec/controllers/admin/integrations_controller_spec.rb | 2 | ||||
| -rw-r--r-- | spec/controllers/admin/spam_logs_controller_spec.rb | 35 | ||||
| -rw-r--r-- | spec/controllers/admin/topics_controller_spec.rb | 2 | ||||
| -rw-r--r-- | spec/controllers/admin/users_controller_spec.rb | 313 |
6 files changed, 240 insertions, 144 deletions
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb index 37cb0a1f289..6085f0e1239 100644 --- a/spec/controllers/admin/groups_controller_spec.rb +++ b/spec/controllers/admin/groups_controller_spec.rb @@ -43,5 +43,13 @@ RSpec.describe Admin::GroupsController do post :create, params: { group: { path: 'test', name: 'test', admin_note_attributes: { note: 'test' } } } end.to change { Namespace::AdminNote.count }.by(1) end + + it 'delegates to Groups::CreateService service instance' do + expect_next_instance_of(::Groups::CreateService) do |service| + expect(service).to receive(:execute).once.and_call_original + end + + post :create, params: { group: { path: 'test', name: 'test' } } + end end end diff --git a/spec/controllers/admin/hooks_controller_spec.rb b/spec/controllers/admin/hooks_controller_spec.rb index 14f4a2f40e7..82e4b873bf6 100644 --- a/spec/controllers/admin/hooks_controller_spec.rb +++ b/spec/controllers/admin/hooks_controller_spec.rb @@ -3,7 +3,7 @@ require 'spec_helper' RSpec.describe Admin::HooksController do - let(:admin) { create(:admin) } + let_it_be(:admin) { create(:admin) } before do sign_in(admin) @@ -33,7 +33,23 @@ RSpec.describe Admin::HooksController do end describe 'POST #update' do - let!(:hook) { create(:system_hook) } + let_it_be_with_reload(:hook) { create(:system_hook) } + + context 'with an existing token' do + hook_params = { + token: WebHook::SECRET_MASK, + url: "http://example.com" + } + + it 'does not change a token' do + expect do + post :update, params: { id: hook.id, hook: hook_params } + end.not_to change { hook.reload.token } + + expect(response).to have_gitlab_http_status(:found) + expect(flash[:alert]).to be_blank + end + end it 'sets all parameters' do hook.update!(url_variables: { 'foo' => 'bar', 'baz' => 'woo' }) @@ -61,8 +77,8 @@ RSpec.describe Admin::HooksController do end describe 'DELETE #destroy' do - let!(:hook) { create(:system_hook) } - let!(:log) { create(:web_hook_log, web_hook: hook) } + let_it_be(:hook) { create(:system_hook) } + let_it_be(:log) { create(:web_hook_log, web_hook: hook) } let(:params) { { id: hook } } it_behaves_like 'Web hook destroyer' diff --git a/spec/controllers/admin/integrations_controller_spec.rb b/spec/controllers/admin/integrations_controller_spec.rb index 0e456858b49..e75f27589d7 100644 --- a/spec/controllers/admin/integrations_controller_spec.rb +++ b/spec/controllers/admin/integrations_controller_spec.rb @@ -19,7 +19,7 @@ RSpec.describe Admin::IntegrationsController do describe '#edit' do Integration.available_integration_names.each do |integration_name| - context "#{integration_name}" do + context integration_name.to_s do it 'successfully displays the template' do get :edit, params: { id: integration_name } diff --git a/spec/controllers/admin/spam_logs_controller_spec.rb b/spec/controllers/admin/spam_logs_controller_spec.rb index 48221f496fb..51f7ecdece6 100644 --- a/spec/controllers/admin/spam_logs_controller_spec.rb +++ b/spec/controllers/admin/spam_logs_controller_spec.rb @@ -27,34 +27,17 @@ RSpec.describe Admin::SpamLogsController do expect(response).to have_gitlab_http_status(:ok) end - context 'when user_destroy_with_limited_execution_time_worker is enabled' do - it 'initiates user removal', :sidekiq_inline do - expect do - delete :destroy, params: { id: first_spam.id, remove_user: true } - end.not_to change { SpamLog.count } - - expect(response).to have_gitlab_http_status(:found) - expect( - Users::GhostUserMigration.where(user: user, - initiator_user: admin) - ).to be_exists - expect(flash[:notice]).to eq("User #{user.username} was successfully removed.") - end - end - - context 'when user_destroy_with_limited_execution_time_worker is disabled' do - before do - stub_feature_flags(user_destroy_with_limited_execution_time_worker: false) - end - - it 'removes user and their spam logs when removing the user', :sidekiq_inline do + it 'initiates user removal', :sidekiq_inline do + expect do delete :destroy, params: { id: first_spam.id, remove_user: true } + end.not_to change { SpamLog.count } - expect(flash[:notice]).to eq "User #{user.username} was successfully removed." - expect(response).to have_gitlab_http_status(:found) - expect(SpamLog.count).to eq(0) - expect { User.find(user.id) }.to raise_error(ActiveRecord::RecordNotFound) - end + expect(response).to have_gitlab_http_status(:found) + expect( + Users::GhostUserMigration.where(user: user, + initiator_user: admin) + ).to be_exists + expect(flash[:notice]).to eq("User #{user.username} was successfully removed.") end end diff --git a/spec/controllers/admin/topics_controller_spec.rb b/spec/controllers/admin/topics_controller_spec.rb index 111fdcc3be6..e640f8bb7ec 100644 --- a/spec/controllers/admin/topics_controller_spec.rb +++ b/spec/controllers/admin/topics_controller_spec.rb @@ -176,7 +176,7 @@ RSpec.describe Admin::TopicsController do describe 'POST #merge' do let_it_be(:source_topic) { create(:topic, name: 'source_topic') } - let_it_be(:project) { create(:project, topic_list: source_topic.name ) } + let_it_be(:project) { create(:project, topic_list: source_topic.name) } it 'merges source topic into target topic' do post :merge, params: { source_topic_id: source_topic.id, target_topic_id: topic.id } diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb index 682399f4dd9..eecb803fb1a 100644 --- a/spec/controllers/admin/users_controller_spec.rb +++ b/spec/controllers/admin/users_controller_spec.rb @@ -63,130 +63,179 @@ RSpec.describe Admin::UsersController do expect(response).to be_redirect expect(response.location).to end_with(user.username) end - end - describe 'DELETE #destroy', :sidekiq_might_not_need_inline do - let(:project) { create(:project, namespace: user.namespace) } - let!(:issue) { create(:issue, author: user) } + describe 'impersonation_error_text' do + context 'when user can be impersonated' do + it 'sets impersonation_error_text to nil' do + get :show, params: { id: user.username.downcase } - before do - project.add_developer(user) - end + expect(assigns(:impersonation_error_text)).to eq(nil) + end + end - context 'when user_destroy_with_limited_execution_time_worker is enabled' do - it 'initiates user removal' do - delete :destroy, params: { id: user.username }, format: :json + context 'when impersonation is already in progress' do + let(:admin2) { create(:admin) } - expect(response).to have_gitlab_http_status(:ok) - expect( - Users::GhostUserMigration.where(user: user, - initiator_user: admin, - hard_delete: false) - ).to be_exists + before do + post :impersonate, params: { id: admin2.username } + end + + it 'sets impersonation_error_text' do + get :show, params: { id: user.username.downcase } + + expect(assigns(:impersonation_error_text)).to eq(_("You are already impersonating another user")) + end end - it 'initiates user removal and passes hard delete option' do - delete :destroy, params: { id: user.username, hard_delete: true }, format: :json + context 'when user is blocked' do + before do + user.block + end - expect(response).to have_gitlab_http_status(:ok) - expect( - Users::GhostUserMigration.where(user: user, - initiator_user: admin, - hard_delete: true) - ).to be_exists + it 'sets impersonation_error_text' do + get :show, params: { id: user.username.downcase } + + expect(assigns(:impersonation_error_text)).to eq(_("You cannot impersonate a blocked user")) + end end - context 'prerequisites for account deletion' do - context 'solo-owned groups' do - let(:group) { create(:group) } + context "when the user's password is expired" do + before do + user.update!(password_expires_at: 1.day.ago) + end - context 'if the user is the sole owner of at least one group' do - before do - create(:group_member, :owner, group: group, user: user) - end + it 'sets impersonation_error_text' do + get :show, params: { id: user.username.downcase } + + expect(assigns(:impersonation_error_text)).to eq(_("You cannot impersonate a user with an expired password")) + end + end - context 'soft-delete' do - it 'fails' do - delete :destroy, params: { id: user.username } + context "when the user is internal" do + before do + user.update!