2019-07-31 22:56:46 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-06-02 11:05:42 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
describe Projects::SnippetsController do
|
2016-09-29 09:46:39 +05:30
|
|
|
let(:project) { create(:project_empty_repo, :public) }
|
2016-06-02 11:05:42 +05:30
|
|
|
let(:user) { create(:user) }
|
|
|
|
let(:user2) { create(:user) }
|
|
|
|
|
|
|
|
before do
|
2018-11-18 11:00:15 +05:30
|
|
|
project.add_maintainer(user)
|
|
|
|
project.add_maintainer(user2)
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
describe 'GET #index' do
|
2019-12-04 20:38:33 +05:30
|
|
|
it_behaves_like 'paginated collection' do
|
|
|
|
let(:collection) { project.snippets }
|
|
|
|
let(:params) do
|
|
|
|
{
|
|
|
|
namespace_id: project.namespace,
|
|
|
|
project_id: project
|
|
|
|
}
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
2019-12-04 20:38:33 +05:30
|
|
|
before do
|
|
|
|
create(:project_snippet, :public, project: project, author: user)
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-06-02 11:05:42 +05:30
|
|
|
context 'when the project snippet is private' do
|
|
|
|
let!(:project_snippet) { create(:project_snippet, :private, project: project, author: user) }
|
|
|
|
|
|
|
|
context 'when anonymous' do
|
|
|
|
it 'does not include the private snippet' do
|
2019-02-15 15:39:39 +05:30
|
|
|
get :index, params: { namespace_id: project.namespace, project_id: project }
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
expect(assigns(:snippets)).not_to include(project_snippet)
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(response).to have_gitlab_http_status(200)
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when signed in as the author' do
|
2017-09-10 17:25:29 +05:30
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
it 'renders the snippet' do
|
2019-02-15 15:39:39 +05:30
|
|
|
get :index, params: { namespace_id: project.namespace, project_id: project }
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
expect(assigns(:snippets)).to include(project_snippet)
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(response).to have_gitlab_http_status(200)
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when signed in as a project member' do
|
2017-09-10 17:25:29 +05:30
|
|
|
before do
|
|
|
|
sign_in(user2)
|
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
it 'renders the snippet' do
|
2019-02-15 15:39:39 +05:30
|
|
|
get :index, params: { namespace_id: project.namespace, project_id: project }
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
expect(assigns(:snippets)).to include(project_snippet)
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(response).to have_gitlab_http_status(200)
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
describe 'POST #create' do
|
|
|
|
def create_snippet(project, snippet_params = {}, additional_params = {})
|
|
|
|
sign_in(user)
|
|
|
|
|
|
|
|
project.add_developer(user)
|
|
|
|
|
2019-02-15 15:39:39 +05:30
|
|
|
post :create, params: {
|
2017-08-17 22:00:37 +05:30
|
|
|
namespace_id: project.namespace.to_param,
|
|
|
|
project_id: project,
|
2017-09-10 17:25:29 +05:30
|
|
|
project_snippet: { title: 'Title', content: 'Content', description: 'Description' }.merge(snippet_params)
|
2017-08-17 22:00:37 +05:30
|
|
|
}.merge(additional_params)
|
2017-09-10 17:25:29 +05:30
|
|
|
|
|
|
|
Snippet.last
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates the snippet correctly' do
|
|
|
|
snippet = create_snippet(project, visibility_level: Snippet::PRIVATE)
|
|
|
|
|
|
|
|
expect(snippet.title).to eq('Title')
|
|
|
|
expect(snippet.content).to eq('Content')
|
|
|
|
expect(snippet.description).to eq('Description')
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the snippet is spam' do
|
|
|
|
before do
|
2019-12-26 22:10:19 +05:30
|
|
|
allow_next_instance_of(AkismetService) do |instance|
|
|
|
|
allow(instance).to receive(:spam?).and_return(true)
|
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the snippet is private' do
|
|
|
|
it 'creates the snippet' do
|
2017-09-10 17:25:29 +05:30
|
|
|
expect { create_snippet(project, visibility_level: Snippet::PRIVATE) }
|
|
|
|
.to change { Snippet.count }.by(1)
