7 files changed, 209 insertions, 81 deletions

diff --git a/spec/lib/api/entities/bulk_imports/entity_failure_spec.rb b/spec/lib/api/entities/bulk_imports/entity_failure_spec.rb
index adc8fdcdd9c..0132102b117 100644
--- a/spec/lib/api/entities/bulk_imports/entity_failure_spec.rb
+++ b/spec/lib/api/entities/bulk_imports/entity_failure_spec.rb
@@ -9,11 +9,26 @@ RSpec.describe API::Entities::BulkImports::EntityFailure do
 
   it 'has the correct attributes' do
     expect(subject).to include(
-      :pipeline_class,
-      :pipeline_step,
+      :relation,
+      :step,
       :exception_class,
+      :exception_message,
       :correlation_id_value,
       :created_at
     )
   end
+
+  describe 'exception message' do
+    it 'truncates exception message to 72 characters' do
+      failure.update!(exception_message: 'a' * 100)
+
+      expect(subject[:exception_message].length).to eq(72)
+    end
+
+    it 'removes paths from the message' do
+      failure.update!(exception_message: 'Test /foo/bar')
+
+      expect(subject[:exception_message]).to eq('Test [FILTERED]')
+    end
+  end
 end
diff --git a/spec/lib/api/entities/ml/mlflow/run_spec.rb b/spec/lib/api/entities/ml/mlflow/run_spec.rb
index 84234f474f5..b8d38093681 100644
--- a/spec/lib/api/entities/ml/mlflow/run_spec.rb
+++ b/spec/lib/api/entities/ml/mlflow/run_spec.rb
@@ -3,7 +3,7 @@
 require 'spec_helper'
 
 RSpec.describe API::Entities::Ml::Mlflow::Run do
-  let_it_be(:candidate) { create(:ml_candidates) }
+  let_it_be(:candidate) { create(:ml_candidates, :with_metrics_and_params) }
 
   subject { described_class.new(candidate).as_json }
 
@@ -12,10 +12,52 @@ RSpec.describe API::Entities::Ml::Mlflow::Run do
   end
 
   it 'has the id' do
-    expect(subject[:run][:info][:run_id]).to eq(candidate.iid.to_s)
+    expect(subject.dig(:run, :info, :run_id)).to eq(candidate.iid.to_s)
   end
 
-  it 'data is empty' do
-    expect(subject[:run][:data]).to be_empty
+  it 'presents the metrics' do
+    expect(subject.dig(:run, :data, :metrics).size).to eq(candidate.metrics.size)
+  end
+
+  it 'presents metrics correctly' do
+    presented_metric = subject.dig(:run, :data, :metrics)[0]
+    metric = candidate.metrics[0]
+
+    expect(presented_metric[:key]).to eq(metric.name)
+    expect(presented_metric[:value]).to eq(metric.value)
+    expect(presented_metric[:timestamp]).to eq(metric.tracked_at)
+    expect(presented_metric[:step]).to eq(metric.step)
+  end
+
+  it 'presents the params' do
+    expect(subject.dig(:run, :data, :params).size).to eq(candidate.params.size)
+  end
+
+  it 'presents params correctly' do
+    presented_param = subject.dig(:run, :data, :params)[0]
+    param = candidate.params[0]
+
+    expect(presented_param[:key]).to eq(param.name)
+    expect(presented_param[:value]).to eq(param.value)
+  end
+
+  context 'when candidate has no metrics' do
+    before do
+      allow(candidate).to receive(:metrics).and_return([])
+    end
+
+    it 'returns empty data' do
+      expect(subject.dig(:run, :data, :metrics)).to be_empty
+    end
+  end
+
+  context 'when candidate has no params' do
+    before do
+      allow(candidate).to receive(:params).and_return([])
+    end
+
+    it 'data is empty' do
+      expect(subject.dig(:run, :data, :params)).to be_empty
+    end
   end
 end
diff --git a/spec/lib/api/helpers/merge_requests_helpers_spec.rb b/spec/lib/api/helpers/merge_requests_helpers_spec.rb
index 1d68b7985f1..80810133469 100644
--- a/spec/lib/api/helpers/merge_requests_helpers_spec.rb
+++ b/spec/lib/api/helpers/merge_requests_helpers_spec.rb
@@ -25,9 +25,7 @@ RSpec.describe API::Helpers::MergeRequestsHelpers do
     context 'when merge request is invalid' do
       before do
         allow(merge_request).to receive(:valid?).and_return(false)
-        allow(helper).to receive_messages([
-          :unprocessable_entity!, :conflict!, :render_validation_error!
-        ])
+        allow(helper).to receive_messages([:unprocessable_entity!, :conflict!, :render_validation_error!])
       end
 
