Add latest changes from gitlab-org/gitlab@master

7 files changed, 168 insertions, 44 deletions

diff --git a/spec/features/ide/clientside_preview_csp_spec.rb b/spec/features/ide/clientside_preview_csp_spec.rb
new file mode 100644
index 00000000000..e097513def3
--- /dev/null
+++ b/spec/features/ide/clientside_preview_csp_spec.rb
@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'IDE Clientside Preview CSP' do
+  let_it_be(:user) { create(:user) }
+
+  shared_context 'disable feature' do
+    before do
+      allow_next_instance_of(ApplicationSetting) do |instance|
+        allow(instance).to receive(:web_ide_clientside_preview_enabled?).and_return(false)
+      end
+    end
+  end
+
+  it_behaves_like 'setting CSP', 'frame-src' do
+    let(:whitelisted_url) { 'https://sandbox.gitlab-static.test' }
+    let(:extended_controller_class) { IdeController }
+
+    subject do
+      visit ide_path
+
+      response_headers['Content-Security-Policy']
+    end
+
+    before do
+      allow_next_instance_of(ApplicationSetting) do |instance|
+        allow(instance).to receive(:web_ide_clientside_preview_enabled?).and_return(true)
+        allow(instance).to receive(:web_ide_clientside_preview_bundler_url).and_return(whitelisted_url)
+      end
+
+      sign_in(user)
+    end
+  end
+end
diff --git a/spec/features/ide/static_object_external_storage_csp_spec.rb b/spec/features/ide/static_object_external_storage_csp_spec.rb
index 93c22b35786..739b3fe2471 100644
--- a/spec/features/ide/static_object_external_storage_csp_spec.rb
+++ b/spec/features/ide/static_object_external_storage_csp_spec.rb
@@ -11,7 +11,7 @@ describe 'Static Object External Storage Content Security Policy' do
     end
   end
 
-  it_behaves_like 'setting CSP connect-src' do
+  it_behaves_like 'setting CSP', 'connect-src' do
     let_it_be(:whitelisted_url) { 'https://static-objects.test' }
     let_it_be(:extended_controller_class) { IdeController }
 
diff --git a/spec/features/projects/sourcegraph_csp_spec.rb b/spec/features/projects/sourcegraph_csp_spec.rb
index 385a797368c..f252d3cd027 100644
--- a/spec/features/projects/sourcegraph_csp_spec.rb
+++ b/spec/features/projects/sourcegraph_csp_spec.rb
@@ -12,7 +12,7 @@ describe 'Sourcegraph Content Security Policy' do
     end
   end
 
-  it_behaves_like 'setting CSP connect-src' do
+  it_behaves_like 'setting CSP', 'connect-src' do
     let_it_be(:whitelisted_url) { 'https://sourcegraph.test' }
     let_it_be(:extended_controller_class) { Projects::BlobController }
 
diff --git a/spec/frontend/blob/suggest_gitlab_ci_yml/components/popover_spec.js b/spec/frontend/blob/suggest_gitlab_ci_yml/components/popover_spec.js
index 2c7891e4b1a..43e92bdca5f 100644
--- a/spec/frontend/blob/suggest_gitlab_ci_yml/components/popover_spec.js
+++ b/spec/frontend/blob/suggest_gitlab_ci_yml/components/popover_spec.js
@@ -1,6 +1,7 @@
 import { shallowMount } from '@vue/test-utils';
 import Popover from '~/blob/suggest_gitlab_ci_yml/components/popover.vue';
 import Cookies from 'js-cookie';
+import { mockTracking, unmockTracking } from 'helpers/tracking_helper';
 import * as utils from '~/lib/utils/common_utils';
 
 jest.mock('~/lib/utils/common_utils', () => ({
@@ -11,6 +12,8 @@ jest.mock('~/lib/utils/common_utils', () => ({
 const target = 'gitlab-ci-yml-selector';
 const dismissKey = 'suggest_gitlab_ci_yml_99';
 const defaultTrackLabel = 'suggest_gitlab_ci_yml';
+const commitTrackLabel = 'suggest_commit_first_project_gitlab_ci_yml';
+const humanAccess = 'owner';
 
 describe('Suggest gitlab-ci.yml Popover', () => {
   let wrapper;
@@ -21,6 +24,7 @@ describe('Suggest gitlab-ci.yml Popover', () => {
         target,
         trackLabel,
         dismissKey,
+        humanAccess,
       },
     });
   }
@@ -50,15 +54,43 @@ describe('Suggest gitlab-ci.yml Popover', () => {
       expect(wrapper.vm.popoverDismissed).toEqual(true);
     });
 
-    beforeEach(() => {
+    afterEach(() => {
       Cookies.remove(dismissKey);
     });
   });
 
