Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/controllers/projects
diff options
context:
space:
mode:
Diffstat (limited to 'spec/controllers/projects')
-rw-r--r--spec/controllers/projects/analytics/cycle_analytics/stages_controller_spec.rb48
-rw-r--r--spec/controllers/projects/blob_controller_spec.rb1
-rw-r--r--spec/controllers/projects/ci/secure_files_controller_spec.rb67
-rw-r--r--spec/controllers/projects/clusters_controller_spec.rb12
-rw-r--r--spec/controllers/projects/commit_controller_spec.rb17
-rw-r--r--spec/controllers/projects/compare_controller_spec.rb19
-rw-r--r--spec/controllers/projects/environments_controller_spec.rb2
-rw-r--r--spec/controllers/projects/hooks_controller_spec.rb2
-rw-r--r--spec/controllers/projects/issues_controller_spec.rb32
-rw-r--r--spec/controllers/projects/merge_requests_controller_spec.rb46
-rw-r--r--spec/controllers/projects/notes_controller_spec.rb71
-rw-r--r--spec/controllers/projects/pages_controller_spec.rb48
-rw-r--r--spec/controllers/projects/protected_branches_controller_spec.rb54
-rw-r--r--spec/controllers/projects/tags/releases_controller_spec.rb103
-rw-r--r--spec/controllers/projects/uploads_controller_spec.rb184
15 files changed, 326 insertions, 380 deletions
diff --git a/spec/controllers/projects/analytics/cycle_analytics/stages_controller_spec.rb b/spec/controllers/projects/analytics/cycle_analytics/stages_controller_spec.rb
index 3f0318c3973..8903592ba15 100644
--- a/spec/controllers/projects/analytics/cycle_analytics/stages_controller_spec.rb
+++ b/spec/controllers/projects/analytics/cycle_analytics/stages_controller_spec.rb
@@ -54,6 +54,32 @@ RSpec.describe Projects::Analytics::CycleAnalytics::StagesController do
end
end
+ shared_examples 'project-level value stream analytics with guest user' do
+ let_it_be(:guest) { create(:user) }
+
+ before do
+ project.add_guest(guest)
+ sign_out(user)
+ sign_in(guest)
+ end
+
+ %w[code review].each do |id|
+ it "disallows stage #{id}" do
+ get action, params: params.merge(id: id)
+
+ expect(response).to have_gitlab_http_status(:forbidden)
+ end
+ end
+
+ %w[issue plan test staging].each do |id|
+ it "allows stage #{id}" do
+ get action, params: params.merge(id: id)
+
+ expect(response).to have_gitlab_http_status(:ok)
+ end
+ end
+ end
+
describe 'GET index' do
let(:action) { :index }
@@ -78,6 +104,20 @@ RSpec.describe Projects::Analytics::CycleAnalytics::StagesController do
end
it_behaves_like 'project-level value stream analytics request error examples'
+
+ it 'only returns authorized stages' do
+ guest = create(:user)
+ sign_out(user)
+ sign_in(guest)
+ project.add_guest(guest)
+
+ get action, params: params
+
+ expect(response).to have_gitlab_http_status(:ok)
+
+ expect(json_response['stages'].map { |stage| stage['title'] })
+ .to contain_exactly('Issue', 'Plan', 'Test', 'Staging')
+ end
end
describe 'GET median' do
@@ -102,6 +142,8 @@ RSpec.describe Projects::Analytics::CycleAnalytics::StagesController do
end
it_behaves_like 'project-level value stream analytics request error examples'
+
+ it_behaves_like 'project-level value stream analytics with guest user'
end
describe 'GET average' do
@@ -126,6 +168,8 @@ RSpec.describe Projects::Analytics::CycleAnalytics::StagesController do
end
it_behaves_like 'project-level value stream analytics request error examples'
+
+ it_behaves_like 'project-level value stream analytics with guest user'
end
describe 'GET count' do
@@ -150,6 +194,8 @@ RSpec.describe Projects::Analytics::CycleAnalytics::StagesController do
end
it_behaves_like 'project-level value stream analytics request error examples'
+
+ it_behaves_like 'project-level value stream analytics with guest user'
end
describe 'GET records' do
@@ -174,5 +220,7 @@ RSpec.describe Projects::Analytics::CycleAnalytics::StagesController do
end
it_behaves_like 'project-level value stream analytics request error examples'
+
+ it_behaves_like 'project-level value stream analytics with guest user'
end
end
diff --git a/spec/controllers/projects/blob_controller_spec.rb b/spec/controllers/projects/blob_controller_spec.rb
index cc807098498..887a5ba598f 100644
--- a/spec/controllers/projects/blob_controller_spec.rb
+++ b/spec/controllers/projects/blob_controller_spec.rb
@@ -352,7 +352,6 @@ RSpec.describe Projects::BlobController do
project_new_merge_request_path(
forked_project,
merge_request: {
- source_project_id: forked_project.id,
target_project_id: project.id,
source_branch: "fork-test-1",
target_branch: "master"
