debian-mirror-gitlab/spec/finders/notes_finder_spec.rb

466 lines
16 KiB
Ruby
Raw Normal View History

2019-12-21 20:55:43 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
require 'spec_helper'
2020-06-23 00:09:42 +05:30
RSpec.describe NotesFinder do
2014-09-02 18:07:02 +05:30
let(:user) { create :user }
2017-09-10 17:25:29 +05:30
let(:project) { create(:project) }
2014-09-02 18:07:02 +05:30
before do
2018-11-18 11:00:15 +05:30
project.add_maintainer(user)
2014-09-02 18:07:02 +05:30
end
2016-08-24 12:49:21 +05:30
describe '#execute' do
2018-12-13 13:39:08 +05:30
context 'when notes filter is present' do
let!(:comment) { create(:note_on_issue, project: project) }
let!(:system_note) { create(:note_on_issue, project: project, system: true) }
it 'returns only user notes when using only_comments filter' do
2019-10-12 21:52:04 +05:30
finder = described_class.new(user, project: project, notes_filter: UserPreference::NOTES_FILTERS[:only_comments])
2018-12-13 13:39:08 +05:30
notes = finder.execute
expect(notes).to match_array(comment)
end
it 'returns only system notes when using only_activity filters' do
2019-10-12 21:52:04 +05:30
finder = described_class.new(user, project: project, notes_filter: UserPreference::NOTES_FILTERS[:only_activity])
2018-12-13 13:39:08 +05:30
notes = finder.execute
expect(notes).to match_array(system_note)
end
it 'gets all notes' do
2019-10-12 21:52:04 +05:30
finder = described_class.new(user, project: project, notes_filter: UserPreference::NOTES_FILTERS[:all_activity])
2018-12-13 13:39:08 +05:30
notes = finder.execute
expect(notes).to match_array([comment, system_note])
end
end
2017-01-15 13:20:01 +05:30
it 'finds notes on merge requests' do
create(:note_on_merge_request, project: project)
2019-10-12 21:52:04 +05:30
notes = described_class.new(user, project: project).execute
2017-01-15 13:20:01 +05:30
expect(notes.count).to eq(1)
2014-09-02 18:07:02 +05:30
end
2017-01-15 13:20:01 +05:30
it 'finds notes on snippets' do
create(:note_on_project_snippet, project: project)
2019-10-12 21:52:04 +05:30
notes = described_class.new(user, project: project).execute
2017-01-15 13:20:01 +05:30
expect(notes.count).to eq(1)
2014-09-02 18:07:02 +05:30
end
2017-01-15 13:20:01 +05:30
it "excludes notes on commits the author can't download" do
2017-08-17 22:00:37 +05:30
project = create(:project, :private, :repository)
2017-01-15 13:20:01 +05:30
note = create(:note_on_commit, project: project)
params = { target_type: 'commit', target_id: note.noteable.id }
2019-10-12 21:52:04 +05:30
notes = described_class.new(create(:user), params).execute
2017-01-15 13:20:01 +05:30
expect(notes.count).to eq(0)
2014-09-02 18:07:02 +05:30
end
2017-01-15 13:20:01 +05:30
it 'succeeds when no notes found' do
2019-10-12 21:52:04 +05:30
notes = described_class.new(create(:user), project: project).execute
2017-01-15 13:20:01 +05:30
expect(notes.count).to eq(0)
2014-09-02 18:07:02 +05:30
end
2017-01-15 13:20:01 +05:30
context 'on restricted projects' do
let(:project) do
2023-06-20 00:43:36 +05:30
create(
:project,
:public,
:issues_private,
:snippets_private,
:merge_requests_private
)
2017-01-15 13:20:01 +05:30
end
it 'publicly excludes notes on merge requests' do
create(:note_on_merge_request, project: project)
2019-10-12 21:52:04 +05:30
notes = described_class.new(create(:user), project: project).execute
2017-01-15 13:20:01 +05:30
expect(notes.count).to eq(0)
end
it 'publicly excludes notes on issues' do
create(:note_on_issue, project: project)
2019-10-12 21:52:04 +05:30
notes = described_class.new(create(:user), project: project).execute
