7 files changed, 170 insertions, 59 deletions

diff --git a/spec/finders/autocomplete/users_finder_spec.rb b/spec/finders/autocomplete/users_finder_spec.rb
index de031041e18..57f804e471f 100644
--- a/spec/finders/autocomplete/users_finder_spec.rb
+++ b/spec/finders/autocomplete/users_finder_spec.rb
@@ -8,7 +8,8 @@ RSpec.describe Autocomplete::UsersFinder do
 
   describe '#execute' do
     let_it_be(:user1) { create(:user, name: 'zzzzzname', username: 'johndoe') }
-    let_it_be(:user2) { create(:user, :blocked, username: 'notsorandom') }
+    let_it_be(:blocked_user) { create(:user, :blocked, username: 'blocked_user') }
+    let_it_be(:banned_user) { create(:user, :banned, username: 'banned_user') }
     let_it_be(:external_user) { create(:user, :external) }
     let_it_be(:omniauth_user) { create(:omniauth_user, provider: 'twitter', extern_uid: '123456') }
 
@@ -39,7 +40,13 @@ RSpec.describe Autocomplete::UsersFinder do
         end
 
         context 'and author is blocked' do
-          let(:params) { { author_id: user2.id } }
+          let(:params) { { author_id: blocked_user.id } }
+
+          it { is_expected.to match_array([project.first_owner]) }
+        end
+
+        context 'and author is banned' do
+          let(:params) { { author_id: banned_user.id } }
 
           it { is_expected.to match_array([project.first_owner]) }
         end
@@ -108,7 +115,7 @@ RSpec.describe Autocomplete::UsersFinder do
     end
 
     context 'when filtered by skip_users' do
-      let(:params) { { skip_users: [omniauth_user.id, current_user.id] } }
+      let(:params) { { skip_users: [omniauth_user.id, current_user.id, blocked_user] } }
 
       it { is_expected.to match_array([user1, external_user]) }
     end
@@ -139,10 +146,10 @@ RSpec.describe Autocomplete::UsersFinder do
     end
 
     context 'when filtered by current_user' do
-      let(:current_user) { user2 }
+      let(:current_user) { blocked_user }
       let(:params) { { current_user: true } }
 
-      it { is_expected.to match_array([user2, user1, external_user, omniauth_user]) }
+      it { is_expected.to match_array([blocked_user, user1, external_user, omniauth_user]) }
     end
 
     context 'when filtered by author_id' do
@@ -155,5 +162,37 @@ RSpec.describe Autocomplete::UsersFinder do
       associations = subject.map { |user| user.association(:status) }
       expect(associations).to all(be_loaded)
     end
+
+    context 'when filtered by state' do
+      context "searching without states" do
+        let(:params) { { states: nil } }
+
+        it { is_expected.to match_array([user1, external_user, omniauth_user, current_user]) }
+      end
+
+      context "searching with states=active" do
+        let(:params) { { states: %w[active] } }
+
+        it { is_expected.to match_array([user1, external_user, omniauth_user, current_user]) }
+      end
+
+      context "searching with states=blocked" do
+        let(:params) { { states: %w[blocked] } }
+
+        it { is_expected.to match_array([blocked_user]) }
+      end
+
+      context "searching with states=banned" do
+        let(:params) { { states: %w[banned] } }
+
+        it { is_expected.to match_array([banned_user]) }
+      end
+
+      context "searching with states=blocked,banned" do
+        let(:params) { { states: %w[blocked banned] } }
+
+        it { is_expected.to match_array([blocked_user, banned_user]) }
+      end
+    end
   end
 end
diff --git a/spec/finders/branches_finder_spec.rb b/spec/finders/branches_finder_spec.rb
index 9314f616c44..f14c60c4b8f 100644
--- a/spec/finders/branches_finder_spec.rb
+++ b/spec/finders/branches_finder_spec.rb
@@ -211,7 +211,7 @@ RSpec.describe BranchesFinder do
         it 'raises an error' do
           expect do
             subject
-          end.to raise_error(Gitlab::Git::CommandError, '13:could not find page token.')
+          end.to raise_error(Gitlab::Git::CommandError, /could not find page token/)
         end
       end
 
