From 48aff82709769b098321c738f3444b9bdaa694c6 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Wed, 21 Oct 2020 07:08:36 +0000 Subject: Add latest changes from gitlab-org/gitlab@13-5-stable-ee --- .../admin/application_settings_controller_spec.rb | 38 +++++++++ spec/controllers/admin/clusters_controller_spec.rb | 5 ++ spec/controllers/admin/hooks_controller_spec.rb | 8 ++ .../admin/instance_review_controller_spec.rb | 68 ++++++++++++++++ .../admin/integrations_controller_spec.rb | 14 +++- spec/controllers/admin/runners_controller_spec.rb | 17 ++++ spec/controllers/admin/sessions_controller_spec.rb | 2 +- spec/controllers/admin/users_controller_spec.rb | 90 +++++++++++++++++++++- 8 files changed, 238 insertions(+), 4 deletions(-) create mode 100644 spec/controllers/admin/instance_review_controller_spec.rb (limited to 'spec/controllers/admin') diff --git a/spec/controllers/admin/application_settings_controller_spec.rb b/spec/controllers/admin/application_settings_controller_spec.rb index 4f223811be8..f71f859a704 100644 --- a/spec/controllers/admin/application_settings_controller_spec.rb +++ b/spec/controllers/admin/application_settings_controller_spec.rb @@ -15,6 +15,37 @@ RSpec.describe Admin::ApplicationSettingsController do stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false') end + describe 'GET #integrations' do + before do + sign_in(admin) + end + + context 'when GitLab.com' do + before do + allow(::Gitlab).to receive(:com?) { true } + end + + it 'returns 404' do + get :integrations + + expect(response).to have_gitlab_http_status(:not_found) + end + end + + context 'when not GitLab.com' do + before do + allow(::Gitlab).to receive(:com?) { false } + end + + it 'renders correct template' do + get :integrations + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to render_template('admin/application_settings/integrations') + end + end + end + describe 'GET #usage_data with no access' do before do stub_usage_data_connections @@ -56,6 +87,13 @@ RSpec.describe Admin::ApplicationSettingsController do sign_in(admin) end + it 'updates the require_admin_approval_after_user_signup setting' do + put :update, params: { application_setting: { require_admin_approval_after_user_signup: true } } + + expect(response).to redirect_to(general_admin_application_settings_path) + expect(ApplicationSetting.current.require_admin_approval_after_user_signup).to eq(true) + end + it 'updates the password_authentication_enabled_for_git setting' do put :update, params: { application_setting: { password_authentication_enabled_for_git: "0" } } diff --git a/spec/controllers/admin/clusters_controller_spec.rb b/spec/controllers/admin/clusters_controller_spec.rb index d2a569a9d48..69bdc79c5f5 100644 --- a/spec/controllers/admin/clusters_controller_spec.rb +++ b/spec/controllers/admin/clusters_controller_spec.rb @@ -416,6 +416,7 @@ RSpec.describe Admin::ClustersController do expect(cluster).to be_user expect(cluster).to be_kubernetes expect(cluster).to be_platform_kubernetes_rbac + expect(cluster).to be_namespace_per_environment end end end @@ -585,6 +586,7 @@ RSpec.describe Admin::ClustersController do enabled: false, name: 'my-new-cluster-name', managed: false, + namespace_per_environment: false, base_domain: domain } } @@ -599,6 +601,7 @@ RSpec.describe Admin::ClustersController do expect(cluster.enabled).to be_falsey expect(cluster.name).to eq('my-new-cluster-name') expect(cluster).not_to be_managed + expect(cluster).not_to be_namespace_per_environment expect(cluster.domain).to eq('test-domain.com') end @@ -624,6 +627,7 @@ RSpec.describe Admin::ClustersController do enabled: false, name: 'my-new-cluster-name', managed: false, + namespace_per_environment: false, domain: domain } } @@ -637,6 +641,7 @@ RSpec.describe Admin::ClustersController do expect(cluster.enabled).to be_falsey expect(cluster.name).to eq('my-new-cluster-name') expect(cluster).not_to be_managed + expect(cluster).not_to be_namespace_per_environment end end diff --git a/spec/controllers/admin/hooks_controller_spec.rb b/spec/controllers/admin/hooks_controller_spec.rb index 8975f746dd7..17c4222530d 100644 --- a/spec/controllers/admin/hooks_controller_spec.rb +++ b/spec/controllers/admin/hooks_controller_spec.rb @@ -29,4 +29,12 @@ RSpec.describe Admin::HooksController do expect(SystemHook.first).to have_attributes(hook_params) end end + + describe 'DELETE #destroy' do + let!