diff options
Diffstat (limited to 'spec/controllers/projects/notes_controller_spec.rb')
-rw-r--r-- | spec/controllers/projects/notes_controller_spec.rb | 152 |
1 files changed, 127 insertions, 25 deletions
diff --git a/spec/controllers/projects/notes_controller_spec.rb b/spec/controllers/projects/notes_controller_spec.rb index 6ffe41b8608..5f5a789d5cc 100644 --- a/spec/controllers/projects/notes_controller_spec.rb +++ b/spec/controllers/projects/notes_controller_spec.rb @@ -1,6 +1,8 @@ require 'spec_helper' describe Projects::NotesController do + include ProjectForksHelper + let(:user) { create(:user) } let(:project) { create(:project) } let(:issue) { create(:issue, project: project) } @@ -57,6 +59,7 @@ describe Projects::NotesController do expect(note_json[:id]).to eq(note.id) expect(note_json[:discussion_html]).not_to be_nil expect(note_json[:diff_discussion_html]).to be_nil + expect(note_json[:discussion_line_code]).to be_nil end end @@ -72,6 +75,7 @@ describe Projects::NotesController do expect(note_json[:id]).to eq(note.id) expect(note_json[:discussion_html]).not_to be_nil expect(note_json[:diff_discussion_html]).not_to be_nil + expect(note_json[:discussion_line_code]).not_to be_nil end end @@ -90,6 +94,7 @@ describe Projects::NotesController do expect(note_json[:id]).to eq(note.id) expect(note_json[:discussion_html]).not_to be_nil expect(note_json[:diff_discussion_html]).to be_nil + expect(note_json[:discussion_line_code]).to be_nil end end @@ -102,6 +107,20 @@ describe Projects::NotesController do expect(note_json[:id]).to eq(note.id) expect(note_json[:discussion_html]).to be_nil expect(note_json[:diff_discussion_html]).to be_nil + expect(note_json[:discussion_line_code]).to be_nil + end + + context 'when user cannot read commit' do + before do + allow(Ability).to receive(:allowed?).and_call_original + allow(Ability).to receive(:allowed?).with(user, :download_code, project).and_return(false) + end + + it 'renders 404' do + get :index, params + + expect(response).to have_gitlab_http_status(404) + end end end end @@ -118,6 +137,41 @@ describe Projects::NotesController do expect(note_json[:html]).not_to be_nil expect(note_json[:discussion_html]).to be_nil expect(note_json[:diff_discussion_html]).to be_nil + expect(note_json[:discussion_line_code]).to be_nil + end + end + + context 'with cross-reference system note', :request_store do + let(:new_issue) { create(:issue) } + let(:cross_reference) { "mentioned in #{new_issue.to_reference(issue.project)}" } + + before do + note + create(:discussion_note_on_issue, :system, noteable: issue, project: issue.project, note: cross_reference) + end + + it 'filters notes that the user should not see' do + get :index, request_params + + expect(parsed_response[:notes].count).to eq(1) + expect(note_json[:id]).to eq(note.id) + end + + it 'does not result in N+1 queries' do + # Instantiate the controller variables to ensure QueryRecorder has an accurate base count + get :index, request_params + + RequestStore.clear! + + control_count = ActiveRecord::QueryRecorder.new do + get :index, request_params + end.count + + RequestStore.clear! + + create_list(:discussion_note_on_issue, 2, :system, noteable: issue, project: issue.project, note: cross_reference) + + expect { get :index, request_params }.not_to exceed_query_limit(control_count) end end end @@ -144,13 +198,13 @@ describe Projects::NotesController do it "returns status 302 for html" do post :create, request_params - expect(response).to have_http_status(302) + expect(response).to have_gitlab_http_status(302) end it "returns status 200 for json" do post :create, request_params.merge(format: :json) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) end context 'when merge_request_diff_head_sha present' do @@ -169,25 +223,23 @@ describe Projects::NotesController do it "returns status 302 for html" do post :create, request_params - expect(response).to have_http_status(302) + expect(response).to have_gitlab_http_status(302) end end context 'when creating a commit comment from an MR fork' do let(:project) { create(:project, :repository) } - let(:fork_project) do - create(:project, :repository).tap do |fork| - create(:forked_project_link, forked_to_project: fork, forked_from_project: project) - end + let(:forked_project) do + fork_project(project, nil, repository: true) end let(:merge_request) do - create(:merge_request, source_project: fork_project, target_project: project, source_branch: 'feature', target_branch: 'master') + create(:merge_request, source_project: forked_project, target_project: project, source_branch: 'feature', target_branch: 'master') end