diff --git a/spec/controllers/projects/ci/secure_files_controller_spec.rb b/spec/controllers/projects/ci/secure_files_controller_spec.rb
deleted file mode 100644
index 200997e31b9..00000000000
--- a/spec/controllers/projects/ci/secure_files_controller_spec.rb
+++ /dev/null
@@ -1,67 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-RSpec.describe Projects::Ci::SecureFilesController do
- let_it_be(:project) { create(:project) }
- let_it_be(:user) { create(:user) }
-
- subject(:show_request) { get :show, params: { namespace_id: project.namespace, project_id: project } }
-
- describe 'GET #show' do
- context 'when the :ci_secure_files feature flag is enabled' do
- context 'with enough privileges' do
- before do
- stub_feature_flags(ci_secure_files: true)
- sign_in(user)
- project.add_developer(user)
- show_request
- end
-
- it { expect(response).to have_gitlab_http_status(:ok) }
-
- it 'renders show page' do
- expect(response).to render_template :show
- end
- end
- end
-
- context 'when the :ci_secure_files feature flag is disabled' do
- context 'with enough privileges' do
- before do
- stub_feature_flags(ci_secure_files: false)
- sign_in(user)
- project.add_developer(user)
- show_request
- end
-
- it 'responds with 404' do
- expect(response).to have_gitlab_http_status(:not_found)
- end
- end
- end
-
- context 'without enough privileges' do
- before do
- sign_in(user)
- project.add_reporter(user)
- show_request
- end
-
- it 'responds with 404' do
- expect(response).to have_gitlab_http_status(:not_found)
- end
- end
-
- context 'an unauthenticated user' do
- before do
- show_request
- end
-
- it 'redirects to sign in' do
- expect(response).to have_gitlab_http_status(:found)
- expect(response).to redirect_to('/users/sign_in')
- end
- end
- end
-end
diff --git a/spec/controllers/projects/clusters_controller_spec.rb b/spec/controllers/projects/clusters_controller_spec.rb
index d45ea268e64..12202518e1e 100644
--- a/spec/controllers/projects/clusters_controller_spec.rb
+++ b/spec/controllers/projects/clusters_controller_spec.rb
@@ -259,9 +259,11 @@ RSpec.describe Projects::ClustersController do
it 'is allowed for admin when admin mode enabled', :enable_admin_mode do
expect { go }.to be_allowed_for(:admin)
end
+
it 'is disabled for admin when admin mode disabled' do
expect { go }.to be_denied_for(:admin)
end
+
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:maintainer).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
@@ -300,9 +302,11 @@ RSpec.describe Projects::ClustersController do
it 'is allowed for admin when admin mode enabled', :enable_admin_mode do
expect { go }.to be_allowed_for(:admin)
end
+
it 'is disabled for admin when admin mode disabled' do
expect { go }.to be_denied_for(:admin)
end
+
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:maintainer).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
@@ -349,9 +353,11 @@ RSpec.describe Projects::ClustersController do
it 'is allowed for admin when admin mode enabled', :enable_admin_mode do
expect { go }.to be_allowed_for(:admin)
end
+
it 'is disabled for admin when admin mode disabled' do
expect { go }.to be_denied_for(:admin)
end
+
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:maintainer).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
@@ -401,9 +407,11 @@ RSpec.describe Projects::ClustersController do
it 'is allowed for admin when admin mode enabled', :enable_admin_mode do
expect { go }.to be_allowed_for(:admin)
end
+
it 'is disabled for admin when admin mode disabled' do
expect { go }.to be_denied_for(:admin)
end
+
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:maintainer).of(project) }
it { expect { go }.to be_allowed_for(:developer).of(project) }
@@ -515,9 +523,11 @@ RSpec.describe Projects::ClustersController do
it 'is allowed for admin when admin mode enabled', :enable_admin_mode do
expect { go }.to be_allowed_for(:admin)
end
+
it 'is disabled for admin when admin mode disabled' do
expect { go }.to be_denied_for(:admin)
end
+
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:maintainer).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
@@ -593,9 +603,11 @@ RSpec.describe Projects::ClustersController do
it 'is allowed for admin when admin mode enabled', :enable_admin_mode do
expect { go }.to be_allowed_for(:admin)
end
+
it 'is disabled for admin when admin mode disabled' do
expect { go }.to be_denied_for(:admin)
end
+
it { expect { go }.to be_allowed_for(:owner).of(project) }
it { expect { go }.to be_allowed_for(:maintainer).of(project) }
