BigW Consortium Gitlab

snippets_controller_spec.rb 12.2 KB
Newer Older
1 2 3
require 'spec_helper'

describe Projects::SnippetsController do
4
  let(:project) { create(:project_empty_repo, :public) }
5 6 7 8
  let(:user)    { create(:user) }
  let(:user2)   { create(:user) }

  before do
9 10
    project.add_master(user)
    project.add_master(user2)
11 12 13
  end

  describe 'GET #index' do
14 15 16 17 18 19
    context 'when page param' do
      let(:last_page) { project.snippets.page().total_pages }
      let!(:project_snippet) { create(:project_snippet, :public, project: project, author: user) }

      it 'redirects to last_page if page number is larger than number of pages' do
        get :index,
20 21
          namespace_id: project.namespace,
          project_id: project, page: (last_page + 1).to_param
22 23 24 25 26 27

        expect(response).to redirect_to(namespace_project_snippets_path(page: last_page))
      end

      it 'redirects to specified page' do
        get :index,
28 29
          namespace_id: project.namespace,
          project_id: project, page: last_page.to_param
30 31 32 33 34 35

        expect(assigns(:snippets).current_page).to eq(last_page)
        expect(response).to have_http_status(200)
      end
    end

36 37 38 39 40
    context 'when the project snippet is private' do
      let!(:project_snippet) { create(:project_snippet, :private, project: project, author: user) }

      context 'when anonymous' do
        it 'does not include the private snippet' do
41
          get :index, namespace_id: project.namespace, project_id: project
42 43

          expect(assigns(:snippets)).not_to include(project_snippet)
44
          expect(response).to have_http_status(200)
45 46 47 48
        end
      end

      context 'when signed in as the author' do
49 50 51
        before do
          sign_in(user)
        end
52 53

        it 'renders the snippet' do
54
          get :index, namespace_id: project.namespace, project_id: project
55 56

          expect(assigns(:snippets)).to include(project_snippet)
57
          expect(response).to have_http_status(200)
58 59 60 61
        end
      end

      context 'when signed in as a project member' do
62 63 64
        before do
          sign_in(user2)
        end
65 66

        it 'renders the snippet' do
67
          get :index, namespace_id: project.namespace, project_id: project
68 69

          expect(assigns(:snippets)).to include(project_snippet)
70
          expect(response).to have_http_status(200)
71 72 73 74 75
        end
      end
    end
  end

76
  describe 'POST #create' do
77
    def create_snippet(project, snippet_params = {}, additional_params = {})
78 79
      sign_in(user)

80
      project.add_developer(user)
81 82 83

      post :create, {
        namespace_id: project.namespace.to_param,
84
        project_id: project,
85
        project_snippet: { title: 'Title', content: 'Content', description: 'Description' }.merge(snippet_params)
86
      }.merge(additional_params)
87 88 89 90 91 92 93 94 95 96

      Snippet.last
    end

    it 'creates the snippet correctly' do
      snippet = create_snippet(project, visibility_level: Snippet::PRIVATE)

      expect(snippet.title).to eq('Title')
      expect(snippet.content).to eq('Content')
      expect(snippet.description).to eq('Description')
97 98 99 100
    end

    context 'when the snippet is spam' do
      before do
101
        allow_any_instance_of(AkismetService).to receive(:spam?).and_return(true)
102 103
      end

104 105
      context 'when the snippet is private' do
        it 'creates the snippet' do
106 107
          expect { create_snippet(project, visibility_level: Snippet::PRIVATE) }
            .to change { Snippet.count }.by(1)
108 109 110 111 112
        end
      end

      context 'when the snippet is public' do
        it 'rejects the shippet' do
113 114
          expect { create_snippet(project, visibility_level: Snippet::PUBLIC) }
            .not_to change { Snippet.count }
115 116 117 118
          expect(response).to render_template(:new)
        end

        it 'creates a spam log' do
119 120
          expect { create_snippet(project, visibility_level: Snippet::PUBLIC) }
            .to change { SpamLog.count }.by(1)
121 122 123 124 125 126 127 128 129
        end

