diff options
Diffstat (limited to 'spec/lib/api')
-rw-r--r-- | spec/lib/api/entities/release_spec.rb | 6 | ||||
-rw-r--r-- | spec/lib/api/validations/validators/untrusted_regexp_spec.rb | 28 |
2 files changed, 33 insertions, 1 deletions
diff --git a/spec/lib/api/entities/release_spec.rb b/spec/lib/api/entities/release_spec.rb index c45dbc15856..fa9e1e74f9b 100644 --- a/spec/lib/api/entities/release_spec.rb +++ b/spec/lib/api/entities/release_spec.rb @@ -4,11 +4,15 @@ require 'spec_helper' describe API::Entities::Release do let_it_be(:project) { create(:project) } - let_it_be(:release) { create(:release, :with_evidence, project: project) } + let(:release) { create(:release, project: project) } let(:evidence) { release.evidences.first } let(:user) { create(:user) } let(:entity) { described_class.new(release, current_user: user).as_json } + before do + ::Releases::CreateEvidenceService.new(release).execute + end + describe 'evidences' do context 'when the current user can download code' do let(:entity_evidence) { entity[:evidences].first } diff --git a/spec/lib/api/validations/validators/untrusted_regexp_spec.rb b/spec/lib/api/validations/validators/untrusted_regexp_spec.rb new file mode 100644 index 00000000000..491bf94fd79 --- /dev/null +++ b/spec/lib/api/validations/validators/untrusted_regexp_spec.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe API::Validations::Validators::UntrustedRegexp do + include ApiValidatorsHelpers + + subject do + described_class.new(['test'], {}, false, scope.new) + end + + context 'valid regex' do + it 'does not raise a validation error' do + expect_no_validation_error('test' => 'test') + expect_no_validation_error('test' => '.*') + expect_no_validation_error('test' => Gitlab::Regex.environment_name_regex_chars) + end + end + + context 'invalid regex' do + it 'raises a validation error' do + expect_validation_error('test' => '[') + expect_validation_error('test' => '*foobar') + expect_validation_error('test' => '?foobar') + expect_validation_error('test' => '\A[^/%\s]+(..\z') + end + end +end |