       API::Helpers::MergeRequestsHelpers::UNPROCESSABLE_ERROR_KEYS.each do |error_key|
diff --git a/spec/lib/api/helpers/open_api_spec.rb b/spec/lib/api/helpers/open_api_spec.rb
new file mode 100644
index 00000000000..fb14f7fe001
--- /dev/null
+++ b/spec/lib/api/helpers/open_api_spec.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe API::Helpers::OpenApi do
+  describe 'class methods' do
+    let(:klass) { Class.new.include(described_class) }
+
+    describe '.add_open_api_documentation!' do
+      before do
+        allow(YAML).to receive(:load_file).and_return({ 'metadata' => { 'key' => 'value' } })
+      end
+
+      it 'calls the add_swagger_documentation method' do
+        expect(klass).to receive(:add_swagger_documentation).with({ key: 'value' })
+
+        klass.add_open_api_documentation!
+      end
+    end
+  end
+end
diff --git a/spec/lib/api/helpers/packages/dependency_proxy_helpers_spec.rb b/spec/lib/api/helpers/packages/dependency_proxy_helpers_spec.rb
index aa4b0a137cd..66cf06cde20 100644
--- a/spec/lib/api/helpers/packages/dependency_proxy_helpers_spec.rb
+++ b/spec/lib/api/helpers/packages/dependency_proxy_helpers_spec.rb
@@ -7,12 +7,23 @@ RSpec.describe API::Helpers::Packages::DependencyProxyHelpers do
 
   describe '#redirect_registry_request' do
     using RSpec::Parameterized::TableSyntax
+    include_context 'dependency proxy helpers context'
 
-    let_it_be(:project) { create(:project) }
+    let_it_be(:group) { create(:group) }
+    let_it_be(:project) { create(:project, group: group) }
+    let_it_be_with_reload(:package_setting) { create(:namespace_package_setting, namespace: group) }
 
+    let(:target) { project }
     let(:options) { {} }
 
-    subject { helper.redirect_registry_request(forward_to_registry, package_type, options) { helper.fallback } }
+    subject do
+      helper.redirect_registry_request(
+        forward_to_registry: forward_to_registry,
+        package_type: package_type,
+        target: target,
+        options: options
+      ) { helper.fallback }
+    end
 
     before do
       allow(helper).to receive(:options).and_return(for: described_class)
@@ -42,32 +53,57 @@ RSpec.describe API::Helpers::Packages::DependencyProxyHelpers do
 
     %i[maven npm pypi].each do |forwardable_package_type|
       context "with #{forwardable_package_type} packages" do
-        include_context 'dependency proxy helpers context'
-
         let(:package_type) { forwardable_package_type }
-        let(:options) { { project: project } }
 
-        where(:application_setting, :forward_to_registry, :example_name) do
-          true  | true  | 'executing redirect'
-          true  | false | 'executing fallback'
-          false | true  | 'executing fallback'
-          false | false | 'executing fallback'
+        where(:application_setting, :group_setting, :forward_to_registry, :example_name) do
+          true  | nil   | true  | 'executing redirect'
+          true  | nil   | false | 'executing fallback'
+          false | nil   | true  | 'executing fallback'
+          false | nil   | false | 'executing fallback'
+          true  | false | true  | 'executing fallback'
+          true  | false | false | 'executing fallback'
+          false | true  | true  | 'executing redirect'
+          false | true  | false | 'executing fallback'
         end
 
