Add latest changes from gitlab-org/security/gitlab@15-2-stable-ee

1 files changed, 28 insertions, 7 deletions

diff --git a/spec/models/hooks/web_hook_log_spec.rb b/spec/models/hooks/web_hook_log_spec.rb
index e1fea3318f6..8ff8a1c3865 100644
--- a/spec/models/hooks/web_hook_log_spec.rb
+++ b/spec/models/hooks/web_hook_log_spec.rb
@@ -30,15 +30,12 @@ RSpec.describe WebHookLog do
   end
 
   describe '#save' do
-    let(:web_hook_log) { build(:web_hook_log, url: url) }
-    let(:url) { 'http://example.com' }
-
-    subject { web_hook_log.save! }
+    context 'with basic auth credentials' do
+      let(:web_hook_log) { build(:web_hook_log, url: 'http://test:123@example.com') }
 
-    it { is_expected.to eq(true) }
+      subject { web_hook_log.save! }
 
-    context 'with basic auth credentials' do
-      let(:url) { 'http://test:123@example.com'}
+      it { is_expected.to eq(true) }
 
       it 'obfuscates the basic auth credentials' do
         subject
@@ -46,6 +43,30 @@ RSpec.describe WebHookLog do
         expect(web_hook_log.url).to eq('http://*****:*****@example.com')
       end
     end
+
+    context 'with author email' do
+      let(:author) { create(:user) }
+      let(:web_hook_log) { create(:web_hook_log, request_data: data) }
+      let(:data) do
+        {
+          commit: {
+            author: {
+              name: author.name,
+              email: author.email
+            }
+          }
+        }.deep_stringify_keys
+      end
+
+      it "redacts author's email" do
+        expect(web_hook_log.request_data['commit']).to match a_hash_including(
+          'author' => {
+            'name' => author.name,
+            'email' => _('[REDACTED]')
+          }
+        )
+      end
+    end
   end
 
   describe '.delete_batch_for' do