diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-30 11:44:41 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-30 11:45:05 +0000 |
commit | a262d7269b9dc9060f3f5b3de0976d8058c1b580 (patch) | |
tree | 4f1f9ef013ba07def9445f48fa3c7d2dc6277cf4 /spec | |
parent | aa5a29806f359945ec3483906a4e40ec71362a61 (diff) | |
download | gitlab-ce-a262d7269b9dc9060f3f5b3de0976d8058c1b580.tar.gz |
Add latest changes from gitlab-org/security/gitlab@14-0-stable-ee
Diffstat (limited to 'spec')
-rw-r--r-- | spec/models/user_spec.rb | 13 | ||||
-rw-r--r-- | spec/requests/api/projects_spec.rb | 2 | ||||
-rw-r--r-- | spec/requests/api/users_spec.rb | 2 |
3 files changed, 15 insertions, 2 deletions
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index dc78ec2be21..2185df0609e 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -387,6 +387,19 @@ RSpec.describe User do expect(user.errors.full_messages).to eq(['Username has already been taken']) end end + + it 'validates format' do + Mime::EXTENSION_LOOKUP.keys.each do |type| + user = build(:user, username: "test.#{type}") + + expect(user).not_to be_valid + expect(user.errors.full_messages).to include('Username ending with MIME type format is not allowed.') + end + end + + it 'validates format on updated record' do + expect(create(:user).update(username: 'profile.html')).to be_falsey + end end it 'has a DB-level NOT NULL constraint on projects_limit' do diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb index e7e26c34a83..529a75af122 100644 --- a/spec/requests/api/projects_spec.rb +++ b/spec/requests/api/projects_spec.rb @@ -56,7 +56,7 @@ RSpec.describe API::Projects do let_it_be(:project, reload: true) { create(:project, :repository, create_branch: 'something_else', namespace: user.namespace) } let_it_be(:project2, reload: true) { create(:project, namespace: user.namespace) } let_it_be(:project_member) { create(:project_member, :developer, user: user3, project: project) } - let_it_be(:user4) { create(:user, username: 'user.with.dot') } + let_it_be(:user4) { create(:user, username: 'user.withdot') } let_it_be(:project3, reload: true) do create(:project, :private, diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index a9231b65c8f..d724cb9612c 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -4,7 +4,7 @@ require 'spec_helper' RSpec.describe API::Users do let_it_be(:admin) { create(:admin) } - let_it_be(:user, reload: true) { create(:user, username: 'user.with.dot') } + let_it_be(:user, reload: true) { create(:user, username: 'user.withdot') } let_it_be(:key) { create(:key, user: user) } let_it_be(:gpg_key) { create(:gpg_key, user: user) } let_it_be(:email) { create(:email, user: user) } |