diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-06-29 14:16:15 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-06-29 14:16:15 +0000 |
| commit | 5370ec1c3d27d646be672039e78161d22b1e2a80 (patch) | |
| tree | 1c0ed695576be5560bb4399082f0642bc214f3f1 /spec | |
| parent | a5baa12bfff6c41f6c9cf156edcf8e621f71848e (diff) | |
| download | gitlab-ce-5370ec1c3d27d646be672039e78161d22b1e2a80.tar.gz | |
Add latest changes from gitlab-org/security/gitlab@15-1-stable-ee
Diffstat (limited to 'spec')
5 files changed, 28 insertions, 98 deletions
diff --git a/spec/frontend/projects/settings/access_dropdown_spec.js b/spec/frontend/projects/settings/access_dropdown_spec.js index d51360a7597..65b01172e7e 100644 --- a/spec/frontend/projects/settings/access_dropdown_spec.js +++ b/spec/frontend/projects/settings/access_dropdown_spec.js @@ -159,21 +159,4 @@ describe('AccessDropdown', () => { expect(template).not.toContain(user.name); }); }); - - describe('deployKeyRowHtml', () => { - const deployKey = { - id: 1, - title: 'title <script>alert(document.domain)</script>', - fullname: 'fullname <script>alert(document.domain)</script>', - avatar_url: '', - username: '', - }; - - it('escapes deploy key title and fullname', () => { - const template = dropdown.deployKeyRowHtml(deployKey); - - expect(template).not.toContain(deployKey.title); - expect(template).not.toContain(deployKey.fullname); - }); - }); }); diff --git a/spec/lib/bulk_imports/projects/pipelines/project_pipeline_spec.rb b/spec/lib/bulk_imports/projects/pipelines/project_pipeline_spec.rb index 567a0a4fcc3..c53c0849931 100644 --- a/spec/lib/bulk_imports/projects/pipelines/project_pipeline_spec.rb +++ b/spec/lib/bulk_imports/projects/pipelines/project_pipeline_spec.rb @@ -25,7 +25,18 @@ RSpec.describe BulkImports::Projects::Pipelines::ProjectPipeline do let(:project_data) do { 'visibility' => 'private', - 'created_at' => '2016-08-12T09:41:03' + 'created_at' => 10.days.ago, + 'archived' => false, + 'shared_runners_enabled' => true, + 'container_registry_enabled' => true, + 'only_allow_merge_if_pipeline_succeeds' => true, + 'only_allow_merge_if_all_discussions_are_resolved' => true, + 'request_access_enabled' => true, + 'printing_merge_request_link_enabled' => true, + 'remove_source_branch_after_merge' => true, + 'autoclose_referenced_issues' => true, + 'suggestion_commit_message' => 'message', + 'wiki_enabled' => true } end @@ -47,8 +58,17 @@ RSpec.describe BulkImports::Projects::Pipelines::ProjectPipeline do expect(imported_project).not_to be_nil expect(imported_project.group).to eq(group) - expect(imported_project.visibility).to eq(project_data['visibility']) - expect(imported_project.created_at).to eq(project_data['created_at']) + expect(imported_project.suggestion_commit_message).to eq('message') + expect(imported_project.archived?).to eq(project_data['archived']) + expect(imported_project.shared_runners_enabled?).to eq(project_data['shared_runners_enabled']) + expect(imported_project.container_registry_enabled?).to eq(project_data['container_registry_enabled']) + expect(imported_project.only_allow_merge_if_pipeline_succeeds?).to eq(project_data['only_allow_merge_if_pipeline_succeeds']) + expect(imported_project.only_allow_merge_if_all_discussions_are_resolved?).to eq(project_data['only_allow_merge_if_all_discussions_are_resolved']) + expect(imported_project.request_access_enabled?).to eq(project_data['request_access_enabled']) + expect(imported_project.printing_merge_request_link_enabled?).to eq(project_data['printing_merge_request_link_enabled']) + expect(imported_project.remove_source_branch_after_merge?).to eq(project_data['remove_source_branch_after_merge']) + expect(imported_project.autoclose_referenced_issues?).to eq(project_data['autoclose_referenced_issues']) + expect(imported_project.wiki_enabled?).to eq(project_data['wiki_enabled']) end end diff --git a/spec/lib/bulk_imports/projects/transformers/project_attributes_transformer_spec.rb