From 6b3f0a47a2410b5a2a9fc1e78ff2d006b05a3e05 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 30 Jun 2021 11:40:06 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@14-0-stable-ee

---
 spec/features/expand_collapse_diffs_spec.rb        |  2 +-
 spec/features/projects/diffs/diff_show_spec.rb     | 10 ++++
 .../file_collection/merge_request_diff_spec.rb     |  2 +-
 spec/lib/gitlab/diff/file_spec.rb                  | 58 +++++++++++++++++-----
 spec/lib/gitlab/diff/parser_spec.rb                | 10 ++++
 spec/lib/gitlab/http_spec.rb                       | 41 +++++++++++++++
 .../protected_branch/push_access_level_spec.rb     |  2 +-
 7 files changed, 109 insertions(+), 16 deletions(-)

(limited to 'spec')

diff --git a/spec/features/expand_collapse_diffs_spec.rb b/spec/features/expand_collapse_diffs_spec.rb
index cbd1ae628d1..add4af2bcdb 100644
--- a/spec/features/expand_collapse_diffs_spec.rb
+++ b/spec/features/expand_collapse_diffs_spec.rb
@@ -253,7 +253,7 @@ RSpec.describe 'Expand and collapse diffs', :js do
       click_link('Expand all')
 
       # Wait for elements to appear to ensure full page reload
-      expect(page).to have_content('This diff was suppressed by a .gitattributes entry')
+      expect(page).to have_content("File suppressed by a .gitattributes entry or the file's encoding is unsupported.")
       expect(page).to have_content('This source diff could not be displayed because it is too large.')
       expect(page).to have_content('too_large_image.jpg')
       find('.note-textarea')
diff --git a/spec/features/projects/diffs/diff_show_spec.rb b/spec/features/projects/diffs/diff_show_spec.rb
index e47f36c4b7a..56506ada3ce 100644
--- a/spec/features/projects/diffs/diff_show_spec.rb
+++ b/spec/features/projects/diffs/diff_show_spec.rb
@@ -174,4 +174,14 @@ RSpec.describe 'Diff file viewer', :js, :with_clean_rails_cache do
       end
     end
   end
+
+  context 'when the the encoding of the file is unsupported' do
+    before do
+      visit_commit('f05a98786e4274708e1fa118c7ad3a29d1d1b9a3')
+    end
+
+    it 'shows it is not diffable' do
+      expect(page).to have_content("File suppressed by a .gitattributes entry or the file's encoding is unsupported.")
+    end
+  end
 end
diff --git a/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb b/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb
index 03a9b9bd21e..d401c42fed7 100644
--- a/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb
+++ b/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb
@@ -23,7 +23,7 @@ RSpec.describe Gitlab::Diff::FileCollection::MergeRequestDiff do
 
     it 'does not highlight files marked as undiffable in .gitattributes' do
       allow_next_instance_of(Gitlab::Diff::File) do |instance|
-        allow(instance).to receive(:diffable?).and_return(false)
+        allow(instance).to receive(:diffable_by_attribute?).and_return(false)
       end
 
       expect_next_instance_of(Gitlab::Diff::File) do |instance|
diff --git a/spec/lib/gitlab/diff/file_spec.rb b/spec/lib/gitlab/diff/file_spec.rb
index 78be89c449b..1800d2d6b60 100644
--- a/spec/lib/gitlab/diff/file_spec.rb
+++ b/spec/lib/gitlab/diff/file_spec.rb
@@ -186,26 +186,46 @@ RSpec.describe Gitlab::Diff::File do
   end
 
   describe '#diffable?' do
-    let(:commit) { project.commit('1a0b36b3cdad1d2ee32457c102a8c0b7056fa863') }
-    let(:diffs) { commit.diffs }
+    context 'when attributes exist' do
+      let(:commit) { project.commit('1a0b36b3cdad1d2ee32457c102a8c0b7056fa863') }
+      let(:diffs) { commit.diffs }
 
-    before do
-      info_dir_path = Gitlab::GitalyClient::StorageSettings.allow_disk_access do
-        File.join(project.repository.path_to_repo, 'info')
+      before do
+        info_dir_path = Gitlab::GitalyClient::StorageSettings.allow_disk_access do
+          File.join(project.repository.path_to_repo, 'info')
+        end
+
+        FileUtils.mkdir(info_dir_path) unless File.exist?(info_dir_path)
+        File.write(File.join(info_dir_path, 'attributes'), "*.md -diff\n")
       end
 
-      FileUtils.mkdir(info_dir_path) unless File.exist?(info_dir_path)
-      File.write(File.join(info_dir_path, 'attributes'), "*.md -diff\n")
+      it "returns true for files that do not have attributes" do
+        diff_file = diffs.diff_file_with_new_path('LICENSE')
+        expect(diff_file.diffable?).to be_truthy
+      end
+
+      it "returns false for files that have been marked as not being diffable in attributes" do
+        diff_file = diffs.diff_file_with_new_path('README.md')
+        expect(diff_file.diffable?).to be_falsey
+      end
     end
 
