diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-04-20 23:50:22 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-04-20 23:50:22 +0000 |
commit | 9dc93a4519d9d5d7be48ff274127136236a3adb3 (patch) | |
tree | 70467ae3692a0e35e5ea56bcb803eb512a10bedb /spec/features/issues/gfm_autocomplete_spec.rb | |
parent | 4b0f34b6d759d6299322b3a54453e930c6121ff0 (diff) | |
download | gitlab-ce-9dc93a4519d9d5d7be48ff274127136236a3adb3.tar.gz |
Add latest changes from gitlab-org/gitlab@13-11-stable-eev13.11.0-rc43
Diffstat (limited to 'spec/features/issues/gfm_autocomplete_spec.rb')
-rw-r--r-- | spec/features/issues/gfm_autocomplete_spec.rb | 984 |
1 files changed, 448 insertions, 536 deletions
diff --git a/spec/features/issues/gfm_autocomplete_spec.rb b/spec/features/issues/gfm_autocomplete_spec.rb index e6ebc37ba59..0cefbae4d37 100644 --- a/spec/features/issues/gfm_autocomplete_spec.rb +++ b/spec/features/issues/gfm_autocomplete_spec.rb @@ -3,16 +3,23 @@ require 'spec_helper' RSpec.describe 'GFM autocomplete', :js do - let_it_be(:user_xss_title) { 'eve <img src=x onerror=alert(2)<img src=x onerror=alert(1)>' } - let_it_be(:user_xss) { create(:user, name: user_xss_title, username: 'xss.user') } let_it_be(:user) { create(:user, name: '💃speciąl someone💃', username: 'someone.special') } let_it_be(:user2) { create(:user, name: 'Marge Simpson', username: 'msimpson') } + let_it_be(:group) { create(:group, name: 'Ancestor') } let_it_be(:child_group) { create(:group, parent: group, name: 'My group') } let_it_be(:project) { create(:project, group: child_group) } + + let_it_be(:issue) { create(:issue, project: project, assignees: [user]) } let_it_be(:label) { create(:label, project: project, title: 'special+') } + let_it_be(:label_scoped) { create(:label, project: project, title: 'scoped::label') } + let_it_be(:label_with_spaces) { create(:label, project: project, title: 'Accepting merge requests') } + let_it_be(:snippet) { create(:project_snippet, project: project, title: 'code snippet') } - let(:issue) { create(:issue, project: project) } + let_it_be(:user_xss_title) { 'eve <img src=x onerror=alert(2)<img src=x onerror=alert(1)>' } + let_it_be(:user_xss) { create(:user, name: user_xss_title, username: 'xss.user') } + let_it_be(:label_xss_title) { 'alert label <img src=x onerror="alert(\'Hello xss\');" a' } + let_it_be(:label_xss) { create(:label, project: project, title: label_xss_title) } before_all do project.add_maintainer(user) @@ -21,418 +28,366 @@ RSpec.describe 'GFM autocomplete', :js do end describe 'when tribute_autocomplete feature flag is off' do - before do - stub_feature_flags(tribute_autocomplete: false) - - sign_in(user) - visit project_issue_path(project, issue) - - wait_for_requests - end - - it 'updates issue description with GFM reference' do - click_button 'Edit title and description' - - wait_for_requests - - fill_in 'Description', with: "@#{user.name[0...3]}" - - wait_for_requests - - find_highlighted_autocomplete_item.click - - click_button 'Save changes' - - wait_for_requests - - expect(find('.description')).to have_text(user.to_reference) - end - - it 'opens quick action autocomplete when updating description' do - click_button 'Edit title and description' - - fill_in 'Description', with: '/' - - expect(find_autocomplete_menu).to be_visible - end - - it 'opens autocomplete menu when field starts with text' do - fill_in 'Comment', with: '@' - - expect(find_autocomplete_menu).to be_visible - end - - it 'opens autocomplete menu for Issues when field starts with text with item escaping HTML characters' do - issue_xss_title = 'This will execute alert<img src=x onerror=alert(2)<img src=x onerror=alert(1)>' - create(:issue, project: project, title: issue_xss_title) - - fill_in 'Comment', with: '#' - - wait_for_requests + describe 'new issue page' do + before do + stub_feature_flags(tribute_autocomplete: false) - expect(find_autocomplete_menu).to have_text(issue_xss_title) - end + sign_in(user) + visit new_project_issue_path(project) - it 'opens autocomplete menu for Username when field starts with text with item escaping HTML characters' do - fill_in 'Comment', with: '@ev' + wait_for_requests + end - wait_for_requests + it 'allows quick actions' do + fill_in 'Description', with: '/' - expect(find_highlighted_autocomplete_item).to have_text(user_xss.username) + expect(find_autocomplete_menu).to be_visible + end end - it 'opens autocomplete menu for Milestone when field starts with text with item escaping HTML characters' do - milestone_xss_title = 'alert milestone <img src=x onerror="alert(\'Hello xss\');" a' - create(:milestone, project: project, title: milestone_xss_title) + describe 'issue description' do + let(:issue_to_edit) { create(:issue, project: project) } - fill_in 'Comment', with: '%' + before do + stub_feature_flags(tribute_autocomplete: false) - wait_for_requests + sign_in(user) + visit project_issue_path(project, issue_to_edit) - expect(find_autocomplete_menu).to have_text('alert milestone') - end + wait_for_requests + end - it 'doesnt open autocomplete menu character is prefixed with text' do - fill_in 'Comment', with: 'testing@' + it 'updates with GFM reference' do + click_button 'Edit title and description' - expect(page).not_to have_css('.atwho-view') - end + wait_for_requests - it 'doesnt select the first item for non-assignee dropdowns' do - fill_in 'Comment', with: ':' + fill_in 'Description', with: "@#{user.name[0...3]}" - wait_for_requests + wait_for_requests - expect(find_autocomplete_menu).not_to have_css('.cur') - end + find_highlighted_autocomplete_item.click - it 'does not open autocomplete menu when ":" is prefixed by a number and letters' do - # Number. - fill_in 'Comment', with: '7:' - expect(page).not_to have_css('.atwho-view') + click_button 'Save changes' - # ASCII letter. - fill_in 'Comment', with: 'w:' - expect(page).not_to have_css('.atwho-view') + wait_for_requests - # Non-ASCII letter. - fill_in 'Comment', with: 'Ё:' - expect(page).not_to have_css('.atwho-view') - end + expect(find('.description')).to have_text(user.to_reference) + end - it 'selects the first item for assignee dropdowns' do - fill_in 'Comment', with: '@' + it 'allows quick actions' do + click_button 'Edit title and description' - wait_for_requests + fill_in 'Description', with: '/' - expect(find_autocomplete_menu).to have_css('.cur:first-of-type') + expect(find_autocomplete_menu).to be_visible + end end - it 'includes items for assignee dropdowns with non-ASCII characters in name' do - fill_in 'Comment', with: "@#{user.name[0...8]}" + describe 'issue comment' do + before do + stub_feature_flags(tribute_autocomplete: false) - wait_for_requests + sign_in(user) + visit project_issue_path(project, issue) - expect(find_autocomplete_menu).to have_text(user.name) - end + wait_for_requests + end - it 'searches across full name for assignees' do - fill_in 'Comment', with: '@speciąlsome' + describe 'triggering autocomplete' do + it 'only opens autocomplete menu when trigger character is after whitespace', :aggregate_failures do + fill_in 'Comment', with: 'testing@' + expect(page).not_to have_css('.atwho-view') - wait_for_requests + fill_in 'Comment', with: '@@' + expect(page).not_to have_css('.atwho-view') - expect(find_highlighted_autocomplete_item).to have_text(user.name) - end + fill_in 'Comment', with: "@#{user.username[0..2]}!" + expect(page).not_to have_css('.atwho-view') - it 'shows names that start with the query as the top result' do - fill_in 'Comment', with: '@mar' + fill_in 'Comment', with: "hello:#{user.username[0..2]}" + expect(page).not_to have_css('.atwho-view') - wait_for_requests + fill_in 'Comment', with: '7:' + expect(page).not_to have_css('.atwho-view') - expect(find_highlighted_autocomplete_item).to have_text(user2.name) - end - - it 'shows usernames that start with the query as the top result' do - fill_in 'Comment', with: '@msi' + fill_in 'Comment', with: 'w:' + expect(page).not_to have_css('.atwho-view') - wait_for_requests + fill_in 'Comment', with: 'Ё:' + expect(page).not_to have_css('.atwho-view') - expect(find_highlighted_autocomplete_item).to have_text(user2.name) - end + fill_in 'Comment', with: "test\n\n@" + expect(find_autocomplete_menu).to be_visible + end + end - # Regression test for https://gitlab.com/gitlab-org/gitlab/-/issues/321925 - it 'shows username when pasting then pressing Enter' do - fill_in 'Comment', with: "@#{user.username}\n" + context 'xss checks' do + it 'opens autocomplete menu for Issues when field starts with text with item escaping HTML characters' do + issue_xss_title = 'This will execute alert<img src=x onerror=alert(2)<img src=x onerror=alert(1)>' + create(:issue, project: project, title: issue_xss_title) - expect(find_field('Comment').value).to have_text "@#{user.username}" - end + fill_in 'Comment', with: '#' - it 'does not show `@undefined` when pressing `@` then Enter' do - fill_in 'Comment', with: "@\n" + wait_for_requests - expect(find_field('Comment').value).to have_text '@' - expect(find_field('Comment').value).not_to have_text '@undefined' - end + expect(find_autocomplete_menu).to have_text(issue_xss_title) + end - it 'selects the first item for non-assignee dropdowns if a query is entered' do - fill_in 'Comment', with: ':1' + it 'opens autocomplete menu for Username when field starts with text with item escaping HTML characters' do + fill_in 'Comment', with: '@ev' - wait_for_requests + wait_for_requests - expect(find_autocomplete_menu).to have_css('.cur:first-of-type') - end + expect(find_highlighted_autocomplete_item).to have_text(user_xss.username) + end - context 'if a selected value has special characters' do - it 'wraps the result in double quotes' do - fill_in 'Comment', with: "~#{label.title[0]}" + it 'opens autocomplete menu for Milestone when field starts with text with item escaping HTML characters' do + milestone_xss_title = 'alert milestone <img src=x onerror="alert(\'Hello xss\');" a' + create(:milestone, project: project, title: milestone_xss_title) - find_highlighted_autocomplete_item.click + fill_in 'Comment', with: '%' - expect(find_field('Comment').value).to have_text("~\"#{label.title}\"") - end + wait_for_requests - it "shows dropdown after a new line" do - fill_in 'Comment', with: "test\n\n@" + expect(find_autocomplete_menu).to have_text('alert milestone') + end - expect(find_autocomplete_menu).to be_visible - end + it 'opens autocomplete menu for Labels when field starts with text with item escaping HTML characters' do + fill_in 'Comment', with: '~' - it "does not show dropdown when preceded with a