diff options
Diffstat (limited to 'spec/controllers/groups')
9 files changed, 322 insertions, 126 deletions
diff --git a/spec/controllers/groups/children_controller_spec.rb b/spec/controllers/groups/children_controller_spec.rb index d0656ee47ce..2e37ed95c1c 100644 --- a/spec/controllers/groups/children_controller_spec.rb +++ b/spec/controllers/groups/children_controller_spec.rb @@ -275,6 +275,18 @@ RSpec.describe Groups::ChildrenController, feature_category: :subgroups do allow(Kaminari.config).to receive(:default_per_page).and_return(per_page) end + it 'rejects negative per_page parameter' do + get :index, params: { group_id: group.to_param, per_page: -1 }, format: :json + + expect(response).to have_gitlab_http_status(:bad_request) + end + + it 'rejects non-numeric per_page parameter' do + get :index, params: { group_id: group.to_param, per_page: 'abc' }, format: :json + + expect(response).to have_gitlab_http_status(:bad_request) + end + context 'with only projects' do let!(:other_project) { create(:project, :public, namespace: group) } let!(:first_page_projects) { create_list(:project, per_page, :public, namespace: group) } diff --git a/spec/controllers/groups/clusters_controller_spec.rb b/spec/controllers/groups/clusters_controller_spec.rb index 01ea7101f2e..f36494c3d78 100644 --- a/spec/controllers/groups/clusters_controller_spec.rb +++ b/spec/controllers/groups/clusters_controller_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Groups::ClustersController, feature_category: :kubernetes_management do +RSpec.describe Groups::ClustersController, feature_category: :deployment_management do include AccessMatchersForController include GoogleApi::CloudPlatformHelpers @@ -322,12 +322,6 @@ RSpec.describe Groups::ClustersController, feature_category: :kubernetes_managem expect(response).to have_gitlab_http_status(:ok) expect(response).to match_response_schema('cluster_status') end - - it 'invokes schedule_status_update on each application' do - expect_any_instance_of(Clusters::Applications::Ingress).to receive(:schedule_status_update) - - go - end end describe 'security' do @@ -360,20 +354,37 @@ RSpec.describe Groups::ClustersController, feature_category: :kubernetes_managem end describe 'functionality' do - render_views + context 'when remove_monitor_metrics FF is disabled' do + before do + stub_feature_flags(remove_monitor_metrics: false) + end - it 'renders view' do - go + render_views - expect(response).to have_gitlab_http_status(:ok) - expect(assigns(:cluster)).to eq(cluster) + it 'renders view' do + go + + expect(response).to have_gitlab_http_status(:ok) + expect(assigns(:cluster)).to eq(cluster) + end + + it 'renders integration tab view', :aggregate_failures do + go(tab: 'integrations') + + expect(response).to render_template('clusters/clusters/_integrations') + expect(response).to have_gitlab_http_status(:ok) + end end - it 'renders integration tab view', :aggregate_failures do - go(tab: 'integrations') + context 'when remove_monitor_metrics FF is enabled' do + render_views - expect(response).to render_template('clusters/clusters/_integrations') - expect(response).to have_gitlab_http_status(:ok) + it 'renders details tab view', :aggregate_failures do + go(tab: 'integrations') + + expect(response).to render_template('clusters/clusters/_details') + expect(response).to have_gitlab_http_status(:ok) + end end end diff --git a/spec/controllers/groups/dependency_proxy_for_containers_controller_spec.rb b/spec/controllers/groups/dependency_proxy_for_containers_controller_spec.rb index f1ca9e11a1a..a59c90a3cf2 100644 --- a/spec/controllers/groups/dependency_proxy_for_containers_controller_spec.rb +++ b/spec/controllers/groups/dependency_proxy_for_containers_controller_spec.rb @@ -249,7 +249,7 @@ RSpec.describe Groups::DependencyProxyForContainersController do expect(send_data_type).to eq('send-dependency') expect(header).to eq( "Authorization" => ["Bearer abcd1234"], - "Accept" => ::ContainerRegistry::Client::ACCEPTED_TYPES + "Accept" => ::DependencyProxy::Manifest::ACCEPTED_TYPES ) expect(url).to eq(DependencyProxy::Registry.manifest_url(image, tag)) expect(response.headers['Content-Type']).to eq('application/gzip') diff --git a/spec/controllers/groups/group_members_controller_spec.rb b/spec/controllers/groups/group_members_controller_spec.rb index 4e5dc01f466..fe4b80e12fe 100644 --- a/spec/controllers/groups/group_members_controller_spec.rb +++ b/spec/controllers/groups/group_members_controller_spec.rb @@ -55,6 +55,20 @@ RSpec.describe Groups::GroupMembersController do expect(assigns(:invited_members).count).to eq(1) end + + context 'when filtering by user type' do + let_it_be(:service_account) { create(:user, :service_account) } + + before do + group.add_developer(service_account) + end + + it 'returns only service accounts' do + get :index, params: { group_id: group, user_type: 'service_account' } + + expect(assigns(:members).map(&:user_id)).to match_array([service_account.id]) + end + end end context 