diff options
Diffstat (limited to 'spec/controllers')
40 files changed, 1031 insertions, 307 deletions
diff --git a/spec/controllers/admin/application_settings_controller_spec.rb b/spec/controllers/admin/application_settings_controller_spec.rb index 4f223811be8..f71f859a704 100644 --- a/spec/controllers/admin/application_settings_controller_spec.rb +++ b/spec/controllers/admin/application_settings_controller_spec.rb @@ -15,6 +15,37 @@ RSpec.describe Admin::ApplicationSettingsController do stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false') end + describe 'GET #integrations' do + before do + sign_in(admin) + end + + context 'when GitLab.com' do + before do + allow(::Gitlab).to receive(:com?) { true } + end + + it 'returns 404' do + get :integrations + + expect(response).to have_gitlab_http_status(:not_found) + end + end + + context 'when not GitLab.com' do + before do + allow(::Gitlab).to receive(:com?) { false } + end + + it 'renders correct template' do + get :integrations + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template('admin/application_settings/integrations') + end + end + end + describe 'GET #usage_data with no access' do before do stub_usage_data_connections @@ -56,6 +87,13 @@ RSpec.describe Admin::ApplicationSettingsController do sign_in(admin) end + it 'updates the require_admin_approval_after_user_signup setting' do + put :update, params: { application_setting: { require_admin_approval_after_user_signup: true } } + + expect(response).to redirect_to(general_admin_application_settings_path) + expect(ApplicationSetting.current.require_admin_approval_after_user_signup).to eq(true) + end + it 'updates the password_authentication_enabled_for_git setting' do put :update, params: { application_setting: { password_authentication_enabled_for_git: "0" } } diff --git a/spec/controllers/admin/clusters_controller_spec.rb b/spec/controllers/admin/clusters_controller_spec.rb index d2a569a9d48..69bdc79c5f5 100644 --- a/spec/controllers/admin/clusters_controller_spec.rb +++ b/spec/controllers/admin/clusters_controller_spec.rb @@ -416,6 +416,7 @@ RSpec.describe Admin::ClustersController do expect(cluster).to be_user expect(cluster).to be_kubernetes expect(cluster).to be_platform_kubernetes_rbac + expect(cluster).to be_namespace_per_environment end end end @@ -585,6 +586,7 @@ RSpec.describe Admin::ClustersController do enabled: false, name: 'my-new-cluster-name', managed: false, + namespace_per_environment: false, base_domain: domain } } @@ -599,6 +601,7 @@ RSpec.describe Admin::ClustersController do expect(cluster.enabled).to be_falsey expect(cluster.name).to eq('my-new-cluster-name') expect(cluster).not_to be_managed + expect(cluster).not_to be_namespace_per_environment expect(cluster.domain).to eq('test-domain.com') end @@ -624,6 +627,7 @@ RSpec.describe Admin::ClustersController do enabled: false, name: 'my-new-cluster-name', managed: false, + namespace_per_environment: false, domain: domain } } @@ -637,6 +641,7 @@ RSpec.describe Admin::ClustersController do expect(cluster.enabled).to be_falsey expect(cluster.name).to eq('my-new-cluster-name') expect(cluster).not_to be_managed + expect(cluster).not_to be_namespace_per_environment end end diff --git a/spec/controllers/admin/integrations_controller_spec.rb b/spec/controllers/admin/integrations_controller_spec.rb index 4b1806a43d2..1a13d016b73 100644 --- a/spec/controllers/admin/integrations_controller_spec.rb +++ b/spec/controllers/admin/integrations_controller_spec.rb @@ -20,6 +20,18 @@ RSpec.describe Admin::IntegrationsController do end end end + + context 'when GitLab.com' do + before do + allow(::Gitlab).to receive(:com?) { true } + end + + it 'returns 404' do + get :edit, params: { id: Service.available_services_names.sample } + + expect(response).to have_gitlab_http_status(:not_found) + end + end end describe '#update' do @@ -43,7 +55,7 @@ RSpec.describe Admin::IntegrationsController do end it 'calls to PropagateIntegrationWorker' do - expect(PropagateIntegrationWorker).to have_received(:perform_async).with(integration.id, false) + expect(PropagateIntegrationWorker).to have_received(:perform_async).with(integration.id) end end diff --git a/spec/controllers/admin/runners_controller_spec.rb b/spec/controllers/admin/runners_controller_spec.rb index 013eee19409..3fffc50475c 100644 --- a/spec/controllers/admin/runners_controller_spec.rb +++ b/spec/controllers/admin/runners_controller_spec.rb @@ -151,4 +151,21 @@ RSpec.describe Admin::RunnersController do expect(runner.active).to eq(false) end end + + describe 'GET #runner_setup_scripts' do + it 'renders the setup scripts' do + get :runner_setup_scripts, params: { os: 'linux', arch: 'amd64' } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to have_key("install") + expect(json_response).to have_key("register") + end + + it 'renders errors if they occur' do + get :runner_setup_scripts, params: { os: 'foo', arch: 'bar' } + + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response).to have_key("errors") + end + end end diff --git a/spec/controllers/admin/sessions_controller_spec.rb b/spec/controllers/admin/sessions_controller_spec.rb index 35982e57034..5fa7a7f278d 100644 --- a/spec/controllers/admin/sessions_controller_spec.rb +++ b/spec/controllers/admin/sessions_controller_spec.rb @@ -109,7 +109,7 @@ RSpec.describe Admin::SessionsController, :do_not_mock_admin_mode do # triggering the auth form will request admin mode get :new - Timecop.freeze(Gitlab::Auth::CurrentUserMode::ADMIN_MODE_REQUESTED_GRACE_PERIOD.from_now) do + travel_to(Gitlab::Auth::CurrentUserMode::ADMIN_MODE_REQUESTED_GRACE_PERIOD.from_now) do post :create, params: { user: { password: user.password } } expect(response).to redirect_to(new_admin_session_path) diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb index 6301da74f4a..0ee773f291c 100644 --- a/spec/controllers/admin/users_controller_spec.rb +++ b/spec/controllers/admin/users_controller_spec.rb @@ -23,6 +23,12 @@ RSpec.describe Admin::UsersController do expect(assigns(:users)).to eq([admin]) end + + it 'eager loads authorized projects association' do + get :index + + expect(assigns(:users).first.association(:authorized_projects)).to be_loaded + end end describe 'GET :id' do diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb index 188a4cb04af..94e110325f9 100644 --- a/spec/controllers/application_controller_spec.rb +++ b/spec/controllers/application_controller_spec.rb @@ -416,13 +416,13 @@ RSpec.describe ApplicationController do end it 'returns false if the grace period has expired' do - Timecop.freeze(3.hours.from_now) do + travel_to(3.hours.from_now) do expect(subject).to be_falsey end end it 'returns true if the grace period is still active' do - Timecop.freeze(1.hour.from_now) do + travel_to(1.hour.from_now) do expect(subject).to be_truthy end end diff --git a/spec/controllers/boards/lists_controller_spec.rb b/spec/controllers/boards/lists_controller_spec.rb index c72d9e5053a..9b09f46d17e 100644 --- a/spec/controllers/boards/lists_controller_spec.rb +++ b/spec/controllers/boards/lists_controller_spec.rb @@ -260,6 +260,17 @@ RSpec.describe Boards::ListsController do end end + context 'with an error service response' do + it 'returns an unprocessable entity response' do + allow(Boards::Lists::DestroyService).to receive(:new) + .and_return(double(execute: ServiceResponse.error(message: 'error'))) + + remove_board_list user: user, board: board, list: planning + + expect(response).to have_gitlab_http_status(:unprocessable_entity) + end + end + def remove_board_list(user:, board:, list:) sign_in(user) diff --git a/spec/controllers/concerns/controller_with_feature_category/config_spec.rb b/spec/controllers/concerns/controller_with_feature_category/config_spec.rb deleted file mode 100644 index 9b8ffd2baab..00000000000 --- a/spec/controllers/concerns/controller_with_feature_category/config_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -# frozen_string_literal: true - -require "fast_spec_helper" -require "rspec-parameterized" -require_relative "../../../../app/controllers/concerns/controller_with_feature_category/config" - -RSpec.describe ControllerWithFeatureCategory::Config do - describe "#matches?" do - using RSpec::Parameterized::TableSyntax - - where(:only_actions, :except_actions, :if_proc, :unless_proc, :test_action, :expected) do - nil | nil | nil | nil | "action" | true - [:included] | nil | nil | nil | "action" | false - [:included] | nil | nil | nil | "included" | true - nil | [:excluded] | nil | nil | "excluded" | false - nil | nil | true | nil | "action" | true - [:included] | nil | true | nil | "action" | false - [:included] | nil | true | nil | "included" | true - nil | [:excluded] | true | nil | "excluded" | false - nil | nil | false | nil | "action" | false - [:included] | nil | false | nil | "action" | false - [:included] | nil | false | nil | "included" | false - nil | [:excluded] | false | nil | "excluded" | false - nil | nil | nil | true | "action" | false - [:included] | nil | nil | true | "action" | false - [:included] | nil | nil | true | "included" | false - nil | [:excluded] | nil | true | "excluded" | false - nil | nil | nil | false | "action" | true - [:included] | nil | nil | false | "action" | false - [:included] | nil | nil | false | "included" | true - nil | [:excluded] | nil | false | "excluded" | false - nil | nil | true | false | "action" | true - [:included] | nil | true | false | "action" | false - [:included] | nil | true | false | "included" | true - nil | [:excluded] | true | false | "excluded" | false - nil | nil | false | true | "action" | false - [:included] | nil | false | true | "action" | false - [:included] | nil | false | true | "included" | false - nil | [:excluded] | false | true | "excluded" | false - end - - with_them do - let(:config) do - if_to_proc = if_proc.nil? ? nil : -> (_) { if_proc } - unless_to_proc = unless_proc.nil? ? nil : -> (_) { unless_proc } - - described_class.new(:category, only_actions, except_actions, if_to_proc, unless_to_proc) - end - - specify { expect(config.matches?