8 files changed, 49 insertions, 57 deletions

diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
index 481883c50fa..94afe741057 100644
--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@@ -90,16 +90,18 @@ describe ApplicationController do
       let(:format) { :html }
 
       it_behaves_like 'setting gon variables'
-    end
 
-    context 'with json format' do
-      let(:format) { :json }
+      context 'for peek requests' do
+        before do
+          request.path = '/-/peek'
+        end
 
-      it_behaves_like 'not setting gon variables'
+        it_behaves_like 'not setting gon variables'
+      end
     end
 
-    context 'with atom format' do
-      let(:format) { :atom }
+    context 'with json format' do
+      let(:format) { :json }
 
       it_behaves_like 'not setting gon variables'
     end
diff --git a/spec/controllers/concerns/confirm_email_warning_spec.rb b/spec/controllers/concerns/confirm_email_warning_spec.rb
index 0c598a360af..25429cdd149 100644
--- a/spec/controllers/concerns/confirm_email_warning_spec.rb
+++ b/spec/controllers/concerns/confirm_email_warning_spec.rb
@@ -19,7 +19,7 @@ describe ConfirmEmailWarning do
 
   RSpec::Matchers.define :set_confirm_warning_for do |email|
     match do |response|
-      expect(response).to set_flash.now[:warning].to include("Please check your email (#{email}) to verify that you own this address.")
+      expect(response).to set_flash.now[:warning].to include("Please check your email (#{email}) to verify that you own this address and unlock the power of CI/CD.")
     end
   end
 
diff --git a/spec/controllers/uploads_controller_spec.rb b/spec/controllers/uploads_controller_spec.rb
index f35babc1b56..1bcf3bb106b 100644
--- a/spec/controllers/uploads_controller_spec.rb
+++ b/spec/controllers/uploads_controller_spec.rb
@@ -228,10 +228,10 @@ describe UploadsController do
             user.block
           end
 
-          it "responds with status 401" do
+          it "redirects to the sign in page" do
             get :show, params: { model: "user", mounted_as: "avatar", id: user.id, filename: "dk.png" }
 
-            expect(response).to have_gitlab_http_status(401)
+            expect(response).to redirect_to(new_user_session_path)
           end
         end
 
@@ -320,10 +320,10 @@ describe UploadsController do
         end
 
         context "when not signed in" do
-          it "responds with status 401" do
+          it "redirects to the sign in page" do
             get :show, params: { model: "project", mounted_as: "avatar", id: project.id, filename: "dk.png" }
 
-            expect(response).to have_gitlab_http_status(401)
+            expect(response).to redirect_to(new_user_session_path)
           end
         end
 
@@ -343,10 +343,10 @@ describe UploadsController do
                 project.add_maintainer(user)
               end
 
-              it "responds with status 401" do
+              it "redirects to the sign in page" do
                 get :show, params: { model: "project", mounted_as: "avatar", id: project.id, filename: "dk.png" }
 
-                expect(response).to have_gitlab_http_status(401)
+                expect(response).to redirect_to(new_user_session_path)
               end
             end
 
@@ -439,10 +439,10 @@ describe UploadsController do
                 user.block
               end
 
-              it "responds with status 401" do
+              it "redirects to the sign in page" do
                 get :show, params: { model: "group", mounted_as: "avatar", id: group.id, filename: "dk.png" }
 
-                expect(response).to have_gitlab_http_status(401)
+                expect(response).to redirect_to(new_user_session_path)
               end
             end
 
@@ -526,10 +526,10 @@ describe UploadsController do
         end
 
         context "when not signed in" do
-          it "responds with status 401" do
+          it "redirects to the sign in page" do
             get :show, params: { model: "note", mounted_as: "attachment", id: note.id, filename: "dk.png" }
 
-            expect(response).to have_gitlab_http_status(401)
+            expect(response).to redirect_to(new_user_session_path)
           end
         end
 
@@ -549,10 +549,10 @@ describe UploadsController do
                 project.add_maintainer(user)
               end
 
-              it "responds with status 401" do
+              it "redirects to the sign in page" do
                 get :show, params: { model: "note", mounted_as: "attachment", id: note.id, filename: "dk.png" }
 