special character" do - fill_in 'Comment', with: '@@' + wait_for_requests - expect(page).not_to have_css('.atwho-view') + expect(find_autocomplete_menu).to have_text('alert label') + end end - it 'doesn\'t wrap for assignee values' do - fill_in 'Comment', with: "@#{user.username[0]}" + describe 'autocomplete highlighting' do + it 'auto-selects the first item when there is a query, and only for assignees with no query', :aggregate_failures do + fill_in 'Comment', with: ':' + wait_for_requests + expect(find_autocomplete_menu).not_to have_css('.cur') - find_highlighted_autocomplete_item.click + fill_in 'Comment', with: ':1' + wait_for_requests + expect(find_autocomplete_menu).to have_css('.cur:first-of-type') - expect(find_field('Comment').value).to have_text("@#{user.username}") + fill_in 'Comment', with: '@' + wait_for_requests + expect(find_autocomplete_menu).to have_css('.cur:first-of-type') + end end - it 'doesn\'t wrap for emoji values' do - fill_in 'Comment', with: ':cartwheel_' - - find_highlighted_autocomplete_item.click + describe 'assignees' do + it 'does not wrap with quotes for assignee values' do + fill_in 'Comment', with: "@#{user.username[0]}" - expect(find_field('Comment').value).to have_text('cartwheel_tone1') - end + find_highlighted_autocomplete_item.click - it 'doesn\'t open autocomplete after non-word character' do - fill_in 'Comment', with: "@#{user.username[0..2]}!" + expect(find_field('Comment').value).to have_text("@#{user.username}") + end - expect(page).not_to have_css('.atwho-view') - end + it 'includes items for assignee dropdowns with non-ASCII characters in name' do + fill_in 'Comment', with: "@#{user.name[0...8]}" - it 'doesn\'t open autocomplete if there is no space before' do - fill_in 'Comment', with: "hello:#{user.username[0..2]}" + wait_for_requests - expect(page).not_to have_css('.atwho-view') - end + expect(find_autocomplete_menu).to have_text(user.name) + end - it 'triggers autocomplete after selecting a quick action' do - fill_in 'Comment', with: '/as' + it 'searches across full name for assignees' do + fill_in 'Comment', with: '@speciąlsome' - find_highlighted_autocomplete_item.click + wait_for_requests - expect(find_autocomplete_menu).to have_text(user.username) - end + expect(find_highlighted_autocomplete_item).to have_text(user.name) + end - it 'does not limit quick actions autocomplete list to 5' do - fill_in 'Comment', with: '/' + it 'shows names that start with the query as the top result' do + fill_in 'Comment', with: '@mar' - expect(find_autocomplete_menu).to have_css('li', minimum: 6) - end - end + wait_for_requests - context 'assignees' do - let(:issue_assignee) { create(:issue, project: project) } - let(:unassigned_user) { create(:user) } + expect(find_highlighted_autocomplete_item).to have_text(user2.name) + end - before do - issue_assignee.update(assignees: [user]) + it 'shows usernames that start with the query as the top result' do + fill_in 'Comment', with: '@msi' - project.add_maintainer(unassigned_user) - end + wait_for_requests - it 'lists users who are currently not assigned to the issue when using /assign' do - visit project_issue_path(project, issue_assignee) + expect(find_highlighted_autocomplete_item).to have_text(user2.name) + end - fill_in 'Comment', with: '/as' + # Regression test for https://gitlab.com/gitlab-org/gitlab/-/issues/321925 + it 'shows username when pasting then pressing Enter' do + fill_in 'Comment', with: "@#{user.username}\n" - find_highlighted_autocomplete_item.click + expect(find_field('Comment').value).to have_text "@#{user.username}" + end - expect(find_autocomplete_menu).not_to have_text(user.username) - expect(find_autocomplete_menu).to have_text(unassigned_user.username) - end + it 'does not show `@undefined` when pressing `@` then Enter' do + fill_in 'Comment', with: "@\n" - it 'shows dropdown on new issue form' do - visit new_project_issue_path(project) + expect(find_field('Comment').value).to have_text '@' + expect(find_field('Comment').value).not_to have_text '@undefined' + end - fill_in 'Description', with: '/ass' + context 'when /assign quick action is selected' do + it 'triggers user autocomplete and lists users who are currently not assigned to the issue' do + fill_in 'Comment', with: '/as' - find_highlighted_autocomplete_item.click + find_highlighted_autocomplete_item.click - expect(find_autocomplete_menu).to have_text(unassigned_user.username) - expect(find_autocomplete_menu).to have_text(user.username) + expect(find_autocomplete_menu).not_to have_text(user.username) + expect(find_autocomplete_menu).to have_text(user2.username) + end + end end - end - - context 'labels' do - it 'opens autocomplete menu for Labels when field starts with text with item escaping HTML characters' do - label_xss_title = 'alert label <img src=x onerror="alert(\'Hello xss\');" a' - create(:label, project: project, title: label_xss_title) - fill_in 'Comment', with: '~' - - wait_for_requests + context 'if a selected value has special characters' do + it 'wraps the result in double quotes' do + fill_in 'Comment', with: "~#{label.title[0..2]}" - expect(find_autocomplete_menu).to have_text('alert label') - end + find_highlighted_autocomplete_item.click - it 'allows colons when autocompleting scoped labels' do - create(:label, project: project, title: 'scoped:label') + expect(find_field('Comment').value).to have_text("~\"#{label.title}\"") + end - fill_in 'Comment', with: '~scoped:' + it 'doesn\'t wrap for emoji values' do + fill_in 'Comment', with: ':cartwheel_' - wait_for_requests + find_highlighted_autocomplete_item.click - expect(find_autocomplete_menu).to have_text('scoped:label') + expect(find_field('Comment').value).to have_text('cartwheel_tone1') + end end - it 'allows colons when autocompleting scoped labels with double colons' do - create(:label, project: project, title: 'scoped::label') + context 'quick actions' do + it 'does not limit quick actions autocomplete list to 5' do + fill_in 'Comment', with: '/' - fill_in 'Comment', with: '~scoped::' - - wait_for_requests - - expect(find_autocomplete_menu).to have_text('scoped::label') + expect(find_autocomplete_menu).to have_css('li', minimum: 6) + end end - it 'allows spaces when autocompleting multi-word labels' do - create(:label, project: project, title: 'Accepting merge requests') + context 'labels' do + it 'allows colons when autocompleting scoped labels' do + fill_in 'Comment', with: '~scoped:' - fill_in 'Comment', with: '~Accepting merge' + wait_for_requests - wait_for_requests + expect(find_autocomplete_menu).to have_text('scoped::label') + end - expect(find_autocomplete_menu).to have_text('Accepting merge requests') - end + it 'allows spaces when autocompleting multi-word labels' do + fill_in 'Comment', with: '~Accepting merge' - it 'only autocompletes the latest label' do - create(:label, project: project, title: 'Accepting merge requests') - create(:label, project: project, title: 'Accepting job applicants') + wait_for_requests - fill_in 'Comment', with: '~Accepting merge requests foo bar ~Accepting job' + expect(find_autocomplete_menu).to have_text('Accepting merge requests') + end - wait_for_requests + it 'only autocompletes the last label' do + fill_in 'Comment', with: '~scoped:: foo bar ~Accepting merge' - expect(find_autocomplete_menu).to have_text('Accepting job applicants') - end + wait_for_requests - it 'does not autocomplete labels if no tilde is typed' do - create(:label, project: project, title: 'Accepting merge requests') + expect(find_autocomplete_menu).to have_text('Accepting merge requests') + end - fill_in 'Comment', with: 'Accepting merge' + it 'does not autocomplete labels if no tilde is typed' do + fill_in 'Comment', with: 'Accepting merge' - wait_for_requests + wait_for_requests - expect(page).not_to have_css('.atwho-view') + expect(page).not_to have_css('.atwho-view') + end end - end - context 'when other notes are destroyed' do - let!(:discussion) { create(:discussion_note_on_issue, noteable: issue, project: issue.project) } + context 'when other notes are destroyed' do + let!(:discussion) { create(:discussion_note_on_issue, noteable: issue, project: issue.project) } - # This is meant to protect against this issue https://gitlab.com/gitlab-org/gitlab/-/issues/228729 - it 'keeps autocomplete key listeners' do - visit project_issue_path(project, issue) - note = find_field('Comment') + # This is meant to protect against this issue https://gitlab.com/gitlab-org/gitlab/-/issues/228729 + it 'keeps autocomplete key listeners' do + note = find_field('Comment') - start_comment_with_emoji(note, '.atwho-view li') + start_comment_with_emoji(note, '.atwho-view li') - start_and_cancel_discussion + start_and_cancel_discussion - note.fill_in(with: '') - start_comment_with_emoji(note, '.atwho-view li') - note.native.send_keys(:enter) + note.fill_in(with: '') + start_comment_with_emoji(note, '.atwho-view li') + note.native.send_keys(:enter) - expect(note.value).to eql('Hello :100: ') + expect(note.value).to eql('Hello :100: ') + end end - end - shared_examples 'autocomplete suggestions' do - it 'suggests objects correctly' do - fill_in 'Comment', with: object.class.reference_prefix + shared_examples 'autocomplete suggestions' do + it 'suggests objects correctly' do + fill_in 'Comment', with: object.class.reference_prefix - find_autocomplete_menu.find('li').click + find_autocomplete_menu.find('li').click - expect(find_field('Comment').value).to have_text(expected_body) + expect(find_field('Comment').value).to have_text(expected_body) + end end - end - context 'issues' do - let(:object) { issue } - let(:expected_body) { object.to_reference } + context 'issues' do + let(:object) { issue } + let(:expected_body) { object.to_reference } - it_behaves_like 'autocomplete suggestions' - end - - context 'merge requests' do - let(:object) { create(:merge_request, source_project: project) } - let(:expected_body) { object.to_reference } - - it_behaves_like 'autocomplete suggestions' - end + it_behaves_like 'autocomplete suggestions' + end - context 'project snippets' do - let!(:object) { create(:project_snippet, project: project, title: 'code snippet') } - let(:expected_body) { object.to_reference } + context 'merge requests' do + let(:object) { create(:merge_request, source_project: project) } + let(:expected_body) { object.to_reference } - it_behaves_like 'autocomplete suggestions' - end + it_behaves_like 'autocomplete suggestions' + end - context 'label' do - let!(:object) { label } - let(:expected_body) { object.title } + context 'project snippets' do + let!