        it 'renders :new with recaptcha disabled' do
          stub_application_setting(recaptcha_enabled: false)

          create_snippet(project, visibility_level: Snippet::PUBLIC)

          expect(response).to render_template(:new)
        end
130

131 132 133
        context 'recaptcha enabled' do
          before do
            stub_application_setting(recaptcha_enabled: true)
134
          end
135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150

          it 'renders :verify with recaptcha enabled' do
            create_snippet(project, visibility_level: Snippet::PUBLIC)

            expect(response).to render_template(:verify)
          end

          it 'renders snippet page when recaptcha verified' do
            spammy_title = 'Whatever'

            spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
            create_snippet(project,
                           { visibility_level: Snippet::PUBLIC },
                           { spam_log_id: spam_logs.last.id,
                             recaptcha_verification: true })

151
            expect(response).to redirect_to(project_snippet_path(project, Snippet.last))
152 153 154 155 156 157 158
          end
        end
      end
    end
  end

  describe 'PUT #update' do
159
    let(:project) { create :project, :public }
160 161 162 163 164 165 166 167 168
    let(:snippet) { create :project_snippet, author: user, project: project, visibility_level: visibility_level }

    def update_snippet(snippet_params = {}, additional_params = {})
      sign_in(user)

      project.add_developer(user)

      put :update, {
        namespace_id: project.namespace.to_param,
169
        project_id: project,
170 171 172 173 174 175 176 177 178
        id: snippet.id,
        project_snippet: { title: 'Title', content: 'Content' }.merge(snippet_params)
      }.merge(additional_params)

      snippet.reload
    end

    context 'when the snippet is spam' do
      before do
179
        allow_any_instance_of(AkismetService).to receive(:spam?).and_return(true)
180 181 182 183 184 185
      end

      context 'when the snippet is private' do
        let(:visibility_level) { Snippet::PRIVATE }

        it 'updates the snippet' do
186 187
          expect { update_snippet(title: 'Foo') }
            .to change { snippet.reload.title }.to('Foo')
188 189 190
        end
      end

191 192 193 194
      context 'when the snippet is public' do
        let(:visibility_level) { Snippet::PUBLIC }

        it 'rejects the shippet' do
195 196
          expect { update_snippet(title: 'Foo') }
            .not_to change { snippet.reload.title }
197 198 199
        end

        it 'creates a spam log' do
200 201
          expect { update_snippet(title: 'Foo') }
            .to change { SpamLog.count }.by(1)
202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230
        end

        it 'renders :edit with recaptcha disabled' do
          stub_application_setting(recaptcha_enabled: false)

          update_snippet(title: 'Foo')

          expect(response).to render_template(:edit)
        end

        context 'recaptcha enabled' do
          before do
            stub_application_setting(recaptcha_enabled: true)
          end

          it 'renders :verify with recaptcha enabled' do
            update_snippet(title: 'Foo')

            expect(response).to render_template(:verify)
          end

          it 'renders snippet page when recaptcha verified' do
            spammy_title = 'Whatever'

            spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
            snippet = update_snippet({ title: spammy_title },
                                     { spam_log_id: spam_logs.last.id,
                                       recaptcha_verification: true })

231
            expect(response).to redirect_to(project_snippet_path(project, snippet))
232 233
          end
        end
234 235 236 237 238 239
      end

      context 'when the private snippet is made public' do
        let(:visibility_level) { Snippet::PRIVATE }

        it 'rejects the shippet' do
240 241
          expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) }
            .not_to change { snippet.reload.title }
242 243 244
        end

        it 'creates a spam log' do
245 246
          expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) }
            .to change { SpamLog.count }.by(1)
247 248 249 250
        end

        it 'renders :edit with recaptcha disabled' do
          stub_application_setting(recaptcha_enabled: false)
251

