Add latest changes from gitlab-org/security/gitlab@14-5-stable-ee

1 files changed, 34 insertions, 0 deletions

diff --git a/spec/graphql/gitlab_schema_spec.rb b/spec/graphql/gitlab_schema_spec.rb
index 3fa0dc95126..02c686af688 100644
--- a/spec/graphql/gitlab_schema_spec.rb
+++ b/spec/graphql/gitlab_schema_spec.rb
@@ -35,6 +35,10 @@ RSpec.describe GitlabSchema do
     expect(connection).to eq(Gitlab::Graphql::Pagination::ExternallyPaginatedArrayConnection)
   end
 
+  it 'sets an appropriate validation timeout' do
+    expect(described_class.validate_timeout).to be <= 0.2.seconds
+  end
+
   describe '.execute' do
     describe 'setting query `max_complexity` and `max_depth`' do
       subject(:result) { described_class.execute('query', **kwargs).query }
@@ -195,6 +199,36 @@ RSpec.describe GitlabSchema do
     end
   end
 
+  describe 'validate_max_errors' do
+    it 'reports at most 5 errors' do
+      query = <<~GQL
+        query {
+          currentUser {
+            x: id
+            x: bot
+            x: username
+            x: state
+            x: name
+
+            x: id
+            x: bot
+            x: username
+            x: state
+            x: name
+
+            badField
+            veryBadField
+            alsoNotAGoodField
+          }
+        }
+      GQL
+
+      result = described_class.execute(query)
+
+      expect(result.to_h['errors'].count).to eq 5
+    end
+  end
+
   describe '.parse_gid' do
     let_it_be(:global_id) { 'gid://gitlab/TestOne/2147483647' }