         with_them do
           before do
-            allow_fetch_application_setting(attribute: "#{forwardable_package_type}_package_requests_forwarding", return_value: application_setting)
+            allow_fetch_cascade_application_setting(attribute: "#{forwardable_package_type}_package_requests_forwarding", return_value: application_setting)
+            package_setting.update!("#{forwardable_package_type}_package_requests_forwarding" => group_setting)
           end
 
           it_behaves_like params[:example_name]
         end
       end
 
+      context 'when cascade_package_forwarding_settings is disabled' do
+        let(:package_type) { forwardable_package_type }
+        let(:forward_to_registry) { true }
+
+        before do
+          stub_feature_flags(cascade_package_forwarding_settings: false)
+          allow_fetch_cascade_application_setting(attribute: "#{forwardable_package_type}_package_requests_forwarding", return_value: true)
+          package_setting.update!("#{forwardable_package_type}_package_requests_forwarding" => false)
+        end
+
+        it_behaves_like 'executing redirect'
+      end
+
+      context 'when no target is present' do
+        let(:package_type) { forwardable_package_type }
+        let(:forward_to_registry) { true }
+        let(:target) { nil }
+
+        before do
+          allow_fetch_cascade_application_setting(attribute: "#{forwardable_package_type}_package_requests_forwarding", return_value: true)
+          package_setting.update!("#{forwardable_package_type}_package_requests_forwarding" => false)
+        end
+
+        it_behaves_like 'executing redirect'
+      end
+
       context 'when maven_central_request_forwarding is disabled' do
         let(:package_type) { :maven }
-        let(:options) { { project: project } }
-
-        include_context 'dependency proxy helpers context'
 
         where(:application_setting, :forward_to_registry) do
           true  | true
@@ -79,7 +115,7 @@ RSpec.describe API::Helpers::Packages::DependencyProxyHelpers do
         with_them do
           before do
             stub_feature_flags(maven_central_request_forwarding: false)
-            allow_fetch_application_setting(attribute: "maven_package_requests_forwarding", return_value: application_setting)
+            allow_fetch_cascade_application_setting(attribute: "maven_package_requests_forwarding", return_value: application_setting)
           end
 
           it_behaves_like 'executing fallback'
diff --git a/spec/lib/api/helpers/packages_helpers_spec.rb b/spec/lib/api/helpers/packages_helpers_spec.rb
index cd6e718ce98..d764ed4afff 100644
--- a/spec/lib/api/helpers/packages_helpers_spec.rb
+++ b/spec/lib/api/helpers/packages_helpers_spec.rb
@@ -35,26 +35,6 @@ RSpec.describe API::Helpers::PackagesHelpers do
         expect(helper.send('authorize_read_package!', subject)).to eq nil
       end
     end
-
-    context 'with feature flag disabled' do
-      before do
-        stub_feature_flags(read_package_policy_rule: false)
-      end
-
-      where(:subject, :expected_class) do
-        ref(:project) | ::Project
-        ref(:group)   | ::Group
-        ref(:package) | ::Packages::Package
-      end
-
-      with_them do
-        it 'calls authorize! with correct subject' do
-          expect(helper).to receive(:authorize!).with(:read_package, have_attributes(id: subject.id, class: expected_class))
-
-          expect(helper.send('authorize_read_package!', subject)).to eq nil
-        end
-      end
-    end
   end
 
   %i[create_package destroy_package].each do |action|
diff --git a/spec/lib/api/helpers_spec.rb b/spec/lib/api/helpers_spec.rb
index f25c75ef93c..652727f371b 100644
--- a/spec/lib/api/helpers_spec.rb
+++ b/spec/lib/api/helpers_spec.rb
@@ -110,6 +110,13 @@ RSpec.describe API::Helpers do
       end
     end
 
+    context 'when ID is a negative number' do
+      let(:existing_id) { project.id }
+      let(:non_existing_id) { -1 }
+
+      it_behaves_like 'project finder'
+    end
+
     context 'when project is pending delete' do
       let(:project_pending_delete) { create(:project, pending_delete: true) }
 
@@ -325,6 +332,13 @@ RSpec.describe API::Helpers do
 
         it_behaves_like 'group finder'
       end
+
+      context 'when ID is a negative number' do
+        let(:existing_id) { group.id }
+        let(:non_existing_id) { -1 }
+
+        it_behaves_like 'group finder'
+      end
     end
   end
 