2017-01-15 13:20:01 +05:30
expect(notes.count).to eq(0)
end
it 'publicly excludes notes on snippets' do
create(:note_on_project_snippet, project: project)
2019-10-12 21:52:04 +05:30
notes = described_class.new(create(:user), project: project).execute
2017-01-15 13:20:01 +05:30
expect(notes.count).to eq(0)
end
end
2023-05-08 21:46:49 +05:30
context 'for notes on public issue in public project' do
let_it_be(:public_project) { create(:project, :public) }
let_it_be(:guest_member) { create(:user) }
let_it_be(:reporter_member) { create(:user) }
let_it_be(:guest_project_member) { create(:project_member, :guest, user: guest_member, project: public_project) }
let_it_be(:reporter_project_member) { create(:project_member, :reporter, user: reporter_member, project: public_project) }
let_it_be(:internal_note) { create(:note_on_issue, project: public_project, internal: true) }
let_it_be(:public_note) { create(:note_on_issue, project: public_project) }
it 'shows all notes when the current_user has reporter access' do
notes = described_class.new(reporter_member, project: public_project).execute
expect(notes).to contain_exactly internal_note, public_note
end
it 'shows only public notes when the current_user has guest access' do
notes = described_class.new(guest_member, project: public_project).execute
expect(notes).to contain_exactly public_note
end
end
2023-06-20 00:43:36 +05:30
context 'for notes from users who have been banned', :enable_admin_mode, feature_category: :instance_resiliency do
subject(:finder) { described_class.new(user, project: project).execute }
let_it_be(:banned_user) { create(:banned_user).user }
let!(:banned_note) { create(:note_on_issue, project: project, author: banned_user) }
context 'when :hidden_notes feature is not enabled' do
before do
stub_feature_flags(hidden_notes: false)
end
context 'when user is not an admin' do
it { is_expected.to include(banned_note) }
end
context 'when @current_user is nil' do
let(:user) { nil }
it { is_expected.to be_empty }
end
end
context 'when :hidden_notes feature is enabled' do
before do
stub_feature_flags(hidden_notes: true)
end
context 'when user is an admin' do
let(:user) { create(:admin) }
it { is_expected.to include(banned_note) }
end
context 'when user is not an admin' do
it { is_expected.not_to include(banned_note) }
end
context 'when @current_user is nil' do
let(:user) { nil }
it { is_expected.to be_empty }
end
end
end
2018-03-27 19:54:05 +05:30
context 'for target type' do
let(:project) { create(:project, :repository) }
let!(:note1) { create :note_on_issue, project: project }
let!(:note2) { create :note_on_commit, project: project }
it 'finds only notes for the selected type' do
2019-10-12 21:52:04 +05:30
notes = described_class.new(user, project: project, target_type: 'issue').execute
2018-03-27 19:54:05 +05:30
expect(notes).to eq([note1])
end
end
2017-01-15 13:20:01 +05:30
context 'for target' do
2017-08-17 22:00:37 +05:30
let(:project) { create(:project, :repository) }
2019-10-12 21:52:04 +05:30
let!(:note1) { create :note_on_commit, project: project }
let!(:note2) { create :note_on_commit, project: project }
2017-01-15 13:20:01 +05:30
let(:commit) { note1.noteable }
2020-07-28 23:09:34 +05:30
let(:params) { { project: project, target_id: commit.id, target_type: 'commit', last_fetched_at: 1.hour.ago } }
2017-01-15 13:20:01 +05:30
it 'finds all notes' do
2019-10-12 21:52:04 +05:30
notes = described_class.new(user, params).execute
2017-01-15 13:20:01 +05:30
expect(notes.size).to eq(2)
end
it 'finds notes on merge requests' do
