diff options
Diffstat (limited to 'spec/features')
10 files changed, 389 insertions, 5 deletions
diff --git a/spec/features/dashboard/todos/todos_spec.rb b/spec/features/dashboard/todos/todos_spec.rb index 867281da1e6..63867d5796a 100644 --- a/spec/features/dashboard/todos/todos_spec.rb +++ b/spec/features/dashboard/todos/todos_spec.rb @@ -3,10 +3,10 @@ require 'spec_helper' describe 'Dashboard Todos' do - let(:user) { create(:user, username: 'john') } - let(:author) { create(:user) } - let(:project) { create(:project, :public) } - let(:issue) { create(:issue, due_date: Date.today, title: "Fix bug") } + let_it_be(:user) { create(:user, username: 'john') } + let_it_be(:author) { create(:user) } + let_it_be(:project) { create(:project, :public) } + let_it_be(:issue) { create(:issue, due_date: Date.today, title: "Fix bug") } context 'User does not have todos' do before do @@ -357,4 +357,38 @@ describe 'Dashboard Todos' do expect(page).to have_link "merge request #{todo.target.to_reference}", href: href end end + + context 'User has a todo regarding a design' do + let_it_be(:target) { create(:design, issue: issue, project: project) } + let_it_be(:note) { create(:note, project: project, note: 'I am note, hear me roar') } + let_it_be(:todo) do + create(:todo, :mentioned, + user: user, + project: project, + target: target, + author: author, + note: note) + end + + before do + project.add_developer(user) + sign_in(user) + + visit dashboard_todos_path + end + + it 'has todo present' do + expect(page).to have_selector('.todos-list .todo', count: 1) + end + + it 'has a link that will take me to the design page' do + click_link "design #{target.to_reference}" + + expectation = Gitlab::Routing.url_helpers.designs_project_issue_path( + target.project, target.issue, target.filename + ) + + expect(current_path).to eq(expectation) + end + end end diff --git a/spec/features/profiles/emails_spec.rb b/spec/features/profiles/emails_spec.rb index 5dfc03d711a..a41ef9e86ae 100644 --- a/spec/features/profiles/emails_spec.rb +++ b/spec/features/profiles/emails_spec.rb @@ -67,7 +67,7 @@ describe 'Profile > Emails' do email = user.emails.create(email: 'my@email.com') visit profile_emails_path - expect { click_link("Resend confirmation email") }.to change { ActionMailer::Base.deliveries.size } + expect { click_link("Resend confirmation email") }.to have_enqueued_job.on_queue('mailers') expect(page).to have_content("Confirmation email sent to #{email.email}") end diff --git a/spec/features/projects/activity/user_sees_design_comment_spec.rb b/spec/features/projects/activity/user_sees_design_comment_spec.rb new file mode 100644 index 00000000000..9864e9ce29f --- /dev/null +++ b/spec/features/projects/activity/user_sees_design_comment_spec.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'Projects > Activity > User sees design comment', :js do + include DesignManagementTestHelpers + + let_it_be(:project) { create(:project, :repository, :public) } + let_it_be(:user) { project.creator } + let_it_be(:commenter) { create(:user) } + let_it_be(:issue) { create(:closed_issue, project: project) } + let_it_be(:design) { create(:design, issue: issue) } + + let(:design_activity) do + "#{commenter.name} #{commenter.to_reference} commented on design" + end + + let(:issue_activity) do + "#{user.name} #{user.to_reference} closed issue #{issue.to_reference}" + end + + before_all do + project.add_developer(commenter) + create(:event, :for_design, project: project, author: commenter, design: design) + create(:closed_issue_event, project: project, author: user, target: issue) + end + + before do + enable_design_management + end + + it 'shows the design comment action in the activity page' do + visit activity_project_path(project) + + expect(page).to have_content(design_activity) + end + + it 'allows to filter out the design event with the "event_filter=issue" URL param', :aggregate_failures do + visit activity_project_path(project, event_filter: EventFilter::ISSUE) + + expect(page).not_to have_content(design_activity) + expect(page).to have_content(issue_activity) + end + + it 'allows to filter in the event with the "event_filter=comments" URL param', :aggregate_failures do + visit activity_project_path(project, event_filter: EventFilter::COMMENTS) + + expect(page).to have_content(design_activity) + expect(page).not_to have_content(issue_activity) + end +end diff --git a/spec/features/projects/issues/design_management/user_paginates_designs_spec.rb b/spec/features/projects/issues/design_management/user_paginates_designs_spec.rb new file mode 100644 index 00000000000..d9a72f2d5c5 --- /dev/null +++ b/spec/features/projects/issues/design_management/user_paginates_designs_spec.