diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-10 18:07:39 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-10 18:07:39 +0000 |
commit | 8cc4a6f23d41a1c57dc309130d2ce9ebc04d8334 (patch) | |
tree | 8391f5ee4f3391534131ae834b4b0a413845239e /spec/models | |
parent | 87f8fdb93cb1e63f8e9cedf7d3d00c8ade70b18c (diff) | |
download | gitlab-ce-8cc4a6f23d41a1c57dc309130d2ce9ebc04d8334.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/models')
-rw-r--r-- | spec/models/abuse_report_spec.rb | 15 | ||||
-rw-r--r-- | spec/models/integrations/apple_app_store_spec.rb | 2 | ||||
-rw-r--r-- | spec/models/personal_access_token_spec.rb | 31 |
3 files changed, 45 insertions, 3 deletions
diff --git a/spec/models/abuse_report_spec.rb b/spec/models/abuse_report_spec.rb index 95e61488c80..29baccfe0ee 100644 --- a/spec/models/abuse_report_spec.rb +++ b/spec/models/abuse_report_spec.rb @@ -20,6 +20,11 @@ RSpec.describe AbuseReport, feature_category: :insider_threat do end describe 'validations' do + let(:http) { 'http://gitlab.com' } + let(:https) { 'https://gitlab.com' } + let(:ftp) { 'ftp://example.com' } + let(:javascript) { 'javascript:alert(window.opener.document.location)' } + it { is_expected.to validate_presence_of(:reporter) } it { is_expected.to validate_presence_of(:user) } it { is_expected.to validate_presence_of(:message) } @@ -28,8 +33,16 @@ RSpec.describe AbuseReport, feature_category: :insider_threat do it do is_expected.to validate_uniqueness_of(:user_id) .scoped_to(:reporter_id) - .with_message('You have already reported this user') + .with_message('has already been reported for abuse') end + + it { is_expected.to validate_length_of(:reported_from_url).is_at_most(512).allow_blank } + it { is_expected.to allow_value(http).for(:reported_from_url) } + it { is_expected.to allow_value(https).for(:reported_from_url) } + it { is_expected.not_to allow_value(ftp).for(:reported_from_url) } + it { is_expected.not_to allow_value(javascript).for(:reported_from_url) } + it { is_expected.to allow_value('http://localhost:9000').for(:reported_from_url) } + it { is_expected.to allow_value('https://gitlab.com').for(:reported_from_url) } end describe '#remove_user' do diff --git a/spec/models/integrations/apple_app_store_spec.rb b/spec/models/integrations/apple_app_store_spec.rb index dde26e383c7..1a57f556895 100644 --- a/spec/models/integrations/apple_app_store_spec.rb +++ b/spec/models/integrations/apple_app_store_spec.rb @@ -29,7 +29,7 @@ RSpec.describe Integrations::AppleAppStore, feature_category: :mobile_devops do describe '#fields' do it 'returns custom fields' do expect(apple_app_store_integration.fields.pluck(:name)).to eq(%w[app_store_issuer_id app_store_key_id - app_store_private_key]) + app_store_private_key]) end end diff --git a/spec/models/personal_access_token_spec.rb b/spec/models/personal_access_token_spec.rb index 9d4c53f8d55..f65b5ff824b 100644 --- a/spec/models/personal_access_token_spec.rb +++ b/spec/models/personal_access_token_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe PersonalAccessToken do +RSpec.describe PersonalAccessToken, feature_category: :authentication_and_authorization do subject { described_class } describe '.build' do @@ -210,6 +210,12 @@ RSpec.describe PersonalAccessToken do expect(personal_access_token).to be_valid end + it "allows creating a token with `admin_mode` scope" do + personal_access_token.scopes = [:api, :admin_mode] + + expect(personal_access_token).to be_valid + end + context 'when registry is disabled' do before do stub_container_registry_config(enabled: false) @@ -340,4 +346,27 @@ RSpec.describe PersonalAccessToken do end end end + + # During the implementation of Admin Mode for API, tokens of + # administrators should automatically get the `admin_mode` scope as well + # See https://gitlab.com/gitlab-org/gitlab/-/issues/42692 + describe '`admin_mode scope' do + subject { create(:personal_access_token, user: user, scopes: ['api']) } + + context 'with administrator user' do + let_it_be(:user) { create(:user, :admin) } + + it 'adds `admin_mode` scope before created' do + expect(subject.scopes).to contain_exactly('api', 'admin_mode') + end + end + + context 'with normal user' do + let_it_be(:user) { create(:user) } + + it 'does not add `admin_mode` scope before created' do + expect(subject.scopes).to contain_exactly('api') + end + end + end end |