it { expect { go }.to be_denied_for(:developer).of(project) }
diff --git a/spec/controllers/projects/commit_controller_spec.rb b/spec/controllers/projects/commit_controller_spec.rb
index a72c98552a5..edb07bbdce6 100644
--- a/spec/controllers/projects/commit_controller_spec.rb
+++ b/spec/controllers/projects/commit_controller_spec.rb
@@ -82,6 +82,22 @@ RSpec.describe Projects::CommitController do
expect(response).to be_successful
end
+ it 'only loads blobs in the current page' do
+ stub_feature_flags(async_commit_diff_files: false)
+ stub_const('Projects::CommitController::COMMIT_DIFFS_PER_PAGE', 1)
+
+ commit = project.commit('1a0b36b3cdad1d2ee32457c102a8c0b7056fa863')
+
+ expect_next_instance_of(Repository) do |repository|
+ # This commit contains 3 changed files but we expect only the blobs for the first one to be loaded
+ expect(repository).to receive(:blobs_at).with([[commit.id, '.gitignore']], anything).and_call_original
+ end
+
+ go(id: commit.id)
+
+ expect(response).to be_ok
+ end
+
shared_examples "export as" do |format|
it "does generally work" do
go(id: commit.id, format: format)
@@ -378,7 +394,6 @@ RSpec.describe Projects::CommitController do
project_new_merge_request_path(
source_project,
merge_request: {
- source_project_id: source_project.id,
target_project_id: project.id,
source_branch: branch,
target_branch: 'feature'
diff --git a/spec/controllers/projects/compare_controller_spec.rb b/spec/controllers/projects/compare_controller_spec.rb
index e6e0307d0ca..6ed6f7017e3 100644
--- a/spec/controllers/projects/compare_controller_spec.rb
+++ b/spec/controllers/projects/compare_controller_spec.rb
@@ -226,8 +226,8 @@ RSpec.describe Projects::CompareController do
context 'when page is valid' do
let(:from_project_id) { nil }
- let(:from_ref) { '08f22f25' }
- let(:to_ref) { '66eceea0' }
+ let(:from_ref) { '6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9' }
+ let(:to_ref) { '5937ac0a7beb003549fc5fd26fc247adbce4a52e' }
let(:page) { 1 }
it 'shows the diff' do
@@ -237,6 +237,21 @@ RSpec.describe Projects::CompareController do
expect(assigns(:diffs).diff_files.first).to be_present
expect(assigns(:commits).length).to be >= 1
end
+
+ it 'only loads blobs in the current page' do
+ stub_const('Projects::CompareController::COMMIT_DIFFS_PER_PAGE', 1)
+
+ expect_next_instance_of(Repository) do |repository|
+ # This comparison contains 4 changed files but we expect only the blobs for the first one to be loaded
+ expect(repository).to receive(:blobs_at).with(
+ contain_exactly([from_ref, '.gitmodules'], [to_ref, '.gitmodules']), anything
+ ).and_call_original
+ end
+
+ show_request
+
+ expect(response).to be_successful
+ end
end
context 'when page is not valid' do
diff --git a/spec/controllers/projects/environments_controller_spec.rb b/spec/controllers/projects/environments_controller_spec.rb
index f4cad5790a3..1a6edab795d 100644
--- a/spec/controllers/projects/environments_controller_spec.rb
+++ b/spec/controllers/projects/environments_controller_spec.rb
@@ -233,7 +233,7 @@ RSpec.describe Projects::EnvironmentsController do
end
context "when environment params are invalid" do
- let(:params) { environment_params.merge(environment: { name: '/foo/', external_url: '/git.gitlab.com' }) }
+ let(:params) { environment_params.merge(environment: { external_url: 'javascript:alert("hello")' }) }
it 'returns bad request' do
subject
diff --git a/spec/controllers/projects/hooks_controller_spec.rb b/spec/controllers/projects/hooks_controller_spec.rb
index a275bc28631..ba7b712964c 100644
--- a/spec/controllers/projects/hooks_controller_spec.rb
+++ b/spec/controllers/projects/hooks_controller_spec.rb
@@ -98,7 +98,7 @@ RSpec.describe Projects::HooksController do
def it_renders_correctly
expect(response).to have_gitlab_http_status(:ok)
expect(response).to render_template(:edit)
- expect(response).to render_template('projects/hook_logs/_index')
+ expect(response).to render_template('shared/hook_logs/_index')
end
end
diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb
index badac688229..c48be8efb1b 100644
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -1607,22 +1607,32 @@ RSpec.describe Projects::IssuesController do
project.add_developer(user)
end
- it "returns 302 for project members with developer role" do
- import_csv
+ context 'when upload proceeds correctly' do
+ it "returns 302 for project members with developer role" do
+ import_csv
- expect(flash[:notice]).to eq(_("Your issues are being imported. Once finished, you'll get a confirmation email."))