@@ -421,6 +435,13 @@ RSpec.describe API::Helpers do
 
       it_behaves_like 'namespace finder'
     end
+
+    context 'when ID is a negative number' do
+      let(:existing_id) { namespace.id }
+      let(:non_existing_id) { -1 }
+
+      it_behaves_like 'namespace finder'
+    end
   end
 
   shared_examples 'user namespace finder' do
@@ -773,6 +794,58 @@ RSpec.describe API::Helpers do
     end
   end
 
+  describe '#present_artifacts_file!' do
+    context 'with object storage' do
+      let(:artifact) { create(:ci_job_artifact, :zip, :remote_store) }
+
+      subject { helper.present_artifacts_file!(artifact.file, project: artifact.job.project) }
+
+      before do
+        allow(helper).to receive(:env).and_return({})
+
+        stub_artifacts_object_storage(enabled: true)
+      end
+
+      it 'redirects to a CDN-fronted URL' do
+        expect(helper).to receive(:redirect)
+        expect(helper).to receive(:cdn_fronted_url).and_call_original
+        expect(Gitlab::ApplicationContext).to receive(:push).with(artifact: artifact.file.model).and_call_original
+        expect(Gitlab::ApplicationContext).to receive(:push).with(artifact_used_cdn: false).and_call_original
+
+        subject
+      end
+    end
+  end
+
+  describe '#cdn_frontend_url' do
+    before do
+      allow(helper).to receive(:env).and_return({})
+
+      stub_artifacts_object_storage(enabled: true)
+    end
+
+    context 'with a CI artifact' do
+      let(:artifact) { create(:ci_job_artifact, :zip, :remote_store) }
+
+      it 'retrieves a CDN-fronted URL' do
+        expect(artifact.file).to receive(:cdn_enabled_url).and_call_original
+        expect(Gitlab::ApplicationContext).to receive(:push).with(artifact_used_cdn: false).and_call_original
+        expect(helper.cdn_fronted_url(artifact.file, artifact.job.project)).to be_a(String)
+      end
+    end
+
+    context 'with a file upload' do
+      let(:url) { 'https://example.com/path/to/upload' }
+
+      it 'retrieves the file URL' do
+        file = double(url: url)
+
+        expect(Gitlab::ApplicationContext).not_to receive(:push)
+        expect(helper.cdn_fronted_url(file, nil)).to eq(url)
+      end
+    end
+  end
+
   describe '#order_by_similarity?' do
     where(:params, :allow_unauthorized, :current_user_set, :expected) do
       {}                                          | false | false | false
@@ -916,42 +989,5 @@ RSpec.describe API::Helpers do
 
       it_behaves_like 'authorized'
     end
-
-    context 'when gitlab_shell_jwt_token is disabled' do
-      let(:valid_secret_token) { +'valid' } # mutable string to use chomp!
-      let(:invalid_secret_token) { +'invalid' } # mutable string to use chomp!
-
-      before do
-        stub_feature_flags(gitlab_shell_jwt_token: false)
-      end
-
-      context 'when shared secret is not provided' do
-        it_behaves_like 'unauthorized'
-      end
-
-      context 'when shared secret provided via params' do
-        let(:params) { { 'secret_token' => valid_secret_token } }
-
-        it_behaves_like 'authorized'
-
-        context 'but it is invalid' do
-          let(:params) { { 'secret_token' => invalid_secret_token } }
-
-          it_behaves_like 'unauthorized'
-        end
-      end
-
-      context 'when shared secret provided via headers' do
-        let(:headers) { { described_class::GITLAB_SHARED_SECRET_HEADER => Base64.encode64(valid_secret_token) } }
-
-        it_behaves_like 'authorized'
-
-        context 'but it is invalid' do
-          let(:headers) { { described_class::GITLAB_SHARED_SECRET_HEADER => Base64.encode64(invalid_secret_token) } }
-
-          it_behaves_like 'unauthorized'
-        end
-      end
-    end
   end
 end