diff options
Diffstat (limited to 'spec/services/search_service_spec.rb')
-rw-r--r-- | spec/services/search_service_spec.rb | 154 |
1 files changed, 1 insertions, 153 deletions
diff --git a/spec/services/search_service_spec.rb b/spec/services/search_service_spec.rb index 5edea13afa4..26def474b88 100644 --- a/spec/services/search_service_spec.rb +++ b/spec/services/search_service_spec.rb @@ -399,159 +399,7 @@ RSpec.describe SearchService do end end - context 'redacting search results' do - let(:search) { 'anything' } - - subject(:result) { search_service.search_objects } - - shared_examples "redaction limits N+1 queries" do |limit:| - it 'does not exceed the query limit' do - # issuing the query to remove the data loading call - unredacted_results.to_a - - # only the calls from the redaction are left - query = ActiveRecord::QueryRecorder.new { result } - - # these are the project authorization calls, which are not preloaded - expect(query.count).to be <= limit - end - end - - def found_blob(project) - Gitlab::Search::FoundBlob.new(project: project) - end - - def found_wiki_page(project) - Gitlab::Search::FoundWikiPage.new(found_blob(project)) - end - - before do - expect(search_service) - .to receive(:search_results) - .and_return(double('search results', objects: unredacted_results)) - end - - def ar_relation(klass, *objects) - klass.id_in(objects.map(&:id)) - end - - def kaminari_array(*objects) - Kaminari.paginate_array(objects).page(1).per(20) - end - - context 'issues' do - let(:readable) { create(:issue, project: accessible_project) } - let(:unreadable) { create(:issue, project: inaccessible_project) } - let(:unredacted_results) { ar_relation(Issue, readable, unreadable) } - let(:scope) { 'issues' } - - it 'redacts the inaccessible issue' do - expect(result).to contain_exactly(readable) - end - end - - context 'notes' do - let(:readable) { create(:note_on_commit, project: accessible_project) } - let(:unreadable) { create(:note_on_commit, project: inaccessible_project) } - let(:unredacted_results) { ar_relation(Note, readable, unreadable) } - let(:scope) { 'notes' } - - it 'redacts the inaccessible note' do - expect(result).to contain_exactly(readable) - end - end - - context 'merge_requests' do - let(:readable) { create(:merge_request, source_project: accessible_project, author: user) } - let(:unreadable) { create(:merge_request, source_project: inaccessible_project) } - let(:unredacted_results) { ar_relation(MergeRequest, readable, unreadable) } - let(:scope) { 'merge_requests' } - - it 'redacts the inaccessible merge request' do - expect(result).to contain_exactly(readable) - end - - context 'with :with_api_entity_associations' do - let(:unredacted_results) { ar_relation(MergeRequest.with_api_entity_associations, readable, unreadable) } - - it_behaves_like "redaction limits N+1 queries", limit: 8 - end - end - - context 'project repository blobs' do - let(:readable) { found_blob(accessible_project) } - let(:unreadable) { found_blob(inaccessible_project) } - let(:unredacted_results) { kaminari_array(readable, unreadable) } - let(:scope) { 'blobs' } - - it 'redacts the inaccessible blob' do - expect(result).to contain_exactly(readable) - end - end - - context 'project wiki blobs' do - let(:readable) { found_wiki_page(accessible_project) } - let(:unreadable) { found_wiki_page(inaccessible_project) } - let(:unredacted_results) { kaminari_array(readable, unreadable) } - let(:scope) { 'wiki_blobs' } - - it 'redacts the inaccessible blob' do - expect(result).to contain_exactly(readable) - end - end - - context 'project snippets' do - let(:readable) { create(:project_snippet, project: accessible_project) } - let(:unreadable) { create(:project_snippet, project: inaccessible_project) } - let(:unredacted_results) { ar_relation(ProjectSnippet, readable, unreadable) } - let(:scope) { 'snippet_titles' } - - it 'redacts the inaccessible snippet' do - expect(result).to contain_exactly(readable) - end - - context 'with :with_api_entity_associations' do - it_behaves_like "redaction limits N+1 queries", limit: 14 - end - end - - context 'personal snippets' do - let(:readable) { create(:personal_snippet, :private, author: user) } - let(:unreadable) { create(:personal_snippet, :private) } - let(:unredacted_results) { ar_relation(PersonalSnippet, readable, unreadable) } - let(:scope) { 'snippet_titles' } - - it 'redacts the inaccessible snippet' do - expect(result).to contain_exactly(readable) - end - - context 'with :with_api_entity_associations' do - it_behaves_like "redaction limits N+1 queries", limit: 4 - end - end - - context 'commits' do - let(:readable) { accessible_project.commit } - let(:unreadable) { inaccessible_project.commit } - let(:unredacted_results) { kaminari_array(readable, unreadable) } - let(:scope) { 'commits' } - - it 'redacts the inaccessible commit' do - expect(result).to contain_exactly(readable) - end - end - - context 'users' do - let(:other_user) { create(:user) } - let(:unredacted_results) { ar_relation(User, user, other_user) } - let(:scope) { 'users' } - - it 'passes the users through' do - # Users are always visible to everyone - expect(result).to contain_exactly(user, other_user) - end - end - end + it_behaves_like 'a redacted search results' end describe '#valid_request?' do |