note = create(:note_on_merge_request, project: project)
2019-10-12 21:52:04 +05:30
params = { project: project, target_type: 'merge_request', target_id: note.noteable.id }
2017-01-15 13:20:01 +05:30
2019-10-12 21:52:04 +05:30
notes = described_class.new(user, params).execute
2017-01-15 13:20:01 +05:30
expect(notes).to include(note)
end
it 'finds notes on snippets' do
note = create(:note_on_project_snippet, project: project)
2019-10-12 21:52:04 +05:30
params = { project: project, target_type: 'snippet', target_id: note.noteable.id }
2019-10-12 21:52:04 +05:30
notes = described_class.new(user, params).execute
2017-01-15 13:20:01 +05:30
expect(notes.count).to eq(1)
end
2017-01-15 13:20:01 +05:30
it 'raises an exception for an invalid target_type' do
2017-08-17 22:00:37 +05:30
params[:target_type] = 'invalid'
2019-10-12 21:52:04 +05:30
expect { described_class.new(user, params).execute }.to raise_error("invalid target_type '#{params[:target_type]}'")
2017-01-15 13:20:01 +05:30
end
it 'filters out old notes' do
note2.update_attribute(:updated_at, 2.hours.ago)
2019-10-12 21:52:04 +05:30
notes = described_class.new(user, params).execute
2017-01-15 13:20:01 +05:30
expect(notes).to eq([note1])
end
context 'confidential issue notes' do
let(:confidential_issue) { create(:issue, :confidential, project: project, author: user) }
let!(:confidential_note) { create(:note, noteable: confidential_issue, project: confidential_issue.project) }
2020-07-28 23:09:34 +05:30
let(:params) { { project: confidential_issue.project, target_id: confidential_issue.id, target_type: 'issue', last_fetched_at: 1.hour.ago } }
2017-01-15 13:20:01 +05:30
it 'returns notes if user can see the issue' do
2019-10-12 21:52:04 +05:30
expect(described_class.new(user, params).execute).to eq([confidential_note])
2017-01-15 13:20:01 +05:30
end
it 'raises an error if user can not see the issue' do
user = create(:user)
2019-10-12 21:52:04 +05:30
expect { described_class.new(user, params).execute }.to raise_error(ActiveRecord::RecordNotFound)
2017-01-15 13:20:01 +05:30
end
it 'raises an error for project members with guest role' do
user = create(:user)
2018-03-17 18:26:18 +05:30
project.add_guest(user)
2017-01-15 13:20:01 +05:30
2019-10-12 21:52:04 +05:30
expect { described_class.new(user, params).execute }.to raise_error(ActiveRecord::RecordNotFound)
2017-01-15 13:20:01 +05:30
end
end
2023-03-04 22:38:38 +05:30
context 'when targeting personal_snippet' do
using RSpec::Parameterized::TableSyntax
let(:author) { create(:user) }
let(:user) { create(:user, email: 'foo@baz.com') }
let(:admin) { create(:admin) }
where(:snippet_visibility, :current_user, :access) do
Snippet::PRIVATE | ref(:author) | true
Snippet::PRIVATE | ref(:admin) | true
Snippet::PRIVATE | ref(:user) | false
Snippet::PUBLIC | ref(:author) | true
Snippet::PUBLIC | ref(:user) | true
end
with_them do
let(:personal_snippet) { create(:personal_snippet, author: author, visibility_level: snippet_visibility) }
let(:note) { create(:note, noteable: personal_snippet) }
let(:params) { { project: project, target_type: 'personal_snippet', target_id: note.noteable.id } }
subject(:notes) do
described_class.new(current_user, params).execute
end
before do
allow(admin).to receive(:can_read_all_resources?).and_return(true)
end
it 'returns the proper access' do
if access
expect(notes.count).to eq(1)
else
expect { notes }.to raise_error(::ActiveRecord::RecordNotFound)
end
end
end
end
2017-01-15 13:20:01 +05:30
end
2019-10-12 21:52:04 +05:30
context 'for explicit target' do
let(:project) { create(:project, :repository) }