diff --git a/spec/finders/clusters/agent_authorizations_finder_spec.rb b/spec/finders/clusters/agent_authorizations_finder_spec.rb
index 2d90f32adc5..f680792d6c4 100644
--- a/spec/finders/clusters/agent_authorizations_finder_spec.rb
+++ b/spec/finders/clusters/agent_authorizations_finder_spec.rb
@@ -64,14 +64,6 @@ RSpec.describe Clusters::AgentAuthorizationsFinder do
         let!(:project_authorization) { create(:agent_project_authorization, agent: non_ancestor_agent, project: requesting_project) }
 
         it { is_expected.to match_array([project_authorization]) }
-
-        context 'agent_authorization_include_descendants feature flag is disabled' do
-          before do
-            stub_feature_flags(agent_authorization_include_descendants: false)
-          end
-
-          it { is_expected.to be_empty }
-        end
       end
 
       context 'with project authorizations present' do
@@ -138,14 +130,6 @@ RSpec.describe Clusters::AgentAuthorizationsFinder do
         let!(:group_authorization) { create(:agent_group_authorization, agent: non_ancestor_agent, group: bottom_level_group) }
 
         it { is_expected.to match_array([group_authorization]) }
-
-        context 'agent_authorization_include_descendants feature flag is disabled' do
-          before do
-            stub_feature_flags(agent_authorization_include_descendants: false)
-          end
-
-          it { is_expected.to be_empty }
-        end
       end
 
       it_behaves_like 'access_as' do
diff --git a/spec/finders/clusters/agent_tokens_finder_spec.rb b/spec/finders/clusters/agent_tokens_finder_spec.rb
new file mode 100644
index 00000000000..619aca891c1
--- /dev/null
+++ b/spec/finders/clusters/agent_tokens_finder_spec.rb
@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Clusters::AgentTokensFinder do
+  describe '#execute' do
+    let_it_be(:project) { create(:project) }
+    let(:user) { create(:user, maintainer_projects: [project]) }
+    let(:agent) { create(:cluster_agent, project: project) }
+    let(:agent_id) { agent.id }
+
+    let!(:matching_agent_tokens) do
+      [
+        create(:cluster_agent_token, agent: agent),
+        create(:cluster_agent_token, :revoked, agent: agent)
+      ]
+    end
+
+    subject(:execute) { described_class.new(project, user, agent_id).execute }
+
+    it 'returns the tokens of the specified agent' do
+      # creating a token in a different agent to make sure it will not be included in the result
+      create(:cluster_agent_token, agent: create(:cluster_agent))
+
+      expect(execute).to match_array(matching_agent_tokens)
+    end
+
+    context 'when user does not have permission' do
+      let(:user) { create(:user) }
+
+      before do
+        project.add_reporter(user)
+      end
+
+      it 'raises an error' do
+        expect { execute }.to raise_error(ActiveRecord::RecordNotFound)
+      end
+    end
+
+    context 'when agent does not exist' do
+      let(:agent_id) { non_existing_record_id }
+
+      it 'raises an error' do
+        expect { execute }.to raise_error(ActiveRecord::RecordNotFound)
+      end
+    end
+  end
+end
diff --git a/spec/finders/incident_management/timeline_event_tags_finder_spec.rb b/spec/finders/incident_management/timeline_event_tags_finder_spec.rb
new file mode 100644
index 00000000000..5bdb356ff62
--- /dev/null
+++ b/spec/finders/incident_management/timeline_event_tags_finder_spec.rb
@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe IncidentManagement::TimelineEventTagsFinder do
+  let_it_be(:user) { create(:user) }
+  let_it_be(:project) { create(:project) }
+  let_it_be(:incident) { create(:incident, project: project) }
+  let_it_be(:timeline_event) do
+    create(:incident_management_timeline_event, project: project, incident: incident, occurred_at: Time.current)
+  end
+
+  let_it_be(:timeline_event_tag) do
+    create(:incident_management_timeline_event_tag, project: project)
+  end
+
+  let_it_be(:timeline_event_tag_link) do
+    create(:incident_management_timeline_event_tag_link,
+      timeline_event: timeline_event,
+      timeline_event_tag: timeline_event_tag)
+  end
+
+  let(:params) { {} }
+
+  describe '#execute' do
+    subject(:execute) { described_class.new(user, timeline_event, params).execute }
+
+    context 'when user has permissions' do
+      before do
+        project.add_guest(user)
+      end
+
+      it 'returns tags on the event' do
+        is_expected.to match_array([timeline_event_tag])
+      end
+
+      context 'when event does not have tags' do
+        let(:timeline_event) do
+          create(:incident_management_timeline_event, project: project, incident: incident, occurred_at: Time.current)
+        end
+
+        it 'returns empty result' do
+          is_expected.to match_array([])
+        end
+      end
+
+      context 'when timeline event is nil' do
+        let(:timeline_event) { nil }
+
+        it { is_expected.to eq(IncidentManagement::TimelineEventTag.none) }
+      end
+    end
+
+    context 'when user does not have permissions' do
+      it { is_expected.to eq(IncidentManagement::TimelineEventTag.none) }
+    end
+  end
+end
diff --git a/spec/finders/projects_finder_spec.rb b/spec/finders/projects_finder_spec.rb
index 1fa2a975ec3..02153715eac 100644
--- a/spec/finders/projects_finder_spec.rb
+++ b/spec/finders/projects_finder_spec.rb
@@ -350,43 +350,6 @@ RSpec.describe ProjectsFinder do
         end
       end
 