(user_type: :migration_bot) + end - message = s_('AdminUsers|You must transfer ownership or delete the groups owned by this user before you can delete their account') + it 'sets impersonation_error_text' do + get :show, params: { id: user.username.downcase } - expect(flash[:alert]).to eq(message) - expect(response).to have_gitlab_http_status(:see_other) - expect(response).to redirect_to admin_user_path(user) - expect(Users::GhostUserMigration).not_to exist - end - end + expect(assigns(:impersonation_error_text)).to eq(_("You cannot impersonate an internal user")) + end + end - context 'hard-delete' do - it 'succeeds' do - delete :destroy, params: { id: user.username, hard_delete: true } - - expect(response).to redirect_to(admin_users_path) - expect(flash[:notice]).to eq(_('The user is being deleted.')) - expect( - Users::GhostUserMigration.where(user: user, - initiator_user: admin, - hard_delete: true) - ).to be_exists - end - end - end + context "when the user is a project bot" do + before do + user.update!(user_type: :project_bot) + end + + it 'sets impersonation_error_text' do + get :show, params: { id: user.username.downcase } + + expect(assigns(:impersonation_error_text)).to eq(_("You cannot impersonate a user who cannot log in")) end end end - context 'when user_destroy_with_limited_execution_time_worker is disabled' do - before do - stub_feature_flags(user_destroy_with_limited_execution_time_worker: false) + describe 'can_impersonate' do + context 'when user can be impersonated' do + it 'sets can_impersonate to true' do + get :show, params: { id: user.username.downcase } + + expect(assigns(:can_impersonate)).to eq(true) + end end - it 'deletes user and ghosts their contributions' do - delete :destroy, params: { id: user.username }, format: :json + context 'when impersonation is already in progress' do + let(:admin2) { create(:admin) } - expect(response).to have_gitlab_http_status(:ok) - expect(User.exists?(user.id)).to be_falsy - expect(issue.reload.author).to be_ghost + before do + post :impersonate, params: { id: admin2.username } + end + + it 'sets can_impersonate to false' do + get :show, params: { id: user.username.downcase } + + expect(assigns(:can_impersonate)).to eq(false) + end end - it 'deletes the user and their contributions when hard delete is specified' do - delete :destroy, params: { id: user.username, hard_delete: true }, format: :json + context 'when user cannot log in' do + before do + user.update!(user_type: :project_bot) + end + + it 'sets can_impersonate to false' do + get :show, params: { id: user.username.downcase } - expect(response).to have_gitlab_http_status(:ok) - expect(User.exists?(user.id)).to be_falsy - expect(Issue.exists?(issue.id)).to be_falsy + expect(assigns(:can_impersonate)).to eq(false) + end end + end + end - context 'prerequisites for account deletion' do - context 'solo-owned groups' do - let(:group) { create(:group) } + describe 'DELETE #destroy', :sidekiq_might_not_need_inline do + let(:project) { create(:project, namespace: user.namespace) } + let!(:issue) { create(:issue, author: user) } - context 'if the user is the sole owner of at least one group' do - before do - create(:group_member, :owner, group: group, user: user) - end + before do + project.add_developer(user) + end - context 'soft-delete' do - it 'fails' do - delete :destroy, params: { id: user.username } + it 'initiates user removal' do + delete :destroy, params: { id: user.username }, format: :json - message = s_('AdminUsers|You must transfer ownership or delete the groups owned by this user before you can delete their account') + expect(response).to have_gitlab_http_status(:ok) + expect( + Users::GhostUserMigration.where(user: user, + initiator_user: admin, + hard_delete: false) + ).to be_exists + end - expect(flash[:alert]).to eq(message) - expect(response).to have_gitlab_http_status(:see_other) - expect(response).to redirect_to admin_user_path(user) - expect(User.exists?