4 files changed, 103 insertions, 9 deletions

diff --git a/spec/controllers/concerns/spammable_actions/akismet_mark_as_spam_action_spec.rb b/spec/controllers/concerns/spammable_actions/akismet_mark_as_spam_action_spec.rb
index 7c10dccdcb9..caa0fa2d437 100644
--- a/spec/controllers/concerns/spammable_actions/akismet_mark_as_spam_action_spec.rb
+++ b/spec/controllers/concerns/spammable_actions/akismet_mark_as_spam_action_spec.rb
@@ -7,12 +7,6 @@ RSpec.describe SpammableActions::AkismetMarkAsSpamAction do
 
   controller(ActionController::Base) do
     include SpammableActions::AkismetMarkAsSpamAction
-
-    private
-
-    def spammable_path
-      '/fake_spammable_path'
-    end
   end
 
   let(:spammable_type) { 'SpammableType' }
@@ -22,7 +16,6 @@ RSpec.describe SpammableActions::AkismetMarkAsSpamAction do
   before do
     allow(Gitlab::Recaptcha).to receive(:load_configurations!) { true }
     routes.draw { get 'mark_as_spam' => 'anonymous#mark_as_spam' }
-    allow(controller).to receive(:spammable) { spammable }
     allow(controller).to receive(:current_user) { double(:current_user, admin?: admin) }
     allow(controller).to receive(:current_user).and_return(current_user)
   end
@@ -31,6 +24,9 @@ RSpec.describe SpammableActions::AkismetMarkAsSpamAction do
     subject { post :mark_as_spam }
 
     before do
+      allow(controller).to receive(:spammable) { spammable }
+      allow(controller).to receive(:spammable_path) { '/fake_spammable_path' }
+
       expect_next(Spam::AkismetMarkAsSpamService, target: spammable)
         .to receive(:execute).and_return(execute_result)
     end
@@ -68,4 +64,16 @@ RSpec.describe SpammableActions::AkismetMarkAsSpamAction do
       end
     end
   end
+
+  describe '#spammable' do
+    it 'raises when unimplemented' do
+      expect { controller.send(:spammable) }.to raise_error(NotImplementedError)
+    end
+  end
+
+  describe '#spammable_path' do
+    it 'raises when unimplemented' do
+      expect { controller.send(:spammable_path) }.to raise_error(NotImplementedError)
+    end
+  end
 end
diff --git a/spec/controllers/concerns/spammable_actions/captcha_check/html_format_actions_support_spec.rb b/spec/controllers/concerns/spammable_actions/captcha_check/html_format_actions_support_spec.rb
index 53a78326397..c5d17e0232c 100644
--- a/spec/controllers/concerns/spammable_actions/captcha_check/html_format_actions_support_spec.rb
+++ b/spec/controllers/concerns/spammable_actions/captcha_check/html_format_actions_support_spec.rb
@@ -7,7 +7,7 @@ RSpec.describe SpammableActions::CaptchaCheck::HtmlFormatActionsSupport do
     include SpammableActions::CaptchaCheck::HtmlFormatActionsSupport
 
     def create
-      with_captcha_check_html_format { render :some_rendered_view }
+      with_captcha_check_html_format(spammable: spammable) { render :some_rendered_view }
     end
   end
 
diff --git a/spec/controllers/concerns/spammable_actions/captcha_check/json_format_actions_support_spec.rb b/spec/controllers/concerns/spammable_actions/captcha_check/json_format_actions_support_spec.rb
index d7a44351ad8..7796d9d1273 100644
--- a/spec/controllers/concerns/spammable_actions/captcha_check/json_format_actions_support_spec.rb
+++ b/spec/controllers/concerns/spammable_actions/captcha_check/json_format_actions_support_spec.rb
@@ -7,7 +7,7 @@ RSpec.describe SpammableActions::CaptchaCheck::JsonFormatActionsSupport do
     include SpammableActions::CaptchaCheck::JsonFormatActionsSupport
 
     def some_action
-      with_captcha_check_json_format { render :some_rendered_view }
+      with_captcha_check_json_format(spammable: spammable) { render :some_rendered_view }
     end
   end
 
diff --git a/spec/controllers/concerns/spammable_actions/captcha_check/rest_api_actions_support_spec.rb b/spec/controllers/concerns/spammable_actions/captcha_check/rest_api_actions_support_spec.rb
new file mode 100644
index 00000000000..07c564b555e
--- /dev/null
+++ b/spec/controllers/concerns/spammable_actions/captcha_check/rest_api_actions_support_spec.rb
@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe SpammableActions::CaptchaCheck::RestApiActionsSupport do
+  include Rack::Test::Methods
+
+  subject do
+    Class.new(Grape::API) do
+      helpers API::Helpers
+      helpers SpammableActions::CaptchaCheck::RestApiActionsSupport
+
+      get ':id' do
+        # NOTE: This was the only way that seemed to work to inject the mock spammable into the
+        # Grape rack app instance. If there's a better way, improvements are welcome.
+        spammable = Object.fake_spammable_factory
+        with_captcha_check_rest_api(spammable: spammable) do
+          render_api_error!(spammable.errors, 400)
+        end
+      end
+    end
+  end
+
+  def app
+    subject
+  end
+
+  before do
+    allow(Gitlab::Recaptcha).to receive(:load_configurations!) { true }
+  end
+
+  describe '#with_captcha_check_json_format' do
+    let(:spammable) { instance_double(Snippet) }
+
+    before do
+      expect(spammable).to receive(:render_recaptcha?).at_least(:once) { render_recaptcha }
+      allow(Object).to receive(:fake_spammable_factory) { spammable }
+    end
+
+    context 'when spammable.render_recaptcha? is true' do
+      let(:render_recaptcha) { true }
+      let(:spam_log) { instance_double(SpamLog, id: 1) }
+      let(:spammable) { instance_double(Snippet, spam?: true, render_recaptcha?: render_recaptcha, spam_log: spam_log) }
+      let(:recaptcha_site_key) { 'abc123' }
+      let(:err_msg) { 'You gotta solve the CAPTCHA' }
+      let(:spam_action_response_fields) do
+        {
+          spam: true,
+          needs_captcha_response: render_recaptcha,
+          spam_log_id: 1,
+          captcha_site_key: recaptcha_site_key
+        }
+      end
+
+      it 'renders json containing spam_action_response_fields' do
+        allow(spammable).to receive_message_chain('errors.full_messages.to_sentence') { err_msg }
+        allow(Gitlab::CurrentSettings).to receive(:recaptcha_site_key) { recaptcha_site_key }
+        response = get '/test'
+        expected_response = {
+          'needs_captcha_response' => render_recaptcha,
+          'spam_log_id' => 1,
+          'captcha_site_key' => recaptcha_site_key,
+          'message' => { 'error' => err_msg }
+        }
+        expect(Gitlab::Json.parse(response.body)).to eq(expected_response)
+        expect(response.status).to eq(409)
+      end
+    end
+
+    context 'when spammable.render_recaptcha? is false' do
+      let(:render_recaptcha) { false }
+      let(:errors) { { 'base' => "It's definitely spam" } }
+
+      it 'yields to block' do
+        allow(spammable).to receive(:errors) { errors }
+
+        response = get 'test'
+        expected_response = {
+          'message' => errors
+        }
+        expect(Gitlab::Json.parse(response.body)).to eq(expected_response)
+        expect(response.status).to eq(400)
+      end
+    end
+  end
+end