diff options
Diffstat (limited to 'spec/controllers/concerns')
5 files changed, 209 insertions, 114 deletions
diff --git a/spec/controllers/concerns/redis_tracking_spec.rb b/spec/controllers/concerns/redis_tracking_spec.rb index 4077f4f5cce..178684ae2d0 100644 --- a/spec/controllers/concerns/redis_tracking_spec.rb +++ b/spec/controllers/concerns/redis_tracking_spec.rb @@ -3,6 +3,8 @@ require "spec_helper" RSpec.describe RedisTracking do + include TrackingHelpers + let(:user) { create(:user) } controller(ApplicationController) do @@ -60,7 +62,7 @@ RSpec.describe RedisTracking do end it 'tracks the event if DNT is not enabled' do - request.headers['DNT'] = '0' + stub_do_not_track('0') expect_tracking @@ -68,7 +70,7 @@ RSpec.describe RedisTracking do end it 'does not track the event if DNT is enabled' do - request.headers['DNT'] = '1' + stub_do_not_track('1') expect_no_tracking diff --git a/spec/controllers/concerns/spammable_actions/akismet_mark_as_spam_action_spec.rb b/spec/controllers/concerns/spammable_actions/akismet_mark_as_spam_action_spec.rb new file mode 100644 index 00000000000..7c10dccdcb9 --- /dev/null +++ b/spec/controllers/concerns/spammable_actions/akismet_mark_as_spam_action_spec.rb @@ -0,0 +1,71 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe SpammableActions::AkismetMarkAsSpamAction do + include AfterNextHelpers + + controller(ActionController::Base) do + include SpammableActions::AkismetMarkAsSpamAction + + private + + def spammable_path + '/fake_spammable_path' + end + end + + let(:spammable_type) { 'SpammableType' } + let(:spammable) { double(:spammable, spammable_entity_type: double(:spammable_entity_type, titlecase: spammable_type)) } + let(:current_user) { create(:admin) } + + before do + allow(Gitlab::Recaptcha).to receive(:load_configurations!) { true } + routes.draw { get 'mark_as_spam' => 'anonymous#mark_as_spam' } + allow(controller).to receive(:spammable) { spammable } + allow(controller).to receive(:current_user) { double(:current_user, admin?: admin) } + allow(controller).to receive(:current_user).and_return(current_user) + end + + describe '#mark_as_spam' do + subject { post :mark_as_spam } + + before do + expect_next(Spam::AkismetMarkAsSpamService, target: spammable) + .to receive(:execute).and_return(execute_result) + end + + context 'when user is admin', :enable_admin_mode do + let(:admin) { true } + + context 'when service returns truthy' do + let(:execute_result) { true } + + it 'redirects with notice' do + expect(subject).to redirect_to('/fake_spammable_path') + expect(subject.request.flash[:notice]).to match(/#{spammable_type}.*submitted.*successfully/) + end + end + + context 'when service returns falsey' do + let(:execute_result) { false } + + it 'redirects with notice' do + expect(subject).to redirect_to('/fake_spammable_path') + expect(subject.request.flash[:alert]).to match(/Error/) + end + end + end + + context 'when user is not admin' do + let(:admin) { false } + let(:execute_result) { true } + + it 'calls #access_denied!' do + expect(controller).to receive(:access_denied!) { false } + + subject + end + end + end +end diff --git a/spec/controllers/concerns/spammable_actions/captcha_check/html_format_actions_support_spec.rb b/spec/controllers/concerns/spammable_actions/captcha_check/html_format_actions_support_spec.rb new file mode 100644 index 00000000000..53a78326397 --- /dev/null +++ b/spec/controllers/concerns/spammable_actions/captcha_check/html_format_actions_support_spec.rb @@ -0,0 +1,74 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe SpammableActions::CaptchaCheck::HtmlFormatActionsSupport do + controller(ActionController::Base) do + include SpammableActions::CaptchaCheck::HtmlFormatActionsSupport + + def create + with_captcha_check_html_format { render :some_rendered_view } + end + end + + let(:spammable) { double(:spammable) } + + before do + allow(Gitlab::Recaptcha).to receive(:load_configurations!) { true } + routes.draw { get 'create' => 'anonymous#create' } + allow(controller).to receive(:spammable) { spammable } + expect(spammable).to receive(:render_recaptcha?).at_least(:once) { render_recaptcha } + end + + describe '#convert_html_spam_params_to_headers' do + let(:render_recaptcha) { false } + let(:g_recaptcha_response) { 'abc123' } + let(:spam_log_id) { 42 } + + let(:params) do + { + 'g-recaptcha-response' => g_recaptcha_response, + spam_log_id: spam_log_id + } + end + + # NOTE: `:update` has an identical `before_action` behavior to ``:create``, but `before_action` is + # declarative via the ``:only`` attribute, so there's little value in re-testing the behavior. + subject { post :create, params: params } + + before do + allow(controller).to receive(:render).with(:some_rendered_view) + end + + it 'converts params to headers' do + subject + + expect(controller.request.headers['X-GitLab-Captcha-Response']).to eq(g_recaptcha_response) + expect(controller.request.headers['X-GitLab-Spam-Log-Id']).to eq(spam_log_id.to_s) + end + end + + describe '#with_captcha_check_html_format' do + subject { post :create } + + context 'when spammable.render_recaptcha? is true' do + let(:render_recaptcha) { true } + + it 'renders :captcha_check' do + expect(controller).to