(:object) { snippet } + let(:expected_body) { object.to_reference } - it_behaves_like 'autocomplete suggestions' - end + it_behaves_like 'autocomplete suggestions' + end - context 'milestone' do - let_it_be(:milestone_expired) { create(:milestone, project: project, due_date: 5.days.ago) } - let_it_be(:milestone_no_duedate) { create(:milestone, project: project, title: 'Foo - No due date') } - let_it_be(:milestone1) { create(:milestone, project: project, title: 'Milestone-1', due_date: 20.days.from_now) } - let_it_be(:milestone2) { create(:milestone, project: project, title: 'Milestone-2', due_date: 15.days.from_now) } - let_it_be(:milestone3) { create(:milestone, project: project, title: 'Milestone-3', due_date: 10.days.from_now) } + context 'milestone' do + let_it_be(:milestone_expired) { create(:milestone, project: project, due_date: 5.days.ago) } + let_it_be(:milestone_no_duedate) { create(:milestone, project: project, title: 'Foo - No due date') } + let_it_be(:milestone1) { create(:milestone, project: project, title: 'Milestone-1', due_date: 20.days.from_now) } + let_it_be(:milestone2) { create(:milestone, project: project, title: 'Milestone-2', due_date: 15.days.from_now) } + let_it_be(:milestone3) { create(:milestone, project: project, title: 'Milestone-3', due_date: 10.days.from_now) } - before do - fill_in 'Comment', with: '/milestone %' + before do + fill_in 'Comment', with: '/milestone %' - wait_for_requests - end + wait_for_requests + end - it 'shows milestons list in the autocomplete menu' do - page.within(find_autocomplete_menu) do - expect(page).to have_selector('li', count: 5) + it 'shows milestons list in the autocomplete menu' do + page.within(find_autocomplete_menu) do + expect(page).to have_selector('li', count: 5) + end end - end - it 'shows expired milestone at the bottom of the list' do - page.within(find_autocomplete_menu) do - expect(page.find('li:last-child')).to have_content milestone_expired.title + it 'shows expired milestone at the bottom of the list' do + page.within(find_autocomplete_menu) do + expect(page.find('li:last-child')).to have_content milestone_expired.title + end end - end - it 'shows milestone due earliest at the top of the list' do - page.within(find_autocomplete_menu) do - aggregate_failures do - expect(page.all('li')[0]).to have_content milestone3.title - expect(page.all('li')[1]).to have_content milestone2.title - expect(page.all('li')[2]).to have_content milestone1.title - expect(page.all('li')[3]).to have_content milestone_no_duedate.title + it 'shows milestone due earliest at the top of the list' do + page.within(find_autocomplete_menu) do + aggregate_failures do + expect(page.all('li')[0]).to have_content milestone3.title + expect(page.all('li')[1]).to have_content milestone2.title + expect(page.all('li')[2]).to have_content milestone1.title + expect(page.all('li')[3]).to have_content milestone_no_duedate.title + end end end end @@ -440,346 +395,303 @@ RSpec.describe 'GFM autocomplete', :js do end describe 'when tribute_autocomplete feature flag is on' do - before do - stub_feature_flags(tribute_autocomplete: true) - - sign_in(user) - visit project_issue_path(project, issue) - - wait_for_requests - end + describe 'issue description' do + let(:issue_to_edit) { create(:issue, project: project) } - it 'updates issue description with GFM reference' do - click_button 'Edit title and description' - - wait_for_requests - - fill_in 'Description', with: "@#{user.name[0...3]}" - - wait_for_requests + before do + stub_feature_flags(tribute_autocomplete: true) - find_highlighted_tribute_autocomplete_menu.click + sign_in(user) + visit project_issue_path(project, issue_to_edit) - click_button 'Save changes' + wait_for_requests + end - wait_for_requests + it 'updates with GFM reference' do + click_button 'Edit title and description' - expect(find('.description')).to have_text(user.to_reference) - end + wait_for_requests - it 'opens autocomplete menu when field starts with text' do - fill_in 'Comment', with: '@' + fill_in 'Description', with: "@#{user.name[0...3]}" - expect(find_tribute_autocomplete_menu).to be_visible - end + wait_for_requests - it 'opens autocomplete menu for Issues when field starts with text with item escaping HTML characters' do - issue_xss_title = 'This will execute alert<img src=x onerror=alert(2)<img src=x onerror=alert(1)>' - create(:issue, project: project, title: issue_xss_title) + find_highlighted_tribute_autocomplete_menu.click - fill_in 'Comment', with: '#' + click_button 'Save changes' - wait_for_requests + wait_for_requests - expect(find_tribute_autocomplete_menu).to have_text(issue_xss_title) + expect(find('.description')).to have_text(user.to_reference) + end end - it 'opens autocomplete menu for Username when field starts with text with item escaping HTML characters' do - fill_in 'Comment', with: '@ev' - - wait_for_requests - - expect(find_tribute_autocomplete_menu).to have_text(user_xss.username) - end + describe 'issue comment' do + before do + stub_feature_flags(tribute_autocomplete: true) - it 'opens autocomplete menu for Milestone when field starts with text with item escaping HTML characters' do - milestone_xss_title = 'alert milestone <img src=x onerror="alert(\'Hello xss\');" a' - create(:milestone, project: project, title: milestone_xss_title) + sign_in(user) + visit project_issue_path(project, issue) - fill_in 'Comment', with: '%' + wait_for_requests + end - wait_for_requests + describe 'triggering autocomplete' do + it 'only opens autocomplete menu when trigger character is after whitespace', :aggregate_failures do + fill_in 'Comment', with: 'testing@' + expect(page).not_to have_css('.tribute-container') - expect(find_tribute_autocomplete_menu).to have_text('alert milestone') - end + fill_in 'Comment', with: "hello:#{user.username[0..2]}" + expect(page).not_to have_css('.tribute-container') - it 'does not open autocomplete menu when trigger character is prefixed with text' do - fill_in 'Comment', with: 'testing@' + fill_in 'Comment', with: '7:' + expect(page).not_to have_css('.tribute-container') - expect(page).not_to have_css('.tribute-container') - end + fill_in 'Comment', with: 'w:' + expect(page).not_to have_css('.tribute-container') - it 'does not open autocomplete menu when ":" is prefixed by a number and letters' do - # Number. - fill_in 'Comment', with: '7:' - expect(page).not_to have_css('.tribute-container') + fill_in 'Comment', with: 'Ё:' + expect(page).not_to have_css('.tribute-container') - # ASCII letter. - fill_in 'Comment', with: 'w:' - expect(page).not_to have_css('.tribute-container') + fill_in 'Comment', with: "test\n\n@" + expect(find_tribute_autocomplete_menu).to be_visible + end + end - # Non-ASCII letter. - fill_in 'Comment', with: 'Ё:' - expect(page).not_to have_css('.tribute-container') - end + context 'xss checks' do + it 'opens autocomplete menu for Issues when field starts with text with item escaping HTML characters' do + issue_xss_title = 'This will execute alert<img src=x onerror=alert(2)<img src=x onerror=alert(1)>' + create(:issue, project: project, title: issue_xss_title) - it 'selects the first item for assignee dropdowns' do - fill_in 'Comment', with: '@' + fill_in 'Comment', with: '#' - wait_for_requests + wait_for_requests - expect(find_tribute_autocomplete_menu).to have_css('.highlight:first-of-type') - end + expect(find_tribute_autocomplete_menu).to have_text(issue_xss_title) + end - it 'includes items for assignee dropdowns with non-ASCII characters in name' do - fill_in 'Comment', with: "@#{user.name[0...8]}" + it 'opens autocomplete menu for Username when field starts with text with item escaping HTML characters' do + fill_in 'Comment', with: '@ev' - wait_for_requests + wait_for_requests - expect(find_tribute_autocomplete_menu).to have_text(user.name) - end + expect(find_tribute_autocomplete_menu).to have_text(user_xss.username) + end - it 'selects the first item for non-assignee dropdowns if a query is entered' do - fill_in 'Comment', with: ':1' + it 'opens autocomplete menu for Milestone when field starts with text with item escaping HTML characters' do + milestone_xss_title = 'alert milestone <img src=x onerror="alert(\'Hello xss\');" a' + create(:milestone, project: project, title: milestone_xss_title) - wait_for_requests + fill_in 'Comment', with: '%' - expect(find_tribute_autocomplete_menu).to have_css('.highlight:first-of-type') - end + wait_for_requests - context 'when autocompleting for groups' do - it 'shows the group when searching for the name of the group' do - fill_in 'Comment', with: '@mygroup' + expect(find_tribute_autocomplete_menu).to have_text('alert milestone') + end - expect(find_tribute_autocomplete_menu).to have_text('My group') - end + it 'opens autocomplete menu for Labels when field starts with text with item escaping HTML characters' do + fill_in 'Comment', with: '~' - it 'does not show the group when searching for the name of the parent of the group' do - fill_in 'Comment', with: '@ancestor' + wait_for_requests - expect(find_tribute_autocomplete_menu).not_to have_text('My group') + expect(find_tribute_autocomplete_menu).to have_text('alert label') + end end - end - context 'if a selected value has special characters' do - it 'wraps the result in double quotes' do - fill_in 'Comment', with: "~#{label.title[0]}" + describe 'autocomplete highlighting' do + it 'auto-selects the first item with query', :aggregate_failures do + fill_in 'Comment', with: ':1' + wait_for_requests + expect(find_tribute_autocomplete_menu).to have_css('.highlight:first-of-type') - find_highlighted_tribute_autocomplete_menu.click - - expect(find_field('Comment').value).to have_text("~\"#{label.title}\"") + fill_in 'Comment', with: '@' + wait_for_requests + expect(find_tribute_autocomplete_menu).to have_css('.highlight:first-of-type') + end end - it "shows dropdown after a new line" do - fill_in 'Comment', with: "test\n\n@" - - expect(find_tribute_autocomplete_menu).to be_visible - end + describe 'assignees' do + it 'does not wrap with quotes for assignee values' do + fill_in 'Comment', with: "@#{user.username[0..2]}" - it 'doesn\'t wrap for assignee values' do - fill_in 'Comment', with: "@#{user.username[0..2]}" + find_highlighted_tribute_autocomplete_menu.click - find_highlighted_tribute_autocomplete_menu.click + expect(find_field('Comment').value).to have_text("@#{user.username}") + end - expect(find_field('Comment').value).to have_text("@#{user.username}") - end + it 'includes items for assignee dropdowns with non-ASCII characters in name' do + fill_in 'Comment', with: "@#{user.name[0...8]}" - it 'does not wrap for emoji values' do - fill_in 'Comment', with: ':cartwheel_' + wait_for_requests - find_highlighted_tribute_autocomplete_menu.click + expect(find_tribute_autocomplete_menu).to have_text(user.name) + end - expect(find_field('Comment').value).to have_text('cartwheel_tone1') - end + context 'when autocompleting for groups' do + it 'shows the group when searching for the name of the group' do + fill_in 'Comment', with: '@mygroup' - it 'does not open autocomplete if there is no space before' do - fill_in 'Comment', with: "hello:#{user.username[0..2]}" + expect(find_tribute_autocomplete_menu).to have_text('My group') + end - expect(page).not_to have_css('.tribute-container') - end + it 'does not show the group when searching for the name of the parent of the group' do + fill_in 'Comment', with: '@ancestor' - it 'autocompletes for quick actions' do - fill_in 'Comment', with: '/as' + expect(find_tribute_autocomplete_menu).not_to have_text('My group') + end + end - find_highlighted_tribute_autocomplete_menu.click + context 'when /assign quick action is selected' do + it 'lists users who are currently not assigned to the issue' do + note = find_field('Comment') + note.native.send_keys('/assign ') + # The `/assign` ajax response might replace the one by `@` below causing a failed test + # so we need to wait for the `/assign` ajax request to finish first + wait_for_requests + note.native.send_keys('@') + wait_for_requests + + expect(find_tribute_autocomplete_menu).not_to have_text(user.username) + expect(find_tribute_autocomplete_menu).to have_text(user2.username) + end - expect(find_field('Comment').value).to have_text('/assign') + it 'lists users who are currently not assigned to the issue when using /assign on the second line' do + note = find_field('Comment') + note.native.send_keys('/assign @user2') + note.native.send_keys(:enter) + note.native.send_keys('/assign ') + # The `/assign` ajax response might replace the one by `@` below causing a failed test + # so we need to wait for the `/assign` ajax request to finish first + wait_for_requests + note.native.send_keys('@') + wait_for_requests + + expect(find_tribute_autocomplete_menu).not_to have_text(user.username) + expect(find_tribute_autocomplete_menu).to have_text(user2.username) + end + end end - end - context 'assignees' do - let(:issue_assignee) { create(:issue, project: project) } - let(:unassigned_user) { create(:user) } + context 'if a selected value has special characters' do + it 'wraps the result in double quotes' do + fill_in 'Comment', with: "~#{label.title[0..2]}" - before do - issue_assignee.update(assignees: [user]) + find_highlighted_tribute_autocomplete_menu.click - project.add_maintainer(unassigned_user) - end + expect(find_field('Comment').value).to have_text("~\"#{label.title}\"") + end - it 'lists users who are currently not assigned to the issue when using /assign' do - visit project_issue_path(project, issue_assignee) + it 'does not wrap for emoji values' do + fill_in 'Comment', with: ':cartwheel_' - note = find_field('Comment') - note.native.send_keys('/assign ') - # The `/assign` ajax response might replace the one by `@` below causing a failed test - # so we need to wait for the `/assign` ajax request to finish first - wait_for_requests - note.native.send_keys('@') - wait_for_requests + find_highlighted_tribute_autocomplete_menu.click - expect(find_tribute_autocomplete_menu).not_to have_text(user.username) - expect(find_tribute_autocomplete_menu).to have_text(unassigned_user.username) + expect(find_field('Comment').value).to have_text('cartwheel_tone1') + end end - it 'lists users who are currently not assigned to the issue when using /assign on the second line' do - visit project_issue_path(project, issue_assignee) + context 'quick actions' do + it 'autocompletes for quick actions' do + fill_in 'Comment', with: '/as' - note = find_field('Comment') - note.native.send_keys('/assign @user2') - note.native.send_keys(:enter) - note.native.send_keys('/assign ') - # The `/assign` ajax response might replace the one by `@` below causing a failed test - # so we need to wait for the `/assign` ajax request to finish first - wait_for_requests - note.native.send_keys('@') - wait_for_requests + find_highlighted_tribute_autocomplete_menu.click - expect(find_tribute_autocomplete_menu).not_to have_text(user.username) - expect(find_tribute_autocomplete_menu).to have_text(unassigned_user.username) + expect(find_field('Comment').value).to have_text('/assign') + end end - end - context 'labels' do - it 'opens autocomplete menu for Labels when field starts with text with item escaping HTML characters' do - label_xss_title = 'alert label <img src=x onerror="alert(\'Hello xss\');" a' - create(:label, project: project, title: label_xss_title) + context 'labels' do + it 'allows colons when autocompleting scoped labels' do + fill_in 'Comment', with: '~scoped:' - fill_in 'Comment', with: '~' + wait_for_requests - wait_for_requests + expect(find_tribute_autocomplete_menu).to have_text('scoped::label') + end - expect(find_tribute_autocomplete_menu).to have_text('alert label') - end + it 'autocompletes multi-word labels' do + fill_in 'Comment', with: '~Acceptingmerge' - it 'allows colons when autocompleting scoped