diff options
Diffstat (limited to 'spec')
-rw-r--r-- | spec/finders/notes_finder_spec.rb | 20 | ||||
-rw-r--r-- | spec/lib/gitlab/regex_spec.rb | 10 | ||||
-rw-r--r-- | spec/lib/gitlab/untrusted_regexp_spec.rb | 32 | ||||
-rw-r--r-- | spec/models/concerns/taskable_spec.rb | 6 | ||||
-rw-r--r-- | spec/services/merge_requests/push_options_handler_service_spec.rb | 15 |
5 files changed, 73 insertions, 10 deletions
diff --git a/spec/finders/notes_finder_spec.rb b/spec/finders/notes_finder_spec.rb index 792a14e3064..1255a882114 100644 --- a/spec/finders/notes_finder_spec.rb +++ b/spec/finders/notes_finder_spec.rb @@ -106,6 +106,26 @@ RSpec.describe NotesFinder do end end + context 'for notes on public issue in public project' do + let_it_be(:public_project) { create(:project, :public) } + let_it_be(:guest_member) { create(:user) } + let_it_be(:reporter_member) { create(:user) } + let_it_be(:guest_project_member) { create(:project_member, :guest, user: guest_member, project: public_project) } + let_it_be(:reporter_project_member) { create(:project_member, :reporter, user: reporter_member, project: public_project) } + let_it_be(:internal_note) { create(:note_on_issue, project: public_project, internal: true) } + let_it_be(:public_note) { create(:note_on_issue, project: public_project) } + + it 'shows all notes when the current_user has reporter access' do + notes = described_class.new(reporter_member, project: public_project).execute + expect(notes).to contain_exactly internal_note, public_note + end + + it 'shows only public notes when the current_user has guest access' do + notes = described_class.new(guest_member, project: public_project).execute + expect(notes).to contain_exactly public_note + end + end + context 'for target type' do let(:project) { create(:project, :repository) } let!(:note1) { create :note_on_issue, project: project } diff --git a/spec/lib/gitlab/regex_spec.rb b/spec/lib/gitlab/regex_spec.rb index d885051b93b..e51e62d5f0a 100644 --- a/spec/lib/gitlab/regex_spec.rb +++ b/spec/lib/gitlab/regex_spec.rb @@ -1171,7 +1171,7 @@ RSpec.describe Gitlab::Regex, feature_category: :tooling do end context 'HTML comment lines' do - subject { described_class::MARKDOWN_HTML_COMMENT_LINE_REGEX } + subject { Gitlab::UntrustedRegexp.new(described_class::MARKDOWN_HTML_COMMENT_LINE_REGEX_UNTRUSTED, multiline: true) } let(:expected) { [['<!-- an HTML comment -->'], ['<!-- another HTML comment -->']] } let(:markdown) do @@ -1189,20 +1189,20 @@ RSpec.describe Gitlab::Regex, feature_category: :tooling do it { is_expected.to match(%(<!-- single line comment -->)) } it { is_expected.not_to match(%(<!--\nblock comment\n-->)) } it { is_expected.not_to match(%(must start in first column <!-- comment -->)) } - it { expect(markdown.scan(subject)).to eq expected } + it { expect(subject.scan(markdown)).to eq expected } end context 'HTML comment blocks' do - subject { described_class::MARKDOWN_HTML_COMMENT_BLOCK_REGEX } + subject { Gitlab::UntrustedRegexp.new(described_class::MARKDOWN_HTML_COMMENT_BLOCK_REGEX_UNTRUSTED, multiline: true) } - let(:expected) { %(<!-- the start of an HTML comment\n- [ ] list item commented out\n-->) } + let(:expected) { %(<!-- the start of an HTML comment\n- [ ] list item commented out\nmore text -->) } let(:markdown) do <<~MARKDOWN Regular text <!-- the start of an HTML comment - [ ] list item commented out - --> + more text --> MARKDOWN end diff --git a/spec/lib/gitlab/untrusted_regexp_spec.rb b/spec/lib/gitlab/untrusted_regexp_spec.rb index 270c4beec97..66675b20107 100644 --- a/spec/lib/gitlab/untrusted_regexp_spec.rb +++ b/spec/lib/gitlab/untrusted_regexp_spec.rb @@ -137,6 +137,38 @@ RSpec.describe Gitlab::UntrustedRegexp do end end + describe '#extract_named_group' do + let(:re) { described_class.new('(?P<name>\w+) (?P<age>\d+)|(?P<name_only>\w+)') } + let(:text) { 'Bob 40' } + + it 'returns values for both named groups' do + matched = re.scan(text).first + + expect(re.extract_named_group(:name, matched)).to eq 'Bob' + expect(re.extract_named_group(:age, matched)).to eq '40' + end + + it 'returns nil if there was no match for group' do + matched = re.scan('Bob').first + + expect(re.extract_named_group(:name, matched)).to be_nil + expect(re.extract_named_group(:age, matched)).to be_nil + expect(re.extract_named_group(:name_only, matched)).to eq 'Bob' + end + + it 'returns nil if match is nil' do + matched = '(?P<age>\d+)'.scan(text).first + + expect(re.extract_named_group(:age, matched)).to be_nil + end + + it 'raises if name is not a capture group' do + matched = re.scan(text).first + + expect { re.extract_named_group(:foo, matched) }.to raise_error('Invalid named capture group: foo') + end + end + describe '#match' do context 'when there are matches' do it 'returns a match object' do diff --git a/spec/models/concerns/taskable_spec.rb b/spec/models/concerns/taskable_spec.rb index 14f346f353b..20de8995d13 100644 --- a/spec/models/concerns/taskable_spec.rb +++ b/spec/models/concerns/taskable_spec.rb @@ -35,11 +35,7 @@ RSpec.describe Taskable, feature_category: :team_planning do TaskList::Item.new('- [ ]', 'First item'), TaskList::Item.new('- [x]', 'Second item'), TaskList::Item.new('* [x]', 'First item'), - TaskList::Item.new('* [ ]', 'Second item'), - TaskList::Item.new('+ [ ]', 'No-break space (U+00A0)'), - TaskList::Item.new('+ [ ]', 'Figure space (U+2007)'), - TaskList::Item.new('+ [ ]', 'Narrow no-break space (U+202F)'), - TaskList::Item.new('+ [ ]', 'Thin space (U+2009)') + TaskList::Item.new('* [ ]', 'Second item') ] end diff --git a/spec/services/merge_requests/push_options_handler_service_spec.rb b/spec/services/merge_requests/push_options_handler_service_spec.rb index 7ca795ecd1a..49ec8b09939 100644 --- a/spec/services/merge_requests/push_options_handler_service_spec.rb +++ b/spec/services/merge_requests/push_options_handler_service_spec.rb @@ -861,6 +861,21 @@ RSpec.describe MergeRequests::PushOptionsHandlerService, feature_category: :sour end end + describe 'when user does not have access to target project' do + let(:push_options) { { create: true, target: 'my-branch' } } + let(:changes) { default_branch_changes } + + before do + allow(user1).to receive(:can?).with(:read_code, project).and_return(false) + end + + it 'records an error', :sidekiq_inline do + service.execute + + expect(service.errors).to eq(["User access was denied"]) + end + end + describe 'when MRs are not enabled' do let(:project) { create(:project, :public, :repository).tap { |pr| pr.add_developer(user1) } } let(:push_options) { { create: true } } |