(test_action)).to be(expected) } - end - end -end diff --git a/spec/controllers/concerns/controller_with_feature_category_spec.rb b/spec/controllers/concerns/controller_with_feature_category_spec.rb index e603a7d14c4..55e84755f5c 100644 --- a/spec/controllers/concerns/controller_with_feature_category_spec.rb +++ b/spec/controllers/concerns/controller_with_feature_category_spec.rb @@ -2,7 +2,6 @@ require 'fast_spec_helper' require_relative "../../../app/controllers/concerns/controller_with_feature_category" -require_relative "../../../app/controllers/concerns/controller_with_feature_category/config" RSpec.describe ControllerWithFeatureCategory do describe ".feature_category_for_action" do @@ -14,17 +13,15 @@ RSpec.describe ControllerWithFeatureCategory do let(:controller) do Class.new(base_controller) do - feature_category :baz - feature_category :foo, except: %w(update edit) - feature_category :bar, only: %w(index show) - feature_category :quux, only: %w(destroy) - feature_category :quuz, only: %w(destroy) + feature_category :foo, %w(update edit) + feature_category :bar, %w(index show) + feature_category :quux, %w(destroy) end end let(:subclass) do Class.new(controller) do - feature_category :qux, only: %w(index) + feature_category :baz, %w(subclass_index) end end @@ -33,34 +30,31 @@ RSpec.describe ControllerWithFeatureCategory do end it "returns the expected category", :aggregate_failures do - expect(controller.feature_category_for_action("update")).to eq(:baz) - expect(controller.feature_category_for_action("hello")).to eq(:foo) + expect(controller.feature_category_for_action("update")).to eq(:foo) expect(controller.feature_category_for_action("index")).to eq(:bar) + expect(controller.feature_category_for_action("destroy")).to eq(:quux) end - it "returns the closest match for categories defined in subclasses" do - expect(subclass.feature_category_for_action("index")).to eq(:qux) - expect(subclass.feature_category_for_action("show")).to eq(:bar) + it "returns the expected category for categories defined in subclasses" do + expect(subclass.feature_category_for_action("subclass_index")).to eq(:baz) end - it "returns the last defined feature category when multiple match" do - expect(controller.feature_category_for_action("destroy")).to eq(:quuz) - end - - it "raises an error when using including and excluding the same action" do + it "raises an error when defining for the controller and for individual actions" do expect do Class.new(base_controller) do - feature_category :hello, only: [:world], except: [:world] + feature_category :hello + feature_category :goodbye, [:world] end - end.to raise_error(%r(cannot configure both `only` and `except`)) + end.to raise_error(ArgumentError, "hello is defined for all actions, but other categories are set") end - it "raises an error when using unknown arguments" do + it "raises an error when multiple calls define the same action" do expect do Class.new(base_controller) do - feature_category :hello, hello: :world + feature_category :hello, [:world] + feature_category :goodbye, ["world"] end - end.to raise_error(%r(unknown arguments)) + end.to raise_error(ArgumentError, "Actions have multiple feature categories: world") end end end diff --git a/spec/controllers/concerns/redis_tracking_spec.rb b/spec/controllers/concerns/redis_tracking_spec.rb index 3795fca5576..1b41e1820b1 100644 --- a/spec/controllers/concerns/redis_tracking_spec.rb +++ b/spec/controllers/concerns/redis_tracking_spec.rb @@ -36,21 +36,9 @@ RSpec.describe RedisTracking do end end - context 'with usage ping disabled' do - it 'does not track the event' do - stub_feature_flags(feature => true) - allow(Gitlab::CurrentSettings).to receive(:usage_ping_enabled?).and_return(false) - - expect(Gitlab::UsageDataCounters::HLLRedisCounter).not_to receive(:track_event) - - get :index - end - end - - context 'with feature enabled and usage ping enabled' do + context 'with feature enabled' do before do stub_feature_flags(feature => true) - allow(Gitlab::CurrentSettings).to receive(:usage_ping_enabled?).and_return(true) end context 'when user is logged in' do diff --git a/spec/controllers/dashboard_controller_spec.rb b/spec/controllers/dashboard_controller_spec.rb index c838affa239..9b78f841cce 100644 --- a/spec/controllers/dashboard_controller_spec.rb +++ b/spec/controllers/dashboard_controller_spec.rb @@ -15,6 +15,16 @@ RSpec.describe DashboardController do describe 'GET issues' do it_behaves_like 'issuables list meta-data', :issue, :issues it_behaves_like 'issuables requiring filter', :issues + + it 'lists only incidents and issues' do + issue = create(:incident, project: project, author: user) + incident = create(:incident, project: project, author: user) + create(:quality_test_case, project: project, author: user) + + get :issues, params: { author_id: user.id } + + expect(assigns(:issues)).to match_array([issue, incident]) + end end describe 'GET merge requests' do diff --git a/spec/controllers/every_controller_spec.rb b/spec/controllers/every_controller_spec.rb index 4785ee9ed8f..d333c98ccf7 100644 --- a/spec/controllers/every_controller_spec.rb +++ b/spec/controllers/every_controller_spec.rb @@ -17,20 +17,27 @@ RSpec.describe "Every controller" do .compact .select { |route| route[:controller].present? && route[:action].present? } .map { |route| [constantize_controller(route[:controller]), route[:action]] } - .reject { |route| route.first.nil? || !route.first.include?(ControllerWithFeatureCategory) } + .select { |(controller, action)| controller&.include?(ControllerWithFeatureCategory) } + .reject { |(controller, action)| controller == Devise::UnlocksController } end let_it_be(:routes_without_category) do controller_actions.map do |controller, action| - "#{controller}##{action}" unless controller.feature_category_for_action(action) + next if controller.feature_category_for_action(action) + next unless controller.to_s.start_with?('B', 'C', 'D', 'E', 'F', 'Projects::MergeRequestsController') + + "#{controller}##{action}" end.compact end it "has feature categories" do - pending("We'll work on defining categories for all controllers: "\ - "https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/463") + routes_without_category.map { |x| x.split('#') }.group_by(&:first).each do |controller, actions| + puts controller + puts actions.map { |x| ":#{x.last}" }.sort.join(', ') + puts '' + end - expect(routes_without_category).to be_empty, "#{routes_without_category.first(10)} did not have a category" + expect(routes_without_category).to be_empty, "#{routes_without_category} did not have a category" end it "completed controllers don't get new routes without categories" do @@ -74,9 +81,9 @@ RSpec.describe "Every controller" do end def actions_defined_in_feature_category_config(controller) - feature_category_configs = controller.send(:class_attributes)[:feature_category_config] - feature_category_configs.map do |config| - Array(config.send(:only)) + Array(config.send(:except)) - end.flatten.uniq.map(&:to_s) + controller.send(:class_attributes)[:feature_category_config] + .values + .flatten + .map(&:to_s) end end diff --git a/spec/controllers/groups/clusters_controller_spec.rb b/spec/controllers/groups/clusters_controller_spec.rb index 81d5bc7770f..140b7b0f2a8 100644 --- a/spec/controllers/groups/clusters_controller_spec.rb +++ b/spec/controllers/groups/clusters_controller_spec.rb @@ -271,6 +271,7 @@ RSpec.describe Groups::ClustersController do expect(cluster).to be_kubernetes expect(cluster.provider_gcp).to be_legacy_abac expect(cluster).to be_managed + expect(cluster).to be_namespace_per_environment end context 'when legacy_abac param is false' do @@ -358,6 +359,7 @@ RSpec.describe Groups::ClustersController do expect(cluster).to be_user expect(cluster).to be_kubernetes expect(cluster).to be_managed + expect(cluster).to be_namespace_per_environment end end @@ -387,6 +389,7 @@ RSpec.describe Groups::ClustersController do expect(cluster).to be_user expect(cluster).to be_kubernetes expect(cluster).to be_platform_kubernetes_rbac + expect(cluster).to be_namespace_per_environment end end @@ -716,6 +719,7 @@ RSpec.describe Groups::ClustersController do enabled: false, name: 'my-new-cluster-name', managed: false, + namespace_per_environment: false, domain: domain } } @@ -729,6 +733,7 @@ RSpec.describe Groups::ClustersController do expect(cluster.enabled).to be_falsey expect(cluster.name).to eq('my-new-cluster-name') expect(cluster).not_to be_managed + expect(cluster).not_to be_namespace_per_environment end end diff --git a/spec/controllers/groups/group_links_controller_spec.rb b/spec/controllers/groups/group_links_controller_spec.rb index 07299382230..d179e268748 100644 --- a/spec/controllers/groups/group_links_controller_spec.rb +++ b/spec/controllers/groups/group_links_controller_spec.rb @@ -136,10 +136,15 @@ RSpec.describe Groups::GroupLinksController do let(:expiry_date) { 1.month.from_now.to_date } subject do - post(:update, params: { group_id: shared_group, - id: link.id, - group_link: { group_access: Gitlab::Access::GUEST, - expires_at: expiry_date } }) + post( + :update, + params: { + group_id: shared_group, + id: link.id, + group_link: { group_access: Gitlab::Access::GUEST, expires_at: expiry_date } + }, + format: :json + ) end context 'when user has admin access to the shared group' do @@ -160,6 +165,26 @@ RSpec.describe Groups::GroupLinksController do expect(link.expires_at).to eq(expiry_date) end + context 'when `expires_at` is set' do + it 'returns correct json response' do + travel_to Time.now.utc.beginning_of_day + + subject + + expect(json_response).to eq({ "expires_in" => "about 1 month", "expires_soon" => false }) + end + end + + context 'when `expires_at` is not set' do + let(:expiry_date) { nil } + + it 'returns empty json response' do + subject + + expect(json_response).to be_empty + end + end + it 'updates project permissions' do expect { subject }.to change { group_member.can?