- expect(response).to redirect_to(project_issues_path(project))
- end
+ expect(flash[:notice]).to eq(_("Your issues are being imported. Once finished, you'll get a confirmation email."))
+ expect(response).to redirect_to(project_issues_path(project))
+ end
+
+ it 'enqueues an import job' do
+ expect(ImportIssuesCsvWorker).to receive(:perform_async).with(user.id, project.id, Integer)
- it "shows error when upload fails" do
- expect_next_instance_of(UploadService) do |upload_service|
- expect(upload_service).to receive(:execute).and_return(nil)
+ import_csv
end
+ end
- import_csv
+ context 'when upload fails' do
+ it "shows error when upload fails" do
+ expect_next_instance_of(UploadService) do |upload_service|
+ expect(upload_service).to receive(:execute).and_return(nil)
+ end
- expect(flash[:alert]).to include(_('File upload error.'))
- expect(response).to redirect_to(project_issues_path(project))
+ import_csv
+
+ expect(flash[:alert]).to include(_('File upload error.'))
+ expect(response).to redirect_to(project_issues_path(project))
+ end
end
end
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index 8ccbc0d3fe2..ed5e32df8ea 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -1894,15 +1894,12 @@ RSpec.describe Projects::MergeRequestsController do
# First run to insert test data from lets, which does take up some 30 queries
get_ci_environments_status
- control_count = ActiveRecord::QueryRecorder.new(skip_cached: false) { get_ci_environments_status }.count
+ control_count = ActiveRecord::QueryRecorder.new { get_ci_environments_status }
environment2 = create(:environment, project: forked)
create(:deployment, :succeed, environment: environment2, sha: sha, ref: 'master', deployable: build)
- # TODO address the last 3 queries
- # See https://gitlab.com/gitlab-org/gitlab-foss/issues/63952 (3 queries)
- leeway = 3
- expect { get_ci_environments_status }.not_to exceed_all_query_limit(control_count + leeway)
+ expect { get_ci_environments_status }.not_to exceed_all_query_limit(control_count)
end
end
@@ -2039,25 +2036,50 @@ RSpec.describe Projects::MergeRequestsController do
end
describe 'POST #rebase' do
+ let(:other_params) { {} }
+ let(:params) { { namespace_id: project.namespace, project_id: project, id: merge_request }.merge(other_params) }
+
def post_rebase
- post :rebase, params: { namespace_id: project.namespace, project_id: project, id: merge_request }
+ post :rebase, params: params
end
before do
allow(RebaseWorker).to receive(:with_status).and_return(RebaseWorker)
end
- def expect_rebase_worker_for(user)
- expect(RebaseWorker).to receive(:perform_async).with(merge_request.id, user.id, false)
+ def expect_rebase_worker_for(user, skip_ci: false)
+ expect(RebaseWorker).to receive(:perform_async).with(merge_request.id, user.id, skip_ci)
end
context 'successfully' do
- it 'enqeues a RebaseWorker' do
- expect_rebase_worker_for(user)
+ shared_examples 'successful rebase scheduler' do
+ it 'enqueues a RebaseWorker' do
+ expect_rebase_worker_for(user, skip_ci: skip_ci)
- post_rebase
+ post_rebase
- expect(response).to have_gitlab_http_status(:ok)
+ expect(response).to have_gitlab_http_status(:ok)
+ end
+ end
+
+ context 'with skip_ci not specified' do
+ let(:skip_ci) { false }
+
+ it_behaves_like 'successful rebase scheduler'
+ end
+
+ context 'with skip_ci enabled' do
+ let(:skip_ci) { true }
+ let(:other_params) { { skip_ci: 'true' } }
+
+ it_behaves_like 'successful rebase scheduler'
+ end
+
+ context 'with skip_ci disabled' do
+ let(:skip_ci) { false }
+ let(:other_params) { { skip_ci: 'false' } }
+
+ it_behaves_like 'successful rebase scheduler'
end
end
diff --git a/spec/controllers/projects/notes_controller_spec.rb b/spec/controllers/projects/notes_controller_spec.rb
index 85e5de46afd..9050765afd6 100644
--- a/spec/controllers/projects/notes_controller_spec.rb
+++ b/spec/controllers/projects/notes_controller_spec.rb
@@ -345,34 +345,77 @@ RSpec.describe Projects::NotesController do
}
end
- context 'when `confidential` parameter is not provided' do
- it 'sets `confidential` to `false` in JSON response' do
+ context 'when parameter is not provided' do
+ it 'sets `confidential` and `internal` to `false` in JSON response' do
create!
