2020-03-13 15:44:24 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
require 'spec_helper'
|
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
describe Spam::SpamActionService do
|
|
|
|
include_context 'includes Spam constants'
|
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
let(:fake_ip) { '1.2.3.4' }
|
|
|
|
let(:fake_user_agent) { 'fake-user-agent' }
|
|
|
|
let(:fake_referrer) { 'fake-http-referrer' }
|
|
|
|
let(:env) do
|
|
|
|
{ 'action_dispatch.remote_ip' => fake_ip,
|
|
|
|
'HTTP_USER_AGENT' => fake_user_agent,
|
|
|
|
'HTTP_REFERRER' => fake_referrer }
|
|
|
|
end
|
|
|
|
let(:request) { double(:request, env: env) }
|
|
|
|
|
|
|
|
let_it_be(:project) { create(:project, :public) }
|
|
|
|
let_it_be(:user) { create(:user) }
|
2020-05-24 23:13:21 +05:30
|
|
|
let(:issue) { create(:issue, project: project, author: user) }
|
2020-03-13 15:44:24 +05:30
|
|
|
|
|
|
|
before do
|
|
|
|
issue.spam = false
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#initialize' do
|
2020-06-23 00:09:42 +05:30
|
|
|
subject { described_class.new(spammable: issue, request: request, user: user) }
|
2020-03-13 15:44:24 +05:30
|
|
|
|
|
|
|
context 'when the request is nil' do
|
|
|
|
let(:request) { nil }
|
|
|
|
|
|
|
|
it 'assembles the options with information from the spammable' do
|
|
|
|
aggregate_failures do
|
|
|
|
expect(subject.options[:ip_address]).to eq(issue.ip_address)
|
|
|
|
expect(subject.options[:user_agent]).to eq(issue.user_agent)
|
|
|
|
expect(subject.options.key?(:referrer)).to be_falsey
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the request is present' do
|
|
|
|
let(:request) { double(:request, env: env) }
|
|
|
|
|
|
|
|
it 'assembles the options with information from the spammable' do
|
|
|
|
aggregate_failures do
|
|
|
|
expect(subject.options[:ip_address]).to eq(fake_ip)
|
|
|
|
expect(subject.options[:user_agent]).to eq(fake_user_agent)
|
|
|
|
expect(subject.options[:referrer]).to eq(fake_referrer)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-04-22 19:07:51 +05:30
|
|
|
shared_examples 'only checks for spam if a request is provided' do
|
|
|
|
context 'when request is missing' do
|
2020-06-23 00:09:42 +05:30
|
|
|
subject { described_class.new(spammable: issue, request: nil, user: user) }
|
2020-04-22 19:07:51 +05:30
|
|
|
|
|
|
|
it "doesn't check as spam" do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(issue).not_to be_spam
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when request exists' do
|
|
|
|
it 'creates a spam log' do
|
|
|
|
expect { subject }
|
|
|
|
.to log_spam(title: issue.title, description: issue.description, noteable_type: 'Issue')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
describe '#execute' do
|
|
|
|
let(:request) { double(:request, env: env) }
|
2020-05-24 23:13:21 +05:30
|
|
|
let(:fake_verdict_service) { double(:spam_verdict_service) }
|
|
|
|
let(:allowlisted) { false }
|
2020-03-13 15:44:24 +05:30
|
|
|
|
|
|
|
let_it_be(:existing_spam_log) { create(:spam_log, user: user, recaptcha_verified: false) }
|
|
|
|
|
|
|
|
subject do
|
2020-06-23 00:09:42 +05:30
|
|
|
described_service = described_class.new(spammable: issue, request: request, user: user)
|
2020-05-24 23:13:21 +05:30
|
|
|
allow(described_service).to receive(:allowlisted?).and_return(allowlisted)
|
2020-06-23 00:09:42 +05:30
|
|
|
described_service.execute(api: nil, recaptcha_verified: recaptcha_verified, spam_log_id: existing_spam_log.id)
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
before do
|
|
|
|
allow(Spam::SpamVerdictService).to receive(:new).and_return(fake_verdict_service)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when reCAPTCHA was already verified' do
|
2020-03-13 15:44:24 +05:30
|
|
|
let(:recaptcha_verified) { true }
|
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
it "doesn't check with the SpamVerdictService" do
|
2020-03-13 15:44:24 +05:30
|
|
|
aggregate_failures do
|
2020-05-24 23:13:21 +05:30
|
|
|
expect(SpamLog).to receive(:verify_recaptcha!)
