diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-30 12:40:01 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-30 12:40:01 +0000 |
commit | f19a0fa10a0024fab5ef3c556612944f2a62c298 (patch) | |
tree | ef5c359820d2409cf07c0610122299d314ec4743 /spec/requests | |
parent | eba52140851d2fb08665119c0a3997d0612ccb88 (diff) | |
download | gitlab-ce-f19a0fa10a0024fab5ef3c556612944f2a62c298.tar.gz |
Add latest changes from gitlab-org/security/gitlab@14-2-stable-ee
Diffstat (limited to 'spec/requests')
-rw-r--r-- | spec/requests/api/graphql/mutations/design_management/upload_spec.rb | 23 | ||||
-rw-r--r-- | spec/requests/users_controller_spec.rb | 6 |
2 files changed, 26 insertions, 3 deletions
diff --git a/spec/requests/api/graphql/mutations/design_management/upload_spec.rb b/spec/requests/api/graphql/mutations/design_management/upload_spec.rb index 2189ae3c519..d3e6c689a59 100644 --- a/spec/requests/api/graphql/mutations/design_management/upload_spec.rb +++ b/spec/requests/api/graphql/mutations/design_management/upload_spec.rb @@ -11,6 +11,7 @@ RSpec.describe "uploading designs" do let(:project) { issue.project } let(:files) { [fixture_file_upload("spec/fixtures/dk.png")] } let(:variables) { {} } + let(:mutation_response) { graphql_mutation_response(:design_management_upload) } def mutation input = { @@ -21,14 +22,32 @@ RSpec.describe "uploading designs" do graphql_mutation(:design_management_upload, input) end - let(:mutation_response) { graphql_mutation_response(:design_management_upload) } - before do enable_design_management project.add_developer(current_user) end + context 'when the input does not include a null value for each mapped file' do + let(:operations) { { query: mutation.query, variables: mutation.variables.merge(files: []) } } + let(:mapping) { { '1' => ['variables.files.0'] } } + let(:params) do + { '1' => files.first, operations: operations.to_json, map: mapping.to_json } + end + + it 'returns an error' do + workhorse_post_with_file(api('/', current_user, version: 'graphql'), + params: params, + file_key: '1' + ) + + expect(response).to have_attributes( + code: eq('400'), + body: include('out-of-bounds') + ) + end + end + it "returns an error if the user is not allowed to upload designs" do post_graphql_mutation_with_uploads(mutation, current_user: create(:user)) diff --git a/spec/requests/users_controller_spec.rb b/spec/requests/users_controller_spec.rb index 5a38f92221f..accacd705e7 100644 --- a/spec/requests/users_controller_spec.rb +++ b/spec/requests/users_controller_spec.rb @@ -274,7 +274,11 @@ RSpec.describe UsersController do stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC]) end - it_behaves_like 'renders all public keys' + it 'redirects to sign in' do + get "/#{user.username}.keys" + + expect(response).to redirect_to(new_user_session_path) + end end end end |