Check public snippets for spam

Apply the same spam checks to public snippets (either personal snippets that are public, or public snippets on public projects) as to issues on public projects.
author: Sean McGivern <sean@gitlab.com> 2017-02-01 18:15:59 +0000
committer: Sean McGivern <sean@gitlab.com> 2017-02-02 10:23:51 +0000
commit: c63194ce6f952173649d7de4038aa96348e90565 (patch)
tree: a9622e1e5ffc86bf35fc9556152cc03cf2841ef5 /spec/controllers
parent: f799585c41d801bc657f992adf3d4b201af927d2 (diff)
download: gitlab-ce-c63194ce6f952173649d7de4038aa96348e90565.tar.gz
2 files changed, 139 insertions, 0 deletions
diff --git a/spec/controllers/projects/snippets_controller_spec.rb b/spec/controllers/projects/snippets_controller_spec.rb
index 32b0e42c3cd..88e4f81f232 100644
--- a/spec/controllers/projects/snippets_controller_spec.rb
+++ b/spec/controllers/projects/snippets_controller_spec.rb
@@ -69,6 +69,86 @@ describe Projects::SnippetsController do
     end
   end
 
+  describe 'POST #create' do
+    def create_snippet(project, snippet_params = {})
+      sign_in(user)
+
+      project.team << [user, :developer]
+
+      post :create, {
+        namespace_id: project.namespace.to_param,
+        project_id: project.to_param,
+        project_snippet: { title: 'Title', content: 'Content' }.merge(snippet_params)
+      }
+    end
+
+    context 'when the snippet is spam' do
+      before do
+        allow_any_instance_of(AkismetService).to receive(:is_spam?).and_return(true)
+      end
+
+      context 'when the project is private' do
+        let(:private_project) { create(:project_empty_repo, :private) }
+
+        context 'when the snippet is public' do
+          it 'creates the snippet' do
+            expect { create_snippet(private_project, visibility_level: Snippet::PUBLIC) }.
+              to change { Snippet.count }.by(1)
+          end
+        end
+      end
+
+      context 'when the project is public' do
+        context 'when the snippet is private' do
+          it 'creates the snippet' do
+            expect { create_snippet(project, visibility_level: Snippet::PRIVATE) }.
+              to change { Snippet.count }.by(1)
+          end
+        end
+
+        context 'when the snippet is public' do
+          it 'rejects the shippet' do
+            expect { create_snippet(project, visibility_level: Snippet::PUBLIC) }.
+              not_to change { Snippet.count }
+            expect(response).to render_template(:new)
+          end
+
+          it 'creates a spam log' do
+            expect { create_snippet(project, visibility_level: Snippet::PUBLIC) }.
+              to change { SpamLog.count }.by(1)
+          end
+        end
+      end
+    end
+  end
+
+  describe 'POST #mark_as_spam' do
+    let(:snippet) { create(:project_snippet, :private, project: project, author: user) }
+
+    before do
+      allow_any_instance_of(AkismetService).to receive_messages(submit_spam: true)
+      stub_application_setting(akismet_enabled: true)
+    end
+
+    def mark_as_spam
+      admin = create(:admin)
+      create(:user_agent_detail, subject: snippet)
+      project.team << [admin, :master]
+      sign_in(admin)
+
+      post :mark_as_spam,
+           namespace_id: project.namespace.path,
+           project_id: project.path,
+           id: snippet.id
+    end
+
+    it 'updates the snippet' do
+      mark_as_spam
+
+      expect(snippet.reload).not_to be_submittable_as_spam
+    end
+  end
+
   %w[show raw].each do |action|
     describe "GET ##{action}" do
       context 'when the project snippet is private' do
diff --git a/spec/controllers/snippets_controller_spec.rb b/spec/controllers/snippets_controller_spec.rb
index d76fe9f580f..dadcb90cfc2 100644
--- a/spec/controllers/snippets_controller_spec.rb
+++ b/spec/controllers/snippets_controller_spec.rb
@@ -138,6 +138,65 @@ describe SnippetsController do
     end
   end
 
+  describe 'POST #create' do
+    def create_snippet(snippet_params = {})
+      sign_in(user)
+
+      post :create, {
+        personal_snippet: { title: 'Title', content: 'Content' }.merge(snippet_params)
+      }
+    end
+
+    context 'when the snippet is spam' do
+      before do
+        allow_any_instance_of(AkismetService).to receive(:is_spam?).and_return(true)
+      end
+
+      context 'when the snippet is private' do
+        it 'creates the snippet' do
+          expect { create_snippet(visibility_level: Snippet::PRIVATE) }.
+            to change { Snippet.count }.by(1)
+        end
+      end
+
+      context 'when the snippet is public' do
+        it 'rejects the shippet' do
+          expect { create_snippet(visibility_level: Snippet::PUBLIC) }.
+            not_to change { Snippet.count }
+          expect(response).to render_template(:new)
+        end
+
+        it 'creates a spam log' do
+          expect { create_snippet(visibility_level: Snippet::PUBLIC) }.
+            to change { SpamLog.count }.by(1)
+        end
+      end
+    end
+  end
+
+  describe 'POST #mark_as_spam' do
+    let(:snippet) { create(:personal_snippet, :public, author: user) }
+
+    before do
+      allow_any_instance_of(AkismetService).to receive_messages(submit_spam: true)
+      stub_application_setting(akismet_enabled: true)
+    end
+
+    def mark_as_spam
+      admin = create(:admin)
+      create(:user_agent_detail, subject: snippet)
+      sign_in(admin)
+
+      post :mark_as_spam, id: snippet.id
+    end
+
+    it 'updates the snippet' do
+      mark_as_spam
+
+      expect(snippet.reload).not_to be_submittable_as_spam
+    end
+  end
+
   %w(raw download).each do |action|
     describe "GET #{action}" do
       context 'when the personal snippet is private' do
author	Sean McGivern <sean@gitlab.com>	2017-02-01 18:15:59 +0000
committer	Sean McGivern <sean@gitlab.com>	2017-02-02 10:23:51 +0000
commit	c63194ce6f952173649d7de4038aa96348e90565 (patch)
tree	a9622e1e5ffc86bf35fc9556152cc03cf2841ef5 /spec/controllers
parent	f799585c41d801bc657f992adf3d4b201af927d2 (diff)
download	gitlab-ce-c63194ce6f952173649d7de4038aa96348e90565.tar.gz