debian-mirror-gitlab/spec/requests/api/graphql/mutations/snippets/create_spec.rb

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe 'Creating a Snippet' do
  include GraphqlHelpers

  let_it_be(:user) { create(:user) }
  let_it_be(:project) { create(:project) }

  let(:description) { 'Initial description' }
  let(:title) { 'Initial title' }
  let(:visibility_level) { 'public' }
  let(:action) { :create }
  let(:file_1) { { filePath: 'example_file1', content: 'This is the example file 1' }}
  let(:file_2) { { filePath: 'example_file2', content: 'This is the example file 2' }}
  let(:actions) { [{ action: action }.merge(file_1), { action: action }.merge(file_2)] }
  let(:project_path) { nil }
  let(:uploaded_files) { nil }
  let(:spam_mutation_vars) { {} }
  let(:mutation_vars) do
    {
      description: description,
      visibility_level: visibility_level,
      title: title,
      project_path: project_path,
      uploaded_files: uploaded_files,
      blob_actions: actions
    }.merge(spam_mutation_vars)
  end

  let(:mutation) do
    graphql_mutation(:create_snippet, mutation_vars)
  end

  def mutation_response
    graphql_mutation_response(:create_snippet)
  end

  subject { post_graphql_mutation(mutation, current_user: current_user) }

  context 'when the user does not have permission' do
    let(:current_user) { nil }

    it_behaves_like 'a mutation that returns top-level errors',
                    errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]

    it 'does not create the Snippet' do
      expect do
        subject
      end.not_to change { Snippet.count }
    end

    context 'when user is not authorized in the project' do
      let(:project_path) { project.full_path }

      it 'does not create the snippet when the user is not authorized' do
        expect do
          subject
        end.not_to change { Snippet.count }
      end
    end
  end

  context 'when the user has permission' do
    let(:current_user) { user }

    shared_examples 'does not create snippet' do
      it 'does not create the Snippet' do
        expect do
          subject
        end.not_to change { Snippet.count }
      end

      it 'does not return Snippet' do
        subject

        expect(mutation_response['snippet']).to be_nil
      end

      context 'when snippet_spam flag is disabled' do
        before do
          stub_feature_flags(snippet_spam: false)
        end

        it 'passes disable_spam_action_service param to service' do
          expect(::Snippets::CreateService)
            .to receive(:new)
                  .with(anything, anything, hash_including(disable_spam_action_service: true))
                  .and_call_original

          subject
        end
      end
    end

    shared_examples 'creates snippet' do
      it 'returns the created Snippet', :aggregate_failures do
        expect do
          subject
        end.to change { Snippet.count }.by(1)

        snippet = Snippet.last
        created_file_1 = snippet.repository.blob_at('HEAD', file_1[:filePath])
        created_file_2 = snippet.repository.blob_at('HEAD', file_2[:filePath])

        expect(created_file_1.data).to match(file_1[:content])
        expect(created_file_2.data).to match(file_2[:content])
        expect(mutation_response['snippet']['title']).to eq(title)
        expect(mutation_response['snippet']['description']).to eq(description)
        expect(mutation_response['snippet']['visibilityLevel']).to eq(visibility_level)
      end

      context 'when action is invalid' do
        let(:file_1) { { filePath: 'example_file1' } }

        it_behaves_like 'a mutation that returns errors in the response', errors: ['Snippet actions have invalid data']
        it_behaves_like 'does not create snippet'
      end

      it_behaves_like 'snippet edit usage data counters'

      it_behaves_like 'a mutation which can mutate a spammable' do
        let(:captcha_response) { 'abc123' }
        let(:spam_log_id) { 1234 }
        let(:spam_mutation_vars) do
          {
            captcha_response: captcha_response,
            spam_log_id: spam_log_id
          }
        end

        let(:service) { Snippets::CreateService }
      end
    end

    context 'with PersonalSnippet' do
      it_behaves_like 'creates snippet'
    end

    context 'with ProjectSnippet' do
      let(:project_path) { project.full_path }

      before do
        project.add_developer(current_user)
      end

      it_behaves_like 'creates snippet'

      context 'when the project path is invalid' do
        let(:project_path) { 'foobar' }

        it_behaves_like 'a mutation that returns top-level errors',
                        errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
      end

      context 'when the feature is disabled' do
        before do
          project.project_feature.update_attribute(:snippets_access_level, ProjectFeature::DISABLED)
        end

