summaryrefslogtreecommitdiff
path: root/spec/controllers/projects/issues_controller_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/controllers/projects/issues_controller_spec.rb')
-rw-r--r--spec/controllers/projects/issues_controller_spec.rb71
1 files changed, 66 insertions, 5 deletions
diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb
index 734966d50b2..04afd07c59e 100644
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -83,6 +83,17 @@ describe Projects::IssuesController do
expect(assigns(:issues).current_page).to eq(last_page)
expect(response).to have_http_status(200)
end
+
+ it 'does not redirect to external sites when provided a host field' do
+ external_host = "www.example.com"
+ get :index,
+ namespace_id: project.namespace.to_param,
+ project_id: project,
+ page: (last_page + 1).to_param,
+ host: external_host
+
+ expect(response).to redirect_to(namespace_project_issues_path(page: last_page, state: controller.params[:state], scope: controller.params[:scope]))
+ end
end
end
@@ -145,6 +156,32 @@ describe Projects::IssuesController do
end
end
+ describe 'Redirect after sign in' do
+ context 'with an AJAX request' do
+ it 'does not store the visited URL' do
+ xhr :get,
+ :show,
+ format: :json,
+ namespace_id: project.namespace,
+ project_id: project,
+ id: issue.iid
+
+ expect(session['user_return_to']).to be_blank
+ end
+ end
+
+ context 'without an AJAX request' do
+ it 'stores the visited URL' do
+ get :show,
+ namespace_id: project.namespace.to_param,
+ project_id: project,
+ id: issue.iid
+
+ expect(session['user_return_to']).to eq("/#{project.namespace.to_param}/#{project.to_param}/issues/#{issue.iid}")
+ end
+ end
+ end
+
describe 'PUT #update' do
before do
sign_in(user)
@@ -162,12 +199,12 @@ describe Projects::IssuesController do
namespace_id: project.namespace.to_param,
project_id: project,
id: issue.iid,
- issue: { assignee_id: assignee.id },
+ issue: { assignee_ids: [assignee.id] },
format: :json
body = JSON.parse(response.body)
- expect(body['assignee'].keys)
- .to match_array(%w(name username avatar_url))
+ expect(body['assignees'].first.keys)
+ .to match_array(%w(id name username avatar_url))
end
end
@@ -337,7 +374,7 @@ describe Projects::IssuesController do
let(:admin) { create(:admin) }
let!(:issue) { create(:issue, project: project) }
let!(:unescaped_parameter_value) { create(:issue, :confidential, project: project, author: author) }
- let!(:request_forgery_timing_attack) { create(:issue, :confidential, project: project, assignee: assignee) }
+ let!(:request_forgery_timing_attack) { create(:issue, :confidential, project: project, assignees: [assignee]) }
describe 'GET #index' do
it 'does not list confidential issues for guests' do
@@ -508,7 +545,7 @@ describe Projects::IssuesController do
end
context 'resolving discussions in MergeRequest' do
- let(:discussion) { Discussion.for_diff_notes([create(:diff_note_on_merge_request)]).first }
+ let(:discussion) { create(:diff_note_on_merge_request).to_discussion }
let(:merge_request) { discussion.noteable }
let(:project) { merge_request.source_project }
@@ -745,4 +782,28 @@ describe Projects::IssuesController do
expect(response).to have_http_status(200)
end
end
+
+ describe 'POST create_merge_request' do
+ before do
+ project.add_developer(user)
+ sign_in(user)
+ end
+
+ it 'creates a new merge request' do
+ expect { create_merge_request }.to change(project.merge_requests, :count).by(1)
+ end
+
+ it 'render merge request as json' do
+ create_merge_request
+
+ expect(response).to match_response_schema('merge_request')
+ end
+
+ def create_merge_request
+ post :create_merge_request, namespace_id: project.namespace.to_param,
+ project_id: project.to_param,
+ id: issue.to_param,
+ format: :json
+ end
+ end
end
View Lorry Controller Status