7 files changed, 158 insertions, 23 deletions

diff --git a/spec/requests/api/commits_spec.rb b/spec/requests/api/commits_spec.rb
index 246947e58a8..d5b31610dad 100644
--- a/spec/requests/api/commits_spec.rb
+++ b/spec/requests/api/commits_spec.rb
@@ -1040,6 +1040,14 @@ describe API::Commits do
         end
       end
 
+      context 'when branch is empty' do
+        ['', ' '].each do |branch|
+          it_behaves_like '400 response' do
+            let(:request) { post api(route, current_user), branch: branch }
+          end
+        end
+      end
+
       context 'when branch does not exist' do
         it_behaves_like '404 response' do
           let(:request) { post api(route, current_user), branch: 'foo' }
diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb
index 6890f46c724..e0b5b34f9c4 100644
--- a/spec/requests/api/internal_spec.rb
+++ b/spec/requests/api/internal_spec.rb
@@ -369,6 +369,26 @@ describe API::Internal do
             expect(user.reload.last_activity_on).to be_nil
           end
         end
+
+        context 'when receive_max_input_size has been updated' do
+          it 'returns custom git config' do
+            allow(Gitlab::CurrentSettings).to receive(:receive_max_input_size) { 1 }
+
+            push(key, project)
+
+            expect(json_response["git_config_options"]).to be_present
+          end
+        end
+
+        context 'when receive_max_input_size is empty' do
+          it 'returns an empty git config' do
+            allow(Gitlab::CurrentSettings).to receive(:receive_max_input_size) { nil }
+
+            push(key, project)
+
+            expect(json_response["git_config_options"]).to be_empty
+          end
+        end
       end
     end
 
diff --git a/spec/requests/api/project_export_spec.rb b/spec/requests/api/project_export_spec.rb
index 45e4e35d773..0586025956f 100644
--- a/spec/requests/api/project_export_spec.rb
+++ b/spec/requests/api/project_export_spec.rb
@@ -4,8 +4,8 @@ describe API::ProjectExport do
   set(:project) { create(:project) }
   set(:project_none) { create(:project) }
   set(:project_started) { create(:project) }
-  set(:project_finished) { create(:project) }
-  set(:project_after_export) { create(:project) }
+  let(:project_finished) { create(:project, :with_export) }
+  let(:project_after_export) { create(:project, :with_export) }
   set(:user) { create(:user) }
   set(:admin) { create(:admin) }
 
@@ -29,13 +29,7 @@ describe API::ProjectExport do
     # simulate exporting work directory
     FileUtils.mkdir_p File.join(project_started.export_path, 'securerandom-hex')
 
-    # simulate exported
-    FileUtils.mkdir_p project_finished.export_path
-    FileUtils.touch File.join(project_finished.export_path, '_export.tar.gz')
-
     # simulate in after export action
-    FileUtils.mkdir_p project_after_export.export_path
-    FileUtils.touch File.join(project_after_export.export_path, '_export.tar.gz')
     FileUtils.touch Gitlab::ImportExport::AfterExportStrategies::BaseAfterExportStrategy.lock_file_path(project_after_export)
   end
 
@@ -191,14 +185,11 @@ describe API::ProjectExport do
 
       context 'when upload complete' do
         before do
-          FileUtils.rm_rf(project_after_export.export_path)
-
-          if project_after_export.export_project_object_exists?
-            upload = project_after_export.import_export_upload
+          project_after_export.remove_exports
+        end
 
-            upload.remove_export_file!
-            upload.save
-          end
+        it 'has removed the export' do
+          expect(project_after_export.export_file_exists?).to be_falsey
         end
 
         it_behaves_like '404 response' do
@@ -273,13 +264,13 @@ describe API::ProjectExport do
       before do
         stub_uploads_object_storage(ImportExportUploader)
 
-        [project, project_finished, project_after_export].each do |p|
-          p.add_maintainer(user)
+        project.add_maintainer(user)
+        project_finished.add_maintainer(user)
+        project_after_export.add_maintainer(user)
 
-          upload = ImportExportUpload.new(project: p)
-          upload.export_file = fixture_file_upload('spec/fixtures/project_export.tar.gz', "`/tar.gz")
-          upload.save!
-        end
+        upload = ImportExportUpload.new(project: project)
+        upload.export_file = fixture_file_upload('spec/fixtures/project_export.tar.gz', "`/tar.gz")
+        upload.save!
       end
 
       it_behaves_like 'get project download by strategy'
diff --git a/spec/requests/api/project_import_spec.rb b/spec/requests/api/project_import_spec.rb
index bc06f3c3732..c8fa4754810 100644
--- a/spec/requests/api/project_import_spec.rb
+++ b/spec/requests/api/project_import_spec.rb
@@ -7,7 +7,6 @@ describe API::ProjectImport do
   let(:namespace) { create(:group) }
   before do
     allow_any_instance_of(Gitlab::ImportExport).to receive(:storage_path).and_return(export_path)
-    stub_feature_flags(import_export_object_storage: true)
     stub_uploads_object_storage(FileUploader)
 
     namespace.add_owner(user)
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index b6f92042ecc..c8e98e6024c 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -148,6 +148,16 @@ describe API::Projects do
         expect(json_response.first.keys).to include('open_issues_count')
       end
 