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'User paginates issue designs', :js do + include DesignManagementTestHelpers + + let(:project) { create(:project_empty_repo, :public) } + let(:issue) { create(:issue, project: project) } + + before do + enable_design_management + + create_list(:design, 2, :with_file, issue: issue) + + visit project_issue_path(project, issue) + + click_link 'Designs' + + wait_for_requests + + find('.js-design-list-item', match: :first).click + end + + it 'paginates to next design' do + expect(find('.js-previous-design')[:disabled]).to eq('true') + + page.within(find('.js-design-header')) do + expect(page).to have_content('1 of 2') + end + + find('.js-next-design').click + + expect(find('.js-previous-design')[:disabled]).not_to eq('true') + + page.within(find('.js-design-header')) do + expect(page).to have_content('2 of 2') + end + end +end diff --git a/spec/features/projects/issues/design_management/user_permissions_upload_spec.rb b/spec/features/projects/issues/design_management/user_permissions_upload_spec.rb new file mode 100644 index 00000000000..2238e86a47f --- /dev/null +++ b/spec/features/projects/issues/design_management/user_permissions_upload_spec.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'User design permissions', :js do + include DesignManagementTestHelpers + + let(:project) { create(:project_empty_repo, :public) } + let(:issue) { create(:issue, project: project) } + + before do + enable_design_management + + visit project_issue_path(project, issue) + + click_link 'Designs' + + wait_for_requests + end + + it 'user does not have permissions to upload design' do + expect(page).not_to have_field('design_file') + end +end diff --git a/spec/features/projects/issues/design_management/user_uploads_designs_spec.rb b/spec/features/projects/issues/design_management/user_uploads_designs_spec.rb new file mode 100644 index 00000000000..d160ab95a65 --- /dev/null +++ b/spec/features/projects/issues/design_management/user_uploads_designs_spec.rb @@ -0,0 +1,63 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'User uploads new design', :js do + include DesignManagementTestHelpers + + let_it_be(:project) { create(:project_empty_repo, :public) } + let_it_be(:user) { project.owner } + let_it_be(:issue) { create(:issue, project: project) } + + before do + sign_in(user) + end + + context "when the feature is available" do + before do + enable_design_management + + visit project_issue_path(project, issue) + + click_link 'Designs' + + wait_for_requests + end + + it 'uploads designs' do + attach_file(:design_file, logo_fixture, make_visible: true) + + expect(page).to have_selector('.js-design-list-item', count: 1) + + within first('#designs-tab .js-design-list-item') do + expect(page).to have_content('dk.png') + end + + attach_file(:design_file, gif_fixture, make_visible: true) + + expect(page).to have_selector('.js-design-list-item', count: 2) + end + end + + context 'when the feature is not available' do + before do + visit project_issue_path(project, issue) + + click_link 'Designs' + + wait_for_requests + end + + it 'shows the message about requirements' do + expect(page).to have_content("To enable design management, you'll need to meet the requirements.") + end + end + + def logo_fixture + Rails.root.join('spec', 'fixtures', 'dk.png') + end + + def gif_fixture + Rails.root.join('spec', 'fixtures', 'banana_sample.gif') + end +end diff --git a/spec/features/projects/issues/design_management/user_views_design_images_spec.rb b/spec/features/projects/issues/design_management/user_views_design_images_spec.rb new file mode 100644 index 00000000000..3d0f4df55c4 --- /dev/null +++ b/spec/features/projects/issues/design_management/user_views_design_images_spec.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'Users views raw design image files' do + include DesignManagementTestHelpers + + let_it_be(:project) { create(:project, :public) } + let_it_be(:issue) { create(:issue, project: project) } + let_it_be(:design) { create(:design, :with_file, issue: issue, versions_count: 2) } + let(:newest_version) { design.versions.ordered.first } + let(:oldest_version) { design.versions.ordered.last } + + before do + enable_design_management + end + + it 'serves the latest design version when no ref is given' do + visit project_design_management_designs_raw_image_path(design.project, design) + + expect(response_headers[Gitlab::Workhorse::SEND_DATA_HEADER]).to eq( + workhorse_data_header_for_version(oldest_version.sha) + ) + end + + it 'serves the correct design version when a ref is given' do + visit project_design_management_designs_raw_image_path(design.project, design, oldest_version.sha) + + expect(response_headers[Gitlab::Workhorse::SEND_DATA_HEADER]).to eq( + workhorse_data_header_for_version(oldest_version.sha) + ) + end + + private + + def workhorse_data_header_for_version(ref) + blob = project.design_repository.blob_at(ref, design.full_path) + + Gitlab::Workhorse.send_git_blob(project.design_repository, blob).last + end +end diff --git a/spec/features/projects/issues/design_management/user_views_design_spec.rb b/spec/features/projects/issues/design_management/user_views_design_spec.rb new file mode 100644 index 00000000000..707049b0068 --- /dev/null +++ b/spec/features/projects/issues/design_management/user_views_design_spec.