134 lines
4.3 KiB
Ruby
134 lines
4.3 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe Projects::MergeRequestsController, feature_category: :source_code_management do
|
|
let_it_be(:merge_request) { create(:merge_request) }
|
|
let_it_be(:project) { merge_request.project }
|
|
let_it_be(:user) { merge_request.author }
|
|
|
|
describe 'GET #show' do
|
|
let_it_be(:group) { create(:group) }
|
|
let_it_be(:user) { create(:user) }
|
|
let_it_be(:project) { create(:project, :public, group: group) }
|
|
|
|
let(:merge_request) { create :merge_request, source_project: project, author: user }
|
|
|
|
context 'when logged in' do
|
|
before do
|
|
login_as(user)
|
|
end
|
|
|
|
it_behaves_like "observability csp policy", described_class do
|
|
let(:tested_path) do
|
|
project_merge_request_path(project, merge_request)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when the author of the merge request is banned', feature_category: :insider_threat do
|
|
let_it_be(:user) { create(:user, :banned) }
|
|
|
|
subject { response }
|
|
|
|
before do
|
|
get project_merge_request_path(project, merge_request)
|
|
end
|
|
|
|
it { is_expected.to have_gitlab_http_status(:not_found) }
|
|
end
|
|
end
|
|
|
|
describe 'GET #index' do
|
|
let_it_be(:public_project) { create(:project, :public) }
|
|
|
|
it_behaves_like 'rate limited endpoint', rate_limit_key: :search_rate_limit do
|
|
let_it_be(:current_user) { user }
|
|
|
|
before do
|
|
sign_in current_user
|
|
end
|
|
|
|
def request
|
|
get project_merge_requests_path(public_project), params: { scope: 'all', search: 'test' }
|
|
end
|
|
end
|
|
|
|
it_behaves_like 'rate limited endpoint', rate_limit_key: :search_rate_limit_unauthenticated do
|
|
def request
|
|
get project_merge_requests_path(public_project), params: { scope: 'all', search: 'test' }
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'GET #discussions' do
|
|
let_it_be(:discussion) { create(:discussion_note_on_merge_request, noteable: merge_request, project: project) }
|
|
let_it_be(:discussion_reply) do
|
|
create(:discussion_note_on_merge_request, noteable: merge_request, project: project, in_reply_to: discussion)
|
|
end
|
|
|
|
let_it_be(:state_event) { create(:resource_state_event, merge_request: merge_request) }
|
|
let_it_be(:discussion_2) { create(:discussion_note_on_merge_request, noteable: merge_request, project: project) }
|
|
let_it_be(:discussion_3) { create(:diff_note_on_merge_request, noteable: merge_request, project: project) }
|
|
|
|
before do
|
|
login_as(user)
|
|
end
|
|
|
|
context 'pagination' do
|
|
def get_discussions(**params)
|
|
get discussions_project_merge_request_path(project, merge_request, params: params.merge(format: :json))
|
|
end
|
|
|
|
it 'returns paginated notes and cursor based on per_page param' do
|
|
get_discussions(per_page: 2)
|
|
|
|
discussions = Gitlab::Json.parse(response.body)
|
|
notes = discussions.flat_map { |d| d['notes'] }
|
|
|
|
expect(discussions.count).to eq(2)
|
|
expect(notes).to match(
|
|
[
|
|
a_hash_including('id' => discussion.id.to_s),
|
|
a_hash_including('id' => discussion_reply.id.to_s),
|
|
a_hash_including('type' => 'StateNote')
|
|
])
|
|
|
|
cursor = response.header['X-Next-Page-Cursor']
|
|
expect(cursor).to be_present
|
|
|
|
get_discussions(per_page: 1, cursor: cursor)
|
|
|
|
discussions = Gitlab::Json.parse(response.body)
|
|
notes = discussions.flat_map { |d| d['notes'] }
|
|
|
|
expect(discussions.count).to eq(1)
|
|
expect(notes).to match([a_hash_including('id' => discussion_2.id.to_s)])
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'token authentication' do
|
|
context 'when public project' do
|
|
let_it_be(:public_project) { create(:project, :public) }
|
|
|
|
it_behaves_like 'authenticates sessionless user for the request spec', 'index atom', public_resource: true do
|
|
let(:url) { project_merge_requests_url(public_project, format: :atom) }
|
|
end
|
|
end
|
|
|
|
context 'when private project' do
|
|
let_it_be(:private_project) { create(:project, :private) }
|
|
|
|
it_behaves_like 'authenticates sessionless user for the request spec', 'index atom',
|
|
public_resource: false,
|
|
ignore_metrics: true do
|
|
let(:url) { project_merge_requests_url(private_project, format: :atom) }
|
|
|
|
before do
|
|
private_project.add_maintainer(user)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|