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['confidential']).to be false
+ expect(json_response['internal']).to be false
end
end
- context 'when `confidential` parameter is `false`' do
- let(:extra_note_params) { { confidential: false } }
+ context 'when is not a confidential note' do
+ context 'when using the `internal` parameter' do
+ let(:extra_note_params) { { internal: false } }
- it 'sets `confidential` to `false` in JSON response' do
- create!
+ it 'sets `confidential` and `internal` to `false` in JSON response' do
+ create!
- expect(response).to have_gitlab_http_status(:ok)
- expect(json_response['confidential']).to be false
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(json_response['confidential']).to be false
+ expect(json_response['internal']).to be false
+ end
+ end
+
+ context 'when using deprecated `confidential` parameter' do
+ let(:extra_note_params) { { confidential: false } }
+
+ it 'sets `confidential` and `internal` to `false` in JSON response' do
+ create!
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(json_response['confidential']).to be false
+ expect(json_response['internal']).to be false
+ end
end
end
- context 'when `confidential` parameter is `true`' do
- let(:extra_note_params) { { confidential: true } }
+ context 'when is a confidential note' do
+ context 'when using the `internal` parameter' do
+ let(:extra_note_params) { { internal: true } }
- it 'sets `confidential` to `true` in JSON response' do
- create!
+ it 'sets `confidential` and `internal` to `true` in JSON response' do
+ create!
- expect(response).to have_gitlab_http_status(:ok)
- expect(json_response['confidential']).to be true
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(json_response['confidential']).to be true
+ expect(json_response['internal']).to be true
+ end
+ end
+
+ context 'when using deprecated `confidential` parameter' do
+ let(:extra_note_params) { { confidential: true } }
+
+ it 'sets `confidential` and `internal` to `true` in JSON response' do
+ create!
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(json_response['confidential']).to be true
+ expect(json_response['internal']).to be true
+ end
+ end
+
+ context 'when `internal` parameter is `true` and `confidential` parameter is `false`' do
+ let(:extra_note_params) { { internal: true, confidential: false } }
+
+ it 'uses the `internal` param as source of truth' do
+ create!
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(json_response['confidential']).to be true
+ expect(json_response['internal']).to be true
+ end
end
end
end
diff --git a/spec/controllers/projects/pages_controller_spec.rb b/spec/controllers/projects/pages_controller_spec.rb
index 1fa8838b548..136f98ac907 100644
--- a/spec/controllers/projects/pages_controller_spec.rb
+++ b/spec/controllers/projects/pages_controller_spec.rb
@@ -19,9 +19,9 @@ RSpec.describe Projects::PagesController do
project.add_maintainer(user)
end
- describe 'GET show' do
+ describe 'GET new' do
it 'returns 200 status' do
- get :show, params: request_params
+ get :new, params: request_params
expect(response).to have_gitlab_http_status(:ok)
end
@@ -31,13 +31,55 @@ RSpec.describe Projects::PagesController do
let(:project) { create(:project, namespace: group) }
it 'returns a 200 status code' do
- get :show, params: request_params
+ get :new, params: request_params
expect(response).to have_gitlab_http_status(:ok)
end
end
end
+ describe 'GET show' do
+ subject { get :show, params: request_params }
+
+ context 'when the project does not have onboarding complete' do
+ before do
+ project.pages_metadatum.update_attribute(:deployed, false)
+ project.pages_metadatum.update_attribute(:onboarding_complete, false)
+ end
+
+ it 'redirects to #new' do
+ expect(subject).to redirect_to(action: 'new')
+ end
+ end
+
+ context 'when the project does have onboarding complete' do
+ before do
+ project.pages_metadatum.update_attribute(:onboarding_complete, true)
+ end
+
+ it 'returns 200 status' do
+ expect(subject).to have_gitlab_http_status(:ok)
+ end
+
+ context 'when the project is in a subgroup' do
+ let(:group) { create(:group, :nested) }
+ let(:project) { create(:project, namespace: group) }
+
+ it 'returns a 200 status code' do
+ expect(subject).to have_gitlab_http_status(:ok)
+ end
+ end
+ end
+
+ context 'when pages is disabled' do
+ let(:project) { create(:project, :pages_disabled) }
+
+ it 'renders the disabled view' do
+ expect(subject).to render_template :disabled
