Add latest changes from gitlab-org/gitlab@master

12 files changed, 180 insertions, 9 deletions

diff --git a/spec/controllers/admin/applications_controller_spec.rb b/spec/controllers/admin/applications_controller_spec.rb
index 2f3c7da484b..63b28b2d993 100644
--- a/spec/controllers/admin/applications_controller_spec.rb
+++ b/spec/controllers/admin/applications_controller_spec.rb
@@ -40,7 +40,7 @@ describe Admin::ApplicationsController do
 
   describe 'POST #create' do
     it 'creates the application' do
-      create_params = attributes_for(:application, trusted: true)
+      create_params = attributes_for(:application, trusted: true, confidential: false)
 
       expect do
         post :create, params: { doorkeeper_application: create_params }
@@ -60,16 +60,34 @@ describe Admin::ApplicationsController do
       expect(response).to render_template :new
       expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
     end
+
+    context 'when the params are for a confidential application' do
+      it 'creates a confidential application' do
+        create_params = attributes_for(:application, confidential: true)
+
+        expect do
+          post :create, params: { doorkeeper_application: create_params }
+        end.to change { Doorkeeper::Application.count }.by(1)
+
+        application = Doorkeeper::Application.last
+
+        expect(response).to redirect_to(admin_application_path(application))
+        expect(application).to have_attributes(create_params.except(:uid, :owner_type))
+      end
+    end
   end
 
   describe 'PATCH #update' do
     it 'updates the application' do
-      patch :update, params: { id: application.id, doorkeeper_application: { redirect_uri: 'http://example.com/', trusted: true } }
+      doorkeeper_params = { redirect_uri: 'http://example.com/', trusted: true, confidential: false }
+
+      patch :update, params: { id: application.id, doorkeeper_application: doorkeeper_params }
 
       application.reload
 
       expect(response).to redirect_to(admin_application_path(application))
-      expect(application).to have_attributes(redirect_uri: 'http://example.com/', trusted: true)
+      expect(application)
+        .to have_attributes(redirect_uri: 'http://example.com/', trusted: true, confidential: false)
     end
 
     it 'renders the application form on errors' do
@@ -78,5 +96,16 @@ describe Admin::ApplicationsController do
       expect(response).to render_template :edit
       expect(assigns[:scopes]).to be_kind_of(Doorkeeper::OAuth::Scopes)
     end
+
+    context 'when updating the application to be confidential' do
+      it 'successfully sets the application to confidential' do
+        doorkeeper_params = { confidential: true }
+
+        patch :update, params: { id: application.id, doorkeeper_application: doorkeeper_params }
+
+        expect(response).to redirect_to(admin_application_path(application))
+        expect(application).to be_confidential
+      end
+    end
   end
 end
diff --git a/spec/controllers/groups/registry/repositories_controller_spec.rb b/spec/controllers/groups/registry/repositories_controller_spec.rb
index 4129891914d..9463483b7b0 100644
--- a/spec/controllers/groups/registry/repositories_controller_spec.rb
+++ b/spec/controllers/groups/registry/repositories_controller_spec.rb
@@ -17,6 +17,8 @@ describe Groups::Registry::RepositoriesController do
   context 'GET #index' do
     context 'when container registry is enabled' do
       it 'show index page' do
+        expect(Gitlab::Tracking).not_to receive(:event)
+
         get :index, params: {
             group_id: group
         }
@@ -54,7 +56,8 @@ describe Groups::Registry::RepositoriesController do
         expect(Gitlab::Tracking).to receive(:event).with(anything, 'list_repositories', {})
 
         get :index, params: {
-          group_id: group
+          group_id: group,
+          format: :json
         }
       end
     end
diff --git a/spec/controllers/projects/registry/repositories_controller_spec.rb b/spec/controllers/projects/registry/repositories_controller_spec.rb
index 192e4ce2e73..4e832a478af 100644
--- a/spec/controllers/projects/registry/repositories_controller_spec.rb
+++ b/spec/controllers/projects/registry/repositories_controller_spec.rb
@@ -35,6 +35,8 @@ describe Projects::Registry::RepositoriesController do
           end
 