252 253 254 255 256 257 258 259 260 261 262 263 264 265
          update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC)

          expect(response).to render_template(:edit)
        end

        context 'recaptcha enabled' do
          before do
            stub_application_setting(recaptcha_enabled: true)
          end

          it 'renders :verify with recaptcha enabled' do
            update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC)

            expect(response).to render_template(:verify)
266 267
          end

268 269 270 271 272 273 274 275
          it 'renders snippet page when recaptcha verified' do
            spammy_title = 'Whatever'

            spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
            snippet = update_snippet({ title: spammy_title, visibility_level: Snippet::PUBLIC },
                                     { spam_log_id: spam_logs.last.id,
                                       recaptcha_verification: true })

276
            expect(response).to redirect_to(project_snippet_path(project, snippet))
277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293
          end
        end
      end
    end
  end

  describe 'POST #mark_as_spam' do
    let(:snippet) { create(:project_snippet, :private, project: project, author: user) }

    before do
      allow_any_instance_of(AkismetService).to receive_messages(submit_spam: true)
      stub_application_setting(akismet_enabled: true)
    end

    def mark_as_spam
      admin = create(:admin)
      create(:user_agent_detail, subject: snippet)
294
      project.add_master(admin)
295 296 297
      sign_in(admin)

      post :mark_as_spam,
298 299
           namespace_id: project.namespace,
           project_id: project,
300 301 302 303 304 305 306 307 308 309
           id: snippet.id
    end

    it 'updates the snippet' do
      mark_as_spam

      expect(snippet.reload).not_to be_submittable_as_spam
    end
  end

310 311 312 313 314 315 316
  %w[show raw].each do |action|
    describe "GET ##{action}" do
      context 'when the project snippet is private' do
        let(:project_snippet) { create(:project_snippet, :private, project: project, author: user) }

        context 'when anonymous' do
          it 'responds with status 404' do
317
            get action, namespace_id: project.namespace, project_id: project, id: project_snippet.to_param
318

319
            expect(response).to have_http_status(404)
320 321 322 323
          end
        end

        context 'when signed in as the author' do
324 325 326
          before do
            sign_in(user)
          end
327 328

          it 'renders the snippet' do
329
            get action, namespace_id: project.namespace, project_id: project, id: project_snippet.to_param
330 331

            expect(assigns(:snippet)).to eq(project_snippet)
332
            expect(response).to have_http_status(200)
333 334 335 336
          end
        end

        context 'when signed in as a project member' do
337 338 339
          before do
            sign_in(user2)
          end
340 341

          it 'renders the snippet' do
342
            get action, namespace_id: project.namespace, project_id: project, id: project_snippet.to_param
343 344

            expect(assigns(:snippet)).to eq(project_snippet)
345
            expect(response).to have_http_status(200)
346 347 348 349 350 351 352
          end
        end
      end

      context 'when the project snippet does not exist' do
        context 'when anonymous' do
          it 'responds with status 404' do
353
            get action, namespace_id: project.namespace, project_id: project, id: 42
354

355
            expect(response).to have_http_status(404)
356 357 358 359
          end
        end

        context 'when signed in' do
360 361 362
          before do
            sign_in(user)
          end
363 364

          it 'responds with status 404' do
365
            get action, namespace_id: project.namespace, project_id: project, id: 42
366

367
            expect(response).to have_http_status(404)
368 369 370 371 372
          end
        end
      end
    end
  end
373 374 375 376 377 378 379 380 381 382 383 384 385 386

  describe 'GET #raw' do
    let(:project_snippet) do
      create(
        :project_snippet, :public,
        project: project,
        author: user,
        content: "first line\r\nsecond line\r\nthird line"
      )
    end

    context 'CRLF line ending' do
      let(:params) do
        {
387 388
          namespace_id: project.namespace,
          project_id: project,
389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405
          id: project_snippet.to_param
        }
      end

      it 'returns LF line endings by default' do
        get :raw, params

        expect(response.body).to eq("first line\nsecond line\nthird line")
      end

      it 'does not convert line endings when parameter present' do
        get :raw, params.merge(line_ending: :raw)

        expect(response.body).to eq("first line\r\nsecond line\r\nthird line")
      end
    end
  end
406
end