b/spec/lib/bulk_imports/projects/transformers/project_attributes_transformer_spec.rb index a1d77b9732d..822bb9a5605 100644 --- a/spec/lib/bulk_imports/projects/transformers/project_attributes_transformer_spec.rb +++ b/spec/lib/bulk_imports/projects/transformers/project_attributes_transformer_spec.rb @@ -25,8 +25,8 @@ RSpec.describe BulkImports::Projects::Transformers::ProjectAttributesTransformer let(:data) do { - 'visibility' => 'private', - 'created_at' => '2016-11-18T09:29:42.634Z' + 'name' => 'source_name', + 'visibility' => 'private' } end @@ -76,21 +76,8 @@ RSpec.describe BulkImports::Projects::Transformers::ProjectAttributesTransformer end end - context 'when data has extra keys' do - it 'returns a fixed number of keys' do - data = { - 'visibility' => 'private', - 'created_at' => '2016-11-18T09:29:42.634Z', - 'my_key' => 'my_key', - 'another_key' => 'another_key', - 'last_key' => 'last_key' - } - - transformed_data = described_class.new.transform(context, data) - - expect(transformed_data.keys) - .to contain_exactly(:created_at, :import_type, :name, :namespace_id, :path, :visibility_level) - end + it 'converts all keys to symbols' do + expect(transformed_data.keys).to contain_exactly(:name, :path, :import_type, :visibility_level, :namespace_id) end end end diff --git a/spec/lib/gitlab/import_export/decompressed_archive_size_validator_spec.rb b/spec/lib/gitlab/import_export/decompressed_archive_size_validator_spec.rb index dea584e5019..fe3b638d20f 100644 --- a/spec/lib/gitlab/import_export/decompressed_archive_size_validator_spec.rb +++ b/spec/lib/gitlab/import_export/decompressed_archive_size_validator_spec.rb @@ -86,65 +86,6 @@ RSpec.describe Gitlab::ImportExport::DecompressedArchiveSizeValidator do include_examples 'logs raised exception and terminates validator process group' end end - - context 'archive path validation' do - let(:filesize) { nil } - - before do - expect(Gitlab::Import::Logger) - .to receive(:info) - .with( - import_upload_archive_path: filepath, - import_upload_archive_size: filesize, - message: error_message - ) - end - - context 'when archive path is traversed' do - let(:filepath) { '/foo/../bar' } - let(:error_message) { 'Invalid path' } - - it 'returns false' do - expect(subject.valid?).to eq(false) - end - end - - context 'when archive path is not a string' do - let(:filepath) { 123 } - let(:error_message) { 'Archive path is not a string' } - - it 'returns false' do - expect(subject.valid?).to eq(false) - end - end - - context 'which archive path is a symlink' do - let(:filepath) { File.join(Dir.tmpdir, 'symlink') } - let(:error_message) { 'Archive path is a symlink' } - - before do - FileUtils.ln_s(filepath, filepath, force: true) - end - - it 'returns false' do - expect(subject.valid?).to eq(false) - end - end - - context 'when archive path is not a file' do - let(:filepath) { Dir.mktmpdir } - let(:filesize) { File.size(filepath) } - let(:error_message) { 'Archive path is not a file' } - - after do - FileUtils.rm_rf(filepath) - end - - it 'returns false' do - expect(subject.valid?).to eq(false) - end - end - end end def create_compressed_file diff --git a/spec/services/bulk_imports/file_decompression_service_spec.rb b/spec/services/bulk_imports/file_decompression_service_spec.rb index 77348428d60..1d6aa79a37f 100644 --- a/spec/services/bulk_imports/file_decompression_service_spec.rb +++ b/spec/services/bulk_imports/file_decompression_service_spec.rb @@ -80,8 +80,7 @@ RSpec.describe BulkImports::FileDecompressionService do subject { described_class.new(tmpdir: tmpdir, filename: 'symlink.gz') } it 'raises an error and removes the file' do - expect { subject.execute } - .to raise_error(BulkImports::FileDecompressionService::ServiceError, 'File decompression error') + expect { subject.execute }.to raise_error(described_class::ServiceError, 'Invalid file') expect(File.exist?(symlink)).to eq(false) end |