+ end
+ end
+ end
+
describe 'DELETE destroy' do
it 'returns 302 status' do
delete :destroy, params: request_params
diff --git a/spec/controllers/projects/protected_branches_controller_spec.rb b/spec/controllers/projects/protected_branches_controller_spec.rb
index dcfccc00347..4996bd90005 100644
--- a/spec/controllers/projects/protected_branches_controller_spec.rb
+++ b/spec/controllers/projects/protected_branches_controller_spec.rb
@@ -3,14 +3,20 @@
require('spec_helper')
RSpec.describe Projects::ProtectedBranchesController do
- let(:project) { create(:project, :repository) }
+ let_it_be_with_reload(:project) { create(:project, :repository) }
+ let_it_be(:maintainer) { create(:user) }
+
let(:protected_branch) { create(:protected_branch, project: project) }
let(:project_params) { { namespace_id: project.namespace.to_param, project_id: project } }
let(:base_params) { project_params.merge(id: protected_branch.id) }
- let(:user) { create(:user) }
+ let(:user) { maintainer }
+
+ before_all do
+ project.add_maintainer(maintainer)
+ end
before do
- project.add_maintainer(user)
+ sign_in(user)
end
describe "GET #index" do
@@ -30,23 +36,16 @@ RSpec.describe Projects::ProtectedBranchesController do
let(:create_params) { attributes_for(:protected_branch).merge(access_level_params) }
- before do
- sign_in(user)
- end
-
it 'creates the protected branch rule' do
expect do
post(:create, params: project_params.merge(protected_branch: create_params))
end.to change(ProtectedBranch, :count).by(1)
end
- context 'when a policy restricts rule deletion' do
- before do
- policy = instance_double(ProtectedBranchPolicy, allowed?: false)
- allow(ProtectedBranchPolicy).to receive(:new).and_return(policy)
- end
-
+ context 'when a policy restricts rule creation' do
it "prevents creation of the protected branch rule" do
+ disallow(:create_protected_branch, an_instance_of(ProtectedBranch))
+
post(:create, params: project_params.merge(protected_branch: create_params))
expect(ProtectedBranch.count).to eq 0
@@ -57,10 +56,6 @@ RSpec.describe Projects::ProtectedBranchesController do
describe "PUT #update" do
let(:update_params) { { name: 'new_name' } }
- before do
- sign_in(user)
- end
-
it 'updates the protected branch rule' do
put(:update, params: base_params.merge(protected_branch: update_params))
@@ -68,13 +63,10 @@ RSpec.describe Projects::ProtectedBranchesController do
expect(json_response["name"]).to eq('new_name')
end
- context 'when a policy restricts rule deletion' do
- before do
- policy = instance_double(ProtectedBranchPolicy, allowed?: false)
- allow(ProtectedBranchPolicy).to receive(:new).and_return(policy)
- end
-
+ context 'when a policy restricts rule update' do
it "prevents update of the protected branch rule" do
+ disallow(:update_protected_branch, protected_branch)
+
old_name = protected_branch.name
put(:update, params: base_params.merge(protected_branch: update_params))
@@ -85,10 +77,6 @@ RSpec.describe Projects::ProtectedBranchesController do
end
describe "DELETE #destroy" do
- before do
- sign_in(user)
- end
-
it "deletes the protected branch rule" do
delete(:destroy, params: base_params)
@@ -96,16 +84,18 @@ RSpec.describe Projects::ProtectedBranchesController do
end
context 'when a policy restricts rule deletion' do
- before do
- policy = instance_double(ProtectedBranchPolicy, allowed?: false)
- allow(ProtectedBranchPolicy).to receive(:new).and_return(policy)
- end
-
it "prevents deletion of the protected branch rule" do
+ disallow(:destroy_protected_branch, protected_branch)
+
delete(:destroy, params: base_params)
expect(response).to have_gitlab_http_status(:forbidden)
end
end
end
+
+ def disallow(ability, protected_branch)
+ allow(Ability).to receive(:allowed?).and_call_original
+ allow(Ability).to receive(:allowed?).with(user, ability, protected_branch).and_return(false)
+ end
end
diff --git a/spec/controllers/projects/tags/releases_controller_spec.rb b/spec/controllers/projects/tags/releases_controller_spec.rb
deleted file mode 100644
index 1d2385f54f9..00000000000
--- a/spec/controllers/projects/tags/releases_controller_spec.rb
+++ /dev/null
@@ -1,103 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-RSpec.describe Projects::Tags::ReleasesController do
- let!(:project) { create(:project, :repository) }
- let!(:user) { create(:user) }
- let!(:release) { create(:release, project: project, tag: "v1.1.0") }
- let!(:tag) { release.tag }
-
- before do
- project.add_developer(user)