(:create_release, project) }.from(true).to(false) end diff --git a/spec/controllers/groups/labels_controller_spec.rb b/spec/controllers/groups/labels_controller_spec.rb index 20ee19b01d1..33041f1af9f 100644 --- a/spec/controllers/groups/labels_controller_spec.rb +++ b/spec/controllers/groups/labels_controller_spec.rb @@ -9,6 +9,8 @@ RSpec.describe Groups::LabelsController do before do group.add_owner(user) + # by default FFs are enabled in specs so we turn it off + stub_feature_flags(show_inherited_labels: false) sign_in(user) end @@ -32,11 +34,41 @@ RSpec.describe Groups::LabelsController do subgroup.add_owner(user) end - it 'returns ancestor group labels' do - get :index, params: { group_id: subgroup, include_ancestor_groups: true, only_group_labels: true }, format: :json + RSpec.shared_examples 'returns ancestor group labels' do + it 'returns ancestor group labels' do + get :index, params: params, format: :json - label_ids = json_response.map {|label| label['title']} - expect(label_ids).to match_array([group_label_1.title, subgroup_label_1.title]) + label_ids = json_response.map {|label| label['title']} + expect(label_ids).to match_array([group_label_1.title, subgroup_label_1.title]) + end + end + + context 'when include_ancestor_groups true' do + let(:params) { { group_id: subgroup, include_ancestor_groups: true, only_group_labels: true } } + + it_behaves_like 'returns ancestor group labels' + end + + context 'when include_ancestor_groups false' do + let(:params) { { group_id: subgroup, only_group_labels: true } } + + it 'does not return ancestor group labels', :aggregate_failures do + get :index, params: params, format: :json + + label_ids = json_response.map {|label| label['title']} + expect(label_ids).to match_array([subgroup_label_1.title]) + expect(label_ids).not_to include([group_label_1.title]) + end + end + + context 'when show_inherited_labels enabled' do + let(:params) { { group_id: subgroup } } + + before do + stub_feature_flags(show_inherited_labels: true) + end + + it_behaves_like 'returns ancestor group labels' end end @@ -56,4 +88,43 @@ RSpec.describe Groups::LabelsController do expect(response).to have_gitlab_http_status(:ok) end end + + describe 'DELETE #destroy' do + context 'when current user has ability to destroy the label' do + before do + sign_in(user) + end + + it 'removes the label' do + label = create(:group_label, group: group) + delete :destroy, params: { group_id: group.to_param, id: label.to_param } + + expect { label.reload }.to raise_error(ActiveRecord::RecordNotFound) + end + + context 'when label is succesfuly destroyed' do + it 'redirects to the group labels page' do + label = create(:group_label, group: group) + delete :destroy, params: { group_id: group.to_param, id: label.to_param } + + expect(response).to redirect_to(group_labels_path) + end + end + end + + context 'when current_user does not have ability to destroy the label' do + let(:another_user) { create(:user) } + + before do + sign_in(another_user) + end + + it 'responds with status 404' do + label = create(:group_label, group: group) + delete :destroy, params: { group_id: group.to_param, id: label.to_param } + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end end diff --git a/spec/controllers/groups/milestones_controller_spec.rb b/spec/controllers/groups/milestones_controller_spec.rb index 5c7b88a218a..2c85fe482e2 100644 --- a/spec/controllers/groups/milestones_controller_spec.rb +++ b/spec/controllers/groups/milestones_controller_spec.rb @@ -9,7 +9,6 @@ RSpec.describe Groups::MilestonesController do let(:user) { create(:user) } let(:title) { '肯定不是中文的问题' } let(:milestone) { create(:milestone, project: project) } - let(:milestone_path) { group_milestone_path(group, milestone.safe_title, title: milestone.title) } let(:milestone_params) do { @@ -25,6 +24,12 @@ RSpec.describe Groups::MilestonesController do project.add_maintainer(user) end + it_behaves_like 'milestone tabs' do + let(:milestone) { create(:milestone, group: group) } + let(:milestone_path) { group_milestone_path(group, milestone.iid) } + let(:request_params) { { group_id: group, id: milestone.iid } } + end + describe '#index' do describe 'as HTML' do render_views diff --git a/spec/controllers/groups/registry/repositories_controller_spec.rb b/spec/controllers/groups/registry/repositories_controller_spec.rb index ddac8fc5002..ae982b02a4f 100644 --- a/spec/controllers/groups/registry/repositories_controller_spec.rb +++ b/spec/controllers/groups/registry/repositories_controller_spec.rb @@ -87,7 +87,7 @@ RSpec.describe Groups::Registry::RepositoriesController do it_behaves_like 'with name parameter' - it_behaves_like 'a gitlab tracking event', described_class.name, 'list_repositories' + it_behaves_like 'a package tracking event', described_class.name, 'list_repositories' context 'with project in subgroup' do let_it_be(:test_group) { create(:group, parent: group ) } diff --git a/spec/controllers/groups/settings/ci_cd_controller_spec.rb b/spec/controllers/groups/settings/ci_cd_controller_spec.rb index f11bb66caab..880d5fe8951 100644 --- a/spec/controllers/groups/settings/ci_cd_controller_spec.rb +++ b/spec/controllers/groups/settings/ci_cd_controller_spec.rb @@ -225,4 +225,25 @@ RSpec.describe Groups::Settings::CiCdController do end end end + + describe 'GET #runner_setup_scripts' do + before do + group.add_owner(user) + end + + it 'renders the setup scripts' do + get :runner_setup_scripts, params: { os: 'linux', arch: 'amd64', group_id: group } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to have_key("install") + expect(json_response).to have_key("register") + end + + it 'renders errors if they occur' do + get :runner_setup_scripts, params: { os: 'foo', arch: 'bar', group_id: group } + + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response).to have_key("errors") + end + end end diff --git a/spec/controllers/groups_controller_spec.rb b/spec/controllers/groups_controller_spec.rb index 35d8c0b7c6d..90f348a3421 100644 --- a/spec/controllers/groups_controller_spec.rb +++ b/spec/controllers/groups_controller_spec.rb @@ -2,18 +2,18 @@ require 'spec_helper' -RSpec.describe GroupsController do +RSpec.describe GroupsController, factory_default: :keep do include ExternalAuthorizationServiceHelpers - let(:user) { create(:user) } - let(:admin) { create(:admin) } - let(:group) { create(:group, :public) } - let(:project) { create(:project, namespace: group) } - let!(:group_member) { create(:group_member, group: group, user: user) } - let!(:owner) { group.add_owner(create(:user)).user } - let!(:maintainer) { group.add_maintainer(create(:user)).user } - let!(:developer) { group.add_developer(create(:user)).user } - let!(:guest) { group.add_guest(create(:user)).user } + let_it_be_with_refind(:group) { create_default(:group, :public) } + let_it_be_with_refind(:project) { create(:project, namespace: group) } + let_it_be(:user) { create(:user) } + let_it_be(:admin) { create(:admin) } + let_it_be(:group_member) { create(:group_member, group: group, user: user) } + let_it_be(:owner) { group.add_owner(create(:user)).user } + let_it_be(:maintainer) { group.add_maintainer(create(:user)).user } + let_it_be(:developer) { group.add_developer(create(:user)).user } + let_it_be(:guest) { group.add_guest(create(:user)).user } shared_examples 'member with ability to create subgroups' do it 'renders the new page' do @@ -57,7 +57,6 @@ RSpec.describe GroupsController do describe 'GET #show' do before do sign_in(user) - project end let(:format) { :html } @@ -82,7 +81,6 @@ RSpec.describe GroupsController do describe 'GET #details' do before do sign_in(user) - project end let(:format) { :html } @@ -131,12 +129,9 @@ RSpec.describe GroupsController do end describe 'GET #activity' do - render_views - context 'as json' do before do sign_in(user) - project end it 'includes events from all projects in group and subgroups', :sidekiq_might_not_need_inline do @@ -157,10 +152,6 @@ RSpec.describe GroupsController do end context 'when user has no permission to see the event' do - let(:user) { create(:user) } - let(:group) { create(:group) } - let(:project) { create(:project, group: group) } - let(:project_with_restricted_access) do create(:project, :public, issues_access_level: ProjectFeature::PRIVATE, group: group) end @@ -398,8 +389,8 @@ RSpec.describe GroupsController do end describe 'GET #issues', :sidekiq_might_not_need_inline do - let(:issue_1) { create(:issue, project: project, title: 'foo') } - let(:issue_2) { create(:issue, project: project, title: 'bar') } + let_it_be(:issue_1) { create(:issue, project: project, title: 'foo') } + let_it_be(:issue_2) { create(:issue, project: project, title: 'bar') } before do create_list(:award_emoji, 3, awardable: issue_2) @@ -409,6 +400,15 @@ RSpec.describe GroupsController do sign_in(user) end + it 'lists only incidents and issues' do + incident = create(:incident, project: project) + create(:quality_test_case, project: project) + + get :issues, params: { id: group.to_param } + + expect(assigns(:issues)).to match_array([issue_1, issue_2, incident]) + end + context 'sorting by votes' do it 'sorts most popular issues' do get :issues, params: { id: group.to_param, sort: 'upvotes_desc' } @@ -552,8 +552,6 @@ RSpec.describe GroupsController do end context 'when there is a conflicting group path' do - render_views - let!