-    it "returns true for files that do not have attributes" do
-      diff_file = diffs.diff_file_with_new_path('LICENSE')
-      expect(diff_file.diffable?).to be_truthy
+    context 'when the text has binary notice' do
+      let(:commit) { project.commit('f05a98786e4274708e1fa118c7ad3a29d1d1b9a3') }
+      let(:diff_file) { commit.diffs.diff_file_with_new_path('VERSION') }
+
+      it "returns false" do
+        expect(diff_file.diffable?).to be_falsey
+      end
     end
 
-    it "returns false for files that have been marked as not being diffable in attributes" do
-      diff_file = diffs.diff_file_with_new_path('README.md')
-      expect(diff_file.diffable?).to be_falsey
+    context 'when the content is binary' do
+      let(:commit) { project.commit('2f63565e7aac07bcdadb654e253078b727143ec4') }
+      let(:diff_file) { commit.diffs.diff_file_with_new_path('files/images/6049019_460s.jpg') }
+
+      it "returns true" do
+        expect(diff_file.diffable?).to be_truthy
+      end
     end
   end
 
@@ -729,6 +749,18 @@ RSpec.describe Gitlab::Diff::File do
     end
   end
 
+  context 'when the the encoding of the file is unsupported' do
+    let(:commit) { project.commit('f05a98786e4274708e1fa118c7ad3a29d1d1b9a3') }
+    let(:diff_file) { commit.diffs.diff_file_with_new_path('VERSION') }
+
+    it 'returns a Not Diffable viewer' do
+      expect(diff_file.simple_viewer).to be_a(DiffViewer::NotDiffable)
+    end
+
+    it { expect(diff_file.highlighted_diff_lines).to eq([]) }
+    it { expect(diff_file.parallel_diff_lines).to eq([]) }
+  end
+
   describe '#diff_hunk' do
     context 'when first line is a match' do
       let(:raw_diff) do
diff --git a/spec/lib/gitlab/diff/parser_spec.rb b/spec/lib/gitlab/diff/parser_spec.rb
index 7448ae0b2ea..c8069f82f04 100644
--- a/spec/lib/gitlab/diff/parser_spec.rb
+++ b/spec/lib/gitlab/diff/parser_spec.rb
@@ -146,6 +146,16 @@ eos
     it { expect(parser.parse(nil)).to eq([]) }
   end
 
+  context 'when it is a binary notice' do
+    let(:diff)  do
+      <<~END
+        Binary files a/test and b/test differ
+      END
+    end
+
+    it { expect(parser.parse(diff.each_line)).to eq([]) }
+  end
+
   describe 'tolerates special diff markers in a content' do
     it "counts lines correctly" do
       diff = <<~END
diff --git a/spec/lib/gitlab/http_spec.rb b/spec/lib/gitlab/http_spec.rb
index 308f7f46251..71e80de9f89 100644
--- a/spec/lib/gitlab/http_spec.rb
+++ b/spec/lib/gitlab/http_spec.rb
@@ -27,6 +27,47 @@ RSpec.describe Gitlab::HTTP do
     end
   end
 
+  context 'when reading the response is too slow' do
+    before do
+      stub_const("#{described_class}::DEFAULT_READ_TOTAL_TIMEOUT", 0.001.seconds)
+
+      WebMock.stub_request(:post, /.*/).to_return do |request|
+        sleep 0.002.seconds
+        { body: 'I\m slow', status: 200 }
+      end
+    end
+
+    let(:options) { {} }
+
+    subject(:request_slow_responder) { described_class.post('http://example.org', **options) }
+
+    specify do
+      expect { request_slow_responder }.not_to raise_error
+    end
+
+    context 'with use_read_total_timeout option' do
+      let(:options) { { use_read_total_timeout: true } }
+
+      it 'raises a timeout error' do
+        expect { request_slow_responder }.to raise_error(Gitlab::HTTP::ReadTotalTimeout, /Request timed out after ?([0-9]*[.])?[0-9]+ seconds/)
+      end
+
+      context 'and timeout option' do
+        let(:options) { { use_read_total_timeout: true, timeout: 10.seconds } }
+
+        it 'overrides the default timeout when timeout option is present' do
+          expect { request_slow_responder }.not_to raise_error
+        end
+      end
+    end
+  end
+
+  it 'calls a block' do
+    WebMock.stub_request(:post, /.*/)
+
+    expect { |b| described_class.post('http://example.org', &b) }.to yield_with_args
+  end
+
   describe 'allow_local_requests_from_web_hooks_and_services is' do
     before do
       WebMock.stub_request(:get, /.*/).to_return(status: 200, body: 'Success')
diff --git a/spec/models/protected_branch/push_access_level_spec.rb b/spec/models/protected_branch/push_access_level_spec.rb
index 17a589f0485..fa84cd660cb 100644
--- a/spec/models/protected_branch/push_access_level_spec.rb
+++ b/spec/models/protected_branch/push_access_level_spec.rb
@@ -44,7 +44,7 @@ RSpec.describe ProtectedBranch::PushAccessLevel do
     let(:can_push) { true }
 
     before_all do
-      project.add_guest(user)
+      project.add_maintainer(user)
     end
 
     context 'when this push_access_level is tied to a deploy key' do
-- 
cgit v1.2.3