'when user cannot manage members' do @@ -67,6 +81,21 @@ RSpec.describe Groups::GroupMembersController do expect(assigns(:invited_members)).to be_nil end + + context 'when filtering by user type' do + let_it_be(:service_account) { create(:user, :service_account) } + + before do + group.add_developer(user) + group.add_developer(service_account) + end + + it 'returns only service accounts' do + get :index, params: { group_id: group, user_type: 'service_account' } + + expect(assigns(:members).map(&:user_id)).to match_array([user.id, service_account.id]) + end + end end context 'when user has owner access to subgroup' do @@ -489,13 +518,11 @@ RSpec.describe Groups::GroupMembersController do describe 'PUT #update' do it 'is successful' do - put :update, - params: { - group_member: { access_level: Gitlab::Access::GUEST }, - group_id: group, - id: membership - }, - format: :json + put :update, params: { + group_member: { access_level: Gitlab::Access::GUEST }, + group_id: group, + id: membership + }, format: :json expect(response).to have_gitlab_http_status(:ok) end @@ -505,7 +532,7 @@ RSpec.describe Groups::GroupMembersController do it 'is successful' do delete :destroy, params: { group_id: group, id: membership } - expect(response).to have_gitlab_http_status(:found) + expect(response).to have_gitlab_http_status(:see_other) end end diff --git a/spec/controllers/groups/milestones_controller_spec.rb b/spec/controllers/groups/milestones_controller_spec.rb index a3c4c47ab15..87030448b30 100644 --- a/spec/controllers/groups/milestones_controller_spec.rb +++ b/spec/controllers/groups/milestones_controller_spec.rb @@ -230,11 +230,10 @@ RSpec.describe Groups::MilestonesController do describe "#create" do it "creates group milestone with Chinese title" do - post :create, - params: { - group_id: group.to_param, - milestone: milestone_params - } + post :create, params: { + group_id: group.to_param, + milestone: milestone_params + } milestone = Milestone.find_by_title(title) @@ -251,17 +250,31 @@ RSpec.describe Groups::MilestonesController do it "updates group milestone" do milestone_params[:title] = "title changed" - put :update, - params: { - id: milestone.iid, - group_id: group.to_param, - milestone: milestone_params - } + put :update, params: { + id: milestone.iid, + group_id: group.to_param, + milestone: milestone_params + } milestone.reload expect(response).to redirect_to(group_milestone_path(group, milestone.iid)) expect(milestone.title).to eq("title changed") end + + it "handles ActiveRecord::StaleObjectError" do + milestone_params[:title] = "title changed" + # Purposely reduce the lock_version to trigger an ActiveRecord::StaleObjectError + milestone_params[:lock_version] = milestone.lock_version - 1 + + put :update, params: { + id: milestone.iid, + group_id: group.to_param, + milestone: milestone_params + } + + expect(response).not_to redirect_to(group_milestone_path(group, milestone.iid)) + expect(response).to render_template(:edit) + end end describe "#destroy" do @@ -390,21 +403,19 @@ RSpec.describe Groups::MilestonesController do context 'for a non-GET request' do context 'when requesting the canonical path with different casing' do it 'does not 404' do - post :create, - params: { - group_id: group.to_param, - milestone: { title: title } - } + post :create, params: { + group_id: group.to_param, + milestone: { title: title } + } expect(response).not_to have_gitlab_http_status(:not_found) end it 'does not redirect to the correct casing' do - post :create, - params: { - group_id: group.to_param, - milestone: { title: title } - } + post :create, params: { + group_id: group.to_param, + milestone: { title: title } + } expect(response).not_to have_gitlab_http_status(:moved_permanently) end @@ -414,11 +425,10 @@ RSpec.describe Groups::MilestonesController do let(:redirect_route) { group.redirect_routes.create!(path: 'old-path') } it 'returns not found' do - post :create, - params: { - group_id: redirect_route.path, - milestone: { title: title } - } + post :create, params: { + group_id: redirect_route.path, + milestone: { title: title } + } expect(response).to have_gitlab_http_status(:not_found) end diff --git a/spec/controllers/groups/runners_controller_spec.rb b/spec/controllers/groups/runners_controller_spec.rb index 1a60f7d824e..9ae5cb6f87c 100644 --- a/spec/controllers/groups/runners_controller_spec.rb +++ b/spec/controllers/groups/runners_controller_spec.rb @@ -6,8 +6,8 @@ RSpec.describe Groups::RunnersController, feature_category: :runner_fleet do let_it_be(:user) { create(:user) } let_it_be(:group) { create(:group) } let_it_be(:project) { create(:project, group: group) } + let_it_be(:runner) { create(:ci_runner, :group, groups: [group]) } - let!(:runner) { create(:ci_runner, :group, groups: [group]) } let!(:project_runner) { create(:ci_runner, :project, projects: [project]) } let!