|
|
|
|
expect(fake_verdict_service).not_to receive(:execute)
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
subject
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'updates spam log' do
|
2020-04-22 19:07:51 +05:30
|
|
|
expect { subject }.to change { existing_spam_log.reload.recaptcha_verified }.from(false).to(true)
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
context 'when reCAPTCHA was not verified' do
|
2020-03-13 15:44:24 +05:30
|
|
|
let(:recaptcha_verified) { false }
|
|
|
|
|
|
|
|
context 'when spammable attributes have not changed' do
|
|
|
|
before do
|
|
|
|
issue.closed_at = Time.zone.now
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not create a spam log' do
|
|
|
|
expect { subject }
|
|
|
|
.not_to change { SpamLog.count }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when spammable attributes have changed' do
|
|
|
|
before do
|
|
|
|
issue.description = 'SPAM!'
|
|
|
|
end
|
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
context 'if allowlisted' do
|
|
|
|
let(:allowlisted) { true }
|
|
|
|
|
|
|
|
it 'does not perform spam check' do
|
|
|
|
expect(Spam::SpamVerdictService).not_to receive(:new)
|
|
|
|
|
|
|
|
subject
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when disallowed by the spam verdict service' do
|
2020-03-13 15:44:24 +05:30
|
|
|
before do
|
2020-05-24 23:13:21 +05:30
|
|
|
allow(fake_verdict_service).to receive(:execute).and_return(DISALLOW)
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'when allow_possible_spam feature flag is false' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(allow_possible_spam: false)
|
|
|
|
end
|
|
|
|
|
2020-04-22 19:07:51 +05:30
|
|
|
it_behaves_like 'only checks for spam if a request is provided'
|
2020-03-13 15:44:24 +05:30
|
|
|
|
2020-04-22 19:07:51 +05:30
|
|
|
it 'marks as spam' do
|
2020-03-13 15:44:24 +05:30
|
|
|
subject
|
|
|
|
|
2020-04-22 19:07:51 +05:30
|
|
|
expect(issue).to be_spam
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when allow_possible_spam feature flag is true' do
|
2020-04-22 19:07:51 +05:30
|
|
|
it_behaves_like 'only checks for spam if a request is provided'
|
2020-03-13 15:44:24 +05:30
|
|
|
|
2020-04-22 19:07:51 +05:30
|
|
|
it 'does not mark as spam' do
|
2020-03-13 15:44:24 +05:30
|
|
|
subject
|
|
|
|
|
2020-04-22 19:07:51 +05:30
|
|
|
expect(issue).not_to be_spam
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-06-23 00:09:42 +05:30
|
|
|
context 'when spam verdict service conditionally allows' do
|
2020-03-13 15:44:24 +05:30
|
|
|
before do
|
2020-06-23 00:09:42 +05:30
|
|
|
allow(fake_verdict_service).to receive(:execute).and_return(CONDITIONAL_ALLOW)
|
2020-05-24 23:13:21 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'when allow_possible_spam feature flag is false' do
|
|
|
|
before do
|
|
|
|
stub_feature_flags(allow_possible_spam: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
it_behaves_like 'only checks for spam if a request is provided'
|
|
|
|
|
|
|
|
it 'does not mark as spam' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(issue).not_to be_spam
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'marks as needing reCAPTCHA' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(issue.needs_recaptcha?).to be_truthy
|
|
|
|
end
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
context 'when allow_possible_spam feature flag is true' do
|
|
|
|
it_behaves_like 'only checks for spam if a request is provided'
|
|
|
|
|
|
|
|
it 'does not mark as needing reCAPTCHA' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(issue.needs_recaptcha).to be_falsey
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when spam verdict service allows creation' do
|
|
|
|
before do
|
|
|
|
allow(fake_verdict_service).to receive(:execute).and_return(ALLOW)
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not create a spam log' do
|
|
|
|
expect { subject }
|
|
|
|
.not_to change { SpamLog.count }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|