        it_behaves_like 'a mutation that returns top-level errors',
                        errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
      end

      it_behaves_like 'snippet edit usage data counters'
    end

    context 'when there are ActiveRecord validation errors' do
      let(:title) { '' }

      it_behaves_like 'a mutation that returns errors in the response', errors: ["Title can't be blank"]
      it_behaves_like 'does not create snippet'
    end

    context 'when there non ActiveRecord errors' do
      let(:file_1) { { filePath: 'invalid://file/path', content: 'foobar' }}

      it_behaves_like 'a mutation that returns errors in the response', errors: ['Repository Error creating the snippet - Invalid file name']
      it_behaves_like 'does not create snippet'
    end

    context 'when there are uploaded files' do
      shared_examples 'expected files argument' do |file_value, expected_value|
        let(:uploaded_files) { file_value }
        let(:snippet) { build(:snippet) }
        let(:creation_response) do
          ::ServiceResponse.error(message: 'urk', payload: { snippet: snippet })
        end

        it do
          expect(::Snippets::CreateService).to receive(:new)
            .with(nil, user, hash_including(files: expected_value))
            .and_return(double(execute: creation_response))

          subject
        end
      end

      it_behaves_like 'expected files argument', nil, nil
      it_behaves_like 'expected files argument', %w(foo bar), %w(foo bar)
      it_behaves_like 'expected files argument', 'foo', %w(foo)

      context 'when files has an invalid value' do
        let(:uploaded_files) { [1] }

        it 'returns an error' do
          subject

          expect(json_response['errors']).to be
        end
      end
    end
  end
end
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`# frozen_string_literal: true`

			`require 'spec_helper'`

New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`RSpec.describe 'Creating a Snippet' do`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`include GraphqlHelpers`

			`let_it_be(:user) { create(:user) }`
			`let_it_be(:project) { create(:project) }`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`let(:description) { 'Initial description' }`
			`let(:title) { 'Initial title' }`
			`let(:visibility_level) { 'public' }`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`let(:action) { :create }`
			`let(:file_1) { { filePath: 'example_file1', content: 'This is the example file 1' }}`
			`let(:file_2) { { filePath: 'example_file2', content: 'This is the example file 2' }}`
			`let(:actions) { [{ action: action }.merge(file_1), { action: action }.merge(file_2)] }`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`let(:project_path) { nil }`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`let(:uploaded_files) { nil }`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`let(:spam_mutation_vars) { {} }`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`let(:mutation_vars) do`
			`{`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`description: description,`
			`visibility_level: visibility_level,`
			`title: title,`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`project_path: project_path,`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`uploaded_files: uploaded_files,`
			`blob_actions: actions`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`}.merge(spam_mutation_vars)`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`end`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`let(:mutation) do`
			`graphql_mutation(:create_snippet, mutation_vars)`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`end`

			`def mutation_response`
			`graphql_mutation_response(:create_snippet)`
			`end`

New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`subject { post_graphql_mutation(mutation, current_user: current_user) }`

New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`context 'when the user does not have permission' do`
			`let(:current_user) { nil }`

			`it_behaves_like 'a mutation that returns top-level errors',`
			`errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]`

			`it 'does not create the Snippet' do`
			`expect do`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`subject`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`end.not_to change { Snippet.count }`
			`end`

			`context 'when user is not authorized in the project' do`
			`let(:project_path) { project.full_path }`

			`it 'does not create the snippet when the user is not authorized' do`
			`expect do`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`subject`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`end.not_to change { Snippet.count }`
			`end`
			`end`
			`end`

			`context 'when the user has permission' do`
			`let(:current_user) { user }`

New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`shared_examples 'does not create snippet' do`
			`it 'does not create the Snippet' do`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`expect do`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`subject`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`end.not_to change { Snippet.count }`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`end`

New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`it 'does not return Snippet' do`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`subject`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`expect(mutation_response['snippet']).to be_nil`
			`end`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`context 'when snippet_spam flag is disabled' do`
			`before do`
			`stub_feature_flags(snippet_spam: false)`
			`end`

			`it 'passes disable_spam_action_service param to service' do`
			`expect(::Snippets::CreateService)`
			`.to receive(:new)`
			`.with(anything, anything, hash_including(disable_spam_action_service: true))`
			`.and_call_original`

			`subject`
			`end`
			`end`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`end`

