Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-01-30 12:08:54 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-01-30 12:08:54 +0000
commit: 50ae4065530c4eafbeb7c5ff2c462c48c02947ca (patch)
tree: a88b718bd281c58fcd9e60fd49585e5ca1dca26c /spec
parent: be37a0ee5e3e3dbb967266248f0f46f14a9931e2 (diff)
download: gitlab-ce-50ae4065530c4eafbeb7c5ff2c462c48c02947ca.tar.gz
6 files changed, 184 insertions, 5 deletions
diff --git a/spec/features/projects/wiki/user_updates_wiki_page_spec.rb b/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
index 3f3711f9eb8..d3a0c9b790b 100644
--- a/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
@@ -83,15 +83,15 @@ describe 'User updates wiki page' do
       end
 
       it 'updates the commit message as the title is changed', :js do
-        fill_in(:wiki_title, with: 'Wiki title')
+        fill_in(:wiki_title, with: '& < > \ \ { } &')
 
-        expect(page).to have_field('wiki[message]', with: 'Update Wiki title')
+        expect(page).to have_field('wiki[message]', with: 'Update & < > \ \ { } &')
       end
 
-      it 'does not allow XSS', :js do
-        fill_in(:wiki_title, with: '<script>')
+      it 'correctly escapes the commit message entities', :js do
+        fill_in(:wiki_title, with: 'Wiki title')
 
-        expect(page).to have_field('wiki[message]', with: 'Update &lt;script&gt;')
+        expect(page).to have_field('wiki[message]', with: 'Update Wiki title')
       end
 
       it 'shows a validation error message' do
diff --git a/spec/features/projects/wiki/user_views_wiki_page_spec.rb b/spec/features/projects/wiki/user_views_wiki_page_spec.rb
index 77e725e7f11..c7856342fb2 100644
--- a/spec/features/projects/wiki/user_views_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_views_wiki_page_spec.rb
@@ -129,6 +129,18 @@ describe 'User views a wiki page' do
     end
   end
 
+  context 'when a page has XSS in its message' do
+    before do
+      wiki_page.update(message: '<script>alert(true)<script>', content: 'XSS update')
+    end
+
+    it 'safely displays the message' do
+      visit(project_wiki_history_path(project, wiki_page))
+
+      expect(page).to have_content('<script>alert(true)<script>')
+    end
+  end
+
   context 'when page has invalid content encoding' do
     let(:content) { (+'whatever').force_encoding('ISO-8859-1') }
 