- sign_in(user)
- end
-
- describe 'GET #edit' do
- it 'initializes a new release' do
- tag_id = release.tag
- project.releases.destroy_all # rubocop: disable Cop/DestroyAll
-
- response = get :edit, params: { namespace_id: project.namespace, project_id: project, tag_id: tag_id }
-
- release = assigns(:release)
- expect(release).not_to be_nil
- expect(release).not_to be_persisted
- expect(response).to have_gitlab_http_status(:ok)
- end
-
- it 'retrieves an existing release' do
- response = get :edit, params: { namespace_id: project.namespace, project_id: project, tag_id: tag }
-
- release = assigns(:release)
- expect(release).not_to be_nil
- expect(release).to be_persisted
- expect(response).to have_gitlab_http_status(:ok)
- end
- end
-
- describe 'PUT #update' do
- it 'updates release note description' do
- response = update_release(release.tag, "description updated")
-
- release = project.releases.find_by(tag: tag)
- expect(release.description).to eq("description updated")
- expect(response).to have_gitlab_http_status(:found)
- end
-
- it 'creates a release if one does not exist' do
- tag_without_release = create_new_tag
-
- expect do
- update_release(tag_without_release.name, "a new release")
- end.to change { project.releases.count }.by(1)
-
- expect(response).to have_gitlab_http_status(:found)
- end
-
- it 'sets the release name, sha, and author for a new release' do
- tag_without_release = create_new_tag
-
- response = update_release(tag_without_release.name, "a new release")
-
- release = project.releases.find_by(tag: tag_without_release.name)
- expect(release.name).to eq(tag_without_release.name)
- expect(release.sha).to eq(tag_without_release.target_commit.sha)
- expect(release.author.id).to eq(user.id)
- expect(response).to have_gitlab_http_status(:found)
- end
-
- it 'does not delete release when description is empty' do
- expect do
- update_release(tag, "")
- end.not_to change { project.releases.count }
-
- expect(release.reload.description).to eq("")
-
- expect(response).to have_gitlab_http_status(:found)
- end
-
- it 'does nothing when description is empty and the tag does not have a release' do
- tag_without_release = create_new_tag
-
- expect do
- update_release(tag_without_release.name, "")
- end.not_to change { project.releases.count }
-
- expect(response).to have_gitlab_http_status(:found)
- end
- end
-
- def create_new_tag
- project.repository.add_tag(user, 'mytag', 'master')
- end
-
- def update_release(tag_id, description)
- put :update, params: {
- namespace_id: project.namespace.to_param,
- project_id: project,
- tag_id: tag_id,
- release: { description: description }
- }
- end
-end
diff --git a/spec/controllers/projects/uploads_controller_spec.rb b/spec/controllers/projects/uploads_controller_spec.rb
index 6d2db25ade2..01635f2e158 100644
--- a/spec/controllers/projects/uploads_controller_spec.rb
+++ b/spec/controllers/projects/uploads_controller_spec.rb
@@ -86,47 +86,27 @@ RSpec.describe Projects::UploadsController do
end
context "when not signed in" do
- context "enforce_auth_checks_on_uploads feature flag" do
- context "with flag enabled" do
- before do
- stub_feature_flags(enforce_auth_checks_on_uploads: true)
- end
-
- context 'when the project has setting enforce_auth_checks_on_uploads true' do
- before do
- model.update!(enforce_auth_checks_on_uploads: true)
- end
-
- it "responds with status 302" do
- show_upload
-
- expect(response).to have_gitlab_http_status(:redirect)
- end
- end
-
- context 'when the project has setting enforce_auth_checks_on_uploads false' do
- before do
- model.update!(enforce_auth_checks_on_uploads: false)
- end
+ context 'when the project has setting enforce_auth_checks_on_uploads true' do
+ before do
+ model.update!(enforce_auth_checks_on_uploads: true)
+ end
- it "responds with status 200" do
- show_upload
+ it "responds with status 302" do
+ show_upload
- expect(response).to have_gitlab_http_status(:ok)
- end
- end
+ expect(response).to have_gitlab_http_status(:redirect)
end
+ end
- context "with flag disabled" do
- before do
- stub_feature_flags(enforce_auth_checks_on_uploads: false)
- end
+ context 'when the project has setting enforce_auth_checks_on_uploads false' do
+ before do
+ model.update!(enforce_auth_checks_on_uploads: false)
+ end
- it "responds with status 200" do
- show_upload
+ it "responds with status 200" do
+ show_upload
- expect(response).to have_gitlab_http_status(:ok)
- end
