summaryrefslogtreecommitdiff
path: root/spec/services/protected_tags/update_service_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/services/protected_tags/update_service_spec.rb')
-rw-r--r--spec/services/protected_tags/update_service_spec.rb33
1 files changed, 6 insertions, 27 deletions
diff --git a/spec/services/protected_tags/update_service_spec.rb b/spec/services/protected_tags/update_service_spec.rb
index 8d301dcd825..4b6e726bb6e 100644
--- a/spec/services/protected_tags/update_service_spec.rb
+++ b/spec/services/protected_tags/update_service_spec.rb
@@ -18,35 +18,14 @@ RSpec.describe ProtectedTags::UpdateService do
expect(result.reload.name).to eq(params[:name])
end
- context 'when name has escaped HTML' do
- let(:new_name) { 'tag->test' }
+ context 'when updating protected tag with a name that contains HTML tags' do
+ let(:new_name) { 'foo<b>bar<\b>' }
+ let(:result) { service.execute(protected_tag) }
- it 'updates protected tag name with unescaped HTML' do
- expect(result.reload.name).to eq('tag->test')
- end
-
- context 'and name contains HTML tags' do
- let(:new_name) { '&lt;b&gt;tag&lt;/b&gt;' }
-
- it 'updates protected tag name with sanitized name' do
- expect(result.reload.name).to eq('tag')
- end
-
- context 'and contains unsafe HTML' do
- let(:new_name) { '&lt;script&gt;alert(&#39;foo&#39;);&lt;/script&gt;' }
-
- it 'does not update the protected tag' do
- expect(result.reload.name).to eq(protected_tag.name)
- end
- end
- end
- end
-
- context 'when name contains unescaped HTML tags' do
- let(:new_name) { '<b>tag</b>' }
+ subject(:service) { described_class.new(project, user, params) }
- it 'updates protected tag name with sanitized name' do
- expect(result.reload.name).to eq('tag')
+ it 'updates a protected tag' do
+ expect(result.reload.name).to eq(new_name)
end
end
View Lorry Controller Status