diff options
author | Heinrich Lee Yu <heinrich@gitlab.com> | 2019-04-19 14:50:54 +0800 |
---|---|---|
committer | Heinrich Lee Yu <heinrich@gitlab.com> | 2019-04-23 08:42:04 +0800 |
commit | ff627511c0135fcb4f482104d8b25936c31196da (patch) | |
tree | 1e9af883f08133431ef3d3db14ac61434a89fca7 /spec/controllers/concerns | |
parent | 46bdbc5d776a0438366426e0ef48911123311744 (diff) | |
download | gitlab-ce-ff627511c0135fcb4f482104d8b25936c31196da.tar.gz |
Add label_name as scalar param of IssuableFinder60569-timeline-entry-label-link-is-not-applying-the-filter-on-issues
This was removed by a previous MR but broke some links
Diffstat (limited to 'spec/controllers/concerns')
-rw-r--r-- | spec/controllers/concerns/issuable_collections_spec.rb | 110 |
1 files changed, 68 insertions, 42 deletions
diff --git a/spec/controllers/concerns/issuable_collections_spec.rb b/spec/controllers/concerns/issuable_collections_spec.rb index f9d15d04719..fb2cd5ca955 100644 --- a/spec/controllers/concerns/issuable_collections_spec.rb +++ b/spec/controllers/concerns/issuable_collections_spec.rb @@ -108,51 +108,77 @@ describe IssuableCollections do end describe '#finder_options' do - let(:params) do - { - assignee_id: '1', - assignee_username: 'user1', - author_id: '2', - author_username: 'user2', - authorized_only: 'yes', - confidential: true, - due_date: '2017-01-01', - group_id: '3', - iids: '4', - label_name: ['foo'], - milestone_title: 'bar', - my_reaction_emoji: 'thumbsup', - non_archived: 'true', - project_id: '5', - scope: 'all', - search: 'baz', - sort: 'priority', - state: 'opened', - invalid_param: 'invalid_param' - } - end - - it 'only allows whitelisted params' do + before do allow(controller).to receive(:cookies).and_return({}) allow(controller).to receive(:current_user).and_return(nil) + end + + subject { controller.send(:finder_options).to_h } + + context 'scalar params' do + let(:params) do + { + assignee_id: '1', + assignee_username: 'user1', + author_id: '2', + author_username: 'user2', + authorized_only: 'yes', + confidential: true, + due_date: '2017-01-01', + group_id: '3', + iids: '4', + label_name: 'foo', + milestone_title: 'bar', + my_reaction_emoji: 'thumbsup', + non_archived: 'true', + project_id: '5', + scope: 'all', + search: 'baz', + sort: 'priority', + state: 'opened', + invalid_param: 'invalid_param' + } + end + + it 'only allows whitelisted params' do + is_expected.to include({ + 'assignee_id' => '1', + 'assignee_username' => 'user1', + 'author_id' => '2', + 'author_username' => 'user2', + 'confidential' => true, + 'label_name' => 'foo', + 'milestone_title' => 'bar', + 'my_reaction_emoji' => 'thumbsup', + 'due_date' => '2017-01-01', + 'scope' => 'all', + 'search' => 'baz', + 'sort' => 'priority', + 'state' => 'opened' + }) + + is_expected.not_to include('invalid_param') + end + end + + context 'array params' do + let(:params) do + { + assignee_username: %w[user1 user2], + label_name: %w[label1 label2], + invalid_param: 'invalid_param', + invalid_array: ['param'] + } + end + + it 'only allows whitelisted params' do + is_expected.to include({ + 'label_name' => %w[label1 label2], + 'assignee_username' => %w[user1 user2] + }) - finder_options = controller.send(:finder_options) - - expect(finder_options).to eq(ActionController::Parameters.new({ - 'assignee_id' => '1', - 'assignee_username' => 'user1', - 'author_id' => '2', - 'author_username' => 'user2', - 'confidential' => true, - 'label_name' => ['foo'], - 'milestone_title' => 'bar', - 'my_reaction_emoji' => 'thumbsup', - 'due_date' => '2017-01-01', - 'scope' => 'all', - 'search' => 'baz', - 'sort' => 'priority', - 'state' => 'opened' - }).permit!) + is_expected.not_to include('invalid_param', 'invalid_array') + end end end end |