debian-mirror-gitlab/spec/requests/api/markdown_spec.rb

232 lines
8.6 KiB
Ruby
Raw Normal View History

2019-12-26 22:10:19 +05:30
# frozen_string_literal: true
2018-11-08 19:23:39 +05:30
require "spec_helper"
2020-07-28 23:09:34 +05:30
RSpec.describe API::Markdown do
2018-11-08 19:23:39 +05:30
describe "POST /markdown" do
let(:user) {} # No-op. It gets overwritten in the contexts below.
2022-08-27 11:52:29 +05:30
let(:disable_authenticate_markdown_api) { false }
2018-11-08 19:23:39 +05:30
before do
2019-03-02 22:35:43 +05:30
stub_commonmark_sourcepos_disabled
2022-08-27 11:52:29 +05:30
stub_feature_flags(authenticate_markdown_api: false) if disable_authenticate_markdown_api
2019-03-02 22:35:43 +05:30
2019-02-15 15:39:39 +05:30
post api("/markdown", user), params: params
2018-11-08 19:23:39 +05:30
end
shared_examples "rendered markdown text without GFM" do
it "renders markdown text" do
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:created)
2018-11-08 19:23:39 +05:30
expect(response.headers["Content-Type"]).to eq("application/json")
expect(json_response).to be_a(Hash)
expect(json_response["html"]).to eq("<p>#{text}</p>")
end
end
2022-08-27 11:52:29 +05:30
shared_examples '404 Project Not Found' do
it 'responds with 404 Not Found' do
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2018-11-08 19:23:39 +05:30
expect(response.headers["Content-Type"]).to eq("application/json")
expect(json_response).to be_a(Hash)
2022-08-27 11:52:29 +05:30
expect(json_response['message']).to eq('404 Project Not Found')
2018-11-08 19:23:39 +05:30
end
end
2022-08-27 11:52:29 +05:30
shared_examples '400 Bad Request' do
it 'responds with 400 Bad Request' do
expect(response).to have_gitlab_http_status(:bad_request)
expect(response.headers['Content-Type']).to eq('application/json')
expect(json_response).to be_a(Hash)
expect(json_response['error']).to eq('text is missing')
end
end
context 'when not logged in' do
let(:user) {}
let(:params) { {} }
2018-11-08 19:23:39 +05:30
2022-08-27 11:52:29 +05:30
context 'and authenticate_markdown_api turned on' do
it 'responds with 401 Unathorized' do
expect(response).to have_gitlab_http_status(:unauthorized)
expect(response.headers['Content-Type']).to eq('application/json')
2018-11-08 19:23:39 +05:30
expect(json_response).to be_a(Hash)
2022-08-27 11:52:29 +05:30
expect(json_response['message']).to eq('401 Unauthorized')
2018-11-08 19:23:39 +05:30
end
end
2022-08-27 11:52:29 +05:30
context 'and authenticate_markdown_api turned off' do
let(:disable_authenticate_markdown_api) { true }
it_behaves_like '400 Bad Request'
end
end
context 'when arguments are invalid' do
let(:user) { create(:user) }
context 'when text is missing' do
let(:params) { {} }
it_behaves_like '400 Bad Request'
end
2018-11-08 19:23:39 +05:30
context "when project is not found" do
let(:params) { { text: "Hello world!", gfm: true, project: "Dummy project" } }
it_behaves_like "404 Project Not Found"
end
end
context "when arguments are valid" do
2020-03-13 15:44:24 +05:30
let_it_be(:project) { create(:project) }
let_it_be(:issue) { create(:issue, project: project) }
2021-09-30 23:02:18 +05:30
2022-08-27 11:52:29 +05:30
let(:user) { create(:user) }
2020-06-23 00:09:42 +05:30
let(:issue_url) { "http://#{Gitlab.config.gitlab.host}/#{issue.project.namespace.path}/#{issue.project.path}/-/issues/#{issue.iid}" }
2018-11-08 19:23:39 +05:30
let(:text) { ":tada: Hello world! :100: #{issue.to_reference}" }
context "when not using gfm" do
context "without project" do
let(:params) { { text: text } }
it_behaves_like "rendered markdown text without GFM"
end
context "with project" do
let(:params) { { text: text, project: project.full_path } }
context "when not authorized" do
it_behaves_like "404 Project Not Found"
end
context "when authorized" do
2022-04-04 11:22:00 +05:30
let(:user) { project.first_owner }
2018-11-08 19:23:39 +05:30
it_behaves_like "rendered markdown text without GFM"
end
end
end
context "when using gfm" do
context "without project" do
let(:params) { { text: text, gfm: true } }
it "renders markdown text" do
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:created)
2018-11-08 19:23:39 +05:30
expect(response.headers["Content-Type"]).to eq("application/json")
expect(json_response).to be_a(Hash)
expect(json_response["html"]).to include("Hello world!")
