Merge branch 'master' into sh-bring-back-option-to-be-notified-of-own-activity

author: Stan Hu <stanhu@gmail.com> 2017-03-24 15:02:23 -0700
committer: Stan Hu <stanhu@gmail.com> 2017-03-24 15:02:23 -0700
commit: e1bb8c99cf7840c8b5d981111857b7d16b9cc1bd (patch)
tree: 9737570f75dbb84a325537cd1863301e42234fee /spec/controllers
parent: f6ededfa07a2fe9f3dd1c4d7e247b0f784f8181a (diff)
parent: f1e1e51311b6f50c98b3e1476942107269c28a97 (diff)
download: gitlab-ce-e1bb8c99cf7840c8b5d981111857b7d16b9cc1bd.tar.gz
5 files changed, 142 insertions, 3 deletions
diff --git a/spec/controllers/admin/application_settings_controller_spec.rb b/spec/controllers/admin/application_settings_controller_spec.rb
new file mode 100644
index 00000000000..84a1ce773a1
--- /dev/null
+++ b/spec/controllers/admin/application_settings_controller_spec.rb
@@ -0,0 +1,28 @@
+require 'spec_helper'
+
+describe Admin::ApplicationSettingsController do
+  include StubENV
+
+  let(:admin) { create(:admin) }
+
+  before do
+    sign_in(admin)
+    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
+  end
+
+  describe 'PATCH #update' do
+    it 'updates the default_project_visibility for string value' do
+      patch :update, application_setting: { default_project_visibility: "20" }
+
+      expect(response).to redirect_to(admin_application_settings_path)
+      expect(ApplicationSetting.current.default_project_visibility).to eq Gitlab::VisibilityLevel::PUBLIC
+    end
+
+    it 'falls back to default with default_project_visibility setting is omitted' do
+      patch :update, application_setting: {}
+
+      expect(response).to redirect_to(admin_application_settings_path)
+      expect(ApplicationSetting.current.default_project_visibility).to eq Gitlab::VisibilityLevel::PRIVATE
+    end
+  end
+end
diff --git a/spec/controllers/import/bitbucket_controller_spec.rb b/spec/controllers/import/bitbucket_controller_spec.rb
index fa4cc0ebbe0..51f23e4eeb9 100644
--- a/spec/controllers/import/bitbucket_controller_spec.rb
+++ b/spec/controllers/import/bitbucket_controller_spec.rb
@@ -112,6 +112,17 @@ describe Import::BitbucketController do
           post :create, format: :js
         end
       end
+
+      context 'when the Bitbucket user is unauthorized' do
+        render_views
+
+        it 'returns unauthorized' do
+          allow(controller).to receive(:current_user).and_return(user)
+          allow(user).to receive(:can?).and_return(false)
+
+          post :create, format: :js
+        end
+      end
     end
 
     context "when the repository owner is not the Bitbucket user" do
diff --git a/spec/controllers/projects/builds_controller_specs.rb b/spec/controllers/projects/builds_controller_specs.rb
new file mode 100644
index 00000000000..d501f7b3155
--- /dev/null
+++ b/spec/controllers/projects/builds_controller_specs.rb
@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe Projects::BuildsController do
+  include ApiHelpers
+
+  let(:project) { create(:empty_project, :public) }
+
+  describe 'GET trace.json' do
+    let(:pipeline) { create(:ci_pipeline, project: project) }
+    let(:build) { create(:ci_build, pipeline: pipeline) }
+    let(:user) { create(:user) }
+
+    context 'when user is logged in as developer' do
+      before do
+        project.add_developer(user)
+        sign_in(user)
+        get_trace
+      end
+
+      it 'traces build log' do
+        expect(response).to have_http_status(:ok)
+        expect(json_response['id']).to eq build.id
+        expect(json_response['status']).to eq build.status
+      end
+    end
+
+    context 'when user is logged in as non member' do
+      before do
+        sign_in(user)
+        get_trace
+      end
+
+      it 'traces build log' do
+        expect(response).to have_http_status(:ok)
+        expect(json_response['id']).to eq build.id
+        expect(json_response['status']).to eq build.status
+      end
+    end
+
+    def get_trace
+      get :trace, namespace_id: project.namespace,
+                  project_id: project,
+                  id: build.id,
+                  format: :json
+    end
+  end
+end
diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb
index 8263301c439..c467ab9fb8a 100644
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -152,6 +152,24 @@ describe Projects::IssuesController do
 
     it_behaves_like 'update invalid issuable', Issue
 
+    context 'changing the assignee' do
+      it 'limits the attributes exposed on the assignee' do
+        assignee = create(:user)
+        project.add_developer(assignee)
+
+        put :update,
+          namespace_id: project.namespace.to_param,
+          project_id: project,
+          id: issue.iid,
+          issue: { assignee_id: assignee.id },
+          format: :json
+        body = JSON.parse(response.body)
+
+        expect(body['assignee'].keys)
+          .to match_array(%w(name username avatar_url))
+      end
+    end
+
     context 'when moving issue to another private project' do
       let(:another_project) { create(:empty_project, :private) }
 
@@ -223,10 +241,27 @@ describe Projects::IssuesController do
               expect(spam_logs.first.recaptcha_verified).to be_falsey
             end
 
-            it 'renders verify template' do
-              update_spam_issue
+            context 'as HTML' do
+              it 'renders verify template' do
+                update_spam_issue
+
+                expect(response).to render_template(:verify)
+              end
+            end
+
+            context 'as JSON' do
+              before do
+                update_issue({ title: 'Spam Title', description: 'Spam lives here' }, format: :json)
+              end
+
+              it 'renders json errors' do
+                expect(json_response)
+                  .to eql("errors" => ["Your issue has been recognized as spam. Please, change the content or solve the reCAPTCHA to proceed."])
+              end
 
-              expect(response).to render_template(:verify)
+              it 'returns 422 status' do
+                expect(response).to have_http_status(422)
+              end
             end
           end
 
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index 250d64f7055..c310d830e81 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -203,6 +203,24 @@ describe Projects::MergeRequestsController do
   end
 
   describe 'PUT update' do
+    context 'changing the assignee' do
+      it 'limits the attributes exposed on the assignee' do
+        assignee = create(:user)
+        project.add_developer(assignee)
+
+        put :update,
+          namespace_id: project.namespace.to_param,
+          project_id: project,
+          id: merge_request.iid,
+          merge_request: { assignee_id: assignee.id },
+          format: :json
+        body = JSON.parse(response.body)
+
+        expect(body['assignee'].keys)
+          .to match_array(%w(name username avatar_url))
+      end
+    end
+
     context 'there is no source project' do
       let(:project)       { create(:project) }
       let(:fork_project)  { create(:forked_project_with_submodules) }
author	Stan Hu <stanhu@gmail.com>	2017-03-24 15:02:23 -0700
committer	Stan Hu <stanhu@gmail.com>	2017-03-24 15:02:23 -0700
commit	e1bb8c99cf7840c8b5d981111857b7d16b9cc1bd (patch)
tree	9737570f75dbb84a325537cd1863301e42234fee /spec/controllers
parent	f6ededfa07a2fe9f3dd1c4d7e247b0f784f8181a (diff)
parent	f1e1e51311b6f50c98b3e1476942107269c28a97 (diff)
download	gitlab-ce-e1bb8c99cf7840c8b5d981111857b7d16b9cc1bd.tar.gz