-                expect(response).to have_gitlab_http_status(401)
+                expect(response).to redirect_to(new_user_session_path)
               end
             end
 
diff --git a/spec/features/users/login_spec.rb b/spec/features/users/login_spec.rb
index d1f3b3f4076..b7c54bb6de8 100644
--- a/spec/features/users/login_spec.rb
+++ b/spec/features/users/login_spec.rb
@@ -806,7 +806,7 @@ describe 'Login' do
       gitlab_sign_in(user)
 
       expect(current_path).to eq root_path
-      expect(page).to have_content("Please check your email (#{user.email}) to verify that you own this address.")
+      expect(page).to have_content("Please check your email (#{user.email}) to verify that you own this address and unlock the power of CI/CD.")
     end
 
     context "when not having confirmed within Devise's allow_unconfirmed_access_for time" do
diff --git a/spec/features/users/signup_spec.rb b/spec/features/users/signup_spec.rb
index 8a82d3f3bd0..5d4c30b6e8e 100644
--- a/spec/features/users/signup_spec.rb
+++ b/spec/features/users/signup_spec.rb
@@ -222,7 +222,7 @@ shared_examples 'Signup' do
             expect(current_path).to eq users_sign_up_welcome_path
           else
             expect(current_path).to eq dashboard_projects_path
-            expect(page).to have_content("Please check your email (#{new_user.email}) to verify that you own this address.")
+            expect(page).to have_content("Please check your email (#{new_user.email}) to verify that you own this address and unlock the power of CI/CD.")
           end
         end
       end
diff --git a/spec/lib/gitlab/import_export/all_models.yml b/spec/lib/gitlab/import_export/all_models.yml
index d0e4b92410d..8bad40c629b 100644
--- a/spec/lib/gitlab/import_export/all_models.yml
+++ b/spec/lib/gitlab/import_export/all_models.yml
@@ -339,6 +339,7 @@ project:
 - triggers
 - pipeline_schedules
 - environments
+- unfoldered_environments
 - deployments
 - project_feature
 - auto_devops
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index d0788452a20..ab54d97f2a2 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -315,6 +315,31 @@ describe ProjectPolicy do
     end
   end
 
+  context 'pipeline feature' do
+    let(:project) { create(:project) }
+
+    describe 'for unconfirmed user' do
+      let(:unconfirmed_user) { create(:user, confirmed_at: nil) }
+      subject { described_class.new(unconfirmed_user, project) }
+
+      it 'disallows to modify pipelines' do
+        expect_disallowed(:create_pipeline)
+        expect_disallowed(:update_pipeline)
+        expect_disallowed(:create_pipeline_schedule)
+      end
+    end
+
+    describe 'for confirmed user' do
+      subject { described_class.new(developer, project) }
+
+      it 'allows modify pipelines' do
+        expect_allowed(:create_pipeline)
+        expect_allowed(:update_pipeline)
+        expect_allowed(:create_pipeline_schedule)
+      end
+    end
+  end
+
   context 'builds feature' do
     context 'when builds are disabled' do
       subject { described_class.new(owner, project) }
diff --git a/spec/requests/user_avatar_spec.rb b/spec/requests/user_avatar_spec.rb
deleted file mode 100644
index 9451674161c..00000000000
--- a/spec/requests/user_avatar_spec.rb
+++ /dev/null
@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe 'Loading a user avatar' do
-  let(:user) { create(:user, :with_avatar) }
-
-  context 'when logged in' do
-    # The exact query count will vary depending on the 2FA settings of the
-    # instance, group, and user. Removing those extra 2FA queries in this case
-    # may not be a good idea, so we just set up the ideal case.
-    before do
-      stub_application_setting(require_two_factor_authentication: true)
-
-      login_as(create(:user, :two_factor))
-    end
-
-    # One each for: current user, avatar user, and upload record
-    it 'only performs three SQL queries' do
-      get user.avatar_url # Skip queries on first application load
-
-      expect(response).to have_gitlab_http_status(200)
-      expect { get user.avatar_url }.not_to exceed_query_limit(3)
-    end
-  end
-
-  context 'when logged out' do
-    # One each for avatar user and upload record
-    it 'only performs two SQL queries' do
-      get user.avatar_url # Skip queries on first application load
-
-      expect(response).to have_gitlab_http_status(200)
-      expect { get user.avatar_url }.not_to exceed_query_limit(2)
-    end
-  end
-end