diff options
Diffstat (limited to 'spec/requests/api/graphql/mutations')
10 files changed, 576 insertions, 14 deletions
diff --git a/spec/requests/api/graphql/mutations/admin/sidekiq_queues/delete_jobs_spec.rb b/spec/requests/api/graphql/mutations/admin/sidekiq_queues/delete_jobs_spec.rb index 4ad35e7f0d1..b8cde32877b 100644 --- a/spec/requests/api/graphql/mutations/admin/sidekiq_queues/delete_jobs_spec.rb +++ b/spec/requests/api/graphql/mutations/admin/sidekiq_queues/delete_jobs_spec.rb @@ -6,8 +6,9 @@ RSpec.describe 'Deleting Sidekiq jobs', :clean_gitlab_redis_queues do include GraphqlHelpers let_it_be(:admin) { create(:admin) } + let(:queue) { 'authorized_projects' } - let(:variables) { { user: admin.username, queue_name: 'authorized_projects' } } + let(:variables) { { user: admin.username, queue_name: queue } } let(:mutation) { graphql_mutation(:admin_sidekiq_queues_delete_jobs, variables) } def mutation_response @@ -26,18 +27,19 @@ RSpec.describe 'Deleting Sidekiq jobs', :clean_gitlab_redis_queues do context 'valid request' do around do |example| - Sidekiq::Queue.new('authorized_projects').clear + Sidekiq::Queue.new(queue).clear Sidekiq::Testing.disable!(&example) - Sidekiq::Queue.new('authorized_projects').clear + Sidekiq::Queue.new(queue).clear end def add_job(user, args) Sidekiq::Client.push( 'class' => 'AuthorizedProjectsWorker', - 'queue' => 'authorized_projects', + 'queue' => queue, 'args' => args, 'meta.user' => user.username ) + raise 'Not enqueued!' if Sidekiq::Queue.new(queue).size.zero? end it 'returns info about the deleted jobs' do @@ -55,7 +57,7 @@ RSpec.describe 'Deleting Sidekiq jobs', :clean_gitlab_redis_queues do end context 'when no required params are provided' do - let(:variables) { { queue_name: 'authorized_projects' } } + let(:variables) { { queue_name: queue } } it_behaves_like 'a mutation that returns errors in the response', errors: ['No metadata provided'] diff --git a/spec/requests/api/graphql/mutations/award_emojis/add_spec.rb b/spec/requests/api/graphql/mutations/award_emojis/add_spec.rb index 3aaebb5095a..b39062f2e71 100644 --- a/spec/requests/api/graphql/mutations/award_emojis/add_spec.rb +++ b/spec/requests/api/graphql/mutations/award_emojis/add_spec.rb @@ -56,10 +56,10 @@ RSpec.describe 'Adding an AwardEmoji' do it_behaves_like 'a mutation that does not create an AwardEmoji' it_behaves_like 'a mutation that returns top-level errors', - errors: ['Cannot award emoji to this resource'] + errors: ['You cannot award emoji to this resource.'] end - context 'when the given awardable an Awardable' do + context 'when the given awardable is an Awardable' do it 'creates an emoji' do expect do post_graphql_mutation(mutation, current_user: current_user) diff --git a/spec/requests/api/graphql/mutations/award_emojis/toggle_spec.rb b/spec/requests/api/graphql/mutations/award_emojis/toggle_spec.rb index 6910ad80a11..170e7ff3b44 100644 --- a/spec/requests/api/graphql/mutations/award_emojis/toggle_spec.rb +++ b/spec/requests/api/graphql/mutations/award_emojis/toggle_spec.rb @@ -55,7 +55,7 @@ RSpec.describe 'Toggling an AwardEmoji' do it_behaves_like 'a mutation that does not create or destroy an AwardEmoji' it_behaves_like 'a mutation that returns top-level errors', - errors: ['Cannot award emoji to this resource'] + errors: ['You cannot award emoji to this resource.'] end context 'when the given awardable is an Awardable' do diff --git a/spec/requests/api/graphql/mutations/container_repository/destroy_spec.rb b/spec/requests/api/graphql/mutations/container_repository/destroy_spec.rb index 645edfc2e43..c4121cfed42 100644 --- a/spec/requests/api/graphql/mutations/container_repository/destroy_spec.rb +++ b/spec/requests/api/graphql/mutations/container_repository/destroy_spec.rb @@ -22,7 +22,7 @@ RSpec.describe 'Destroying a container repository' do GQL end - let(:params) { { id: container_repository.to_global_id.to_s } } + let(:params) { { id: id } } let(:mutation) { graphql_mutation(:destroy_container_repository, params, query) } let(:mutation_response) { graphql_mutation_response(:destroyContainerRepository) } let(:container_repository_mutation_response) { mutation_response['containerRepository'] } diff --git a/spec/requests/api/graphql/mutations/container_repository/destroy_tags_spec.rb b/spec/requests/api/graphql/mutations/container_repository/destroy_tags_spec.rb new file mode 100644 index 00000000000..decb2e7bccc --- /dev/null +++ b/spec/requests/api/graphql/mutations/container_repository/destroy_tags_spec.rb @@ -0,0 +1,120 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'Destroying a container repository tags' do + include_context 'container repository delete tags service shared context' + using RSpec::Parameterized::TableSyntax + + include GraphqlHelpers + + let(:id) { repository.to_global_id.to_s } + let(:tags) { %w[A C D E] } + + let(:query) do + <<~GQL + deletedTagNames + errors + GQL + end + + let(:params) { { id: id, tag_names: tags } } + let(:mutation) { graphql_mutation(:destroy_container_repository_tags, params, query) } + let(:mutation_response) { graphql_mutation_response(:destroyContainerRepositoryTags) } + let(:tag_names_response) { mutation_response['deletedTagNames'] } + let(:errors_response) { mutation_response['errors'] } + + shared_examples 'destroying the container repository tags' do + before do + stub_delete_reference_requests(tags) + expect_delete_tag_by_names(tags) + allow_next_instance_of(ContainerRegistry::Client) do |client| + allow(client).to receive(:supports_tag_delete?).and_return(true) + end + end + + it 'destroys the container repository tags' do + expect(Projects::ContainerRepository::DeleteTagsService) + .to receive(:new).and_call_original + expect { subject }.to change { ::Packages::Event.count }.by(1) + + expect(tag_names_response).to eq(tags) + expect(errors_response).to eq([]) + end + + it_behaves_like 'returning response status', :success + end + + shared_examples 'denying the mutation request' do + it 'does not destroy the container repository tags' do + expect(Projects::ContainerRepository::DeleteTagsService) + .not_to receive(:new) + + expect { subject }.not_to change { ::Packages::Event.count } + + expect(mutation_response).to be_nil + end + + it_behaves_like 'returning response status', :success + end + + describe 'post graphql mutation' do + subject { post_graphql_mutation(mutation, current_user: user) } + + context 'with valid id' do + where(:user_role, :shared_examples_name) do + :maintainer | 'destroying the container repository tags' + :developer | 'destroying the container repository tags' + :reporter | 'denying the mutation request' + :guest | 'denying the mutation request' + :anonymous | 'denying the mutation request' + end + + with_them do + before do + project.send("add_#{user_role}", user) unless user_role == :anonymous + end + + it_behaves_like params[:shared_examples_name] + end + end + + context 'with invalid id' do + let(:id) { 'gid://gitlab/ContainerRepository/5555' } + + it_behaves_like 'denying the mutation request' + end + + context 'with too many tags' do + let(:tags) { Array.new(Mutations::ContainerRepositories::DestroyTags::LIMIT + 1, 'x') } + + it 'returns too many tags error' do + expect { subject }.not_to change { ::Packages::Event.count } + + explanation = graphql_errors.dig(0, 'extensions', 'problems', 0, 'explanation') + expect(explanation).to eq(Mutations::ContainerRepositories::DestroyTags::TOO_MANY_TAGS_ERROR_MESSAGE) + end + end + + context 'with service error' do + before do + project.add_maintainer(user) + allow_next_instance_of(Projects::ContainerRepository::DeleteTagsService) do |service| + allow(service).to receive(:execute).and_return(message: 'could not delete tags', status: :error) + end + end + + it 'returns an error' do + subject + + expect(tag_names_response).to eq([]) + expect(errors_response).to eq(['could not delete tags']) + end + + it 'does not create a package event' do + expect(::Packages::CreateEventService).not_to receive(:new) + expect { subject }.not_to change { ::Packages::Event.count } + end + end + end +end diff --git a/spec/requests/api/graphql/mutations/environments/canary_ingress/update_spec.rb b/spec/requests/api/graphql/mutations/environments/canary_ingress/update_spec.rb new file mode 100644 index 00000000000..f25a49291a6 --- /dev/null +++ b/spec/requests/api/graphql/mutations/environments/canary_ingress/update_spec.