(:conflict_group) { create(:group, path: SecureRandom.hex(12) ) } let!(:old_name) { group.name } @@ -794,6 +792,7 @@ RSpec.describe GroupsController do context 'when transferring to a subgroup goes right' do let(:new_parent_group) { create(:group, :public) } + let(:group) { create(:group, :public) } let!(:group_member) { create(:group_member, :owner, group: group, user: user) } let!(:new_parent_group_member) { create(:group_member, :owner, group: new_parent_group, user: user) } @@ -805,11 +804,8 @@ RSpec.describe GroupsController do } end - it 'returns a notice' do + it 'returns a notice and redirects to the new path' do expect(flash[:notice]).to eq("Group '#{group.name}' was successfully transferred.") - end - - it 'redirects to the new path' do expect(response).to redirect_to("/#{new_parent_group.path}/#{group.path}") end end @@ -826,17 +822,15 @@ RSpec.describe GroupsController do } end - it 'returns a notice' do + it 'returns a notice and redirects to the new path' do expect(flash[:notice]).to eq("Group '#{group.name}' was successfully transferred.") - end - - it 'redirects to the new path' do expect(response).to redirect_to("/#{group.path}") end end context 'When the transfer goes wrong' do let(:new_parent_group) { create(:group, :public) } + let(:group) { create(:group, :public) } let!(:group_member) { create(:group_member, :owner, group: group, user: user) } let!(:new_parent_group_member) { create(:group_member, :owner, group: new_parent_group, user: user) } @@ -850,17 +844,15 @@ RSpec.describe GroupsController do } end - it 'returns an alert' do + it 'returns an alert and redirects to the current path' do expect(flash[:alert]).to eq "Transfer failed: namespace directory cannot be moved" - end - - it 'redirects to the current path' do expect(response).to redirect_to(edit_group_path(group)) end end context 'when the user is not allowed to transfer the group' do let(:new_parent_group) { create(:group, :public) } + let(:group) { create(:group, :public) } let!(:group_member) { create(:group_member, :guest, group: group, user: user) } let!(:new_parent_group_member) { create(:group_member, :guest, group: new_parent_group, user: user) } @@ -879,6 +871,7 @@ RSpec.describe GroupsController do context 'transferring when a project has container images' do let(:group) { create(:group, :public, :nested) } + let(:project) { create(:project, namespace: group) } let!(:group_member) { create(:group_member, :owner, group: group, user: user) } before do @@ -979,6 +972,8 @@ RSpec.describe GroupsController do end context 'when there is no file available to download' do + let(:admin) { create(:admin) } + before do sign_in(admin) end @@ -1149,9 +1144,7 @@ RSpec.describe GroupsController do describe "GET #activity as JSON" do include DesignManagementTestHelpers - render_views - let(:project) { create(:project, :public, group: group) } let(:other_project) { create(:project, :public, group: group) } def get_activity diff --git a/spec/controllers/import/bulk_imports_controller_spec.rb b/spec/controllers/import/bulk_imports_controller_spec.rb new file mode 100644 index 00000000000..9fe15162158 --- /dev/null +++ b/spec/controllers/import/bulk_imports_controller_spec.rb @@ -0,0 +1,137 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Import::BulkImportsController do + let_it_be(:user) { create(:user) } + + before do + sign_in(user) + end + + context 'when user is signed in' do + context 'when bulk_import feature flag is enabled' do + before do + stub_feature_flags(bulk_import: true) + end + + describe 'POST configure' do + context 'when no params are passed in' do + it 'clears out existing session' do + post :configure + + expect(session[:bulk_import_gitlab_access_token]).to be_nil + expect(session[:bulk_import_gitlab_url]).to be_nil + + expect(response).to have_gitlab_http_status(:found) + expect(response).to redirect_to(status_import_bulk_import_url) + end + end + + it 'sets the session variables' do + token = 'token' + url = 'https://gitlab.example' + + post :configure, params: { bulk_import_gitlab_access_token: token, bulk_import_gitlab_url: url } + + expect(session[:bulk_import_gitlab_access_token]).to eq(token) + expect(session[:bulk_import_gitlab_url]).to eq(url) + expect(response).to have_gitlab_http_status(:found) + expect(response).to redirect_to(status_import_bulk_import_url) + end + + it 'strips access token with spaces' do + token = 'token' + + post :configure, params: { bulk_import_gitlab_access_token: " #{token} " } + + expect(session[:bulk_import_gitlab_access_token]).to eq(token) + expect(controller).to redirect_to(status_import_bulk_import_url) + end + end + + describe 'GET status' do + context 'when host url is local or not http' do + %w[https://localhost:3000 http://192.168.0.1 ftp://testing].each do |url| + before do + stub_application_setting(allow_local_requests_from_web_hooks_and_services: false) + + session[:bulk_import_gitlab_access_token] = 'test' + session[:bulk_import_gitlab_url] = url + end + + it 'denies network request' do + get :status + + expect(controller).to redirect_to(new_group_path) + expect(flash[:alert]).to eq('Specified URL cannot be used: "Only allowed schemes are http, https"') + end + end + + context 'when local requests are allowed' do + %w[https://localhost:3000 http://192.168.0.1].each do |url| + before do + stub_application_setting(allow_local_requests_from_web_hooks_and_services: true) + + session[:bulk_import_gitlab_access_token] = 'test' + session[:bulk_import_gitlab_url] = url + end + + it 'allows network request' do + get :status + + expect(response).to have_gitlab_http_status(:ok) + end + end + end + end + end + end + + context 'when gitlab_api_imports feature flag is disabled' do + before do + stub_feature_flags(bulk_import: false) + end + + context 'POST configure' do + it 'returns 404' do + post :configure + + expect(response).to have_gitlab_http_status(:not_found) + end + end + + context 'GET status' do + it 'returns 404' do + get :status + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + end + + context 'when user is signed out' do + before do + sign_out(user) + end + + context 'POST configure' do + it 'redirects to sign in page' do + post :configure + + expect(response).to have_gitlab_http_status(:found) + expect(response).to redirect_to(new_user_session_path) + end + end + + context 'GET status' do + it 'redirects to sign in page' do + get :status + + expect(response).to have_gitlab_http_status(:found) + expect(response).to redirect_to(new_user_session_path) + end + end + end +end diff --git a/spec/controllers/import/manifest_controller_spec.rb b/spec/controllers/import/manifest_controller_spec.rb index ec8bd45b65c..6b21b45e698 100644 --- a/spec/controllers/import/manifest_controller_spec.rb +++ b/spec/controllers/import/manifest_controller_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Import::ManifestController do +RSpec.describe Import::ManifestController, :clean_gitlab_redis_shared_state do include ImportSpecHelper let_it_be(:user) { create(:user) } @@ -16,42 +16,93 @@ RSpec.describe Import::ManifestController do sign_in(user) end - def assign_session_group - session[:manifest_import_repositories] = [] - session[:manifest_import_group_id] = group.id + describe 'POST upload' do + context 'with a valid manifest' do + it 'saves the manifest and redirects to the status page', :aggregate_failures do + post :upload, params: { + group_id: group.id, + manifest: fixture_file_upload('spec/fixtures/aosp_manifest.xml') + } + + metadata = Gitlab::ManifestImport::Metadata.new(user) + + expect(metadata.group_id).to eq(group.id) + expect(metadata.repositories.size).to eq(660) + expect(metadata.repositories.first).to include(name: 'platform/build', path: 'build/make') + + expect(response).to redirect_to(status_import_manifest_path) + end + end + + context 'with an invalid manifest' do + it 'displays an error' do + post :upload, params: { + group_id: group.id, + manifest: fixture_file_upload('spec/fixtures/invalid_manifest.xml') + } + + expect(assigns(:errors)).to be_present + end + end + + context 'when the user cannot create projects in the group' do + it 'displays an error' do + sign_in(create(:user)) + + post :upload, params: { + group_id: group.id, + manifest: fixture_file_upload('spec/fixtures/aosp_manifest.xml') + } + + expect(assigns(:errors)).to be_present + end + end end describe 'GET status' do - let(:repo1) { OpenStruct.new(id: 'test1', url: 'http://demo.host/test1') } - let(:repo2) { OpenStruct.new(id: 'test2', url: 'http://demo.host/test2') } + let(:repo1) { { id: 'test1', url: 