(:hook) { create(:system_hook) } + let!(:log) { create(:web_hook_log, web_hook: hook) } + let(:params) { { id: hook } } + + it_behaves_like 'Web hook destroyer' + end end diff --git a/spec/controllers/admin/instance_review_controller_spec.rb b/spec/controllers/admin/instance_review_controller_spec.rb new file mode 100644 index 00000000000..d15894eeb5d --- /dev/null +++ b/spec/controllers/admin/instance_review_controller_spec.rb @@ -0,0 +1,68 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Admin::InstanceReviewController do + include UsageDataHelpers + + let(:admin) { create(:admin) } + let(:subscriptions_url) { ::Gitlab::SubscriptionPortal::SUBSCRIPTIONS_URL } + + before do + sign_in(admin) + end + + context 'GET #index' do + let!(:group) { create(:group) } + let!(:projects) { create_list(:project, 2, group: group) } + + subject { post :index } + + context 'with usage ping enabled' do + before do + stub_application_setting(usage_ping_enabled: true) + stub_usage_data_connections + ::Gitlab::UsageData.data(force_refresh: true) + subject + end + + it 'redirects to the customers app with correct params' do + params = { instance_review: { + email: admin.email, + last_name: admin.name, + version: ::Gitlab::VERSION, + users_count: 5, + projects_count: 2, + groups_count: 1, + issues_count: 0, + merge_requests_count: 0, + internal_pipelines_count: 0, + external_pipelines_count: 0, + labels_count: 0, + milestones_count: 0, + snippets_count: 0, + notes_count: 0 + } }.to_query + + expect(response).to redirect_to("#{subscriptions_url}/instance_review?#{params}") + end + end + + context 'with usage ping disabled' do + before do + stub_application_setting(usage_ping_enabled: false) + subject + end + + it 'redirects to the customers app with correct params' do + params = { instance_review: { + email: admin.email, + last_name: admin.name, + version: ::Gitlab::VERSION + } }.to_query + + expect(response).to redirect_to("#{subscriptions_url}/instance_review?#{params}") + end + end + end +end diff --git a/spec/controllers/admin/integrations_controller_spec.rb b/spec/controllers/admin/integrations_controller_spec.rb index 4b1806a43d2..1a13d016b73 100644 --- a/spec/controllers/admin/integrations_controller_spec.rb +++ b/spec/controllers/admin/integrations_controller_spec.rb @@ -20,6 +20,18 @@ RSpec.describe Admin::IntegrationsController do end end end + + context 'when GitLab.com' do + before do + allow(::Gitlab).to receive(:com?) { true } + end + + it 'returns 404' do + get :edit, params: { id: Service.available_services_names.sample } + + expect(response).to have_gitlab_http_status(:not_found) + end + end end describe '#update' do @@ -43,7 +55,7 @@ RSpec.describe Admin::IntegrationsController do end it 'calls to PropagateIntegrationWorker' do - expect(PropagateIntegrationWorker).to have_received(:perform_async).with(integration.id, false) + expect(PropagateIntegrationWorker).to have_received(:perform_async).with(integration.id) end end diff --git a/spec/controllers/admin/runners_controller_spec.rb b/spec/controllers/admin/runners_controller_spec.rb index 013eee19409..3fffc50475c 100644 --- a/spec/controllers/admin/runners_controller_spec.rb +++ b/spec/controllers/admin/runners_controller_spec.rb @@ -151,4 +151,21 @@ RSpec.describe Admin::RunnersController do expect(runner.active).to eq(false) end end + + describe 'GET #runner_setup_scripts' do + it 'renders the setup scripts' do + get :runner_setup_scripts, params: { os: 'linux', arch: 'amd64' } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response).to have_key("install") + expect(json_response).to have_key("register") + end + + it 'renders errors if they occur' do + get :runner_setup_scripts, params: { os: 'foo', arch: 'bar' } + + expect(response).to have_gitlab_http_status(:bad_request) + expect(json_response).to have_key("errors") + end + end end diff --git a/spec/controllers/admin/sessions_controller_spec.rb b/spec/controllers/admin/sessions_controller_spec.rb index 35982e57034..5fa7a7f278d 100644 --- a/spec/controllers/admin/sessions_controller_spec.rb +++ b/spec/controllers/admin/sessions_controller_spec.rb @@ -109,7 +109,7 @@ RSpec.describe Admin::SessionsController, :do_not_mock_admin_mode do # triggering the auth form will request admin mode get :new - Timecop.freeze(Gitlab::Auth::CurrentUserMode::ADMIN_MODE_REQUESTED_GRACE_PERIOD.from_now) do + travel_to(Gitlab::Auth::CurrentUserMode::ADMIN_MODE_REQUESTED_GRACE_PERIOD.from_now) do post :create, params: { user: { password: user.password } } expect(response).to redirect_to(new_admin_session_path) diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb index 6301da74f4a..5312a0db7f5 100644 --- a/spec/controllers/admin/users_controller_spec.rb +++ b/spec/controllers/admin/users_controller_spec.rb @@ -23,6 +23,12 @@ RSpec.describe Admin::UsersController do expect(assigns(:users)).to eq([admin]) end + + it 'eager loads authorized projects association' do + get :index + + expect(assigns(:users).first.association(:authorized_projects)).to be_loaded + end end describe 'GET :id' do @@ -96,6 +102,58 @@ RSpec.describe Admin::UsersController do end end + describe 'PUT #approve' do + let(:user) { create(:user, :blocked_pending_approval) } + + subject { put :approve, params: { id: user.username } } + + context 'when feature is disabled' do + before do + stub_feature_flags(admin_approval_for_new_user_signups: false) + end + + it 'responds with access denied' do + subject + + expect(response).to have_gitlab_http_status(:not_found) + end + end + + context 'when feature is enabled' do + before do + stub_feature_flags(admin_approval_for_new_user_signups: true) + end + + context 'when successful' do + it 'activates the user' do + subject + + user.reload + + expect(user).to be_active + expect(flash[:notice]).to eq('Successfully approved') + end + end + + context 'when unsuccessful' do + let(:user) { create(:user, :blocked) } + + it 'displays the error' do + subject + + expect(flash[:alert]).to eq('The user you are trying to approve is not pending an approval') + end + + it 'does not activate the user' do + subject + + user.reload + expect(user).not_to be_active + end + end + end + end + describe 'PUT #activate' do shared_examples 'a request that activates the user' do it 'activates the user' do @@ -184,6 +242,17 @@ RSpec.describe Admin::UsersController do expect(flash[:notice]).to eq('Error occurred. A blocked user cannot be deactivated') end end + + context 'for an internal user' do + it 'does not deactivate the user' do + internal_user = User.alert_bot + + put :deactivate, params: { id: internal_user.username } + + expect(internal_user.reload.deactivated?).to be_falsey + expect(flash[:notice]).to eq('Internal users cannot be deactivated') + end + end end describe 'PUT block/:id' do @@ -321,7 +390,7 @@ RSpec.describe Admin::UsersController do describe 'POST update' do context 'when the password has changed' do - def update_password(user, password = User.random_password, password_confirmation = password) + def update_password(user, password = User.random_password, password_confirmation = password, format = :html) params = { id: user.to_param, user: { @@ -330,7 +399,7 @@ RSpec.describe Admin::UsersController do } } - post :update, params: params + post :update, params: params, format: format end context 'when admin changes their own password' do @@ -429,6 +498,23 @@ RSpec.describe Admin::UsersController do .not_to change { user.reload.encrypted_password } end end + + context 'when the update fails' do + let(:password) { User.random_password } + + before do + expect_next_instance_of(Users::UpdateService) do |service| + allow(service).to receive(:execute).and_return({ message: 'failed', status: :error }) + end + end + + it 'returns a 500 error' do + expect { update_password(admin, password, password, :json) } + .not_to change { admin.reload.password_expired? } + + expect(response).to have_gitlab_http_status(:error) + end + end end context 'admin notes' do -- cgit v1.2.1