receive(:render).with(:captcha_check) + + subject + end + end + + context 'when spammable.render_recaptcha? is false' do + let(:render_recaptcha) { false } + + it 'yields to block' do + expect(controller).to receive(:render).with(:some_rendered_view) + + subject + end + end + end +end diff --git a/spec/controllers/concerns/spammable_actions/captcha_check/json_format_actions_support_spec.rb b/spec/controllers/concerns/spammable_actions/captcha_check/json_format_actions_support_spec.rb new file mode 100644 index 00000000000..d7a44351ad8 --- /dev/null +++ b/spec/controllers/concerns/spammable_actions/captcha_check/json_format_actions_support_spec.rb @@ -0,0 +1,60 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe SpammableActions::CaptchaCheck::JsonFormatActionsSupport do + controller(ActionController::Base) do + include SpammableActions::CaptchaCheck::JsonFormatActionsSupport + + def some_action + with_captcha_check_json_format { render :some_rendered_view } + end + end + + before do + allow(Gitlab::Recaptcha).to receive(:load_configurations!) { true } + end + + describe '#with_captcha_check_json_format' do + subject { post :some_action } + + let(:spammable) { double(:spammable) } + + before do + routes.draw { get 'some_action' => 'anonymous#some_action' } + allow(controller).to receive(:spammable) { spammable } + expect(spammable).to receive(:render_recaptcha?).at_least(:once) { render_recaptcha } + end + + context 'when spammable.render_recaptcha? is true' do + let(:render_recaptcha) { true } + let(:spam_log) { double(:spam_log, id: 1) } + let(:spammable) { double(:spammable, spam?: true, render_recaptcha?: render_recaptcha, spam_log: spam_log) } + let(:recaptcha_site_key) { 'abc123' } + let(:spam_action_response_fields) do + { + spam: true, + needs_captcha_response: render_recaptcha, + spam_log_id: 1, + captcha_site_key: recaptcha_site_key + } + end + + it 'renders json containing spam_action_response_fields' do + expect(controller).to receive(:render).with(json: spam_action_response_fields, status: :conflict) + allow(Gitlab::CurrentSettings).to receive(:recaptcha_site_key) { recaptcha_site_key } + subject + end + end + + context 'when spammable.render_recaptcha? is false' do + let(:render_recaptcha) { false } + + it 'yields to block' do + expect(controller).to receive(:render).with(:some_rendered_view) + + subject + end + end + end +end diff --git a/spec/controllers/concerns/spammable_actions_spec.rb b/spec/controllers/concerns/spammable_actions_spec.rb deleted file mode 100644 index 7bd5a76e60c..00000000000 --- a/spec/controllers/concerns/spammable_actions_spec.rb +++ /dev/null @@ -1,112 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe SpammableActions do - controller(ActionController::Base) do - include SpammableActions - - # #update is used here to test #recaptcha_check_with_fallback, but it could be invoked - # from #create or any other action which mutates a spammable via a controller. - def update - should_redirect = params[:should_redirect] == 'true' - - recaptcha_check_with_fallback(should_redirect) { render json: :ok } - end - - private - - def spammable_path - '/fake_spammable_path' - end - end - - before do - allow(Gitlab::Recaptcha).to receive(:load_configurations!) { true } - end - - describe '#recaptcha_check_with_fallback' do - shared_examples 'yields to block' do - it do - subject - - expect(json_response).to eq({ json: 'ok' }) - end - end - - let(:format) { :html } - - subject { post :update, format: format, params: params } - - let(:spammable) { double(:spammable) } - let(:should_redirect) { nil } - let(:params) do - { - should_redirect: should_redirect - } - end - - before do - routes.draw { get 'update' => 'anonymous#update' } - allow(controller).to receive(:spammable) { spammable } - end - - context 'when should_redirect is true and spammable is valid' do - let(:should_redirect) { true } - - before do - allow(spammable).to receive(:valid?) { true } - end - - it 'redirects to spammable_path' do - expect(subject).to redirect_to('/fake_spammable_path') - end - end - - context 'when should_redirect is false or spammable is not valid' do - before do - allow(spammable).to receive(:valid?) { false } - end - - context 'when spammable.render_recaptcha? is true' do - let(:spam_log) { instance_double(SpamLog, id: 123) } - let(:captcha_site_key) { 'abc123' } - - before do - expect(spammable).to receive(:render_recaptcha?).at_least(:once) { true } - end - - context 'when format is :html' do - it 'renders :verify' do - expect(controller).to receive(:render).with(:verify) - - subject - end - end - - context 'when format is :json' do - let(:format) { :json } - - before do - expect(spammable).to receive(:spam?) { false } - expect(spammable).to receive(:spam_log) { spam_log } - expect(Gitlab::CurrentSettings).to receive(:recaptcha_site_key) { captcha_site_key } - end - - it 'renders json with spam_action_response_fields' do - subject - - expected_json_response = HashWithIndifferentAccess.new( - { - spam: false, - needs_captcha_response: true, - spam_log_id: spam_log.id, - captcha_site_key: captcha_site_key - }) - expect(json_response).to eq(expected_json_response) - end - end - end - end - end -end |