+ expect(response).to have_gitlab_http_status(:ok)
end
end
end
@@ -137,41 +117,21 @@ RSpec.describe Projects::UploadsController do
end
context "when the user doesn't have access to the model" do
- context "enforce_auth_checks_on_uploads feature flag" do
- context "with flag enabled" do
- before do
- stub_feature_flags(enforce_auth_checks_on_uploads: true)
- end
-
- context 'when the project has setting enforce_auth_checks_on_uploads true' do
- before do
- model.update!(enforce_auth_checks_on_uploads: true)
- end
-
- it "responds with status 404" do
- show_upload
-
- expect(response).to have_gitlab_http_status(:not_found)
- end
- end
-
- context 'when the project has setting enforce_auth_checks_on_uploads false' do
- before do
- model.update!(enforce_auth_checks_on_uploads: false)
- end
-
- it "responds with status 200" do
- show_upload
-
- expect(response).to have_gitlab_http_status(:ok)
- end
- end
+ context 'when the project has setting enforce_auth_checks_on_uploads true' do
+ before do
+ model.update!(enforce_auth_checks_on_uploads: true)
+ end
+
+ it "responds with status 404" do
+ show_upload
+
+ expect(response).to have_gitlab_http_status(:not_found)
end
end
- context "with flag disabled" do
+ context 'when the project has setting enforce_auth_checks_on_uploads false' do
before do
- stub_feature_flags(enforce_auth_checks_on_uploads: false)
+ model.update!(enforce_auth_checks_on_uploads: false)
end
it "responds with status 200" do
@@ -190,47 +150,27 @@ RSpec.describe Projects::UploadsController do
end
context "when not signed in" do
- context "enforce_auth_checks_on_uploads feature flag" do
- context "with flag enabled" do
- before do
- stub_feature_flags(enforce_auth_checks_on_uploads: true)
- end
-
- context 'when the project has setting enforce_auth_checks_on_uploads true' do
- before do
- model.update!(enforce_auth_checks_on_uploads: true)
- end
-
- it "responds with status 200" do
- show_upload
-
- expect(response).to have_gitlab_http_status(:ok)
- end
- end
+ context 'when the project has setting enforce_auth_checks_on_uploads true' do
+ before do
+ model.update!(enforce_auth_checks_on_uploads: true)
+ end
- context 'when the project has setting enforce_auth_checks_on_uploads false' do
- before do
- model.update!(enforce_auth_checks_on_uploads: false)
- end
+ it "responds with status 200" do
+ show_upload
- it "responds with status 200" do
- show_upload
+ expect(response).to have_gitlab_http_status(:ok)
+ end
+ end
- expect(response).to have_gitlab_http_status(:ok)
- end
- end
+ context 'when the project has setting enforce_auth_checks_on_uploads false' do
+ before do
+ model.update!(enforce_auth_checks_on_uploads: false)
end
- context "with flag disabled" do
- before do
- stub_feature_flags(enforce_auth_checks_on_uploads: false)
- end
+ it "responds with status 200" do
+ show_upload
- it "responds with status 200" do
- show_upload
-
- expect(response).to have_gitlab_http_status(:ok)
- end
+ expect(response).to have_gitlab_http_status(:ok)
end
end
end
@@ -241,41 +181,21 @@ RSpec.describe Projects::UploadsController do
end
context "when the user doesn't have access to the model" do
- context "enforce_auth_checks_on_uploads feature flag" do
- context "with flag enabled" do
- before do
- stub_feature_flags(enforce_auth_checks_on_uploads: true)
- end
-
- context 'when the project has setting enforce_auth_checks_on_uploads true' do
- before do
- model.update!(enforce_auth_checks_on_uploads: true)
- end
-
- it "responds with status 200" do
- show_upload
-
- expect(response).to have_gitlab_http_status(:ok)
- end
- end
-
- context 'when the project has setting enforce_auth_checks_on_uploads false' do
- before do
- model.update!(enforce_auth_checks_on_uploads: false)
- end
-
- it "responds with status 200" do
- show_upload
-
- expect(response).to have_gitlab_http_status(:ok)
- end
- end
+ context 'when the project has setting enforce_auth_checks_on_uploads true' do
+ before do
+ model.update!(enforce_auth_checks_on_uploads: true)
+ end
+
+ it "responds with status 200" do
+ show_upload
+
+ expect(response).to have_gitlab_http_status(:ok)
end
end
- context "with flag disabled" do
+ context 'when the project has setting enforce_auth_checks_on_uploads false' do
before do
- stub_feature_flags(enforce_auth_checks_on_uploads: false)
+ model.update!(enforce_auth_checks_on_uploads: false)
end
it "responds with status 200" do
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 04:59:46 +0300