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'Update Environment Canary Ingress', :clean_gitlab_redis_cache do + include GraphqlHelpers + include KubernetesHelpers + + let_it_be(:project) { create(:project, :repository) } + let_it_be(:cluster) { create(:cluster, :project, projects: [project]) } + let_it_be(:service) { create(:cluster_platform_kubernetes, :configured, cluster: cluster) } + let_it_be(:environment) { create(:environment, project: project) } + let_it_be(:deployment) { create(:deployment, :success, environment: environment, project: project) } + let_it_be(:maintainer) { create(:user) } + let_it_be(:developer) { create(:user) } + let(:environment_id) { environment.to_global_id.to_s } + let(:weight) { 25 } + let(:actor) { developer } + + let(:mutation) do + graphql_mutation(:environments_canary_ingress_update, id: environment_id, weight: weight) + end + + before_all do + project.add_maintainer(maintainer) + project.add_developer(developer) + end + + before do + stub_kubeclient_ingresses(environment.deployment_namespace, response: kube_ingresses_response(with_canary: true)) + end + + context 'when kubernetes accepted the patch request' do + before do + stub_kubeclient_ingresses(environment.deployment_namespace, method: :patch, resource_path: "/production-auto-deploy") + end + + it 'updates successfully' do + post_graphql_mutation(mutation, current_user: actor) + + expect(graphql_mutation_response(:environments_canary_ingress_update)['errors']) + .to be_empty + end + end +end diff --git a/spec/requests/api/graphql/mutations/releases/delete_spec.rb b/spec/requests/api/graphql/mutations/releases/delete_spec.rb new file mode 100644 index 00000000000..3710f118bf4 --- /dev/null +++ b/spec/requests/api/graphql/mutations/releases/delete_spec.rb @@ -0,0 +1,132 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'Deleting a release' do + include GraphqlHelpers + include Presentable + + let_it_be(:public_user) { create(:user) } + let_it_be(:guest) { create(:user) } + let_it_be(:reporter) { create(:user) } + let_it_be(:developer) { create(:user) } + let_it_be(:maintainer) { create(:user) } + let_it_be(:project) { create(:project, :public, :repository) } + let_it_be(:tag_name) { 'v1.1.0' } + let_it_be(:release) { create(:release, project: project, tag: tag_name) } + + let(:mutation_name) { :release_delete } + + let(:project_path) { project.full_path } + let(:mutation_arguments) do + { + projectPath: project_path, + tagName: tag_name + } + end + + let(:mutation) do + graphql_mutation(mutation_name, mutation_arguments, <<~FIELDS) + release { + tagName + } + errors + FIELDS + end + + let(:delete_release) { post_graphql_mutation(mutation, current_user: current_user) } + let(:mutation_response) { graphql_mutation_response(mutation_name)&.with_indifferent_access } + + before do + project.add_guest(guest) + project.add_reporter(reporter) + project.add_developer(developer) + project.add_maintainer(maintainer) + end + + shared_examples 'unauthorized or not found error' do + it 'returns a top-level error with message' do + delete_release + + expect(mutation_response).to be_nil + expect(graphql_errors.count).to eq(1) + expect(graphql_errors.first['message']).to eq("The resource that you are attempting to access does not exist or you don't have permission to perform this action") + end + end + + context 'when the current user has access to update releases' do + let(:current_user) { maintainer } + + it 'deletes the release' do + expect { delete_release }.to change { Release.count }.by(-1) + end + + it 'returns the deleted release' do + delete_release + + expected_release = { tagName: tag_name }.with_indifferent_access + + expect(mutation_response[:release]).to eq(expected_release) + end + + it 'does not remove the Git tag associated with the deleted release' do + expect { delete_release }.not_to change { Project.find_by_id(project.id).repository.tag_count } + end + + it 'returns no errors' do + delete_release + + expect(mutation_response[:errors]).to eq([]) + end + + context 'validation' do + context 'when the release does not exist' do + let_it_be(:tag_name) { 'not-a-real-release' } + + it 'returns the release as null' do + delete_release + + expect(mutation_response[:release]).to be_nil + end + + it 'returns an errors-at-data message' do + delete_release + + expect(mutation_response[:errors]).to eq(['Release does not exist']) + end + end + + context 'when the project does not exist' do + let(:project_path) { 'not/a/real/path' } + + it_behaves_like 'unauthorized or not found error' + end + end + end + + context "when the current user doesn't have access to update releases" do + context 'when the current user is a Developer' do + let(:current_user) { developer } + + it_behaves_like 'unauthorized or not found error' + end + + context 'when the current user is a Reporter' do + let(:current_user) { reporter } + + it_behaves_like 'unauthorized or not found error' + end + + context 'when the current user is a Guest' do + let(:current_user) { guest } + + it_behaves_like 'unauthorized or not found error' + end + + context 'when the current user is a public user' do + let(:current_user) { public_user } + + it_behaves_like 'unauthorized or not found error' + end + end +end diff --git a/spec/requests/api/graphql/mutations/releases/update_spec.rb b/spec/requests/api/graphql/mutations/releases/update_spec.rb new file mode 100644 index 00000000000..19320c3393c --- /dev/null +++ b/spec/requests/api/graphql/mutations/releases/update_spec.rb @@ -0,0 +1,255 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'Updating an existing release' do + include GraphqlHelpers + include Presentable + + let_it_be(:public_user) { create(:user) } + let_it_be(:guest) { create(:user) } + let_it_be(:reporter) { create(:user) } + let_it_be(:developer) { create(:user) } + let_it_be(:project) { create(:project, :public, :repository) } + let_it_be(:milestone_12_3) { create(:milestone, project: project, title: '12.3') } + let_it_be(:milestone_12_4) { create(:milestone, project: project, title: '12.4') } + + let_it_be(:tag_name) { 'v1.1.0' } + let_it_be(:name) { 'Version 7.12.5'} + let_it_be(:description) { 'Release 7.12.5 :rocket:' } + let_it_be(:released_at) { '2018-12-10' } + let_it_be(:created_at) { '2018-11-05' } + let_it_be(:milestones) { [milestone_12_3, milestone_12_4] } + + let_it_be(:release) do + create(:release, project: project, tag: tag_name, name: name, + description: description, released_at: Time.parse(released_at).utc, + created_at: Time.parse(created_at).utc, milestones: milestones) + end + + let(:mutation_name) { :release_update } + + let(:mutation_arguments) do + { + projectPath: project.full_path, + tagName: tag_name + } + end + + let(:mutation) do + graphql_mutation(mutation_name, mutation_arguments, <<~FIELDS) + release { + tagName + name + description + releasedAt + createdAt + milestones { + nodes { + title + } + } + } + errors + FIELDS + end + + let(:update_release) { post_graphql_mutation(mutation, current_user: current_user) } + let(:mutation_response) { graphql_mutation_response(mutation_name)&.with_indifferent_access } + + let(:expected_attributes) do + { + tagName: tag_name, + name: name, + description: description, + releasedAt: Time.parse(released_at).utc.iso8601, + createdAt: Time.parse(created_at).utc.iso8601, + milestones: { + nodes: milestones.map { |m| { title: m.title } } + } + }.with_indifferent_access + end + + around do |example| + freeze_time { example.run } + end + + before do + project.add_guest(guest) + project.add_reporter(reporter) + project.add_developer(developer) + + stub_default_url_options(host: 'www.example.com') + end + + shared_examples 'no errors' do + it 'returns no errors' do + update_release + + expect(graphql_errors).not_to be_present + end + end + + shared_examples 'top-level error with message' do |error_message| + it 'returns a top-level error with message' do + update_release + + expect(mutation_response).to be_nil + expect(graphql_errors.count).to eq(1) + expect(graphql_errors.first['message']).to eq(error_message) + end + end + + shared_examples 'errors-as-data with message' do |error_message| + it 'returns an error-as-data with message' do + update_release + + expect(mutation_response[:release]).to be_nil + expect(mutation_response[:errors].count).to eq(1) + expect(mutation_response[:errors].first).to match(error_message) + end + end + + shared_examples 'updates release fields' do |updates| + it_behaves_like 'no errors' + + it 'updates the correct field and returns the release' do + update_release + + expect(mutation_response[:release]).to include(expected_attributes.merge(updates).except(:milestones)) + + # Right now the milestones are returned in a non-deterministic order. + # Because of this, we need to test milestones separately to allow + # for them to be returned in any order. + # Once https://gitlab.com/gitlab-org/gitlab/-/issues/259012 has been + # fixed, this special milestone handling can be removed. + expected_milestones = expected_attributes.merge(updates)[:milestones] + expect(mutation_response[:release][:milestones][:nodes]).to match_array(expected_milestones[:nodes]) + end + end + + context 'when the current user has access to update releases' do + let(:current_user) { developer } + + context 'name' do + context 'when a new name is provided' do + let(:mutation_arguments) { super().merge(name: 'Updated name') } + + it_behaves_like 'updates release fields', name: 'Updated name' + end + + context 'when null is provided' do + let(:mutation_arguments) { super().merge(name: nil) } + + it_behaves_like 'updates release fields', name: 'v1.1.0' + end + end + + context 'description' do + context 'when a new description is provided' do + let(:mutation_arguments) { super().merge(description: 'Updated description') } + + it_behaves_like 'updates release fields', description: 'Updated description' + end + + context 'when null is provided' do + let(:mutation_arguments) { super().merge(description: nil) } + + it_behaves_like 'updates release fields', description: nil + end + end + + context 'releasedAt' do + context 'when no time zone is provided' do + let(:mutation_arguments) { super().merge(releasedAt: '2015-05-05') } + + it_behaves_like 'updates release fields', releasedAt: Time.parse('2015-05-05').utc.iso8601 + end + + context 'when a local time zone is provided' do + let(:mutation_arguments) { super().merge(releasedAt: Time.parse('2015-05-05').in_time_zone('Hawaii').iso8601) } + + it_behaves_like 'updates release fields', releasedAt: Time.parse('2015-05-05').utc.iso8601 + end + + context 'when null is provided' do + let(:mutation_arguments) { super().merge(releasedAt: nil) } + + it_behaves_like 'top-level error with message', 'if the releasedAt argument is provided, it cannot be null' + end + end + + context 'milestones' do + context 'when a new set of milestones is provided provided' do + let(:mutation_arguments) { super().merge(milestones: ['12.3']) } + + it_behaves_like 'updates release fields', milestones: { nodes: [{ title: '12.3' }] } + end + + context 'when an empty array is provided' do + let(:mutation_arguments) { super().merge(milestones: []) } + + it_behaves_like 'updates release fields', milestones: { nodes: [] } + end + + context 'when null is provided' do + let(:mutation_arguments) { super().merge(milestones: nil) } + + it_behaves_like 'top-level error with message', 'if the milestones argument is provided, it cannot be null' + end + + context 'when a non-existent