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the snippet is public' do
|
|
|
|
it 'rejects the shippet' do
|
2017-09-10 17:25:29 +05:30
|
|
|
expect { create_snippet(project, visibility_level: Snippet::PUBLIC) }
|
|
|
|
.not_to change { Snippet.count }
|
2017-08-17 22:00:37 +05:30
|
|
|
expect(response).to render_template(:new)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates a spam log' do
|
2017-09-10 17:25:29 +05:30
|
|
|
expect { create_snippet(project, visibility_level: Snippet::PUBLIC) }
|
2019-12-21 20:55:43 +05:30
|
|
|
.to log_spam(title: 'Title', user_id: user.id, noteable_type: 'ProjectSnippet')
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders :new with recaptcha disabled' do
|
|
|
|
stub_application_setting(recaptcha_enabled: false)
|
|
|
|
|
|
|
|
create_snippet(project, visibility_level: Snippet::PUBLIC)
|
|
|
|
|
|
|
|
expect(response).to render_template(:new)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'recaptcha enabled' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(recaptcha_enabled: true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders :verify with recaptcha enabled' do
|
|
|
|
create_snippet(project, visibility_level: Snippet::PUBLIC)
|
|
|
|
|
|
|
|
expect(response).to render_template(:verify)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders snippet page when recaptcha verified' do
|
|
|
|
spammy_title = 'Whatever'
|
|
|
|
|
|
|
|
spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
|
|
|
|
create_snippet(project,
|
|
|
|
{ visibility_level: Snippet::PUBLIC },
|
|
|
|
{ spam_log_id: spam_logs.last.id,
|
|
|
|
recaptcha_verification: true })
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
expect(response).to redirect_to(project_snippet_path(project, Snippet.last))
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'PUT #update' do
|
|
|
|
let(:project) { create :project, :public }
|
|
|
|
let(:snippet) { create :project_snippet, author: user, project: project, visibility_level: visibility_level }
|
|
|
|
|
|
|
|
def update_snippet(snippet_params = {}, additional_params = {})
|
|
|
|
sign_in(user)
|
|
|
|
|
|
|
|
project.add_developer(user)
|
|
|
|
|
2019-02-15 15:39:39 +05:30
|
|
|
put :update, params: {
|
2017-08-17 22:00:37 +05:30
|
|
|
namespace_id: project.namespace.to_param,
|
|
|
|
project_id: project,
|
|
|
|
id: snippet.id,
|
|
|
|
project_snippet: { title: 'Title', content: 'Content' }.merge(snippet_params)
|
|
|
|
}.merge(additional_params)
|
|
|
|
|
|
|
|
snippet.reload
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the snippet is spam' do
|
|
|
|
before do
|
2019-12-26 22:10:19 +05:30
|
|
|
allow_next_instance_of(AkismetService) do |instance|
|
|
|
|
allow(instance).to receive(:spam?).and_return(true)
|
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the snippet is private' do
|
|
|
|
let(:visibility_level) { Snippet::PRIVATE }
|
|
|
|
|
|
|
|
it 'updates the snippet' do
|
2017-09-10 17:25:29 +05:30
|
|
|
expect { update_snippet(title: 'Foo') }
|
|
|
|
.to change { snippet.reload.title }.to('Foo')
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the snippet is public' do
|
|
|
|
let(:visibility_level) { Snippet::PUBLIC }
|
|
|
|
|
|
|
|
it 'rejects the shippet' do
|
2017-09-10 17:25:29 +05:30
|
|
|
expect { update_snippet(title: 'Foo') }
|
|
|
|
.not_to change { snippet.reload.title }
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates a spam log' do
|
2017-09-10 17:25:29 +05:30
|
|
|
expect { update_snippet(title: 'Foo') }
|
2019-12-21 20:55:43 +05:30
|
|
|
.to log_spam(title: 'Foo', user_id: user.id, noteable_type: 'ProjectSnippet')
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders :edit with recaptcha disabled' do
|
|
|
|
stub_application_setting(recaptcha_enabled: false)
|
|
|
|
|
|
|
|
update_snippet(title: 'Foo')
|
|
|
|
|
|
|
|
expect(response).to render_template(:edit)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'recaptcha enabled' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(recaptcha_enabled: true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders :verify with recaptcha enabled' do
|
|
|
|
update_snippet(title: 'Foo')
|
|
|
|
|
|
|
|