+  describe('tracking', () => {
+    let trackingSpy;
+
+    beforeEach(() => {
+      createWrapper(commitTrackLabel);
+      trackingSpy = mockTracking('_category_', wrapper.element, jest.spyOn);
+    });
+
+    afterEach(() => {
+      unmockTracking();
+    });
+
+    it('sends a tracking event with the expected properties for the popover being viewed', () => {
+      const expectedCategory = undefined;
+      const expectedAction = undefined;
+      const expectedLabel = 'suggest_commit_first_project_gitlab_ci_yml';
+      const expectedProperty = 'owner';
+
+      document.body.dataset.page = 'projects:blob:new';
+
+      wrapper.vm.trackOnShow();
+
+      expect(trackingSpy).toHaveBeenCalledWith(expectedCategory, expectedAction, {
+        label: expectedLabel,
+        property: expectedProperty,
+      });
+    });
+  });
+
   describe('when the popover is mounted with the trackLabel of the Confirm button popover at the bottom of the page', () => {
     it('calls scrollToElement so that the Confirm button and popover will be in sight', () => {
       const scrollToElementSpy = jest.spyOn(utils, 'scrollToElement');
-      const commitTrackLabel = 'suggest_commit_first_project_gitlab_ci_yml';
 
       createWrapper(commitTrackLabel);
 
diff --git a/spec/frontend/ide/components/preview/clientside_spec.js b/spec/frontend/ide/components/preview/clientside_spec.js
index c7d5ea9c513..0cde6fb6060 100644
--- a/spec/frontend/ide/components/preview/clientside_spec.js
+++ b/spec/frontend/ide/components/preview/clientside_spec.js
@@ -16,6 +16,17 @@ const dummyPackageJson = () => ({
     main: 'index.js',
   }),
 });
+const expectedSandpackOptions = () => ({
+  files: {},
+  entry: '/index.js',
+  showOpenInCodeSandbox: true,
+});
+const expectedSandpackSettings = () => ({
+  fileResolver: {
+    isFile: expect.any(Function),
+    readFile: expect.any(Function),
+  },
+});
 
 describe('IDE clientside preview', () => {
   let wrapper;
@@ -87,6 +98,46 @@ describe('IDE clientside preview', () => {
     it('creates sandpack manager', () => {
       expect(smooshpack.Manager).toHaveBeenCalledWith(
         '#ide-preview',
+        expectedSandpackOptions(),
+        expectedSandpackSettings(),
+      );
+    });
+
+    it('pings usage', () => {
+      expect(storeClientsideActions.pingUsage).toHaveBeenCalledTimes(1);
+    });
+  });
+
+  describe('with codesandboxBundlerUrl', () => {
+    const TEST_BUNDLER_URL = 'https://test.gitlab-static.test';
+
+    beforeEach(() => {
+      createComponent({
+        getters: { packageJson: dummyPackageJson },
+        state: { codesandboxBundlerUrl: TEST_BUNDLER_URL },
+      });
+
+      return waitForCalls();
+    });
+
+    it('creates sandpack manager with bundlerURL', () => {
+      expect(smooshpack.Manager).toHaveBeenCalledWith('#ide-preview', expectedSandpackOptions(), {
+        ...expectedSandpackSettings(),
+        bundlerURL: TEST_BUNDLER_URL,
+      });
+    });
+  });
+
+  describe('with codesandboxBundlerURL', () => {
+    beforeEach(() => {
+      createComponent({ getters: { packageJson: dummyPackageJson } });
+
+      return waitForCalls();
+    });
+
+    it('creates sandpack manager', () => {
+      expect(smooshpack.Manager).toHaveBeenCalledWith(
+        '#ide-preview',
         {
           files: {},
           entry: '/index.js',
@@ -100,10 +151,6 @@ describe('IDE clientside preview', () => {
         },
       );
     });
-
-    it('pings usage', () => {
-      expect(storeClientsideActions.pingUsage).toHaveBeenCalledTimes(1);
-    });
   });
 
   describe('computed', () => {
diff --git a/spec/models/wiki_page_spec.rb b/spec/models/wiki_page_spec.rb
index dd6690b4d1e..42a7d567613 100644
--- a/spec/models/wiki_page_spec.rb
+++ b/spec/models/wiki_page_spec.rb
@@ -480,29 +480,39 @@ describe WikiPage do
 
     let(:untitled_page) { described_class.new(wiki) }
     let(:directory_page) do
-      create_page('parent/child', 'test content')
-      wiki.find_page('parent/child')
+      create_page('parent directory/child page', 'test content')
+      wiki.find_page('parent directory/child page')
     end
 