'http://demo.host/test1' } } + let(:repo2) { { id: 'test2', url: 'http://demo.host/test2' } } let(:repos) { [repo1, repo2] } - before do - assign_session_group + shared_examples 'status action' do + it "returns variables for json request" do + project = create(:project, import_type: 'manifest', creator_id: user.id) - session[:manifest_import_repositories] = repos - end + get :status, format: :json - it "returns variables for json request" do - project = create(:project, import_type: 'manifest', creator_id: user.id) + expect(response).to have_gitlab_http_status(:ok) + expect(json_response.dig("imported_projects", 0, "id")).to eq(project.id) + expect(json_response.dig("provider_repos", 0, "id")).to eq(repo1[:id]) + expect(json_response.dig("provider_repos", 1, "id")).to eq(repo2[:id]) + expect(json_response.dig("namespaces", 0, "id")).to eq(group.id) + end - get :status, format: :json + it "does not show already added project" do + project = create(:project, import_type: 'manifest', namespace: user.namespace, import_status: :finished, import_url: repo1[:url]) - expect(response).to have_gitlab_http_status(:ok) - expect(json_response.dig("imported_projects", 0, "id")).to eq(project.id) - expect(json_response.dig("provider_repos", 0, "id")).to eq(repo1.id) - expect(json_response.dig("provider_repos", 1, "id")).to eq(repo2.id) - expect(json_response.dig("namespaces", 0, "id")).to eq(group.id) + get :status, format: :json + + expect(json_response.dig("imported_projects", 0, "id")).to eq(project.id) + expect(json_response.dig("provider_repos").length).to eq(1) + expect(json_response.dig("provider_repos", 0, "id")).not_to eq(repo1[:id]) + end end - it "does not show already added project" do - project = create(:project, import_type: 'manifest', namespace: user.namespace, import_status: :finished, import_url: repo1.url) + context 'when the data is stored via Gitlab::ManifestImport::Metadata' do + before do + Gitlab::ManifestImport::Metadata.new(user).save(repos, group.id) + end + + include_examples 'status action' + end - get :status, format: :json + context 'when the data is stored in the user session' do + before do + session[:manifest_import_repositories] = repos + session[:manifest_import_group_id] = group.id + end - expect(json_response.dig("imported_projects", 0, "id")).to eq(project.id) - expect(json_response.dig("provider_repos").length).to eq(1) - expect(json_response.dig("provider_repos", 0, "id")).not_to eq(repo1.id) + include_examples 'status action' end end end diff --git a/spec/controllers/invites_controller_spec.rb b/spec/controllers/invites_controller_spec.rb index a083cfac981..75a972d2f95 100644 --- a/spec/controllers/invites_controller_spec.rb +++ b/spec/controllers/invites_controller_spec.rb @@ -17,8 +17,53 @@ RSpec.describe InvitesController, :snowplow do } end - before do - controller.instance_variable_set(:@member, member) + shared_examples 'invalid token' do + context 'when invite token is not valid' do + let(:params) { { id: '_bogus_token_' } } + + it 'renders the 404 page' do + request + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + + shared_examples "tracks the 'accepted' event for the invitation reminders experiment" do + before do + stub_experiment(invitation_reminders: true) + allow(Gitlab::Experimentation).to receive(:enabled_for_attribute?).with(:invitation_reminders, member.invite_email).and_return(experimental_group) + end + + context 'when in the control group' do + let(:experimental_group) { false } + + it "tracks the 'accepted' event" do + request + + expect_snowplow_event( + category: 'Growth::Acquisition::Experiment::InvitationReminders', + label: md5_member_global_id, + property: 'control_group', + action: 'accepted' + ) + end + end + + context 'when in the experimental group' do + let(:experimental_group) { true } + + it "tracks the 'accepted' event" do + request + + expect_snowplow_event( + category: 'Growth::Acquisition::Experiment::InvitationReminders', + label: md5_member_global_id, + property: 'experimental_group', + action: 'accepted' + ) + end + end end describe 'GET #show' do @@ -39,7 +84,7 @@ RSpec.describe InvitesController, :snowplow do end it 'forces re-confirmation if email does not match signed in user' do - member.invite_email = 'bogus@email.com' + member.update!(invite_email: 'bogus@email.com') expect do request @@ -64,8 +109,8 @@ RSpec.describe InvitesController, :snowplow do it 'tracks the user as experiment group' do request - expect_snowplow_event(snowplow_event.merge(action: 'opened')) - expect_snowplow_event(snowplow_event.merge(action: 'accepted')) + expect_snowplow_event(**snowplow_event.merge(action: 'opened')) + expect_snowplow_event(**snowplow_event.merge(action: 'accepted')) end end @@ -76,10 +121,13 @@ RSpec.describe InvitesController, :snowplow do it 'tracks the user as control group' do request - expect_snowplow_event(snowplow_event.merge(action: 'opened')) - expect_snowplow_event(snowplow_event.merge(action: 'accepted')) + expect_snowplow_event(**snowplow_event.merge(action: 'opened')) + expect_snowplow_event(**snowplow_event.merge(action: 'accepted')) end end + + it_behaves_like "tracks the 'accepted' event for the invitation reminders experiment" + it_behaves_like 'invalid token' end context 'when not logged in' do @@ -125,7 +173,7 @@ RSpec.describe InvitesController, :snowplow do it 'tracks the user as experiment group' do request - expect_snowplow_event(snowplow_event.merge(action: 'accepted')) + expect_snowplow_event(**snowplow_event.merge(action: 'accepted')) end end @@ -136,8 +184,31 @@ RSpec.describe InvitesController, :snowplow do it 'tracks the user as control group' do request - expect_snowplow_event(snowplow_event.merge(action: 'accepted')) + expect_snowplow_event(**snowplow_event.merge(action: 'accepted')) end end + + it_behaves_like "tracks the 'accepted' event for the invitation reminders experiment" + it_behaves_like 'invalid token' + end + + describe 'POST #decline for link in UI' do + before do + sign_in(user) + end + + subject(:request) { post :decline, params: params } + + it_behaves_like 'invalid token' + end + + describe 'GET #decline for link in email' do + before do + sign_in(user) + end + + subject(:request) { get :decline, params: params } + + it_behaves_like 'invalid token' end end diff --git a/spec/controllers/projects/clusters_controller_spec.rb b/spec/controllers/projects/clusters_controller_spec.rb index 51a451570c5..52cd6869b04 100644 --- a/spec/controllers/projects/clusters_controller_spec.rb +++ b/spec/controllers/projects/clusters_controller_spec.rb @@ -251,6 +251,7 @@ RSpec.describe Projects::ClustersController do cluster: { name: 'new-cluster', managed: '1', + namespace_per_environment: '0', provider_gcp_attributes: { gcp_project_id: 'gcp-project-12345', legacy_abac: legacy_abac_param @@ -278,6 +279,7 @@ RSpec.describe Projects::ClustersController do expect(project.clusters.first).to be_kubernetes expect(project.clusters.first.provider_gcp).to be_legacy_abac expect(project.clusters.first.managed?).to be_truthy + expect(project.clusters.first.namespace_per_environment?).to be_falsy end context 'when legacy_abac param is false' do @@ -369,6 +371,7 @@ RSpec.describe Projects::ClustersController do expect(project.clusters.first).to be_user expect(project.clusters.first).to be_kubernetes + expect(project.clusters.first).to be_namespace_per_environment end end @@ -400,6 +403,7 @@ RSpec.describe Projects::ClustersController do expect(cluster).to be_user expect(cluster).to be_kubernetes expect(cluster).to be_platform_kubernetes_rbac + expect(cluster).to be_namespace_per_environment end end @@ -726,6 +730,7 @@ RSpec.describe Projects::ClustersController do enabled: false, name: 'my-new-cluster-name', managed: false, + namespace_per_environment: false, platform_kubernetes_attributes: { namespace: 'my-namespace' } @@ -742,6 +747,7 @@ RSpec.describe Projects::ClustersController do expect(cluster.enabled).to be_falsey expect(cluster.name).to eq('my-new-cluster-name') expect(cluster).not_to be_managed + expect(cluster).not_to be_namespace_per_environment expect(cluster.platform_kubernetes.namespace).to eq('my-namespace') end diff --git a/spec/controllers/projects/group_links_controller_spec.rb b/spec/controllers/projects/group_links_controller_spec.rb index 762ef795f6e..3baadde46dc 100644 --- a/spec/controllers/projects/group_links_controller_spec.rb +++ b/spec/controllers/projects/group_links_controller_spec.rb @@ -3,10 +3,10 @@ require 'spec_helper' RSpec.describe Projects::GroupLinksController do - let(:group) { create(:group, :private) } - let(:group2) { create(:group, :private) } - let(:project) { create(:project, :private, group: group2) } - let(:user) { create(:user) } + let_it_be(:group) { create(:group, :private) } + let_it_be(:group2) { create(:group, :private) } + let_it_be(:project) { create(:project, :private, group: group2) } + let_it_be(:user) { create(:user) } before do project.add_maintainer(user) @@ -142,4 +142,47 @@ RSpec.describe Projects::GroupLinksController do end end end + + describe '#update' do + let_it_be(:link) do + create( + :project_group_link, + { + project: project, + group: group + } + ) + end + + let(:expiry_date) { 1.month.from_now.to_date } + + before do + travel_to Time.now.utc.beginning_of_day + + put( + :update, + params: { + namespace_id: project.namespace.to_param, + project_id: project.to_param, + id: link.id, + group_link: { group_access: Gitlab::Access::GUEST, expires_at: expiry_date } + }, + format: :json + ) + end + + context 'when `expires_at` is set' do + it 'returns correct json response' do + expect(json_response).to eq({ "expires_in" => "about 1 month", "expires_soon" => false }) + end + end + + context 'when `expires_at` is not set' do + let(:expiry_date) { nil } + + it 'returns empty json response' do + expect(json_response).to be_empty + end + end + end end diff --git a/spec/controllers/projects/import/jira_controller_spec.rb b/spec/controllers/projects/import/jira_controller_spec.rb index b82735a56b3..37a7fce0c23 100644 --- a/spec/controllers/projects/import/jira_controller_spec.rb +++ b/spec/controllers/projects/import/jira_controller_spec.rb @@ -12,7 +12,6 @@ RSpec.describe Projects::Import::JiraController do def ensure_correct_config sign_in(user) project.add_maintainer(user) - stub_feature_flags(jira_issue_import: true) stub_jira_service_test end @@ -77,7 +76,6 @@ RSpec.describe Projects::Import::JiraController do before do sign_in(user) project.add_maintainer(user) - stub_feature_flags(jira_issue_import: true) end context 'when Jira service is not enabled for the project' do diff --git a/spec/controllers/projects/incidents_controller_spec.rb b/spec/controllers/projects/incidents_controller_spec.rb index 2baae0661cb..1b47f9f6abf 100644 --- a/spec/controllers/projects/incidents_controller_spec.rb +++ b/spec/controllers/projects/incidents_controller_spec.rb @@ -3,44 +3,127 @@ require 'spec_helper' RSpec.describe Projects::IncidentsController do - let_it_be(:project) { create(:project) } + let_it_be_with_refind(:project) { create(:project) } let_it_be(:developer) { create(:user) } let_it_be(:guest) { create(:user) } + let_it_be(:anonymous) { nil } before_all do - project.add_developer(developer) project.add_guest(guest) + project.add_developer(developer) + end + + before do + sign_in(user) if user + end + + subject { make_request } + + shared_examples 'not found' do + include_examples 'returning response status', :not_found + end + + shared_examples 'login required' do + it 'redirects to the login page' do + subject + + expect(response).to redirect_to(new_user_session_path) + end end describe 'GET #index' do def make_request - get :index, params: { namespace_id: project.namespace, project_id: project } + get :index, params: project_params end - it 'shows the page for user with developer role' do - sign_in(developer) - make_request + let(:user) { developer } + + it 'shows the page' do + subject expect(response).to have_gitlab_http_status(:ok) expect(response).to render_template(:index) end context 'when user is unauthorized' do - it 'redirects to the login page' do - sign_out(developer) - make_request + let(:user) { anonymous } + + it_behaves_like 'login required' + end + + context 'when user is a guest' do + let(:user) { guest } + + it 'shows the page' do + subject + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template(:index) + end + end + end + + describe 'GET #show' do + def make_request + get :show, params: project_params(id: resource) + end + + let_it_be(:resource) { create(:incident, project: project) } + let(:user) { developer } + + it 'renders incident page' do + subject + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template(:show) - expect(response).to redirect_to(new_user_session_path) + expect(assigns(:incident)).to be_present + expect(assigns(:incident).author.association(:status)).to be_loaded + expect(assigns(:issue)).to be_present + expect(assigns(:noteable)).to eq(assigns(:incident)) + end + + context 'with feature flag disabled' do + before do + stub_feature_flags(issues_incident_details: false) end + + it_behaves_like 'not found' + end + + context 'with non existing id' do + let(:resource) { non_existing_record_id } + + it_behaves_like 'not found' + end + + context 'for issue' do + let_it_be(:resource) { create(:issue, project: project) } + + it_behaves_like 'not found' end context 'when user is a guest' do - it 'shows 404' do - sign_in(guest) - make_request + let(:user) { guest } + + it 'shows the page' do + subject - expect(response).to have_gitlab_http_status(:not_found) + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template(:show) end end + + context 'when unauthorized' do + let(:user) { anonymous } + + it_behaves_like 'login required' + end + end + + private + + def project_params(opts = {}) + opts.reverse_merge(namespace_id: project.namespace, project_id: project) end end diff --git a/spec/controllers/projects/jobs_controller_spec.rb b/spec/controllers/projects/jobs_controller_spec.rb index 94cce1964ca..d7c22d46e90 100644 --- a/spec/controllers/projects/jobs_controller_spec.rb +++ b/spec/controllers/projects/jobs_controller_spec.rb @@ -121,13 +121,6 @@ RSpec.describe Projects::JobsController, :clean_gitlab_redis_shared_state do expect(response).to have_gitlab_http_status(:ok) expect(assigns(:build).id).to eq(job.id) end - - it 'has the correct build collection' do - builds = assigns(:builds).map(&:id) - - expect(builds).to include(job.id, second_job.id) - expect(builds).not_to include(third_job.id) - end end context 'when job does not exist' do diff --git a/spec/controllers/projects/labels_controller_spec.rb b/spec/controllers/projects/labels_controller_spec.rb index f213d104747..8a3c55033cb 100644 --- a/spec/controllers/projects/labels_controller_spec.rb +++ b/spec/controllers/projects/labels_controller_spec.rb @@ -3,9 +3,9 @@ require 'spec_helper' RSpec.describe Projects::LabelsController do - let(:group) { create(:group) } - let(:project) { create(:project, namespace: group) } - let(:user) { create(:user) } + let_it_be(:group) { create(:group) } + let_it_be(:project, reload: true) { create(:project, namespace: group) } + let_it_be(:user) { create(:user) } before do project.add_maintainer(user) @@ -14,16 +14,21 @@ RSpec.describe Projects::LabelsController do end describe 'GET #index' do - let!(:label_1) { create(:label, project: project, priority: 1, title: 'Label 1') } - let!(:label_2) { create(:label, project: project, priority: 3, title: 'Label 2') } - let!(:label_3) { create(:label, project: project, priority: 1, title: 'Label 3') } - let!(:label_4) { create(:label, project: project, title: 'Label 4') } - let!(:label_5) { create(:label, project: project, title: 'Label 5') } - - let!(:group_label_1) { create(:group_label, group: group, title: 'Group Label 1') } - let!(:group_label_2) { create(:group_label, group: group, title: 'Group Label 2') } - let!(:group_label_3) { create(:group_label, group: group, title: 'Group Label 3') } - let!(:group_label_4) { create(:group_label, group: group, title: 'Group Label 4') } + let_it_be(:label_1) { create(:label, project: project, priority: 1, title: 'Label 1') } + let_it_be(:label_2) { create(:label, project: project, priority: 3, title: 'Label 2') } + let_it_be(:label_3) { create(:label, project: project, priority: 1, title: 'Label 3') } + let_it_be(:label_4) { create(:label, project: project, title: 'Label 4') } + let_it_be(:label_5) { create(:label, project: project, title: 'Label 5') } + + let_it_be(:group_label_1) { create(:group_label, group: group, title: 'Group Label 1') } + let_it_be(:group_label_2) { create(:group_label, group: group, title: 'Group Label 2') } + let_it_be(:group_label_3) { create(:group_label, group: group, title: 'Group Label 3') } + let_it_be(:group_label_4) { create(:group_label, group: group, title: 'Group Label 4') } + + let_it_be(:group_labels) { [group_label_3, group_label_4]} + let_it_be(:project_labels) { [label_4, label_5]} + let_it_be(:group_priority_labels) { [group_label_1, group_label_2]} + let_it_be(:project_priority_labels) { [label_1, label_2, label_3]} before do create(:label_priority, project: project, label: group_label_1, priority: 3) @@ -68,6 +73,60 @@ RSpec.describe Projects::LabelsController do end end + context 'with subgroups' do + let_it_be(:subgroup) { create(:group, parent: group) } + let_it_be(:subgroup_label_1) { create(:group_label, group: subgroup, title: 'subgroup_label_1') } + let_it_be(:subgroup_label_2) { create(:group_label, group: subgroup, title: 'subgroup_label_2') } + + before do + project.update!(namespace: subgroup) + subgroup.add_owner(user) + create(:label_priority, project: project, label: subgroup_label_2, priority: 1) + end + + RSpec.shared_examples 'returns ancestor group labels' do + it 'returns ancestor group labels', :aggregate_failures do + get :index, params: params + + expect(assigns(:labels)).to match_array([subgroup_label_1] + group_labels + project_labels) + expect(assigns(:prioritized_labels)).to match_array([subgroup_label_2] + group_priority_labels + project_priority_labels) + end + end + + context 'when show_inherited_labels disabled' do + before do + stub_feature_flags(show_inherited_labels: false) + end + + context 'when include_ancestor_groups false' do + let(:params) { { namespace_id: project.namespace.to_param, project_id: project } } + + it 'does not return ancestor group labels', :aggregate_failures do + get :index, params: params + + expect(assigns(:labels)).to match_array([subgroup_label_1] + project_labels) + expect(assigns(:prioritized_labels)).to match_array([subgroup_label_2] + project_priority_labels) + end + end + + context 'when include_ancestor_groups true' do + let(:params) { { namespace_id: project.namespace.to_param, project_id: project, include_ancestor_groups: true } } + + it_behaves_like 'returns ancestor group labels' + end + end + + context 'when show_inherited_labels enabled' do + let(:params) { { namespace_id: project.namespace.to_param, project_id: project } } + + before do + stub_feature_flags(show_inherited_labels: true) + end + + it_behaves_like 'returns ancestor group labels' + end + end + def list_labels get :index, params: { namespace_id: project.namespace.to_param, project_id: project } end @@ -75,7 +134,7 @@ RSpec.describe Projects::LabelsController do describe 'POST #generate' do context 'personal project' do - let(:personal_project) { create(:project, namespace: user.namespace) } + let_it_be(:personal_project) { create(:project, namespace: user.namespace) } it 'creates labels' do post :generate, params: { namespace_id: personal_project.namespace.to_param, project_id: personal_project } @@ -116,8 +175,8 @@ RSpec.describe Projects::LabelsController do end describe 'POST #promote' do - let!