expect(response).to render_template(:verify)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders snippet page when recaptcha verified' do
|
|
|
|
spammy_title = 'Whatever'
|
|
|
|
|
|
|
|
spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
|
|
|
|
snippet = update_snippet({ title: spammy_title },
|
|
|
|
{ spam_log_id: spam_logs.last.id,
|
|
|
|
recaptcha_verification: true })
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
expect(response).to redirect_to(project_snippet_path(project, snippet))
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the private snippet is made public' do
|
|
|
|
let(:visibility_level) { Snippet::PRIVATE }
|
|
|
|
|
|
|
|
it 'rejects the shippet' do
|
2017-09-10 17:25:29 +05:30
|
|
|
expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) }
|
|
|
|
.not_to change { snippet.reload.title }
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates a spam log' do
|
2017-09-10 17:25:29 +05:30
|
|
|
expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) }
|
2019-12-21 20:55:43 +05:30
|
|
|
.to log_spam(title: 'Foo', user_id: user.id, noteable_type: 'ProjectSnippet')
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders :edit with recaptcha disabled' do
|
|
|
|
stub_application_setting(recaptcha_enabled: false)
|
|
|
|
|
|
|
|
update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC)
|
|
|
|
|
|
|
|
expect(response).to render_template(:edit)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'recaptcha enabled' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(recaptcha_enabled: true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders :verify with recaptcha enabled' do
|
|
|
|
update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC)
|
|
|
|
|
|
|
|
expect(response).to render_template(:verify)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders snippet page when recaptcha verified' do
|
|
|
|
spammy_title = 'Whatever'
|
|
|
|
|
|
|
|
spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
|
|
|
|
snippet = update_snippet({ title: spammy_title, visibility_level: Snippet::PUBLIC },
|
|
|
|
{ spam_log_id: spam_logs.last.id,
|
|
|
|
recaptcha_verification: true })
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
expect(response).to redirect_to(project_snippet_path(project, snippet))
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #mark_as_spam' do
|
|
|
|
let(:snippet) { create(:project_snippet, :private, project: project, author: user) }
|
|
|
|
|
|
|
|
before do
|
2019-12-26 22:10:19 +05:30
|
|
|
allow_next_instance_of(AkismetService) do |instance|
|
|
|
|
allow(instance).to receive_messages(submit_spam: true)
|
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
stub_application_setting(akismet_enabled: true)
|
|
|
|
end
|
|
|
|
|
|
|
|
def mark_as_spam
|
|
|
|
admin = create(:admin)
|
|
|
|
create(:user_agent_detail, subject: snippet)
|
2018-11-18 11:00:15 +05:30
|
|
|
project.add_maintainer(admin)
|
2017-08-17 22:00:37 +05:30
|
|
|
sign_in(admin)
|
|
|
|
|
|
|
|
post :mark_as_spam,
|
2019-02-15 15:39:39 +05:30
|
|
|
params: {
|
|
|
|
namespace_id: project.namespace,
|
|
|
|
project_id: project,
|
|
|
|
id: snippet.id
|
|
|
|
}
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'updates the snippet' do
|
|
|
|
mark_as_spam
|
|
|
|
|
|
|
|
expect(snippet.reload).not_to be_submittable_as_spam
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-06-02 11:05:42 +05:30
|
|
|
%w[show raw].each do |action|
|
|
|
|
describe "GET ##{action}" do
|
|
|
|
context 'when the project snippet is private' do
|
|
|
|
let(:project_snippet) { create(:project_snippet, :private, project: project, author: user) }
|
|
|
|
|
|
|
|
context 'when anonymous' do
|
|
|
|
it 'responds with status 404' do
|
2019-02-15 15:39:39 +05:30
|
|
|
get action, params: { namespace_id: project.namespace, project_id: project, id: project_snippet.to_param }
|
2016-06-02 11:05:42 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(response).to have_gitlab_http_status(404)
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when signed in as the author' do
|
2017-09-10 17:25:29 +05:30
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
it 'renders the snippet' do
|
2019-02-15 15:39:39 +05:30
|
|
|
get action, params: { namespace_id: project.namespace, project_id: project, id: project_snippet.to_param }