           it 'successfully renders container repositories' do
+            expect(Gitlab::Tracking).not_to receive(:event)
+
             go_to_index
 
             expect(response).to have_gitlab_http_status(:ok)
@@ -43,7 +45,7 @@ describe Projects::Registry::RepositoriesController do
           it 'tracks the event' do
             expect(Gitlab::Tracking).to receive(:event).with(anything, 'list_repositories', {})
 
-            go_to_index
+            go_to_index(format: :json)
           end
 
           it 'creates a root container repository' do
diff --git a/spec/features/admin/admin_manage_applications_spec.rb b/spec/features/admin/admin_manage_applications_spec.rb
index dd4d4b1a426..3f3d71e842c 100644
--- a/spec/features/admin/admin_manage_applications_spec.rb
+++ b/spec/features/admin/admin_manage_applications_spec.rb
@@ -21,18 +21,21 @@ RSpec.describe 'admin manage applications' do
     expect(page).to have_content('Application ID')
     expect(page).to have_content('Secret')
     expect(page).to have_content('Trusted Y')
+    expect(page).to have_content('Confidential Y')
 
     click_on 'Edit'
     expect(page).to have_content('Edit application')
 
     fill_in :doorkeeper_application_name, with: 'test_changed'
     uncheck :doorkeeper_application_trusted
+    uncheck :doorkeeper_application_confidential
 
     click_on 'Submit'
     expect(page).to have_content('test_changed')
     expect(page).to have_content('Application ID')
     expect(page).to have_content('Secret')
     expect(page).to have_content('Trusted N')
+    expect(page).to have_content('Confidential N')
 
     visit admin_applications_path
     page.within '.oauth-applications' do
diff --git a/spec/features/profiles/user_manages_applications_spec.rb b/spec/features/profiles/user_manages_applications_spec.rb
index 7a961855c92..668c4e8c784 100644
--- a/spec/features/profiles/user_manages_applications_spec.rb
+++ b/spec/features/profiles/user_manages_applications_spec.rb
@@ -20,16 +20,19 @@ describe 'User manages applications' do
     expect(page).to have_content 'Application: test'
     expect(page).to have_content 'Application ID'
     expect(page).to have_content 'Secret'
+    expect(page).to have_content 'Confidential Yes'
 
     click_on 'Edit'
 
     expect(page).to have_content 'Edit application'
     fill_in :doorkeeper_application_name, with: 'test_changed'
+    uncheck :doorkeeper_application_confidential
     click_on 'Save application'
 
     expect(page).to have_content 'test_changed'
     expect(page).to have_content 'Application ID'
     expect(page).to have_content 'Secret'
+    expect(page).to have_content 'Confidential No'
 