let(:existing_comment) do - create(:note_on_commit, note: 'a note', project: fork_project, commit_id: merge_request.commit_shas.first) + create(:note_on_commit, note: 'a note', project: forked_project, commit_id: merge_request.commit_shas.first) end def post_create(extra_params = {}) @@ -197,7 +249,7 @@ describe Projects::NotesController do project_id: project, target_type: 'merge_request', target_id: merge_request.id, - note_project_id: fork_project.id, + note_project_id: forked_project.id, in_reply_to_discussion_id: existing_comment.discussion_id }.merge(extra_params) end @@ -206,7 +258,7 @@ describe Projects::NotesController do it 'returns a 404' do post_create(note_project_id: Project.maximum(:id).succ) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end @@ -214,21 +266,71 @@ describe Projects::NotesController do it 'returns a 404' do post_create - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end context 'when the user has access to the fork' do - let(:discussion) { fork_project.notes.find_discussion(existing_comment.discussion_id) } + let(:discussion) { forked_project.notes.find_discussion(existing_comment.discussion_id) } before do - fork_project.add_developer(user) + forked_project.add_developer(user) existing_comment end it 'creates the note' do - expect { post_create }.to change { fork_project.notes.count }.by(1) + expect { post_create }.to change { forked_project.notes.count }.by(1) + end + end + end + + context 'when the merge request discussion is locked' do + before do + project.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PUBLIC) + merge_request.update_attribute(:discussion_locked, true) + end + + context 'when a noteable is not found' do + it 'returns 404 status' do + request_params[:note][:noteable_id] = 9999 + post :create, request_params.merge(format: :json) + + expect(response).to have_gitlab_http_status(404) + end + end + + context 'when a user is a team member' do + it 'returns 302 status for html' do + post :create, request_params + + expect(response).to have_gitlab_http_status(302) + end + + it 'returns 200 status for json' do + post :create, request_params.merge(format: :json) + + expect(response).to have_gitlab_http_status(200) + end + + it 'creates a new note' do + expect { post :create, request_params }.to change { Note.count }.by(1) + end + end + + context 'when a user is not a team member' do + before do + project.project_member(user).destroy + end + + it 'returns 404 status' do + post :create, request_params + + expect(response).to have_gitlab_http_status(404) + end + + it 'does not create a new note' do + expect { post :create, request_params }.not_to change { Note.count } end end end @@ -253,7 +355,7 @@ describe Projects::NotesController do it "returns status 200 for html" do delete :destroy, request_params - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) end it "deletes the note" do @@ -270,7 +372,7 @@ describe Projects::NotesController do it "returns status 404" do delete :destroy, request_params - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end end @@ -286,7 +388,7 @@ describe Projects::NotesController do post(:toggle_award_emoji, request_params.merge(name: "thumbsup")) end.to change { note.award_emoji.count }.by(1) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) end it "removes the already awarded emoji" do @@ -296,7 +398,7 @@ describe Projects::NotesController do post(:toggle_award_emoji, request_params.merge(name: "thumbsup")) end.to change { AwardEmoji.count }.by(-1) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) end end @@ -314,7 +416,7 @@ describe Projects::NotesController do it "returns status 404" do post :resolve, request_params - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end @@ -331,7 +433,7 @@ describe Projects::NotesController do it "returns status 404" do post :resolve, request_params - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end @@ -358,7 +460,7 @@ describe Projects::NotesController do it "returns status 200" do post :resolve, request_params - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) end end end @@ -375,7 +477,7 @@ describe Projects::NotesController do it "returns status 404" do delete :unresolve, request_params - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end @@ -392,7 +494,7 @@ describe Projects::NotesController do it "returns status 404" do delete :unresolve, request_params - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end @@ -406,7 +508,7 @@ describe Projects::NotesController do it "returns status 200" do delete :unresolve, request_params - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) end end end |