+      it 'does not include projects marked for deletion' do
+        project.update(pending_delete: true)
+
+        get api('/projects', user)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(json_response).to be_an Array
+        expect(json_response.map { |p| p['id'] }).not_to include(project.id)
+      end
+
       it 'does not include open_issues_count if issues are disabled' do
         project.project_feature.update_attribute(:issues_access_level, ProjectFeature::DISABLED)
 
@@ -557,6 +567,14 @@ describe API::Projects do
       expect(json_response['visibility']).to eq('private')
     end
 
+    it 'creates a new project initialized with a README.md' do
+      project = attributes_for(:project, initialize_with_readme: 1, name: 'somewhere')
+
+      post api('/projects', user), project
+
+      expect(json_response['readme_url']).to eql("#{Gitlab.config.gitlab.url}/#{json_response['namespace']['full_path']}/somewhere/blob/master/README.md")
+    end
+
     it 'sets tag list to a project' do
       project = attributes_for(:project, tag_list: %w[tagFirst tagSecond])
 
@@ -1004,6 +1022,15 @@ describe API::Projects do
         expect(json_response).not_to include("import_error")
       end
 
+      it 'returns 404 when project is marked for deletion' do
+        project.update(pending_delete: true)
+
+        get api("/projects/#{project.id}", user)
+
+        expect(response).to have_gitlab_http_status(404)
+        expect(json_response['message']).to eq('404 Project Not Found')
+      end
+
       context 'links exposure' do
         it 'exposes related resources full URIs' do
           get api("/projects/#{project.id}", user)
diff --git a/spec/requests/api/resource_label_events_spec.rb b/spec/requests/api/resource_label_events_spec.rb
new file mode 100644
index 00000000000..b7d4a5152cc
--- /dev/null
+++ b/spec/requests/api/resource_label_events_spec.rb
@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe API::ResourceLabelEvents do
+  set(:user) { create(:user) }
+  set(:project) { create(:project, :public, :repository, namespace: user.namespace) }
+  set(:private_user)    { create(:user) }
+
+  before do
+    project.add_developer(user)
+  end
+
+  shared_examples 'resource_label_events API' do |parent_type, eventable_type, id_name|
+    describe "GET /#{parent_type}/:id/#{eventable_type}/:noteable_id/resource_label_events" do
+      it "returns an array of resource label events" do
+        get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events", user)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(response).to include_pagination_headers
+        expect(json_response).to be_an Array
+        expect(json_response.first['id']).to eq(event.id)
+      end
+
+      it "returns a 404 error when eventable id not found" do
+        get api("/#{parent_type}/#{parent.id}/#{eventable_type}/12345/resource_label_events", user)
+
+        expect(response).to have_gitlab_http_status(404)
+      end
+
+      it "returns 404 when not authorized" do
+        parent.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
+
+        get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events", private_user)
+
+        expect(response).to have_gitlab_http_status(404)
+      end
+    end
+
+    describe "GET /#{parent_type}/:id/#{eventable_type}/:noteable_id/resource_label_events/:event_id" do
+      it "returns a resource label event by id" do
+        get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events/#{event.id}", user)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(json_response['id']).to eq(event.id)
+      end
+
+      it "returns a 404 error if resource label event not found" do
+        get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events/12345", user)
+
+        expect(response).to have_gitlab_http_status(404)
+      end
+    end
+  end
+
+  context 'when eventable is an Issue' do
+    let(:issue) { create(:issue, project: project, author: user) }
+
+    it_behaves_like 'resource_label_events API', 'projects', 'issues', 'iid' do
+      let(:parent) { project }
+      let(:eventable) { issue }
+      let!(:event) { create(:resource_label_event, issue: issue) }
+    end
+  end
+
+  context 'when eventable is a Merge Request' do
+    let(:merge_request) { create(:merge_request, source_project: project, target_project: project, author: user) }
+
+    it_behaves_like 'resource_label_events API', 'projects', 'merge_requests', 'iid' do
+      let(:parent) { project }
+      let(:eventable) { merge_request }
+      let!(:event) { create(:resource_label_event, merge_request: merge_request) }
+    end
+  end
+end
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index d48d577afa1..b7d62df0663 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -1031,11 +1031,14 @@ describe API::Users do
       expect(json_response['error']).to eq('email is missing')
     end
 
-    it "creates email" do
+    it "creates unverified email" do
       email_attrs = attributes_for :email
       expect do
         post api("/users/#{user.id}/emails", admin), email_attrs
       end.to change { user.emails.count }.by(1)
+
+      email = Email.find_by(user_id: user.id, email: email_attrs[:email])
+      expect(email).not_to be_confirmed
     end
 
     it "returns a 400 for invalid ID" do
@@ -1043,6 +1046,18 @@ describe API::Users do
 
       expect(response).to have_gitlab_http_status(400)
     end
+
+    it "creates verified email" do
+      email_attrs = attributes_for :email
+      email_attrs[:skip_confirmation] = true
+
+      post api("/users/#{user.id}/emails", admin), email_attrs
+
+      expect(response).to have_gitlab_http_status(201)
+
+      email = Email.find_by(user_id: user.id, email: email_attrs[:email])
+      expect(email).to be_confirmed
+    end
   end
 
   describe 'GET /user/:id/emails' do