     visit applications_profile_path
 
diff --git a/spec/fixtures/api/schemas/public_api/v4/members.json b/spec/fixtures/api/schemas/public_api/v4/members.json
new file mode 100644
index 00000000000..38ad64ad061
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/members.json
@@ -0,0 +1,22 @@
+{
+  "type": "array",
+  "items": {
+    "type": "object",
+    "properties" : {
+      "id": { "type": "integer" },
+      "name": { "type": "string" },
+      "username": { "type": "string" },
+      "state": { "type": "string" },
+      "avatar_url": { "type": ["string", "null"] },
+      "web_url": { "type": ["string", "null"] },
+      "access_level": { "type": "integer" },
+      "expires_at": { "type": ["date", "null"] },
+      "is_using_seat": { "type": "boolean" }
+    },
+    "required": [
+      "id", "name", "username", "state",
+      "web_url", "access_level", "expires_at"
+    ],
+    "additionalProperties": false
+  }
+}
diff --git a/spec/frontend/self_monitor/components/self_monitor_spec.js b/spec/frontend/self_monitor/components/self_monitor_spec.js
index b95c7514047..50b97ae914d 100644
--- a/spec/frontend/self_monitor/components/self_monitor_spec.js
+++ b/spec/frontend/self_monitor/components/self_monitor_spec.js
@@ -11,7 +11,7 @@ describe('self monitor component', () => {
     beforeEach(() => {
       store = createStore({
         projectEnabled: false,
-        selfMonitorProjectCreated: false,
+        selfMonitoringProjectExists: false,
         createSelfMonitoringProjectPath: '/create',
         deleteSelfMonitoringProjectPath: '/delete',
       });
@@ -69,7 +69,7 @@ describe('self monitor component', () => {
       it('renders the form description with a link', () => {
         store = createStore({
           projectEnabled: true,
-          selfMonitorProjectCreated: true,
+          selfMonitoringProjectExists: true,
           createSelfMonitoringProjectPath: '/create',
           deleteSelfMonitoringProjectPath: '/delete',
         });
diff --git a/spec/frontend/self_monitor/store/actions_spec.js b/spec/frontend/self_monitor/store/actions_spec.js
index 344dbf11954..0326ca6f415 100644
--- a/spec/frontend/self_monitor/store/actions_spec.js
+++ b/spec/frontend/self_monitor/store/actions_spec.js
@@ -140,7 +140,12 @@ describe('self monitor actions', () => {
             { type: types.SET_SHOW_ALERT, payload: true },
             { type: types.SET_PROJECT_CREATED, payload: true },
           ],
-          [],
+          [
+            {
+              payload: true,
+              type: 'setSelfMonitor',
+            },
+          ],
           done,
         );
       });
diff --git a/spec/lib/api/helpers_spec.rb b/spec/lib/api/helpers_spec.rb
index 81c4563feb6..9980f4d8e23 100644
--- a/spec/lib/api/helpers_spec.rb
+++ b/spec/lib/api/helpers_spec.rb
@@ -188,4 +188,46 @@ describe API::Helpers do
       subject.track_event('my_event', category: nil)
     end
   end
+
+  describe '#order_options_with_tie_breaker' do
+    subject { Class.new.include(described_class).new.order_options_with_tie_breaker }
+
+    before do
+      allow_any_instance_of(described_class).to receive(:params).and_return(params)
+    end
+
+    context 'with non-id order given' do
+      context 'with ascending order' do
+        let(:params) { { order_by: 'name', sort: 'asc' } }
+
+        it 'adds id based ordering with same direction as primary order' do
+          is_expected.to eq({ 'name' => 'asc', 'id' => 'asc' })
+        end
+      end
+
+      context 'with descending order' do
+        let(:params) { { order_by: 'name', sort: 'desc' } }
+
+        it 'adds id based ordering with same direction as primary order' do
+          is_expected.to eq({ 'name' => 'desc', 'id' => 'desc' })
+        end
+      end
+    end
+
+    context 'with non-id order but no direction given' do
+      let(:params) { { order_by: 'name' } }
+
+      it 'adds ID ASC order' do
+        is_expected.to eq({ 'name' => nil, 'id' => 'asc' })
+      end
+    end
+
+    context 'with id order given' do
+      let(:params) { { order_by: 'id', sort: 'asc' } }
+
+      it 'does not add an additional order' do
+        is_expected.to eq({ 'id' => 'asc' })
+      end
+    end
+  end
 end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 6f393d169a2..438ed6d83fa 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -25,6 +25,7 @@ describe User, :do_not_mock_admin_mode do
   describe 'associations' do
     it { is_expected.to have_one(:namespace) }
     it { is_expected.to have_one(:status) }
+    it { is_expected.to have_one(:max_access_level_membership) }
     it { is_expected.to have_many(:snippets).dependent(:destroy) }
     it { is_expected.to have_many(:members) }
     it { is_expected.to have_many(:project_members) }
@@ -839,9 +840,36 @@ describe User, :do_not_mock_admin_mode do
 
   describe '#highest_role' do
     let(:user) { create(:user) }
-
     let(:group) { create(:group) }
 