     where(:page, :title, :changed) do
-      :untitled_page  | nil            | false
-      :untitled_page  | 'new title'    | true
-
-      :new_page       | nil            | true
-      :new_page       | 'test page'    | true
-      :new_page       | 'new title'    | true
-
-      :existing_page  | nil            | false
-      :existing_page  | 'test page'    | false
-      :existing_page  | '/test page'   | false
-      :existing_page  | 'new title'    | true
-
-      :directory_page | nil            | false
-      :directory_page | 'parent/child' | false
-      :directory_page | 'child'        | false
-      :directory_page | '/child'       | true
-      :directory_page | 'parent/other' | true
-      :directory_page | 'other/child'  | true
+      :untitled_page  | nil                             | false
+      :untitled_page  | 'new title'                     | true
+
+      :new_page       | nil                             | true
+      :new_page       | 'test page'                     | true
+      :new_page       | 'new title'                     | true
+
+      :existing_page  | nil                             | false
+      :existing_page  | 'test page'                     | false
+      :existing_page  | 'test-page'                     | false
+      :existing_page  | '/test page'                    | false
+      :existing_page  | '/test-page'                    | false
+      :existing_page  | ' test page '                   | true
+      :existing_page  | 'new title'                     | true
+      :existing_page  | 'new-title'                     | true
+
+      :directory_page | nil                             | false
+      :directory_page | 'parent directory/child page'   | false
+      :directory_page | 'parent-directory/child page'   | false
+      :directory_page | 'parent-directory/child-page'   | false
+      :directory_page | 'child page'                    | false
+      :directory_page | 'child-page'                    | false
+      :directory_page | '/child page'                   | true
+      :directory_page | 'parent directory/other'        | true
+      :directory_page | 'parent-directory/other'        | true
+      :directory_page | 'parent-directory / child-page' | true
+      :directory_page | 'other directory/child page'    | true
+      :directory_page | 'other-directory/child page'    | true
     end
 
     with_them do
diff --git a/spec/support/shared_examples/csp.rb b/spec/support/shared_examples/csp.rb
index 10c4158522f..c4a8c7df898 100644
--- a/spec/support/shared_examples/csp.rb
+++ b/spec/support/shared_examples/csp.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-RSpec.shared_examples 'setting CSP connect-src' do
+RSpec.shared_examples 'setting CSP' do |rule_name|
   let_it_be(:default_csp_values) { "'self' https://some-cdn.test" }
 
   shared_context 'csp config' do |csp_rule|
@@ -10,7 +10,7 @@ RSpec.shared_examples 'setting CSP connect-src' do
       end
 
       expect_next_instance_of(extended_controller_class) do |controller|
-        expect(controller).to receive(:current_content_security_policy).and_return(csp)
+        expect(controller).to receive(:current_content_security_policy).at_least(:once).and_return(csp)
       end
     end
   end
@@ -23,55 +23,55 @@ RSpec.shared_examples 'setting CSP connect-src' do
     end
   end
 
-  describe 'when a CSP config exists for connect-src' do
-    include_context 'csp config', :connect_src
+  describe "when a CSP config exists for #{rule_name}" do
+    include_context 'csp config', rule_name.parameterize.underscore.to_sym
 
     context 'when feature is enabled' do
-      it 'appends to connect-src' do
-        is_expected.to eql("connect-src #{default_csp_values} #{whitelisted_url}")
+      it "appends to #{rule_name}" do
+        is_expected.to eql("#{rule_name} #{default_csp_values} #{whitelisted_url}")
       end
     end
 
     context 'when feature is disabled' do
       include_context 'disable feature'
 
-      it 'keeps original connect-src' do
-        is_expected.to eql("connect-src #{default_csp_values}")
+      it "keeps original #{rule_name}" do
+        is_expected.to eql("#{rule_name} #{default_csp_values}")
       end
     end
   end
 
-  describe 'when a CSP config exists for default-src but not connect-src' do
+  describe "when a CSP config exists for default-src but not #{rule_name}" do
     include_context 'csp config', :default_src
 
     context 'when feature is enabled' do
-      it 'uses default-src values in connect-src' do
-        is_expected.to eql("default-src #{default_csp_values}; connect-src #{default_csp_values} #{whitelisted_url}")
+      it "uses default-src values in #{rule_name}" do
+        is_expected.to eql("default-src #{default_csp_values}; #{rule_name} #{default_csp_values} #{whitelisted_url}")
       end
     end
 
     context 'when feature is disabled' do
       include_context 'disable feature'
 
-      it 'does not add connect-src' do
+      it "does not add #{rule_name}" do
         is_expected.to eql("default-src #{default_csp_values}")
       end
     end
   end
 
-  describe 'when a CSP config exists for font-src but not connect-src' do
+  describe "when a CSP config exists for font-src but not #{rule_name}" do
     include_context 'csp config', :font_src
 
     context 'when feature is enabled' do
-      it 'uses default-src values in connect-src' do
-        is_expected.to eql("font-src #{default_csp_values}; connect-src #{whitelisted_url}")
+      it "uses default-src values in #{rule_name}" do
+        is_expected.to eql("font-src #{default_csp_values}; #{rule_name} #{whitelisted_url}")
       end
     end
 
     context 'when feature is disabled' do
       include_context 'disable feature'
 
-      it 'does not add connect-src' do
+      it "does not add #{rule_name}" do
         is_expected.to eql("font-src #{default_csp_values}")
       end
     end