debian-mirror-gitlab/spec/requests/api/graphql/mutations/snippets/update_spec.rb
2021-03-11 19:13:27 +05:30

208 lines
6.3 KiB
Ruby

# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'Updating a Snippet' do
include GraphqlHelpers
let_it_be(:original_content) { 'Initial content' }
let_it_be(:original_description) { 'Initial description' }
let_it_be(:original_title) { 'Initial title' }
let_it_be(:original_file_name) { 'Initial file_name' }
let(:updated_content) { 'Updated content' }
let(:updated_description) { 'Updated description' }
let(:updated_title) { 'Updated_title' }
let(:current_user) { snippet.author }
let(:updated_file) { 'CHANGELOG' }
let(:deleted_file) { 'README' }
let(:snippet_gid) { GitlabSchema.id_from_object(snippet).to_s }
let(:spam_mutation_vars) { {} }
let(:mutation_vars) do
{
id: snippet_gid,
description: updated_description,
visibility_level: 'public',
title: updated_title,
blob_actions: [
{ action: :update, filePath: updated_file, content: updated_content },
{ action: :delete, filePath: deleted_file }
]
}.merge(spam_mutation_vars)
end
let(:mutation) do
graphql_mutation(:update_snippet, mutation_vars)
end
def mutation_response
graphql_mutation_response(:update_snippet)
end
subject { post_graphql_mutation(mutation, current_user: current_user) }
shared_examples 'graphql update actions' do
context 'when the user does not have permission' do
let(:current_user) { create(:user) }
it_behaves_like 'a mutation that returns top-level errors',
errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
it 'does not update the Snippet' do
expect do
subject
end.not_to change { snippet.reload }
end
end
context 'when the user has permission' do
it 'updates the snippet record' do
subject
expect(snippet.reload.title).to eq(updated_title)
end
it 'updates the Snippet' do
blob_to_update = blob_at(updated_file)
blob_to_delete = blob_at(deleted_file)
expect(blob_to_update.data).not_to eq updated_content
expect(blob_to_delete).to be_present
subject
blob_to_update = blob_at(updated_file)
blob_to_delete = blob_at(deleted_file)
aggregate_failures do
expect(blob_to_update.data).to eq updated_content
expect(blob_to_delete).to be_nil
expect(mutation_response['snippet']['title']).to eq(updated_title)
expect(mutation_response['snippet']['description']).to eq(updated_description)
expect(mutation_response['snippet']['visibilityLevel']).to eq('public')
end
end
context 'when snippet_spam flag is disabled' do
before do
stub_feature_flags(snippet_spam: false)
end
it 'passes disable_spam_action_service param to service' do
expect(::Snippets::UpdateService)
.to receive(:new)
.with(anything, anything, hash_including(disable_spam_action_service: true))
.and_call_original
subject
end
end
context 'when there are ActiveRecord validation errors' do
let(:updated_title) { '' }
it_behaves_like 'a mutation that returns errors in the response', errors: ["Title can't be blank"]
it 'does not update the Snippet' do
subject
expect(snippet.reload.title).to eq(original_title)
end
it 'returns the Snippet with its original values' do
blob_to_update = blob_at(updated_file)
blob_to_delete = blob_at(deleted_file)
subject
aggregate_failures do
expect(blob_at(updated_file).data).to eq blob_to_update.data
expect(blob_at(deleted_file).data).to eq blob_to_delete.data
expect(mutation_response['snippet']['title']).to eq(original_title)
expect(mutation_response['snippet']['description']).to eq(original_description)
expect(mutation_response['snippet']['visibilityLevel']).to eq('private')
end
end
end
it_behaves_like 'a mutation which can mutate a spammable' do
let(:captcha_response) { 'abc123' }
let(:spam_log_id) { 1234 }
let(:spam_mutation_vars) do
{
captcha_response: captcha_response,
spam_log_id: spam_log_id
}
end
let(:service) { Snippets::UpdateService }
end
def blob_at(filename)
snippet.repository.blob_at('HEAD', filename)
end
end
end
describe 'PersonalSnippet' do
let(:snippet) do
create(:personal_snippet,
:private,
:repository,
file_name: original_file_name,
title: original_title,
content: original_content,
description: original_description)
end
it_behaves_like 'graphql update actions'
it_behaves_like 'when the snippet is not found'
it_behaves_like 'snippet edit usage data counters'
end
describe 'ProjectSnippet' do
let_it_be(:project) { create(:project, :private) }
let(:snippet) do
create(:project_snippet,
:private,
:repository,
project: project,
author: create(:user),
file_name: original_file_name,
title: original_title,
content: original_content,
description: original_description)
end
context 'when the author is not a member of the project' do
it 'returns an an error' do
subject
errors = json_response['errors']
expect(errors.first['message']).to eq(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
end
end
context 'when the author is a member of the project' do
before do
project.add_developer(current_user)
end
it_behaves_like 'graphql update actions'
context 'when the snippet project feature is disabled' do
it 'returns an an error' do
project.project_feature.update_attribute(:snippets_access_level, ProjectFeature::DISABLED)
subject
errors = json_response['errors']
expect(errors.first['message']).to eq(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR)
end
end
it_behaves_like 'snippet edit usage data counters'
end
it_behaves_like 'when the snippet is not found'
end
end