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
expect(assigns(:snippet)).to eq(project_snippet)
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(response).to have_gitlab_http_status(200)
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when signed in as a project member' do
|
2017-09-10 17:25:29 +05:30
|
|
|
before do
|
|
|
|
sign_in(user2)
|
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
it 'renders the snippet' do
|
2019-02-15 15:39:39 +05:30
|
|
|
get action, params: { namespace_id: project.namespace, project_id: project, id: project_snippet.to_param }
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
expect(assigns(:snippet)).to eq(project_snippet)
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(response).to have_gitlab_http_status(200)
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the project snippet does not exist' do
|
|
|
|
context 'when anonymous' do
|
|
|
|
it 'responds with status 404' do
|
2019-02-15 15:39:39 +05:30
|
|
|
get action, params: { namespace_id: project.namespace, project_id: project, id: 42 }
|
2016-06-02 11:05:42 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(response).to have_gitlab_http_status(404)
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when signed in' do
|
2017-09-10 17:25:29 +05:30
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
|
|
|
|
it 'responds with status 404' do
|
2019-02-15 15:39:39 +05:30
|
|
|
get action, params: { namespace_id: project.namespace, project_id: project, id: 42 }
|
2016-06-02 11:05:42 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
expect(response).to have_gitlab_http_status(404)
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2019-01-03 12:48:30 +05:30
|
|
|
describe "GET #show for embeddable content" do
|
|
|
|
let(:project_snippet) { create(:project_snippet, snippet_permission, project: project, author: user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
|
2019-02-15 15:39:39 +05:30
|
|
|
get :show, params: { namespace_id: project.namespace, project_id: project, id: project_snippet.to_param }, format: :js
|
2019-01-03 12:48:30 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'when snippet is private' do
|
|
|
|
let(:snippet_permission) { :private }
|
|
|
|
|
|
|
|
it 'responds with status 404' do
|
|
|
|
expect(response).to have_gitlab_http_status(404)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when snippet is public' do
|
|
|
|
let(:snippet_permission) { :public }
|
|
|
|
|
|
|
|
it 'responds with status 200' do
|
|
|
|
expect(assigns(:snippet)).to eq(project_snippet)
|
|
|
|
expect(response).to have_gitlab_http_status(200)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the project is private' do
|
|
|
|
let(:project) { create(:project_empty_repo, :private) }
|
|
|
|
|
|
|
|
context 'when snippet is public' do
|
|
|
|
let(:project_snippet) { create(:project_snippet, :public, project: project, author: user) }
|
|
|
|
|
|
|
|
it 'responds with status 404' do
|
|
|
|
expect(assigns(:snippet)).to eq(project_snippet)
|
|
|
|
expect(response).to have_gitlab_http_status(404)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
describe 'GET #raw' do
|
|
|
|
let(:project_snippet) do
|
|
|
|
create(
|
|
|
|
:project_snippet, :public,
|
|
|
|
project: project,
|
|
|
|
author: user,
|
|
|
|
content: "first line\r\nsecond line\r\nthird line"
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'CRLF line ending' do
|
|
|
|
let(:params) do
|
|
|
|
{
|
|
|
|
namespace_id: project.namespace,
|
|
|
|
project_id: project,
|
|
|
|
id: project_snippet.to_param
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns LF line endings by default' do
|
2019-02-15 15:39:39 +05:30
|
|
|
get :raw, params: params
|
2017-08-17 22:00:37 +05:30
|
|
|
|
|
|
|
expect(response.body).to eq("first line\nsecond line\nthird line")
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not convert line endings when parameter present' do
|
2019-02-15 15:39:39 +05:30
|
|
|
get :raw, params: params.merge(line_ending: :raw)
|
2017-08-17 22:00:37 +05:30
|
|
|
|
|
|
|
expect(response.body).to eq("first line\r\nsecond line\r\nthird line")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|