7 files changed, 215 insertions, 5 deletions

diff --git a/spec/controllers/projects/blob_controller_spec.rb b/spec/controllers/projects/blob_controller_spec.rb
index 52d13fb6f9e..3efef757ae2 100644
--- a/spec/controllers/projects/blob_controller_spec.rb
+++ b/spec/controllers/projects/blob_controller_spec.rb
@@ -36,4 +36,53 @@ describe Projects::BlobController do
       end
     end
   end
+
+  describe 'PUT update' do
+    let(:default_params) do
+      {
+        namespace_id: project.namespace.to_param,
+        project_id: project.to_param,
+        id: 'master/CHANGELOG',
+        target_branch: 'master',
+        content: 'Added changes',
+        commit_message: 'Update CHANGELOG'
+      }
+    end
+
+    def blob_after_edit_path
+      namespace_project_blob_path(project.namespace, project, 'master/CHANGELOG')
+    end
+
+    it 'redirects to blob' do
+      put :update, default_params
+
+      expect(response).to redirect_to(blob_after_edit_path)
+    end
+
+    context '?from_merge_request_iid' do
+      let(:merge_request) { create(:merge_request, source_project: project, target_project: project) }
+      let(:mr_params) { default_params.merge(from_merge_request_iid: merge_request.iid) }
+
+      it 'redirects to MR diff' do
+        put :update, mr_params
+
+        after_edit_path = diffs_namespace_project_merge_request_path(project.namespace, project, merge_request)
+        file_anchor = "##{Digest::SHA1.hexdigest('CHANGELOG')}"
+        expect(response).to redirect_to(after_edit_path + file_anchor)
+      end
+
+      context "when user doesn't have access" do
+        before do
+          other_project = create(:empty_project)
+          merge_request.update!(source_project: other_project, target_project: other_project)
+        end
+
+        it "it redirect to blob" do
+          put :update, mr_params
+
+          expect(response).to redirect_to(blob_after_edit_path)
+        end
+      end
+    end
+  end
 end
diff --git a/spec/controllers/projects/branches_controller_spec.rb b/spec/controllers/projects/branches_controller_spec.rb
index f7cf006efd6..b88586b8678 100644
--- a/spec/controllers/projects/branches_controller_spec.rb
+++ b/spec/controllers/projects/branches_controller_spec.rb
@@ -94,6 +94,24 @@ describe Projects::BranchesController do
           branch_name: branch,
           issue_iid: issue.iid
       end
+
+      context 'without issue feature access' do
+        before do
+          project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
+          project.project_feature.update!(issues_access_level: ProjectFeature::PRIVATE)
+          project.team.truncate
+        end
+
+        it "doesn't post a system note" do
+          expect(SystemNoteService).not_to receive(:new_issue_branch)
+
+          post :create,
+            namespace_id: project.namespace.to_param,
+            project_id: project.to_param,
+            branch_name: branch,
+            issue_iid: issue.iid
+        end
+      end
     end
   end
 
diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb
index 90419368f22..dbe5ddccbcf 100644
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -55,6 +55,30 @@ describe Projects::IssuesController do
   end
 
   describe 'GET #new' do
+    context 'internal issue tracker' do
+      before do
+        sign_in(user)
+        project.team << [user, :developer]
+      end
+
+      it 'builds a new issue' do
+        get :new, namespace_id: project.namespace.path, project_id: project
+
+        expect(assigns(:issue)).to be_a_new(Issue)
+      end
+
+      it 'fills in an issue for a merge request' do
+        project_with_repository = create(:project)
+        project_with_repository.team << [user, :developer]
+        mr = create(:merge_request_with_diff_notes, source_project: project_with_repository)
+
+        get :new, namespace_id: project_with_repository.namespace.path, project_id: project_with_repository, merge_request_for_resolving_discussions: mr.iid
+
+        expect(assigns(:issue).title).not_to be_empty
+        expect(assigns(:issue).description).not_to be_empty
+      end
+    end
+
     context 'external issue tracker' do
       it 'redirects to the external issue tracker' do
         external = double(new_issue_path: 'https://example.com/issues/new')
@@ -272,6 +296,42 @@ describe Projects::IssuesController do
   end
 
   describe 'POST #create' do
+    context 'resolving discussions in MergeRequest' do
+      let(:discussion) { Discussion.for_diff_notes([create(:diff_note_on_merge_request)]).first }
+      let(:merge_request) { discussion.noteable }
+      let(:project) { merge_request.source_project }
+
+      before do
+        project.team << [user, :master]
+        sign_in user
+      end
+
+      let(:merge_request_params) do
+        { merge_request_for_resolving_discussions: merge_request.iid }
+      end
+
+      def post_issue(issue_params)
+        post :create, namespace_id: project.namespace.to_param, project_id: project.to_param, issue: issue_params, merge_request_for_resolving_discussions: merge_request.iid
+      end
+
+      it 'creates an issue for the project' do
+        expect { post_issue({ title: 'Hello' }) }.to change { project.issues.reload.size }.by(1)
+      end
+
+      it "doesn't overwrite given params" do
+        post_issue(description: 'Manually entered description')
+
+        expect(assigns(:issue).description).to eq('Manually entered description')
+      end
+
+      it 'resolves the discussion in the merge_request' do
+        post_issue(title: 'Hello')
+        discussion.first_note.reload
+
+        expect(discussion.resolved?).to eq(true)
+      end
+    end
+
     context 'Akismet is enabled' do
       before do
         allow_any_instance_of(SpamService).to receive(:check_for_spam?).and_return(true)
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index 1d0750d1719..9e0b80205d8 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -292,7 +292,9 @@ describe Projects::MergeRequestsController do
         it 'sets the MR to merge when the build succeeds' do
           service = double(:merge_when_build_succeeds_service)
 