labels' do - create(:label, project: project, title: 'scoped:label') + wait_for_requests - fill_in 'Comment', with: '~scoped:' + expect(find_tribute_autocomplete_menu).to have_text('Accepting merge requests') + end - wait_for_requests + it 'only autocompletes the last label' do + fill_in 'Comment', with: '~scoped:: foo bar ~Acceptingmerge' + # Invoke autocompletion + find_field('Comment').native.send_keys(:right) - expect(find_tribute_autocomplete_menu).to have_text('scoped:label') - end + wait_for_requests - it 'allows colons when autocompleting scoped labels with double colons' do - create(:label, project: project, title: 'scoped::label') + expect(find_tribute_autocomplete_menu).to have_text('Accepting merge requests') + end - fill_in 'Comment', with: '~scoped::' + it 'does not autocomplete labels if no tilde is typed' do + fill_in 'Comment', with: 'Accepting' - wait_for_requests + wait_for_requests - expect(find_tribute_autocomplete_menu).to have_text('scoped::label') + expect(page).not_to have_css('.tribute-container') + end end - it 'autocompletes multi-word labels' do - create(:label, project: project, title: 'Accepting merge requests') + context 'when other notes are destroyed' do + let!(:discussion) { create(:discussion_note_on_issue, noteable: issue, project: issue.project) } - fill_in 'Comment', with: '~Acceptingmerge' + # This is meant to protect against this issue https://gitlab.com/gitlab-org/gitlab/-/issues/228729 + it 'keeps autocomplete key listeners' do + note = find_field('Comment') - wait_for_requests - - expect(find_tribute_autocomplete_menu).to have_text('Accepting merge requests') - end - - it 'only autocompletes the latest label' do - create(:label, project: project, title: 'documentation') - create(:label, project: project, title: 'feature') + start_comment_with_emoji(note, '.tribute-container li') - fill_in 'Comment', with: '~documentation foo bar ~feat' - # Invoke autocompletion - find_field('Comment').native.send_keys(:right) + start_and_cancel_discussion - wait_for_requests + note.fill_in(with: '') + start_comment_with_emoji(note, '.tribute-container li') + note.native.send_keys(:enter) - expect(find_tribute_autocomplete_menu).to have_text('feature') - expect(find_tribute_autocomplete_menu).not_to have_text('documentation') + expect(note.value).to eql('Hello :100: ') + end end - it 'does not autocomplete labels if no tilde is typed' do - create(:label, project: project, title: 'documentation') + shared_examples 'autocomplete suggestions' do + it 'suggests objects correctly' do + fill_in 'Comment', with: object.class.reference_prefix - fill_in 'Comment', with: 'document' - - wait_for_requests + find_tribute_autocomplete_menu.find('li').click - expect(page).not_to have_css('.tribute-container') + expect(find_field('Comment').value).to have_text(expected_body) + end end - end - - context 'when other notes are destroyed' do - let!(:discussion) { create(:discussion_note_on_issue, noteable: issue, project: issue.project) } - - # This is meant to protect against this issue https://gitlab.com/gitlab-org/gitlab/-/issues/228729 - it 'keeps autocomplete key listeners' do - visit project_issue_path(project, issue) - note = find_field('Comment') - - start_comment_with_emoji(note, '.tribute-container li') - - start_and_cancel_discussion - note.fill_in(with: '') - start_comment_with_emoji(note, '.tribute-container li') - note.native.send_keys(:enter) + context 'issues' do + let(:object) { issue } + let(:expected_body) { object.to_reference } - expect(note.value).to eql('Hello :100: ') + it_behaves_like 'autocomplete suggestions' end - end - - shared_examples 'autocomplete suggestions' do - it 'suggests objects correctly' do - fill_in 'Comment', with: object.class.reference_prefix - find_tribute_autocomplete_menu.find('li').click + context 'merge requests' do + let(:object) { create(:merge_request, source_project: project) } + let(:expected_body) { object.to_reference } - expect(find_field('Comment').value).to have_text(expected_body) + it_behaves_like 'autocomplete suggestions' end - end - - context 'issues' do - let(:object) { issue } - let(:expected_body) { object.to_reference } - it_behaves_like 'autocomplete suggestions' - end - - context 'merge requests' do - let(:object) { create(:merge_request, source_project: project) } - let(:expected_body) { object.to_reference } - - it_behaves_like 'autocomplete suggestions' - end + context 'project snippets' do + let!(:object) { snippet } + let(:expected_body) { object.to_reference } - context 'project snippets' do - let!(:object) { create(:project_snippet, project: project, title: 'code snippet') } - let(:expected_body) { object.to_reference } - - it_behaves_like 'autocomplete suggestions' - end - - context 'label' do - let!(:object) { label } - let(:expected_body) { object.title } - - it_behaves_like 'autocomplete suggestions' - end + it_behaves_like 'autocomplete suggestions' + end - context 'milestone' do - let!(:object) { create(:milestone, project: project) } - let(:expected_body) { object.to_reference } + context 'milestone' do + let!(:object) { create(:milestone, project: project) } + let(:expected_body) { object.to_reference } - it_behaves_like 'autocomplete suggestions' + it_behaves_like 'autocomplete suggestions' + end end end |