.and include('data-name="tada"')
.and include('data-name="100"')
.and include("#1")
2020-06-23 00:09:42 +05:30
.and exclude("<a href=\"#{issue_url}\"")
2018-11-08 19:23:39 +05:30
.and exclude("#1</a>")
end
end
context "with project" do
let(:params) { { text: text, gfm: true, project: project.full_path } }
2022-04-04 11:22:00 +05:30
let(:user) { project.first_owner }
2018-11-08 19:23:39 +05:30
it "renders markdown text" do
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:created)
2018-11-08 19:23:39 +05:30
expect(response.headers["Content-Type"]).to eq("application/json")
expect(json_response).to be_a(Hash)
expect(json_response["html"]).to include("Hello world!")
.and include('data-name="tada"')
.and include('data-name="100"')
2020-06-23 00:09:42 +05:30
.and include("<a href=\"#{issue_url}\"")
2018-11-08 19:23:39 +05:30
.and include("#1</a>")
end
end
context 'with a public project and confidential issue' do
2020-06-23 00:09:42 +05:30
let(:public_project) { create(:project, :public) }
let(:issue) { create(:issue, :confidential, project: public_project, title: 'Confidential title') }
2018-11-08 19:23:39 +05:30
2020-06-23 00:09:42 +05:30
let(:text) { ":tada: Hello world! :100: #{issue.to_reference}" }
2018-11-08 19:23:39 +05:30
let(:params) { { text: text, gfm: true, project: public_project.full_path } }
shared_examples 'user without proper access' do
it 'does not render the title or link' do
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:created)
2018-11-08 19:23:39 +05:30
expect(json_response["html"]).not_to include('Confidential title')
expect(json_response["html"]).not_to include('<a href=')
expect(json_response["html"]).to include('Hello world!')
.and include('data-name="tada"')
.and include('data-name="100"')
.and include('#1</p>')
end
end
context 'when not logged in' do
2022-08-27 11:52:29 +05:30
let(:user) {}
let(:disable_authenticate_markdown_api) { true }
2018-11-08 19:23:39 +05:30
it_behaves_like 'user without proper access'
end
context 'when logged in as user without access' do
it_behaves_like 'user without proper access'
end
context 'when logged in as author' do
2020-06-23 00:09:42 +05:30
let(:user) { issue.author }
2018-11-08 19:23:39 +05:30
it 'renders the title or link' do
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:created)
2018-11-08 19:23:39 +05:30
expect(json_response["html"]).to include('Confidential title')
expect(json_response["html"]).to include('Hello world!')
.and include('data-name="tada"')
.and include('data-name="100"')
2020-06-23 00:09:42 +05:30
.and include("<a href=\"#{issue_url}\"")
2018-11-08 19:23:39 +05:30
.and include("#1</a>")
end
end
end
2022-05-03 16:02:30 +05:30
context 'with a public project and issues only for team members' do
let(:public_project) do
create(:project, :public).tap do |project|
project.project_feature.update_attribute(:issues_access_level, ProjectFeature::PRIVATE)
end
end
let(:issue) { create(:issue, project: public_project, title: 'Team only title') }
let(:text) { "#{issue.to_reference}" }
let(:params) { { text: text, gfm: true, project: public_project.full_path } }
shared_examples 'user without proper access' do
it 'does not render the title' do
expect(response).to have_gitlab_http_status(:created)
expect(json_response["html"]).not_to include('Team only title')
end
end
2022-08-27 11:52:29 +05:30
context 'when not logged in and authenticate_markdown_api turned off' do
let(:user) {}
let(:disable_authenticate_markdown_api) { true }
2022-05-03 16:02:30 +05:30
it_behaves_like 'user without proper access'
end
context 'when logged in as user without access' do
let(:user) { create(:user) }
it_behaves_like 'user without proper access'
end
context 'when logged in as author' do
let(:user) { issue.author }
it 'renders the title or link' do
expect(response).to have_gitlab_http_status(:created)
expect(json_response["html"]).to include('Team only title')
end
end
end
2018-11-08 19:23:39 +05:30
end
end
end
end