-          expect(MergeRequests::MergeWhenBuildSucceedsService).to receive(:new).with(project, anything, anything).and_return(service)
+          expect(MergeRequests::MergeWhenPipelineSucceedsService)
+            .to receive(:new).with(project, anything, anything)
+            .and_return(service)
           expect(service).to receive(:execute).with(merge_request)
 
           merge_when_build_succeeds
diff --git a/spec/controllers/projects/milestones_controller_spec.rb b/spec/controllers/projects/milestones_controller_spec.rb
index 7c5f33c63b8..6d30d085056 100644
--- a/spec/controllers/projects/milestones_controller_spec.rb
+++ b/spec/controllers/projects/milestones_controller_spec.rb
@@ -31,7 +31,7 @@ describe Projects::MilestonesController do
 
       # Check system note left for milestone removal
       last_note = project.issues.find(issue.id).notes[-1].note
-      expect(last_note).to eq('Milestone removed')
+      expect(last_note).to eq('removed milestone')
     end
   end
 end
diff --git a/spec/controllers/projects/releases_controller_spec.rb b/spec/controllers/projects/releases_controller_spec.rb
new file mode 100644
index 00000000000..9fd5c3b85f6
--- /dev/null
+++ b/spec/controllers/projects/releases_controller_spec.rb
@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+describe Projects::ReleasesController do
+  let!(:project) { create(:project) }
+  let!(:user)    { create(:user) }
+  let!(:release) { create(:release, project: project) }
+  let!(:tag)     { release.tag }
+
+  before do
+    project.team << [user, :developer]
+    sign_in(user)
+  end
+
+  describe 'GET #edit' do
+    it 'initializes a new release' do
+      tag_id = release.tag
+      project.releases.destroy_all
+
+      get :edit, namespace_id: project.namespace.path, project_id: project.path, tag_id: tag_id
+
+      release = assigns(:release)
+      expect(release).not_to be_nil
+      expect(release).not_to be_persisted
+    end
+
+    it 'retrieves an existing release' do
+      get :edit, namespace_id: project.namespace.path, project_id: project.path, tag_id: release.tag
+
+      release = assigns(:release)
+      expect(release).not_to be_nil
+      expect(release).to be_persisted
+    end
+  end
+
+  describe 'PUT #update' do
+    it 'updates release note description' do
+      update_release('description updated')
+
+      release = project.releases.find_by_tag(tag)
+      expect(release.description).to eq("description updated")
+    end
+
+    it 'deletes release note when description is null' do
+      expect { update_release('') }.to change(project.releases, :count).by(-1)
+    end
+  end
+
+  def update_release(description)
+    put :update,
+      namespace_id: project.namespace.to_param,
+      project_id: project.to_param,
+      tag_id: release.tag,
+      release: { description: description }
+  end
+end
diff --git a/spec/controllers/projects/todo_controller_spec.rb b/spec/controllers/projects/todo_controller_spec.rb
index 936320a3709..415c264e0dd 100644
--- a/spec/controllers/projects/todo_controller_spec.rb
+++ b/spec/controllers/projects/todo_controller_spec.rb
@@ -4,7 +4,7 @@ describe Projects::TodosController do
   include ApiHelpers
 
   let(:user)          { create(:user) }
-  let(:project)       { create(:project) }
+  let(:project)       { create(:empty_project) }
   let(:issue)         { create(:issue, project: project) }
   let(:merge_request) { create(:merge_request, source_project: project) }
 
@@ -42,7 +42,7 @@ describe Projects::TodosController do
         end
       end
 
-      context 'when not authorized' do
+      context 'when not authorized for project' do
         it 'does not create todo for issue that user has no access to' do
           sign_in(user)
           expect do
@@ -60,6 +60,19 @@ describe Projects::TodosController do
           expect(response).to have_http_status(302)
         end
       end
+
+      context 'when not authorized for issue' do
+        before do
+          project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
+          project.project_feature.update!(issues_access_level: ProjectFeature::PRIVATE)
+          sign_in(user)
+        end
+
+        it "doesn't create todo" do
+          expect{ go }.not_to change { user.todos.count }
+          expect(response).to have_http_status(404)
+        end
+      end
     end
   end
 
@@ -97,7 +110,7 @@ describe Projects::TodosController do
         end
       end
 
-      context 'when not authorized' do
+      context 'when not authorized for project' do
         it 'does not create todo for merge request user has no access to' do
           sign_in(user)
           expect do
@@ -115,6 +128,19 @@ describe Projects::TodosController do
           expect(response).to have_http_status(302)
         end
       end
+
+      context 'when not authorized for merge_request' do
+        before do
+          project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
+          project.project_feature.update!(merge_requests_access_level: ProjectFeature::PRIVATE)
+          sign_in(user)
+        end
+
+        it "doesn't create todo" do
+          expect{ go }.not_to change { user.todos.count }
+          expect(response).to have_http_status(404)
+        end
+      end
     end
   end
 end