Add latest changes from gitlab-org/gitlab@14-10-stable-ee

4 files changed, 72 insertions, 34 deletions

diff --git a/spec/controllers/projects/artifacts_controller_spec.rb b/spec/controllers/projects/artifacts_controller_spec.rb
index 958fcd4360c..9410fe08d0b 100644
--- a/spec/controllers/projects/artifacts_controller_spec.rb
+++ b/spec/controllers/projects/artifacts_controller_spec.rb
@@ -361,7 +361,6 @@ RSpec.describe Projects::ArtifactsController do
           subject
 
           expect(response).to have_gitlab_http_status(:ok)
-          expect(response.headers['Gitlab-Workhorse-Detect-Content-Type']).to eq('true')
           expect(send_data).to start_with('artifacts-entry:')
 
           expect(params.keys).to eq(%w(Archive Entry))
diff --git a/spec/lib/gitlab/workhorse_spec.rb b/spec/lib/gitlab/workhorse_spec.rb
index 91ab0a53c6c..3bab9aec454 100644
--- a/spec/lib/gitlab/workhorse_spec.rb
+++ b/spec/lib/gitlab/workhorse_spec.rb
@@ -448,14 +448,6 @@ RSpec.describe Gitlab::Workhorse do
     end
   end
 
-  describe '.detect_content_type' do
-    subject { described_class.detect_content_type }
-
-    it 'returns array setting detect content type in workhorse' do
-      expect(subject).to eq(%w[Gitlab-Workhorse-Detect-Content-Type true])
-    end
-  end
-
   describe '.send_git_blob' do
     include FakeBlobHelpers
 
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index bde83d647db..ca4ca2eb7a0 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -103,39 +103,89 @@ RSpec.describe ProjectPolicy do
   end
 
   context 'creating_merge_request_in' do
-    context 'when project is public' do
-      let(:project) { public_project }
+    context 'when the current_user can download_code' do
+      before do
+        expect(subject).to receive(:allowed?).with(:download_code).and_return(true)
+        allow(subject).to receive(:allowed?).with(any_args).and_call_original
+      end
 
-      context 'when the current_user is guest' do
-        let(:current_user) { guest }
+      context 'when project is public' do
+        let(:project) { public_project }
+
+        context 'when the current_user is guest' do
+          let(:current_user) { guest }
 
-        it { is_expected.to be_allowed(:create_merge_request_in) }
+          it { is_expected.to be_allowed(:create_merge_request_in) }
+        end
       end
-    end
 
-    context 'when project is internal' do
-      let(:project) { internal_project }
+      context 'when project is internal' do
+        let(:project) { internal_project }
 
-      context 'when the current_user is guest' do
-        let(:current_user) { guest }
+        context 'when the current_user is guest' do
+          let(:current_user) { guest }
 
-        it { is_expected.to be_allowed(:create_merge_request_in) }
+          it { is_expected.to be_allowed(:create_merge_request_in) }
+        end
+      end
+
+      context 'when project is private' do
+        let(:project) { private_project }
+
+        context 'when the current_user is guest' do
+          let(:current_user) { guest }
+
+          it { is_expected.not_to be_allowed(:create_merge_request_in) }
+        end
+
+        context 'when the current_user is reporter or above' do
+          let(:current_user) { reporter }
+
+          it { is_expected.to be_allowed(:create_merge_request_in) }
+        end
       end
     end
 
-    context 'when project is private' do
-      let(:project) { private_project }
+    context 'when the current_user can not download code' do
+      before do
+        expect(subject).to receive(:allowed?).with(:download_code).and_return(false)
+        allow(subject).to receive(:allowed?).with(any_args).and_call_original
+      end
 
-      context 'when the current_user is guest' do
-        let(:current_user) { guest }
+      context 'when project is public' do
+        let(:project) { public_project }
+
+        context 'when the current_user is guest' do
+          let(:current_user) { guest }
 
-        it { is_expected.not_to be_allowed(:create_merge_request_in) }
+          it { is_expected.not_to be_allowed(:create_merge_request_in) }
+        end
       end
 
-      context 'when the current_user is reporter or above' do
-        let(:current_user) { reporter }
+      context 'when project is internal' do
+        let(:project) { internal_project }
 
-        it { is_expected.to be_allowed(:create_merge_request_in) }
+        context 'when the current_user is guest' do
+          let(:current_user) { guest }
+
+          it { is_expected.not_to be_allowed(:create_merge_request_in) }
+        end
+      end
+
+      context 'when project is private' do
+        let(:project) { private_project }
+
+        context 'when the current_user is guest' do
+          let(:current_user) { guest }
+
+          it { is_expected.not_to be_allowed(:create_merge_request_in) }
+        end
+
+        context 'when the current_user is reporter or above' do
+          let(:current_user) { reporter }
+
+          it { is_expected.not_to be_allowed(:create_merge_request_in) }
+        end
       end
     end
   end
diff --git a/spec/requests/api/ci/job_artifacts_spec.rb b/spec/requests/api/ci/job_artifacts_spec.rb
index 5abff85af9c..68b44bb89e0 100644
--- a/spec/requests/api/ci/job_artifacts_spec.rb
+++ b/spec/requests/api/ci/job_artifacts_spec.rb
@@ -558,8 +558,7 @@ RSpec.describe API::Ci::JobArtifacts do
             expect(response).to have_gitlab_http_status(:ok)
             expect(response.headers.to_h)
               .to include('Content-Type' => 'application/json',
-                          'Gitlab-Workhorse-Send-Data' => /artifacts-entry/,
-                          'Gitlab-Workhorse-Detect-Content-Type' => 'true')
+                          'Gitlab-Workhorse-Send-Data' => /artifacts-entry/)
           end
         end
 
@@ -629,8 +628,7 @@ RSpec.describe API::Ci::JobArtifacts do
           expect(response).to have_gitlab_http_status(:ok)
           expect(response.headers.to_h)
             .to include('Content-Type' => 'application/json',
-                        'Gitlab-Workhorse-Send-Data' => /artifacts-entry/,
-                        'Gitlab-Workhorse-Detect-Content-Type' => 'true')
+                        'Gitlab-Workhorse-Send-Data' => /artifacts-entry/)
           expect(response.parsed_body).to be_empty
         end
       end
@@ -648,8 +646,7 @@ RSpec.describe API::Ci::JobArtifacts do
           expect(response).to have_gitlab_http_status(:ok)
           expect(response.headers.to_h)
             .to include('Content-Type' => 'application/json',
-                        'Gitlab-Workhorse-Send-Data' => /artifacts-entry/,
-                        'Gitlab-Workhorse-Detect-Content-Type' => 'true')
+                        'Gitlab-Workhorse-Send-Data' => /artifacts-entry/)
         end
       end