diff options
Diffstat (limited to 'spec/views/projects/settings/operations/show.html.haml_spec.rb')
-rw-r--r-- | spec/views/projects/settings/operations/show.html.haml_spec.rb | 76 |
1 files changed, 62 insertions, 14 deletions
diff --git a/spec/views/projects/settings/operations/show.html.haml_spec.rb b/spec/views/projects/settings/operations/show.html.haml_spec.rb index b4d20da0a5c..24ab64b20f5 100644 --- a/spec/views/projects/settings/operations/show.html.haml_spec.rb +++ b/spec/views/projects/settings/operations/show.html.haml_spec.rb @@ -6,37 +6,85 @@ RSpec.describe 'projects/settings/operations/show' do let_it_be(:project) { create(:project) } let_it_be(:user) { create(:user) } + let_it_be(:error_tracking_setting) do + create(:project_error_tracking_setting, project: project) + end + + let_it_be_with_reload(:tracing_setting) do + create(:project_tracing_setting, project: project) + end + + let_it_be(:prometheus_service) { create(:prometheus_service, project: project) } + let_it_be(:alerts_service) { create(:alerts_service, project: project) } + let(:operations_show_locals) do { - prometheus_service: project.find_or_initialize_service('prometheus'), - alerts_service: project.find_or_initialize_service('alerts') + prometheus_service: prometheus_service, + alerts_service: alerts_service } end + before_all do + project.add_reporter(user) + end + before do assign :project, project + + allow(view).to receive(:error_tracking_setting) + .and_return(error_tracking_setting) + allow(view).to receive(:tracing_setting) + .and_return(tracing_setting) + allow(view).to receive(:current_user).and_return(user) end describe 'Operations > Error Tracking' do - before do - project.add_reporter(user) + context 'Settings page ' do + it 'renders the Operations Settings page' do + render template: 'projects/settings/operations/show', locals: operations_show_locals - allow(view).to receive(:error_tracking_setting) - .and_return(error_tracking_setting) - allow(view).to receive(:current_user).and_return(user) - allow(view).to receive(:incident_management_available?) { false } + expect(rendered).to have_content _('Error tracking') + expect(rendered).to have_content _('To link Sentry to GitLab, enter your Sentry URL and Auth Token') + end end + end - let_it_be(:error_tracking_setting) do - create(:project_error_tracking_setting, project: project) + describe 'Operations > Tracing' do + context 'with project.tracing_external_url' do + it 'links to project.tracing_external_url' do + render template: 'projects/settings/operations/show', locals: operations_show_locals + + expect(rendered).to have_link('Tracing', href: tracing_setting.external_url) + end + + context 'with malicious external_url' do + let(:malicious_tracing_url) { "https://replaceme.com/'><script>alert(document.cookie)</script>" } + let(:cleaned_url) { "https://replaceme.com/'>" } + + before do + tracing_setting.update_column(:external_url, malicious_tracing_url) + end + + it 'sanitizes external_url' do + render template: 'projects/settings/operations/show', locals: operations_show_locals + + expect(tracing_setting.external_url).to eq(malicious_tracing_url) + expect(rendered).to have_link('Tracing', href: cleaned_url) + end + end end - context 'Settings page ' do - it 'renders the Operations Settings page' do + context 'without project.tracing_external_url' do + let(:tracing_setting) { build(:project_tracing_setting, project: project) } + + before do + tracing_setting.external_url = nil + end + + it 'links to Tracing page' do render template: 'projects/settings/operations/show', locals: operations_show_locals - expect(rendered).to have_content _('Error tracking') - expect(rendered).to have_content _('To link Sentry to GitLab, enter your Sentry URL and Auth Token') + expect(rendered).to have_link('Tracing', href: project_tracing_path(project)) end end end |