diff --git a/spec/frontend/monitoring/components/__snapshots__/dashboard_template_spec.js.snap b/spec/frontend/monitoring/components/__snapshots__/dashboard_template_spec.js.snap
new file mode 100644
index 00000000000..2b9668c1b56
--- /dev/null
+++ b/spec/frontend/monitoring/components/__snapshots__/dashboard_template_spec.js.snap
@@ -0,0 +1,94 @@
+// Jest Snapshot v1, https://goo.gl/fbAQLP
+
+exports[`Dashboard template matches the default snapshot 1`] = `
+<div
+  class="prometheus-graphs"
+  data-qa-selector="prometheus_graphs"
+>
+  <div
+    class="prometheus-graphs-header gl-p-3 pb-0 border-bottom bg-gray-light"
+  >
+    <div
+      class="row"
+    >
+      <gl-form-group-stub
+        class="col-sm-12 col-md-6 col-lg-2"
+        label="Dashboard"
+        label-for="monitor-dashboards-dropdown"
+        label-size="sm"
+      >
+        <dashboards-dropdown-stub
+          class="mb-0 d-flex"
+          defaultbranch="master"
+          id="monitor-dashboards-dropdown"
+          selecteddashboard="[object Object]"
+          toggle-class="dropdown-menu-toggle"
+        />
+      </gl-form-group-stub>
+       
+      <gl-form-group-stub
+        class="col-sm-6 col-md-6 col-lg-2"
+        label="Environment"
+        label-for="monitor-environments-dropdown"
+        label-size="sm"
+      >
+        <gl-dropdown-stub
+          class="mb-0 d-flex"
+          data-qa-selector="environments_dropdown"
+          id="monitor-environments-dropdown"
+          menu-class="monitor-environment-dropdown-menu"
+          text="production"
+          toggle-class="dropdown-menu-toggle"
+        >
+          <div
+            class="d-flex flex-column overflow-hidden"
+          >
+            <gl-dropdown-header-stub
+              class="text-center"
+            >
+              Environment
+            </gl-dropdown-header-stub>
+             
+            <gl-dropdown-divider-stub />
+             
+            <!---->
+             
+            <div
+              class="flex-fill overflow-auto"
+            />
+             
+            <!---->
+          </div>
+        </gl-dropdown-stub>
+      </gl-form-group-stub>
+       
+      <gl-form-group-stub
+        class="col-sm-6 col-md-6 col-lg-4"
+        label="Show last"
+        label-for="monitor-time-window-dropdown"
+        label-size="sm"
+      >
+        <date-time-picker-stub
+          end="2020-01-01T18:57:47.000Z"
+          start="2020-01-01T18:27:47.000Z"
+          timewindows="[object Object]"
+        />
+      </gl-form-group-stub>
+       
+      <!---->
+    </div>
+  </div>
+   
+  <empty-state-stub
+    clusterspath="/path/to/clusters"
+    documentationpath="/path/to/docs"
+    emptygettingstartedsvgpath="/path/to/getting-started.svg"
+    emptyloadingsvgpath="/path/to/loading.svg"
+    emptynodatasmallsvgpath="/path/to/no-data-small.svg"
+    emptynodatasvgpath="/path/to/no-data.svg"
+    emptyunabletoconnectsvgpath="/path/to/unable-to-connect.svg"
+    selectedstate="gettingStarted"
+    settingspath="/path/to/settings"
+  />
+</div>
+`;
diff --git a/spec/frontend/monitoring/components/dashboard_template_spec.js b/spec/frontend/monitoring/components/dashboard_template_spec.js
new file mode 100644
index 00000000000..d525f4821f4
--- /dev/null
+++ b/spec/frontend/monitoring/components/dashboard_template_spec.js
@@ -0,0 +1,45 @@
+import { shallowMount } from '@vue/test-utils';
+import MockAdapter from 'axios-mock-adapter';
+import axios from '~/lib/utils/axios_utils';
+import Dashboard from '~/monitoring/components/dashboard.vue';
+import { createStore } from '~/monitoring/stores';
+import { propsData } from '../init_utils';
+
+jest.mock('~/lib/utils/url_utility', () => ({
+  getParameterValues: jest.fn().mockImplementation(param => {
+    if (param === 'start') return ['2020-01-01T18:27:47.000Z'];
+    if (param === 'end') return ['2020-01-01T18:57:47.000Z'];
+    return [];
+  }),
+}));
+
+describe('Dashboard template', () => {
+  let wrapper;
+  let store;
+  let mock;
+
+  beforeEach(() => {
+    store = createStore();
+    mock = new MockAdapter(axios);
+  });
+
+  afterEach(() => {
+    if (wrapper) {
+      wrapper.destroy();
+      wrapper = null;
+    }
+    mock.restore();
+  });
+
+  it('matches the default snapshot', () => {
+    wrapper = shallowMount(Dashboard, {
+      propsData: { ...propsData },
+      methods: {
+        fetchData: jest.fn(),
+      },
+      store,
+    });
+
+    expect(wrapper.element).toMatchSnapshot();
+  });
+});
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index 6ac7b4af452..e88209081d4 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -1340,6 +1340,7 @@ describe API::Projects do
         expect(json_response['path']).to be_present
         expect(json_response['issues_enabled']).to be_present
         expect(json_response['merge_requests_enabled']).to be_present
+        expect(json_response['can_create_merge_request_in']).to be_present
         expect(json_response['wiki_enabled']).to be_present
         expect(json_response['jobs_enabled']).to be_present
         expect(json_response['snippets_enabled']).to be_present
@@ -1390,6 +1391,7 @@ describe API::Projects do
         expect(json_response['path']).to be_present
         expect(json_response['issues_enabled']).to be_present
         expect(json_response['merge_requests_enabled']).to be_present
+        expect(json_response['can_create_merge_request_in']).to be_present
         expect(json_response['wiki_enabled']).to be_present
         expect(json_response['jobs_enabled']).to be_present
         expect(json_response['snippets_enabled']).to be_present
diff --git a/spec/tasks/gitlab/seed/group_seed_rake_spec.rb b/spec/tasks/gitlab/seed/group_seed_rake_spec.rb
new file mode 100644
index 00000000000..bc217281594
--- /dev/null
+++ b/spec/tasks/gitlab/seed/group_seed_rake_spec.rb
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require 'rake_helper'
+
+describe 'gitlab:seed:group_seed rake task', :sidekiq do
+  let(:username) { 'group_seed' }
+  let!(:user) { create(:user, username: username) }
+  let(:task_params) { [2, username] }
+
+  before do
+    Rake.application.rake_require('tasks/gitlab/seed/group_seed')
+  end
+
+  subject { run_rake_task('gitlab:seed:group_seed', task_params) }
+
+  it 'performs group seed successfully' do
+    expect { subject }.not_to raise_error
+
+    group = user.groups.first
+
+    expect(user.groups.count).to be 3
+    expect(group.projects.count).to be 2
+    expect(group.members.count).to be 3
+    expect(group.milestones.count).to be 2
+  end
+end
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-01-30 12:08:54 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-01-30 12:08:54 +0000
commit	50ae4065530c4eafbeb7c5ff2c462c48c02947ca (patch)
tree	a88b718bd281c58fcd9e60fd49585e5ca1dca26c /spec
parent	be37a0ee5e3e3dbb967266248f0f46f14a9931e2 (diff)
download	gitlab-ce-50ae4065530c4eafbeb7c5ff2c462c48c02947ca.tar.gz