From 6f10ecdeb6d8636ce7c9fb6cf7930f1a543f58df Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 29 Sep 2021 13:02:17 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@14-3-stable-ee

---
 spec/controllers/projects_controller_spec.rb | 41 ++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

(limited to 'spec/controllers/projects_controller_spec.rb')

diff --git a/spec/controllers/projects_controller_spec.rb b/spec/controllers/projects_controller_spec.rb
index 8afb80d9cc5..9d070061850 100644
--- a/spec/controllers/projects_controller_spec.rb
+++ b/spec/controllers/projects_controller_spec.rb
@@ -408,6 +408,47 @@ RSpec.describe ProjectsController do
     end
   end
 
+  describe 'POST create' do
+    let!(:params) do
+      {
+        path: 'foo',
+        description: 'bar',
+        import_url: project.http_url_to_repo,
+        namespace_id: user.namespace.id
+      }
+    end
+
+    subject { post :create, params: { project: params } }
+
+    before do
+      sign_in(user)
+    end
+
+    context 'when import by url is disabled' do
+      before do
+        stub_application_setting(import_sources: [])
+      end
+
+      it 'does not create project and reports an error' do
+        expect { subject }.not_to change { Project.count }
+
+        expect(response).to have_gitlab_http_status(:not_found)
+      end
+    end
+
+    context 'when import by url is enabled' do
+      before do
+        stub_application_setting(import_sources: ['git'])
+      end
+
+      it 'creates project' do
+        expect { subject }.to change { Project.count }
+
+        expect(response).to have_gitlab_http_status(:redirect)
+      end
+    end
+  end
+
   describe 'GET edit' do
     it 'allows an admin user to access the page', :enable_admin_mode do
       sign_in(create(:user, :admin))
-- 
cgit v1.2.1