diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-10 18:07:39 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-10 18:07:39 +0000 |
commit | 8cc4a6f23d41a1c57dc309130d2ce9ebc04d8334 (patch) | |
tree | 8391f5ee4f3391534131ae834b4b0a413845239e /spec/models/abuse_report_spec.rb | |
parent | 87f8fdb93cb1e63f8e9cedf7d3d00c8ade70b18c (diff) | |
download | gitlab-ce-8cc4a6f23d41a1c57dc309130d2ce9ebc04d8334.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/models/abuse_report_spec.rb')
-rw-r--r-- | spec/models/abuse_report_spec.rb | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/spec/models/abuse_report_spec.rb b/spec/models/abuse_report_spec.rb index 95e61488c80..29baccfe0ee 100644 --- a/spec/models/abuse_report_spec.rb +++ b/spec/models/abuse_report_spec.rb @@ -20,6 +20,11 @@ RSpec.describe AbuseReport, feature_category: :insider_threat do end describe 'validations' do + let(:http) { 'http://gitlab.com' } + let(:https) { 'https://gitlab.com' } + let(:ftp) { 'ftp://example.com' } + let(:javascript) { 'javascript:alert(window.opener.document.location)' } + it { is_expected.to validate_presence_of(:reporter) } it { is_expected.to validate_presence_of(:user) } it { is_expected.to validate_presence_of(:message) } @@ -28,8 +33,16 @@ RSpec.describe AbuseReport, feature_category: :insider_threat do it do is_expected.to validate_uniqueness_of(:user_id) .scoped_to(:reporter_id) - .with_message('You have already reported this user') + .with_message('has already been reported for abuse') end + + it { is_expected.to validate_length_of(:reported_from_url).is_at_most(512).allow_blank } + it { is_expected.to allow_value(http).for(:reported_from_url) } + it { is_expected.to allow_value(https).for(:reported_from_url) } + it { is_expected.not_to allow_value(ftp).for(:reported_from_url) } + it { is_expected.not_to allow_value(javascript).for(:reported_from_url) } + it { is_expected.to allow_value('http://localhost:9000').for(:reported_from_url) } + it { is_expected.to allow_value('https://gitlab.com').for(:reported_from_url) } end describe '#remove_user' do |