let!(:note1) { create :note_on_commit, project: project, created_at: 1.day.ago, updated_at: 2.hours.ago }
let!(:note2) { create :note_on_commit, project: project }
let(:commit) { note1.noteable }
let(:params) { { project: project, target: commit } }
it 'returns the expected notes' do
expect(described_class.new(user, params).execute).to eq([note1, note2])
end
it 'returns the expected notes when last_fetched_at is given' do
2020-07-28 23:09:34 +05:30
params = { project: project, target: commit, last_fetched_at: 1.hour.ago }
2019-10-12 21:52:04 +05:30
expect(described_class.new(user, params).execute).to eq([note2])
end
it 'fails when nil is provided' do
params = { project: project, target: nil }
expect { described_class.new(user, params).execute }.to raise_error(RuntimeError)
end
end
2021-04-29 21:17:54 +05:30
describe 'sorting' do
it 'allows sorting' do
params = { project: project, sort: 'id_desc' }
expect(Note).to receive(:order_id_desc).once
described_class.new(user, params).execute
end
it 'defaults to sort by .fresh' do
params = { project: project }
expect(Note).to receive(:fresh).once
described_class.new(user, params).execute
end
end
2017-01-15 13:20:01 +05:30
end
describe '.search' do
2017-09-10 17:25:29 +05:30
let(:project) { create(:project, :public) }
2017-01-15 13:20:01 +05:30
let(:note) { create(:note_on_issue, note: 'WoW', project: project) }
it 'returns notes with matching content' do
2019-10-12 21:52:04 +05:30
expect(described_class.new(nil, project: note.project, search: note.note).execute).to eq([note])
2017-01-15 13:20:01 +05:30
end
it 'returns notes with matching content regardless of the casing' do
2019-10-12 21:52:04 +05:30
expect(described_class.new(nil, project: note.project, search: 'WOW').execute).to eq([note])
2017-01-15 13:20:01 +05:30
end
it 'returns commit notes user can access' do
note = create(:note_on_commit, project: project)
2019-10-12 21:52:04 +05:30
expect(described_class.new(create(:user), project: note.project, search: note.note).execute).to eq([note])
2017-01-15 13:20:01 +05:30
end
context "confidential issues" do
let(:user) { create(:user) }
let(:confidential_issue) { create(:issue, :confidential, project: project, author: user) }
let(:confidential_note) { create(:note, note: "Random", noteable: confidential_issue, project: confidential_issue.project) }
it "returns notes with matching content if user can see the issue" do
2019-10-12 21:52:04 +05:30
expect(described_class.new(user, project: confidential_note.project, search: confidential_note.note).execute).to eq([confidential_note])
2017-01-15 13:20:01 +05:30
end
it "does not return notes with matching content if user can not see the issue" do
user = create(:user)
2019-10-12 21:52:04 +05:30
expect(described_class.new(user, project: confidential_note.project, search: confidential_note.note).execute).to be_empty
end
2016-08-24 12:49:21 +05:30
2017-01-15 13:20:01 +05:30
it "does not return notes with matching content for project members with guest role" do
2016-08-24 12:49:21 +05:30
user = create(:user)
2018-03-17 18:26:18 +05:30
project.add_guest(user)
2019-10-12 21:52:04 +05:30
expect(described_class.new(user, project: confidential_note.project, search: confidential_note.note).execute).to be_empty
2017-01-15 13:20:01 +05:30
end
it "does not return notes with matching content for unauthenticated users" do
2019-10-12 21:52:04 +05:30
expect(described_class.new(nil, project: confidential_note.project, search: confidential_note.note).execute).to be_empty
2017-01-15 13:20:01 +05:30
end
end