(:promoted_label_name) { "Promoted Label" } - let!(:label_1) { create(:label, title: promoted_label_name, project: project) } + let_it_be(:promoted_label_name) { "Promoted Label" } + let_it_be(:label_1) { create(:label, title: promoted_label_name, project: project) } context 'not group reporters' do it 'denies access' do @@ -196,7 +255,7 @@ RSpec.describe Projects::LabelsController do end context 'when requesting a redirected path' do - let!(:redirect_route) { project.redirect_routes.create(path: project.full_path + 'old') } + let_it_be(:redirect_route) { project.redirect_routes.create(path: project.full_path + 'old') } it 'redirects to the canonical path' do get :index, params: { namespace_id: project.namespace, project_id: project.to_param + 'old' } @@ -242,7 +301,7 @@ RSpec.describe Projects::LabelsController do end context 'when requesting a redirected path' do - let!(:redirect_route) { project.redirect_routes.create(path: project.full_path + 'old') } + let_it_be(:redirect_route) { project.redirect_routes.create(path: project.full_path + 'old') } it 'returns not found' do post :generate, params: { namespace_id: project.namespace, project_id: project.to_param + 'old' } diff --git a/spec/controllers/projects/milestones_controller_spec.rb b/spec/controllers/projects/milestones_controller_spec.rb index fa32d32f552..9e5d41b1075 100644 --- a/spec/controllers/projects/milestones_controller_spec.rb +++ b/spec/controllers/projects/milestones_controller_spec.rb @@ -17,7 +17,9 @@ RSpec.describe Projects::MilestonesController do controller.instance_variable_set(:@project, project) end - it_behaves_like 'milestone tabs' + it_behaves_like 'milestone tabs' do + let(:request_params) { { namespace_id: project.namespace, project_id: project, id: milestone.iid } } + end describe "#show" do render_views diff --git a/spec/controllers/projects/registry/tags_controller_spec.rb b/spec/controllers/projects/registry/tags_controller_spec.rb index 6adee35b60a..59df9e78a3c 100644 --- a/spec/controllers/projects/registry/tags_controller_spec.rb +++ b/spec/controllers/projects/registry/tags_controller_spec.rb @@ -109,7 +109,7 @@ RSpec.describe Projects::Registry::TagsController do it 'tracks the event' do expect_delete_tags(%w[test.]) - expect(controller).to receive(:track_event).with(:delete_tag) + expect(controller).to receive(:track_event).with(:delete_tag, {}) destroy_tag('test.') end diff --git a/spec/controllers/projects/releases/evidences_controller_spec.rb b/spec/controllers/projects/releases/evidences_controller_spec.rb index d5a9665d6a5..0ec4cdf2a31 100644 --- a/spec/controllers/projects/releases/evidences_controller_spec.rb +++ b/spec/controllers/projects/releases/evidences_controller_spec.rb @@ -113,18 +113,6 @@ RSpec.describe Projects::Releases::EvidencesController do it_behaves_like 'does not show the issue in evidence' - context 'when the issue is confidential' do - let(:issue) { create(:issue, :confidential, project: project) } - - it_behaves_like 'does not show the issue in evidence' - end - - context 'when the user is the author of the confidential issue' do - let(:issue) { create(:issue, :confidential, project: project, author: user) } - - it_behaves_like 'does not show the issue in evidence' - end - context 'when project is private' do let(:project) { create(:project, :repository, :private) } @@ -143,32 +131,16 @@ RSpec.describe Projects::Releases::EvidencesController do it_behaves_like 'does not show the issue in evidence' - context 'when the issue is confidential' do - let(:issue) { create(:issue, :confidential, project: project) } - - it_behaves_like 'does not show the issue in evidence' - end - - context 'when the user is the author of the confidential issue' do - let(:issue) { create(:issue, :confidential, project: project, author: user) } - - it_behaves_like 'does not show the issue in evidence' - end - context 'when project is private' do let(:project) { create(:project, :repository, :private) } - it 'returns evidence ' do - subject - - expect(json_response).to eq(evidence.summary) - end + it_behaves_like 'does not show the issue in evidence' end context 'when project restricts the visibility of issues to project members only' do let(:project) { create(:project, :repository, :issues_private) } - it_behaves_like 'evidence not found' + it_behaves_like 'does not show the issue in evidence' end end diff --git a/spec/controllers/projects/runners_controller_spec.rb b/spec/controllers/projects/runners_controller_spec.rb index 66f20bd50c4..2443a823070 100644 --- a/spec/controllers/projects/runners_controller_spec.rb +++ b/spec/controllers/projects/runners_controller_spec.rb @@ -73,4 +73,45 @@ RSpec.describe Projects::RunnersController do expect(runner.active).to eq(false) end end + + describe '#toggle_shared_runners' do + let(:group) { create(:group) } + let(:project) { create(:project, group: group) } + + it 'toggles shared_runners_enabled when the group allows shared runners' do + project.update!(shared_runners_enabled: true) + + post :toggle_shared_runners, params: params + + project.reload + + expect(response).to have_gitlab_http_status(:found) + expect(project.shared_runners_enabled).to eq(false) + end + + it 'toggles shared_runners_enabled when the group disallows shared runners but allows overrides' do + group.update!(shared_runners_enabled: false, allow_descendants_override_disabled_shared_runners: true) + project.update!(shared_runners_enabled: false) + + post :toggle_shared_runners, params: params + + project.reload + + expect(response).to have_gitlab_http_status(:found) + expect(project.shared_runners_enabled).to eq(true) + end + + it 'does not enable if the group disallows shared runners' do + group.update!(shared_runners_enabled: false, allow_descendants_override_disabled_shared_runners: false) + project.update!(shared_runners_enabled: false) + + post :toggle_shared_runners, params: params + + project.reload + + expect(response).to have_gitlab_http_status(:found) + expect(project.shared_runners_enabled).to eq(false) + expect(flash[:alert]).to eq("Cannot enable shared runners because parent group does not allow it") + end + end end diff --git a/spec/controllers/projects/serverless/functions_controller_spec.rb b/spec/controllers/projects/serverless/functions_controller_spec.rb index 7f558ad9231..75135839a06 100644 --- a/spec/controllers/projects/serverless/functions_controller_spec.rb +++ b/spec/controllers/projects/serverless/functions_controller_spec.rb @@ -206,7 +206,7 @@ RSpec.describe Projects::Serverless::FunctionsController do context 'on Knative 0.5.0' do before do - prepare_knative_stubs(knative_05_service(knative_stub_options)) + prepare_knative_stubs(knative_05_service(**knative_stub_options)) end include_examples 'GET #show with valid data' @@ -214,7 +214,7 @@ RSpec.describe Projects::Serverless::FunctionsController do context 'on Knative 0.6.0' do before do - prepare_knative_stubs(knative_06_service(knative_stub_options)) + prepare_knative_stubs(knative_06_service(**knative_stub_options)) end include_examples 'GET #show with valid data' @@ -222,7 +222,7 @@ RSpec.describe Projects::Serverless::FunctionsController do context 'on Knative 0.7.0' do before do - prepare_knative_stubs(knative_07_service(knative_stub_options)) + prepare_knative_stubs(knative_07_service(**knative_stub_options)) end include_examples 'GET #show with valid data' @@ -230,7 +230,7 @@ RSpec.describe Projects::Serverless::FunctionsController do context 'on Knative 0.9.0' do before do - prepare_knative_stubs(knative_09_service(knative_stub_options)) + prepare_knative_stubs(knative_09_service(**knative_stub_options)) end include_examples 'GET #show with valid data' @@ -275,7 +275,7 @@ RSpec.describe Projects::Serverless::FunctionsController do context 'on Knative 0.5.0' do before do - prepare_knative_stubs(knative_05_service(knative_stub_options)) + prepare_knative_stubs(knative_05_service(**knative_stub_options)) end include_examples 'GET #index with data' @@ -283,7 +283,7 @@ RSpec.describe Projects::Serverless::FunctionsController do context 'on Knative 0.6.0' do before do - prepare_knative_stubs(knative_06_service(knative_stub_options)) + prepare_knative_stubs(knative_06_service(**knative_stub_options)) end include_examples 'GET #index with data' @@ -291,7 +291,7 @@ RSpec.describe Projects::Serverless::FunctionsController do context 'on Knative 0.7.0' do before do - prepare_knative_stubs(knative_07_service(knative_stub_options)) + prepare_knative_stubs(knative_07_service(**knative_stub_options)) end include_examples 'GET #index with data' @@ -299,7 +299,7 @@ RSpec.describe Projects::Serverless::FunctionsController do context 'on Knative 0.9.0' do before do - prepare_knative_stubs(knative_09_service(knative_stub_options)) + prepare_knative_stubs(knative_09_service(**knative_stub_options)) end include_examples 'GET #index with data' diff --git a/spec/controllers/projects/settings/access_tokens_controller_spec.rb b/spec/controllers/projects/settings/access_tokens_controller_spec.rb index 4743ab2b7c1..f293027a69a 100644 --- a/spec/controllers/projects/settings/access_tokens_controller_spec.rb +++ b/spec/controllers/projects/settings/access_tokens_controller_spec.rb @@ -14,28 +14,21 @@ RSpec.describe Projects::Settings::AccessTokensController do sign_in(user) end - shared_examples 'feature unavailability' do - context 'when flag is disabled' do - before do - stub_feature_flags(resource_access_token: false) - end + shared_examples 'feature unavailable' do + let_it_be(:project) { create(:project) } - it { is_expected.to have_gitlab_http_status(:not_found) } + before do + allow(Gitlab).to receive(:com?).and_return(false) + project.add_developer(user) end - context 'when environment is Gitlab.com' do - before do - allow(Gitlab).to receive(:com?).and_return(true) - end - - it { is_expected.to have_gitlab_http_status(:not_found) } - end + it { is_expected.to have_gitlab_http_status(:not_found) } end describe '#index' do subject { get :index, params: { namespace_id: project.namespace, project_id: project } } - it_behaves_like 'feature unavailability' + it_behaves_like 'feature unavailable' context 'when feature is available' do let_it_be(:bot_user) { create(:user, :project_bot) } @@ -84,7 +77,7 @@ RSpec.describe Projects::Settings::AccessTokensController do let_it_be(:access_token_params) { {} } - it_behaves_like 'feature unavailability' + it_behaves_like 'feature unavailable' context 'when feature is available' do let_it_be(:access_token_params) { { name: 'Nerd bot', scopes: ["api"], expires_at: 1.month.since.to_date } } @@ -148,7 +141,7 @@ RSpec.describe Projects::Settings::AccessTokensController do project.add_maintainer(bot_user) end - it_behaves_like 'feature unavailability' + it_behaves_like 'feature unavailable' context 'when feature is available' do before do @@ -185,6 +178,5 @@ RSpec.describe Projects::Settings::AccessTokensController do def enable_feature allow(Gitlab).to receive(:com?).and_return(false) - stub_feature_flags(resource_access_token: true) end end diff --git a/spec/controllers/projects/settings/ci_cd_controller_spec.rb b/spec/controllers/projects/settings/ci_cd_controller_spec.rb index 8498ff49826..9e26eca88f2 100644 --- a/spec/controllers/projects/settings/ci_cd_controller_spec.rb +++ b/spec/controllers/projects/settings/ci_cd_controller_spec.rb @@ -266,4 +266,21 @@ RSpec.describe Projects::Settings::CiCdController do end end end + + describe 'GET #runner_setup_scripts' do + it 'renders the setup scripts' do + get :runner_setup_scripts, params: { os: 'linux', arch: 'amd64', namespace_id: project.namespace, project_id: project } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to have_key("install") + expect(json_response).to have_key("register") + end + + it 'renders errors if they occur' do + get :runner_setup_scripts, params: { os: 'foo', arch: 'bar', namespace_id: project.namespace, project_id: project } + + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response).to have_key("errors") + end + end end diff --git a/spec/controllers/projects/static_site_editor_controller_spec.rb b/spec/controllers/projects/static_site_editor_controller_spec.rb index 7883c7e6f81..1cd32177e17 100644 --- a/spec/controllers/projects/static_site_editor_controller_spec.rb +++ b/spec/controllers/projects/static_site_editor_controller_spec.rb @@ -5,9 +5,11 @@ require 'spec_helper' RSpec.describe Projects::StaticSiteEditorController do let_it_be(:project) { create(:project, :public, :repository) } let_it_be(:user) { create(:user) } - let(:data) { instance_double(Hash) } + let(:data) { { key: 'value' } } describe 'GET show' do + render_views + let(:default_params) do { namespace_id: project.namespace, @@ -50,41 +52,78 @@ RSpec.describe Projects::StaticSiteEditorController do end end - %w[developer maintainer].each do |role| - context "as #{role}" do - before_all do - project.add_role(user, role) + context "as developer" do + before do + project.add_role(user, 'developer') + sign_in(user) + get :show, params: default_params + end + + it 'renders the edit page' do + expect(response).to render_template(:show) + end + + it 'assigns ref and path variables' do + expect(assigns(:ref)).to eq('master') + expect(assigns(:path)).to eq('README.md') + end + + context 'when combination of ref and path is incorrect' do + let(:default_params) { super().merge(id: 'unknown') } + + it 'responds with 404 page' do + expect(response).to have_gitlab_http_status(:not_found) end + end + + context 'when invalid config file' do + let(:service_response) { ServiceResponse.error(message: 'invalid') } - before do - sign_in(user) - get :show, params: default_params + it 'redirects to project page and flashes error message' do + expect(response).to redirect_to(project_path(project)) + expect(response).to set_flash[:alert].to('invalid') end + end - it 'renders the edit page' do - expect(response).to render_template(:show) + context 'with a service response payload containing multiple data types' do + let(:data) do + { + a_string: 'string', + an_array: [ + { + foo: 'bar' + } + ], + an_integer: 123, + a_hash: { + a_deeper_hash: { + foo: 'bar' + } + }, + a_boolean: true + } end - it 'assigns a required variables' do - expect(assigns(:data)).to eq(data) - expect(assigns(:ref)).to eq('master') - expect(assigns(:path)).to eq('README.md') + let(:assigns_data) { assigns(:data) } + + it 'leaves data values which are strings as strings' do + expect(assigns_data[:a_string]).to eq('string') end - context 'when combination of ref and path is incorrect' do - let(:default_params) { super().merge(id: 'unknown') } + it 'leaves data values which are integers as integers' do + expect(assigns_data[:an_integer]).to eq(123) + end - it 'responds with 404 page' do - expect(response).to have_gitlab_http_status(:not_found) - end + it 'serializes data values which are booleans to JSON' do + expect(assigns_data[:a_boolean]).to eq('true') end - context 'when invalid config file' do - let(:service_response) { ServiceResponse.error(message: 'invalid') } + it 'serializes data values which are arrays to JSON' do + expect(assigns_data[:an_array]).to eq('[{"foo":"bar"}]') + end - it 'returns 422' do - expect(response).to have_gitlab_http_status(:unprocessable_entity) - end + it 'serializes data values which are hashes to JSON' do + expect(assigns_data[:a_hash]).to eq('{"a_deeper_hash":{"foo":"bar"}}') end end end diff --git a/spec/controllers/projects/tags_controller_spec.rb b/spec/controllers/projects/tags_controller_spec.rb index d213d003bed..57760088183 100644 --- a/spec/controllers/projects/tags_controller_spec.rb +++ b/spec/controllers/projects/tags_controller_spec.rb @@ -131,4 +131,25 @@ RSpec.describe Projects::TagsController do end end end + + describe 'DELETE #destroy' do + let(:tag) { project.repository.add_tag(user, 'fake-tag', 'master') } + let(:request) do + delete(:destroy, params: { id: tag.name, namespace_id: project.namespace.to_param, project_id: project }) + end + + before do + project.add_developer(user) + sign_in(user) + end + + it 'deletes tag' do + request + + expect(response).to be_successful + expect(response.body).to include("Tag was removed") + + expect(project.repository.find_tag(tag.name)).not_to be_present + end + end end diff --git a/spec/controllers/runner_setup_controller_spec.rb b/spec/controllers/runner_setup_controller_spec.rb new file mode 100644 index 00000000000..0b237500907 --- /dev/null +++ b/spec/controllers/runner_setup_controller_spec.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe RunnerSetupController do + let(:user) { create(:user) } + + before do + sign_in(user) + end + + describe 'GET #platforms' do + it 'renders the platforms' do + get :platforms + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to have_key("windows") + expect(json_response).to have_key("kubernetes") + end + end +end diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb index 688539f2a03..47d234df22b 100644 --- a/spec/controllers/sessions_controller_spec.rb +++ b/spec/controllers/sessions_controller_spec.rb @@ -78,6 +78,9 @@ RSpec.describe SessionsController do end context 'when using standard authentications' do + let(:user) { create(:user) } + let(:post_action) { post(:create, params: { user: { login: user.username, password: user.password } }) } + context 'invalid password' do it 'does not authenticate user' do post(:create, params: { user: { login: 'invalid', password: 'invalid' } }) @@ -87,6 +90,26 @@ RSpec.describe SessionsController do end end + context 'a blocked user' do + it 'does not authenticate the user' do + user.block! + post_action + + expect(@request.env['warden']).not_to be_authenticated + expect(flash[:alert]).to include('Your account has been blocked') + end + end + + context 'an internal user' do + it 'does not authenticate the user' do + user.ghost! + post_action + + expect(@request.env['warden']).not_to be_authenticated + expect(flash[:alert]).to include('Your account does not have the required permission to login') + end + end + context 'when using valid password', :clean_gitlab_redis_shared_state do let(:user) { create(:user) } let(:user_params) { { login: user.username, password: user.password } } |