(user.id)).to be_truthy - end - end + it 'initiates user removal and passes hard delete option' do + delete :destroy, params: { id: user.username, hard_delete: true }, format: :json + + expect(response).to have_gitlab_http_status(:ok) + expect( + Users::GhostUserMigration.where(user: user, + initiator_user: admin, + hard_delete: true) + ).to be_exists + end - context 'hard-delete' do - it 'succeeds' do - delete :destroy, params: { id: user.username, hard_delete: true } + context 'prerequisites for account deletion' do + context 'solo-owned groups' do + let(:group) { create(:group) } + + context 'if the user is the sole owner of at least one group' do + before do + create(:group_member, :owner, group: group, user: user) + end + + context 'soft-delete' do + it 'fails' do + delete :destroy, params: { id: user.username } + + message = s_('AdminUsers|You must transfer ownership or delete the groups owned by this user before you can delete their account') + + expect(flash[:alert]).to eq(message) + expect(response).to have_gitlab_http_status(:see_other) + expect(response).to redirect_to admin_user_path(user) + expect(Users::GhostUserMigration).not_to exist + end + end - expect(response).to redirect_to(admin_users_path) - expect(flash[:notice]).to eq(_('The user is being deleted.')) - expect(User.exists?(user.id)).to be_falsy - end + context 'hard-delete' do + it 'succeeds' do + delete :destroy, params: { id: user.username, hard_delete: true } + + expect(response).to redirect_to(admin_users_path) + expect(flash[:notice]).to eq(_('The user is being deleted.')) + expect( + Users::GhostUserMigration.where(user: user, + initiator_user: admin, + hard_delete: true) + ).to be_exists end end end @@ -200,27 +249,13 @@ RSpec.describe Admin::UsersController do context 'when rejecting a pending user' do let(:user) { create(:user, :blocked_pending_approval) } - context 'when user_destroy_with_limited_execution_time_worker is enabled' do - it 'initiates user removal', :sidekiq_inline do - subject - - expect( - Users::GhostUserMigration.where(user: user, - initiator_user: admin) - ).to be_exists - end - end - - context 'when user_destroy_with_limited_execution_time_worker is disabled' do - before do - stub_feature_flags(user_destroy_with_limited_execution_time_worker: false) - end - - it 'hard deletes the user', :sidekiq_inline do - subject + it 'initiates user removal', :sidekiq_inline do + subject - expect(User.exists?(user.id)).to be_falsy - end + expect( + Users::GhostUserMigration.where(user: user, + initiator_user: admin) + ).to be_exists end it 'displays the rejection message' do @@ -909,6 +944,60 @@ RSpec.describe Admin::UsersController do expect(session[:github_access_token]).to be_nil end + + context "when the user's password is expired" do + before do + user.update!(password_expires_at: 1.day.ago) + end + + it "shows a notice" do + post :impersonate, params: { id: user.username } + + expect(flash[:alert]).to eq(_('You cannot impersonate a user with an expired password')) + end + + it "doesn't sign us in as the user" do + post :impersonate, params: { id: user.username } + + expect(warden.user).to eq(admin) + end + end + + context "when the user is internal" do + before do + user.update!(user_type: :migration_bot) + end + + it "shows a notice" do + post :impersonate, params: { id: user.username } + + expect(flash[:alert]).to eq(_("You cannot impersonate an internal user")) + end + + it "doesn't sign us in as the user" do + post :impersonate, params: { id: user.username } + + expect(warden.user).to eq(admin) + end + end + + context "when the user is a project bot" do + before do + user.update!(user_type: :project_bot) + end + + it "shows a notice" do + post :impersonate, params: { id: user.username } + + expect(flash[:alert]).to eq(_("You cannot impersonate a user who cannot log in")) + end + + it "doesn't sign us in as the user" do + post :impersonate, params: { id: user.username } + + expect(warden.user).to eq(admin) + end + end end context "when impersonation is disabled" do |