milestone title is provided' do + let(:mutation_arguments) { super().merge(milestones: ['not real']) } + + it_behaves_like 'errors-as-data with message', 'Milestone(s) not found: not real' + end + + context 'when a milestone title from a different project is provided' do + let(:milestone_in_different_project) { create(:milestone, title: 'milestone in different project') } + let(:mutation_arguments) { super().merge(milestones: [milestone_in_different_project.title]) } + + it_behaves_like 'errors-as-data with message', 'Milestone(s) not found: milestone in different project' + end + end + + context 'validation' do + context 'when no updated fields are provided' do + it_behaves_like 'errors-as-data with message', 'params is empty' + end + + context 'when the tag does not exist' do + let(:mutation_arguments) { super().merge(tagName: 'not-a-real-tag') } + + it_behaves_like 'errors-as-data with message', 'Tag does not exist' + end + + context 'when the project does not exist' do + let(:mutation_arguments) { super().merge(projectPath: 'not/a/real/path') } + + it_behaves_like 'top-level error with message', "The resource that you are attempting to access does not exist or you don't have permission to perform this action" + end + end + end + + context "when the current user doesn't have access to update releases" do + expected_error_message = "The resource that you are attempting to access does not exist or you don't have permission to perform this action" + + context 'when the current user is a Reporter' do + let(:current_user) { reporter } + + it_behaves_like 'top-level error with message', expected_error_message + end + + context 'when the current user is a Guest' do + let(:current_user) { guest } + + it_behaves_like 'top-level error with message', expected_error_message + end + + context 'when the current user is a public user' do + let(:current_user) { public_user } + + it_behaves_like 'top-level error with message', expected_error_message + end + end +end diff --git a/spec/requests/api/graphql/mutations/snippets/create_spec.rb b/spec/requests/api/graphql/mutations/snippets/create_spec.rb index d2fa3cfc24f..fd0dc98a8d3 100644 --- a/spec/requests/api/graphql/mutations/snippets/create_spec.rb +++ b/spec/requests/api/graphql/mutations/snippets/create_spec.rb @@ -163,9 +163,15 @@ RSpec.describe 'Creating a Snippet' do context 'when there are uploaded files' do shared_examples 'expected files argument' do |file_value, expected_value| let(:uploaded_files) { file_value } + let(:snippet) { build(:snippet) } + let(:creation_response) do + ::ServiceResponse.error(message: 'urk', payload: { snippet: snippet }) + end it do - expect(::Snippets::CreateService).to receive(:new).with(nil, user, hash_including(files: expected_value)) + expect(::Snippets::CreateService).to receive(:new) + .with(nil, user, hash_including(files: expected_value)) + .and_return(double(execute: creation_response)) subject end diff --git a/spec/requests/api/graphql/mutations/snippets/mark_as_spam_spec.rb b/spec/requests/api/graphql/mutations/snippets/mark_as_spam_spec.rb index 97e6ae8fda8..4d499310591 100644 --- a/spec/requests/api/graphql/mutations/snippets/mark_as_spam_spec.rb +++ b/spec/requests/api/graphql/mutations/snippets/mark_as_spam_spec.rb @@ -2,8 +2,9 @@ require 'spec_helper' -RSpec.describe 'Mark snippet as spam', :do_not_mock_admin_mode do +RSpec.describe 'Mark snippet as spam' do include GraphqlHelpers + include AfterNextHelpers let_it_be(:admin) { create(:admin) } let_it_be(:other_user) { create(:user) } @@ -56,11 +57,12 @@ RSpec.describe 'Mark snippet as spam', :do_not_mock_admin_mode do end it 'marks snippet as spam' do - expect_next_instance_of(Spam::MarkAsSpamService) do |instance| - expect(instance).to receive(:execute) - end + expect_next(Spam::MarkAsSpamService, target: snippet) + .to receive(:execute).and_return(true) post_graphql_mutation(mutation, current_user: current_user) + + expect(graphql_errors).to be_blank end end end |