context 'inlines SQL filters on subqueries for performance' do
2019-10-12 21:52:04 +05:30
let(:sql) { described_class.new(nil, project: note.project, search: note.note).execute.to_sql }
2017-01-15 13:20:01 +05:30
let(:number_of_noteable_types) { 4 }
specify 'project_id check' do
expect(sql.scan(/project_id/).count).to be >= (number_of_noteable_types + 2)
end
2016-08-24 12:49:21 +05:30
2017-01-15 13:20:01 +05:30
specify 'search filter' do
expect(sql.scan(/LIKE/).count).to be >= number_of_noteable_types
2016-08-24 12:49:21 +05:30
end
end
2014-09-02 18:07:02 +05:30
end
2017-08-17 22:00:37 +05:30
describe '#target' do
2019-10-12 21:52:04 +05:30
subject { described_class.new(user, params) }
2017-08-17 22:00:37 +05:30
context 'for a issue target' do
let(:issue) { create(:issue, project: project) }
2019-10-12 21:52:04 +05:30
let(:params) { { project: project, target_type: 'issue', target_id: issue.id } }
2017-08-17 22:00:37 +05:30
it 'returns the issue' do
expect(subject.target).to eq(issue)
end
end
context 'for a merge request target' do
let(:merge_request) { create(:merge_request, source_project: project) }
2019-10-12 21:52:04 +05:30
let(:params) { { project: project, target_type: 'merge_request', target_id: merge_request.id } }
2017-08-17 22:00:37 +05:30
it 'returns the merge_request' do
expect(subject.target).to eq(merge_request)
end
end
context 'for a snippet target' do
let(:snippet) { create(:project_snippet, project: project) }
2019-10-12 21:52:04 +05:30
let(:params) { { project: project, target_type: 'snippet', target_id: snippet.id } }
2017-08-17 22:00:37 +05:30
it 'returns the snippet' do
expect(subject.target).to eq(snippet)
end
end
context 'for a commit target' do
let(:project) { create(:project, :repository) }
let(:commit) { project.commit }
2019-10-12 21:52:04 +05:30
let(:params) { { project: project, target_type: 'commit', target_id: commit.id } }
2017-08-17 22:00:37 +05:30
it 'returns the commit' do
expect(subject.target).to eq(commit)
end
2023-03-04 22:38:38 +05:30
context 'user does not have permission to read_code' do
before do
allow(Ability).to receive(:allowed?).with(user, :read_code, project).and_return false
end
it 'returns nil' do
expect(subject.target).to be_nil
end
end
2017-08-17 22:00:37 +05:30
end
2019-09-30 21:07:59 +05:30
context 'target_iid' do
let(:issue) { create(:issue, project: project) }
let(:merge_request) { create(:merge_request, source_project: project, target_project: project) }
it 'finds issues by iid' do
2019-10-12 21:52:04 +05:30
iid_params = { project: project, target_type: 'issue', target_iid: issue.iid }
expect(described_class.new(user, iid_params).target).to eq(issue)
2019-09-30 21:07:59 +05:30
end
it 'finds merge requests by iid' do
2019-10-12 21:52:04 +05:30
iid_params = { project: project, target_type: 'merge_request', target_iid: merge_request.iid }
expect(described_class.new(user, iid_params).target).to eq(merge_request)
2019-09-30 21:07:59 +05:30
end
it 'returns nil if both target_id and target_iid are not given' do
2019-10-12 21:52:04 +05:30
params_without_any_id = { project: project, target_type: 'issue' }
expect(described_class.new(user, params_without_any_id).target).to be_nil
2019-09-30 21:07:59 +05:30
end
it 'prioritizes target_id over target_iid' do
issue2 = create(:issue, project: project)
2019-10-12 21:52:04 +05:30
iid_params = { project: project, target_type: 'issue', target_id: issue2.id, target_iid: issue.iid }
expect(described_class.new(user, iid_params).target).to eq(issue2)
2019-09-30 21:07:59 +05:30
end
end
2017-08-17 22:00:37 +05:30
end
2014-09-02 18:07:02 +05:30
end