+    context 'with association :max_access_level_membership' do
+      let(:another_user) { create(:user) }
+
+      before do
+        create(:project, group: group) do |project|
+          group.add_user(user, GroupMember::GUEST)
+          group.add_user(another_user, GroupMember::DEVELOPER)
+        end
+
+        create(:project, group: create(:group)) do |project|
+          project.add_guest(another_user)
+        end
+
+        create(:project, group: create(:group)) do |project|
+          project.add_maintainer(user)
+        end
+      end
+
+      it 'returns the correct highest role' do
+        users = User.includes(:max_access_level_membership).where(id: [user.id, another_user.id])
+
+        expect(users.collect { |u| [u.id, u.highest_role] }).to contain_exactly(
+          [user.id, Gitlab::Access::MAINTAINER],
+          [another_user.id, Gitlab::Access::DEVELOPER]
+        )
+      end
+    end
+
     it 'returns NO_ACCESS if none has been set' do
       expect(user.highest_role).to eq(Gitlab::Access::NO_ACCESS)
     end
diff --git a/spec/requests/api/applications_spec.rb b/spec/requests/api/applications_spec.rb
index 438d5dbf018..d110751e661 100644
--- a/spec/requests/api/applications_spec.rb
+++ b/spec/requests/api/applications_spec.rb
@@ -21,6 +21,7 @@ describe API::Applications, :api do
         expect(json_response['application_id']).to eq application.uid
         expect(json_response['secret']).to eq application.secret
         expect(json_response['callback_url']).to eq application.redirect_uri
+        expect(json_response['confidential']).to eq application.confidential
       end
 
       it 'does not allow creating an application with the wrong redirect_uri format' do
@@ -72,6 +73,16 @@ describe API::Applications, :api do
         expect(json_response).to be_a Hash
         expect(json_response['error']).to eq('scopes is missing')
       end
+
+      it 'does not allow creating an application with confidential set to nil' do
+        expect do
+          post api('/applications', admin_user), params: { name: 'application_name', redirect_uri: 'http://application.url', scopes: '', confidential: nil }
+        end.not_to change { Doorkeeper::Application.count }
+
+        expect(response).to have_gitlab_http_status(400)
+        expect(json_response).to be_a Hash
+        expect(json_response['message']['confidential'].first).to eq('is not included in the list')
+      end
     end
 
     context 'authorized user without authorization' do
diff --git a/spec/requests/api/repositories_spec.rb b/spec/requests/api/repositories_spec.rb
index ba301147d43..8bca458bece 100644
--- a/spec/requests/api/repositories_spec.rb
+++ b/spec/requests/api/repositories_spec.rb
@@ -362,6 +362,29 @@ describe API::Repositories do
         expect(json_response['diffs']).to be_empty
         expect(json_response['compare_same_ref']).to be_truthy
       end
+
+      it "returns an empty string when the diff overflows" do
+        stub_const('Gitlab::Git::DiffCollection::DEFAULT_LIMITS', { max_files: 2, max_lines: 2 })
+
+        get api(route, current_user), params: { from: 'master', to: 'feature' }
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(json_response['commits']).to be_present
+        expect(json_response['diffs']).to be_present
+        expect(json_response['diffs'].first['diff']).to be_empty
+      end
+
+      it "returns a 404 when from ref is unknown" do
+        get api(route, current_user), params: { from: 'unknown_ref', to: 'master' }
+
+        expect(response).to have_gitlab_http_status(404)
+      end
+
+      it "returns a 404 when to ref is unknown" do
+        get api(route, current_user), params: { from: 'master', to: 'unknown_ref' }
+
+        expect(response).to have_gitlab_http_status(404)
+      end
     end
 
     context 'when unauthenticated', 'and project is public' do