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'User views issue designs', :js do + include DesignManagementTestHelpers + + let_it_be(:project) { create(:project_empty_repo, :public) } + let_it_be(:issue) { create(:issue, project: project) } + let_it_be(:design) { create(:design, :with_file, issue: issue) } + + before do + enable_design_management + + visit project_issue_path(project, issue) + + click_link 'Designs' + end + + it 'opens design detail' do + click_link design.filename + + page.within(find('.js-design-header')) do + expect(page).to have_content(design.filename) + end + + expect(page).to have_selector('.js-design-image') + end +end diff --git a/spec/features/projects/issues/design_management/user_views_designs_spec.rb b/spec/features/projects/issues/design_management/user_views_designs_spec.rb new file mode 100644 index 00000000000..a4fb7456922 --- /dev/null +++ b/spec/features/projects/issues/design_management/user_views_designs_spec.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'User views issue designs', :js do + include DesignManagementTestHelpers + + let_it_be(:project) { create(:project_empty_repo, :public) } + let_it_be(:issue) { create(:issue, project: project) } + let_it_be(:design) { create(:design, :with_file, issue: issue) } + + before do + enable_design_management + end + + context 'navigates from the issue view' do + before do + visit project_issue_path(project, issue) + click_link 'Designs' + wait_for_requests + end + + it 'fetches list of designs' do + expect(page).to have_selector('.js-design-list-item', count: 1) + end + end + + context 'navigates directly to the design collection view' do + before do + visit designs_project_issue_path(project, issue) + end + + it 'expands the sidebar' do + expect(page).to have_selector('.layout-page.right-sidebar-expanded') + end + end + + context 'navigates directly to the individual design view' do + before do + visit designs_project_issue_path(project, issue, vueroute: design.filename) + end + + it 'sees the design' do + expect(page).to have_selector('.js-design-detail') + end + end +end diff --git a/spec/features/projects/issues/design_management/user_views_designs_with_svg_xss_spec.rb b/spec/features/projects/issues/design_management/user_views_designs_with_svg_xss_spec.rb new file mode 100644 index 00000000000..a9e4aa899a7 --- /dev/null +++ b/spec/features/projects/issues/design_management/user_views_designs_with_svg_xss_spec.rb @@ -0,0 +1,55 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'User views an SVG design that contains XSS', :js do + include DesignManagementTestHelpers + + let(:project) { create(:project_empty_repo, :public) } + let(:issue) { create(:issue, project: project) } + let(:file) { Rails.root.join('spec', 'fixtures', 'logo_sample.svg') } + let(:design) { create(:design, :with_file, filename: 'xss.svg', file: file, issue: issue) } + + before do + enable_design_management + + visit designs_project_issue_path( + project, + issue, + { vueroute: design.filename } + ) + + wait_for_requests + end + + it 'has XSS within the SVG file' do + file_content = File.read(file) + + expect(file_content).to include("<script>alert('FAIL')</script>") + end + + it 'displays the SVG' do + expect(page).to have_selector("img.design-img[alt='xss.svg']", count: 1, visible: false) + end + + it 'does not execute the JavaScript within the SVG' do + # The expectation is that we can call the capybara `page.dismiss_prompt` + # method to close a JavaScript alert prompt without a `Capybara::ModalNotFound` + # being raised. + run_expectation = -> { + page.dismiss_prompt(wait: 1) + } + + # With the page loaded, there should be no alert modal + expect(run_expectation).to raise_error( + Capybara::ModalNotFound, + 'Unable to find modal dialog' + ) + + # Perform a negative control test of the above expectation. + # With an alert modal displaying, the modal should be dismissable. + execute_script('alert(true)') + + expect(run_expectation).not_to raise_error + end +end |