			`shared_examples 'creates snippet' do`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`it 'returns the created Snippet', :aggregate_failures do`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`expect do`
			`subject`
			`end.to change { Snippet.count }.by(1)`

New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`snippet = Snippet.last`
			`created_file_1 = snippet.repository.blob_at('HEAD', file_1[:filePath])`
			`created_file_2 = snippet.repository.blob_at('HEAD', file_2[:filePath])`

			`expect(created_file_1.data).to match(file_1[:content])`
			`expect(created_file_2.data).to match(file_2[:content])`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`expect(mutation_response['snippet']['title']).to eq(title)`
			`expect(mutation_response['snippet']['description']).to eq(description)`
			`expect(mutation_response['snippet']['visibilityLevel']).to eq(visibility_level)`
			`end`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30
			`context 'when action is invalid' do`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`let(:file_1) { { filePath: 'example_file1' } }`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30
			`it_behaves_like 'a mutation that returns errors in the response', errors: ['Snippet actions have invalid data']`
			`it_behaves_like 'does not create snippet'`
			`end`

			`it_behaves_like 'snippet edit usage data counters'`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30
			`it_behaves_like 'a mutation which can mutate a spammable' do`
			`let(:captcha_response) { 'abc123' }`
			`let(:spam_log_id) { 1234 }`
			`let(:spam_mutation_vars) do`
			`{`
			`captcha_response: captcha_response,`
			`spam_log_id: spam_log_id`
			`}`
			`end`

New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`let(:service) { Snippets::CreateService }`
			`end`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`end`

			`context 'with PersonalSnippet' do`
			`it_behaves_like 'creates snippet'`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`end`

			`context 'with ProjectSnippet' do`
			`let(:project_path) { project.full_path }`

			`before do`
			`project.add_developer(current_user)`
			`end`

New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`it_behaves_like 'creates snippet'`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30
			`context 'when the project path is invalid' do`
			`let(:project_path) { 'foobar' }`

New upstream version 13.1.0 2020-06-23 00:09:42 +05:30			`it_behaves_like 'a mutation that returns top-level errors',`
			`errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`end`

			`context 'when the feature is disabled' do`
New upstream version 13.1.0 2020-06-23 00:09:42 +05:30			`before do`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`project.project_feature.update_attribute(:snippets_access_level, ProjectFeature::DISABLED)`
			`end`
New upstream version 13.1.0 2020-06-23 00:09:42 +05:30
			`it_behaves_like 'a mutation that returns top-level errors',`
			`errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`end`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`it_behaves_like 'snippet edit usage data counters'`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`end`

New upstream version 13.1.0 2020-06-23 00:09:42 +05:30			`context 'when there are ActiveRecord validation errors' do`
			`let(:title) { '' }`

			`it_behaves_like 'a mutation that returns errors in the response', errors: ["Title can't be blank"]`
			`it_behaves_like 'does not create snippet'`
			`end`

			`context 'when there non ActiveRecord errors' do`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`let(:file_1) { { filePath: 'invalid://file/path', content: 'foobar' }}`
New upstream version 13.1.0 2020-06-23 00:09:42 +05:30
			`it_behaves_like 'a mutation that returns errors in the response', errors: ['Repository Error creating the snippet - Invalid file name']`
			`it_behaves_like 'does not create snippet'`
			`end`

			`context 'when there are uploaded files' do`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`shared_examples 'expected files argument' do \|file_value, expected_value\|`
			`let(:uploaded_files) { file_value }`
New upstream version 13.7.7 2021-02-22 17:27:13 +05:30			`let(:snippet) { build(:snippet) }`
			`let(:creation_response) do`
			`::ServiceResponse.error(message: 'urk', payload: { snippet: snippet })`
			`end`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30
			`it do`
New upstream version 13.7.7 2021-02-22 17:27:13 +05:30			`expect(::Snippets::CreateService).to receive(:new)`
			`.with(nil, user, hash_including(files: expected_value))`
			`.and_return(double(execute: creation_response))`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30
			`subject`
			`end`
			`end`

			`it_behaves_like 'expected files argument', nil, nil`
			`it_behaves_like 'expected files argument', %w(foo bar), %w(foo bar)`
			`it_behaves_like 'expected files argument', 'foo', %w(foo)`

			`context 'when files has an invalid value' do`
			`let(:uploaded_files) { [1] }`

			`it 'returns an error' do`
			`subject`

			`expect(json_response['errors']).to be`
			`end`
			`end`
			`end`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`end`
			`end`