Add latest changes from gitlab-org/security/gitlab@14-0-stable-ee

1 files changed, 9 insertions, 3 deletions

diff --git a/spec/models/audit_event_spec.rb b/spec/models/audit_event_spec.rb
index 5c87c2e68db..bc603bc5ab6 100644
--- a/spec/models/audit_event_spec.rb
+++ b/spec/models/audit_event_spec.rb
@@ -3,9 +3,6 @@
 require 'spec_helper'
 
 RSpec.describe AuditEvent do
-  let_it_be(:audit_event) { create(:project_audit_event) }
-  subject { audit_event }
-
   describe 'validations' do
     include_examples 'validates IP address' do
       let(:attribute) { :ip_address }
@@ -13,6 +10,15 @@ RSpec.describe AuditEvent do
     end
   end
 
+  it 'sanitizes custom_message in the details hash' do
+    audit_event = create(:project_audit_event, details: { target_id: 678, custom_message: '<strong>Arnold</strong>' })
+
+    expect(audit_event.details).to include(
+      target_id: 678,
+      custom_message: 'Arnold'
+    )
+  end
+
   describe '#as_json' do
     context 'ip_address' do
       subject { build(:group_audit_event, ip_address: '192.168.1.1').as_json }