Add latest changes from gitlab-org/gitlab@13-0-stable-ee

2 files changed, 83 insertions, 0 deletions

diff --git a/spec/channels/application_cable/connection_spec.rb b/spec/channels/application_cable/connection_spec.rb
new file mode 100644
index 00000000000..f3d67133528
--- /dev/null
+++ b/spec/channels/application_cable/connection_spec.rb
@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe ApplicationCable::Connection, :clean_gitlab_redis_shared_state do
+  let(:session_id) { Rack::Session::SessionId.new('6919a6f1bb119dd7396fadc38fd18d0d') }
+
+  before do
+    Gitlab::Redis::SharedState.with do |redis|
+      redis.set("session:gitlab:#{session_id.private_id}", Marshal.dump(session_hash))
+    end
+
+    cookies[Gitlab::Application.config.session_options[:key]] = session_id.public_id
+  end
+
+  context 'when user is logged in' do
+    let(:user) { create(:user) }
+    let(:session_hash) { { 'warden.user.user.key' => [[user.id], user.encrypted_password[0, 29]] } }
+
+    it 'sets current_user' do
+      connect
+
+      expect(connection.current_user).to eq(user)
+    end
+
+    context 'with a stale password' do
+      let(:partial_password_hash) { build(:user, password: 'some_old_password').encrypted_password[0, 29] }
+      let(:session_hash) { { 'warden.user.user.key' => [[user.id], partial_password_hash] } }
+
+      it 'sets current_user to nil' do
+        connect
+
+        expect(connection.current_user).to be_nil
+      end
+    end
+  end
+
+  context 'when user is not logged in' do
+    let(:session_hash) { {} }
+
+    it 'sets current_user to nil' do
+      connect
+
+      expect(connection.current_user).to be_nil
+    end
+  end
+end
diff --git a/spec/channels/issues_channel_spec.rb b/spec/channels/issues_channel_spec.rb
new file mode 100644
index 00000000000..1c88cc73456
--- /dev/null
+++ b/spec/channels/issues_channel_spec.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe IssuesChannel do
+  let_it_be(:issue) { create(:issue) }
+
+  it 'rejects when project path is invalid' do
+    subscribe(project_path: 'invalid_project_path', iid: issue.iid)
+
+    expect(subscription).to be_rejected
+  end
+
+  it 'rejects when iid is invalid' do
+    subscribe(project_path: issue.project.full_path, iid: non_existing_record_iid)
+
+    expect(subscription).to be_rejected
+  end
+
+  it 'rejects when the user does not have access' do
+    stub_connection current_user: nil
+
+    subscribe(project_path: issue.project.full_path, iid: issue.iid)
+
+    expect(subscription).to be_rejected
+  end
+
+  it 'subscribes to a stream when the user has access' do
+    stub_connection current_user: issue.author
+
+    subscribe(project_path: issue.project.full_path, iid: issue.iid)
+
+    expect(subscription).to be_confirmed
+    expect(subscription).to have_stream_for(issue)
+  end
+end