-      describe 'filter by without_deleted' do
-        let_it_be(:pending_delete_project) { create(:project, :public, pending_delete: true) }
-
-        let(:params) { { without_deleted: without_deleted } }
-
-        shared_examples 'returns all projects' do
-          it { expect(subject).to include(public_project, internal_project, pending_delete_project) }
-        end
-
-        context 'when without_deleted is true' do
-          let(:without_deleted) { true }
-
-          it 'returns projects that are not pending_delete' do
-            expect(subject).not_to include(pending_delete_project)
-            expect(subject).to include(public_project, internal_project)
-          end
-        end
-
-        context 'when without_deleted is false' do
-          let(:without_deleted) { false }
-
-          it_behaves_like 'returns all projects'
-        end
-
-        context 'when without_deleted is nil' do
-          let(:without_deleted) { nil }
-
-          it_behaves_like 'returns all projects'
-        end
-
-        context 'when without_deleted is not present' do
-          let(:params) { {} }
-
-          it_behaves_like 'returns all projects'
-        end
-      end
-
       describe 'filter by last_activity_after' do
         let(:params) { { last_activity_after: 60.minutes.ago } }
 
@@ -398,6 +361,15 @@ RSpec.describe ProjectsFinder do
         it { is_expected.to match_array([internal_project]) }
       end
 
+      describe 'always filters by without_deleted' do
+        let_it_be(:pending_delete_project) { create(:project, :public, pending_delete: true) }
+
+        it 'returns projects that are not pending_delete' do
+          expect(subject).not_to include(pending_delete_project)
+          expect(subject).to include(public_project, internal_project)
+        end
+      end
+
       describe 'filter by last_activity_before' do
         let(:params) { { last_activity_before: 60.minutes.ago } }
 
diff --git a/spec/finders/users_star_projects_finder_spec.rb b/spec/finders/users_star_projects_finder_spec.rb
index 038506cc93f..e824940430c 100644
--- a/spec/finders/users_star_projects_finder_spec.rb
+++ b/spec/finders/users_star_projects_finder_spec.rb
@@ -8,10 +8,12 @@ RSpec.describe UsersStarProjectsFinder do
   let(:user) { create(:user) }
   let(:private_user) { create(:user, private_profile: true) }
   let(:other_user) { create(:user) }
+  let(:blocked_user) { create(:user, state: 'blocked') }
 
   before do
     user.toggle_star(project)
     private_user.toggle_star(project)
+    blocked_user.toggle_star(project)
   end
 
   describe '#execute' do
@@ -38,5 +40,13 @@ RSpec.describe UsersStarProjectsFinder do
 
       it { is_expected.to match_array(public_stars) }
     end
+
+    describe 'with active users only' do
+      let(:current_user) { private_user }
+
+      it 'ignores stars of non-active users' do
+        is_expected.not_to include(*blocked_user.users_star_projects)
+      end
+    end
   end
 end