(:instance_runner) { create(:ci_runner, :instance) } @@ -37,6 +37,12 @@ RSpec.describe Groups::RunnersController, feature_category: :runner_fleet do expect_snowplow_event(category: described_class.name, action: 'index', user: user, namespace: group) end + + it 'assigns variables' do + get :index, params: { group_id: group } + + expect(assigns(:group_new_runner_path)).to eq(new_group_runner_path(group)) + end end context 'when user is not owner' do @@ -58,6 +64,130 @@ RSpec.describe Groups::RunnersController, feature_category: :runner_fleet do end end + describe '#new' do + context 'when create_runner_workflow_for_namespace is enabled' do + before do + stub_feature_flags(create_runner_workflow_for_namespace: [group]) + end + + context 'when user is owner' do + before do + group.add_owner(user) + end + + it 'renders new with 200 status code' do + get :new, params: { group_id: group } + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template(:new) + end + end + + context 'when user is not owner' do + before do + group.add_maintainer(user) + end + + it 'renders a 404' do + get :new, params: { group_id: group } + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + + context 'when create_runner_workflow_for_namespace is disabled' do + before do + stub_feature_flags(create_runner_workflow_for_namespace: false) + end + + context 'when user is owner' do + before do + group.add_owner(user) + end + + it 'renders a 404' do + get :new, params: { group_id: group } + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + end + + describe '#register' do + subject(:register) { get :register, params: { group_id: group, id: new_runner } } + + context 'when create_runner_workflow_for_namespace is enabled' do + before do + stub_feature_flags(create_runner_workflow_for_namespace: [group]) + end + + context 'when user is owner' do + before do + group.add_owner(user) + end + + context 'when runner can be registered after creation' do + let_it_be(:new_runner) { create(:ci_runner, :group, groups: [group], registration_type: :authenticated_user) } + + it 'renders a :register template' do + register + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template(:register) + end + end + + context 'when runner cannot be registered after creation' do + let_it_be(:new_runner) { runner } + + it 'returns :not_found' do + register + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + + context 'when user is not owner' do + before do + group.add_maintainer(user) + end + + context 'when runner can be registered after creation' do + let_it_be(:new_runner) { create(:ci_runner, :group, groups: [group], registration_type: :authenticated_user) } + + it 'returns :not_found' do + register + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + end + + context 'when create_runner_workflow_for_namespace is disabled' do + let_it_be(:new_runner) { create(:ci_runner, :group, groups: [group], registration_type: :authenticated_user) } + + before do + stub_feature_flags(create_runner_workflow_for_namespace: false) + end + + context 'when user is owner' do + before do + group.add_owner(user) + end + + it 'returns :not_found' do + register + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + end + describe '#show' do context 'when user is owner' do before do @@ -158,6 +288,8 @@ RSpec.describe Groups::RunnersController, feature_category: :runner_fleet do end describe '#update' do + let!(:runner) { create(:ci_runner, :group, groups: [group]) } + context 'when user is an owner' do before do group.add_owner(user) diff --git a/spec/controllers/groups/settings/applications_controller_spec.rb b/spec/controllers/groups/settings/applications_controller_spec.rb index b9457770ed6..c398fd044c2 100644 --- a/spec/controllers/groups/settings/applications_controller_spec.rb +++ b/spec/controllers/groups/settings/applications_controller_spec.rb @@ -71,43 +71,18 @@ RSpec.describe Groups::Settings::ApplicationsController do group.add_owner(user) end - context 'with hash_oauth_secrets flag on' do - before do - stub_feature_flags(hash_oauth_secrets: true) - end - - it 'creates the application' do - create_params = attributes_for(:application, trusted: false, confidential: false, scopes: ['api']) - - expect do - post :create, params: { group_id: group, doorkeeper_application: create_params } - end.to change { Doorkeeper::Application.count }.by(1) - - application = Doorkeeper::Application.last - - expect(response).to have_gitlab_http_status(:ok) - expect(response).to render_template :show - expect(application).to have_attributes(create_params.except(:uid, :owner_type)) - end - end + it 'creates the application' do + create_params = attributes_for(:application, trusted: false, confidential: false, scopes: ['api']) - context 'with hash_oauth_secrets flag off' do - before do - stub_feature_flags(hash_oauth_secrets: false) - end - - it 'creates the application' do - create_params = attributes_for(:application, trusted: false, confidential: false, scopes: ['api']) - - expect do - post :create, params: { group_id: group, doorkeeper_application: create_params } - end.to change { Doorkeeper::Application.count }.by(1) + expect do + post :create, params: { group_id: group, doorkeeper_application: create_params } + end.to change { Doorkeeper::Application.count }.by(1) - application = Doorkeeper::Application.last + application = Doorkeeper::Application.last - expect(response).to redirect_to(group_settings_application_path(group, application)) - expect(application).to have_attributes(create_params.except(:uid, :owner_type)) - end + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template :show + expect(application).to have_attributes(create_params.except(:uid, :owner_type)) end it 'renders the application form on errors' do @@ -120,43 +95,18 @@ RSpec.describe Groups::Settings::ApplicationsController do end context 'when the params are for a confidential application' do - context 'with hash_oauth_secrets flag off' do - before do - stub_feature_flags(hash_oauth_secrets: false) - end - - it 'creates a confidential application' do - create_params = attributes_for(:application, confidential: true, scopes: ['read_user']) - - expect do - post :create, params: { group_id: group, doorkeeper_application: create_params } - end.to change { Doorkeeper::Application.count }.by(1) + it 'creates a confidential application' do + create_params = attributes_for(:application, confidential: true, scopes: ['read_user']) - application = Doorkeeper::Application.last - - expect(response).to redirect_to(group_settings_application_path(group, application)) - expect(application).to have_attributes(create_params.except(:uid, :owner_type)) - end - end - - context 'with hash_oauth_secrets flag on' do - before do - stub_feature_flags(hash_oauth_secrets: true) - end - - it 'creates a confidential application' do - create_params = attributes_for(:application, confidential: true, scopes: ['read_user']) - - expect do - post :create, params: { group_id: group, doorkeeper_application: create_params } - end.to change { Doorkeeper::Application.count }.by(1) + expect do + post :create, params: { group_id: group, doorkeeper_application: create_params } + end.to change { Doorkeeper::Application.count }.by(1) - application = Doorkeeper::Application.last + application = Doorkeeper::Application.last - expect(response).to have_gitlab_http_status(:ok) - expect(response).to render_template :show - expect(application).to have_attributes(create_params.except(:uid, :owner_type)) - end + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template :show + expect(application).to have_attributes(create_params.except(:uid, :owner_type)) end end @@ -188,6 +138,61 @@ RSpec.describe Groups::Settings::ApplicationsController do end end + describe 'PUT #renew' do + context 'when user is owner' do + before do + group.add_owner(user) + end + + let(:oauth_params) do + { + group_id: group, + id: application.id + } + end + + subject { put :renew, params: oauth_params } + + it { is_expected.to have_gitlab_http_status(:ok) } + it { expect { subject }.to change { application.reload.secret } } + + it 'returns the secret in json format' do + subject + + expect(json_response['secret']).not_to be_nil + end + + context 'when renew fails' do + before do + allow_next_found_instance_of(Doorkeeper::Application) do |application| + allow(application).to receive(:save).and_return(false) + end + end + + it { expect { subject }.not_to change { application.reload.secret } } + it { is_expected.to have_gitlab_http_status(:unprocessable_entity) } + end + end + + context 'when user is not owner' do + before do + group.add_maintainer(user) + end + + let(:oauth_params) do + { + group_id: group, + id: application.id + } + end + + it 'renders a 404' do + put :renew, params: oauth_params + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + describe 'PATCH #update' do context 'when user is owner' do before do diff --git a/spec/controllers/groups/settings/integrations_controller_spec.rb b/spec/controllers/groups/settings/integrations_controller_spec.rb index 377c38ce087..3ae43c8ab7c 100644 --- a/spec/controllers/groups/settings/integrations_controller_spec.rb +++ b/spec/controllers/groups/settings/integrations_controller_spec.rb @@ -7,6 +7,7 @@ RSpec.describe Groups::Settings::IntegrationsController do let_it_be(:group) { create(:group) } before do + stub_feature_flags(remove_monitor_metrics: false) sign_in(user) end diff --git a/spec/controllers/groups/variables_controller_spec.rb b/spec/controllers/groups/variables_controller_spec.rb index 6dbe75bb1df..8c6efae89c3 100644 --- a/spec/controllers/groups/variables_controller_spec.rb +++ b/spec/controllers/groups/variables_controller_spec.rb @@ -77,12 +77,10 @@ RSpec.describe Groups::VariablesController do describe 'PATCH #update' do it 'is successful' do - patch :update, - params: { - group_id: group, - variables_attributes: [{ id: variable.id, key: 'hello' }] - }, - format: :json + patch :update, params: { + group_id: group, + variables_attributes: [{ id: variable.id, key: 'hello' }] + }, format: :json expect(response).to have_gitlab_http_status(:ok) end |