BigW Consortium Gitlab

project_snippets_spec.rb 7.01 KB
Newer Older
1 2
require 'rails_helper'

3
describe API::ProjectSnippets, api: true do
4 5
  include ApiHelpers

6
  let(:project) { create(:empty_project, :public) }
7
  let(:user) { create(:user) }
8 9
  let(:admin) { create(:admin) }

10
  describe 'GET /projects/:project_id/snippets/' do
11 12
    let(:user) { create(:user) }

13
    it 'returns all snippets available to team member' do
14
      project.add_developer(user)
15 16 17 18
      public_snippet = create(:project_snippet, :public, project: project)
      internal_snippet = create(:project_snippet, :internal, project: project)
      private_snippet = create(:project_snippet, :private, project: project)

19
      get api("/projects/#{project.id}/snippets", user)
20

21
      expect(response).to have_http_status(200)
22 23
      expect(response).to include_pagination_headers
      expect(json_response).to be_an Array
24 25
      expect(json_response.size).to eq(3)
      expect(json_response.map{ |snippet| snippet['id']} ).to include(public_snippet.id, internal_snippet.id, private_snippet.id)
26
      expect(json_response.last).to have_key('web_url')
27 28 29 30 31 32
    end

    it 'hides private snippets from regular user' do
      create(:project_snippet, :private, project: project)

      get api("/projects/#{project.id}/snippets/", user)
33

34
      expect(response).to have_http_status(200)
35 36
      expect(response).to include_pagination_headers
      expect(json_response).to be_an Array
37 38 39 40 41
      expect(json_response.size).to eq(0)
    end
  end

  describe 'POST /projects/:project_id/snippets/' do
42 43
    let(:params) do
      {
44 45 46
        title: 'Test Title',
        file_name: 'test.rb',
        code: 'puts "hello world"',
47
        visibility: 'public'
48
      }
49
    end
50

51
    it 'creates a new snippet' do
52 53
      post api("/projects/#{project.id}/snippets/", admin), params

54
      expect(response).to have_http_status(201)
55 56 57 58
      snippet = ProjectSnippet.find(json_response['id'])
      expect(snippet.content).to eq(params[:code])
      expect(snippet.title).to eq(params[:title])
      expect(snippet.file_name).to eq(params[:file_name])
59
      expect(snippet.visibility_level).to eq(Snippet::PUBLIC)
60
    end
61 62 63 64 65 66 67 68

    it 'returns 400 for missing parameters' do
      params.delete(:title)

      post api("/projects/#{project.id}/snippets/", admin), params

      expect(response).to have_http_status(400)
    end
69 70 71

    context 'when the snippet is spam' do
      def create_snippet(project, snippet_params = {})
72
        project.add_developer(user)
73 74 75 76 77 78 79 80

        post api("/projects/#{project.id}/snippets", user), params.merge(snippet_params)
      end

      before do
        allow_any_instance_of(AkismetService).to receive(:is_spam?).and_return(true)
      end

81 82
      context 'when the snippet is private' do
        it 'creates the snippet' do
83
          expect { create_snippet(project, visibility: 'private') }.
84
            to change { Snippet.count }.by(1)
85 86 87
        end
      end

88
      context 'when the snippet is public' do
89 90
        it 'rejects the snippet' do
          expect { create_snippet(project, visibility: 'public') }.
91 92 93 94
            not_to change { Snippet.count }

          expect(response).to have_http_status(400)
          expect(json_response['message']).to eq({ "error" => "Spam detected" })
95 96
        end

97
        it 'creates a spam log' do
98
          expect { create_snippet(project, visibility: 'public') }.
99
            to change { SpamLog.count }.by(1)
100 101 102
        end
      end
    end
103 104 105
  end

  describe 'PUT /projects/:project_id/snippets/:id/' do
106 107
    let(:visibility_level) { Snippet::PUBLIC }
    let(:snippet) { create(:project_snippet, author: admin, visibility_level: visibility_level) }
108

109 110 111 112 113
    it 'updates snippet' do
      new_content = 'New content'

      put api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin), code: new_content

114
      expect(response).to have_http_status(200)
115 116 117
      snippet.reload
      expect(snippet.content).to eq(new_content)
    end
118 119 120 121 122 123 124 125 126 127 128 129 130

    it 'returns 404 for invalid snippet id' do
      put api("/projects/#{snippet.project.id}/snippets/1234", admin), title: 'foo'

      expect(response).to have_http_status(404)
      expect(json_response['message']).to eq('404 Snippet Not Found')
    end

    it 'returns 400 for missing parameters' do
      put api("/projects/#{project.id}/snippets/1234", admin)

      expect(response).to have_http_status(400)
    end
131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167

    context 'when the snippet is spam' do
      def update_snippet(snippet_params = {})
        put api("/projects/#{snippet.project.id}/snippets/#{snippet.id}", admin), snippet_params
      end

      before do
        allow_any_instance_of(AkismetService).to receive(:is_spam?).and_return(true)
      end

      context 'when the snippet is private' do
        let(:visibility_level) { Snippet::PRIVATE }

        it 'creates the snippet' do
          expect { update_snippet(title: 'Foo') }.
            to change { snippet.reload.title }.to('Foo')
        end
      end

      context 'when the snippet is public' do
        let(:visibility_level) { Snippet::PUBLIC }

        it 'rejects the snippet' do
          expect { update_snippet(title: 'Foo') }.
            not_to change { snippet.reload.title }
        end

        it 'creates a spam log' do
          expect { update_snippet(title: 'Foo') }.
            to change { SpamLog.count }.by(1)
        end
      end

      context 'when the private snippet is made public' do
        let(:visibility_level) { Snippet::PRIVATE }

        it 'rejects the snippet' do
168
          expect { update_snippet(title: 'Foo', visibility: 'public') }.
169 170 171 172 173 174 175
            not_to change { snippet.reload.title }

          expect(response).to have_http_status(400)
          expect(json_response['message']).to eq({ "error" => "Spam detected" })
        end

        it 'creates a spam log' do
176
          expect { update_snippet(title: 'Foo', visibility: 'public') }.
177 178 179 180
            to change { SpamLog.count }.by(1)
        end
      end
    end
181 182 183
  end

  describe 'DELETE /projects/:project_id/snippets/:id/' do
184 185
    let(:snippet) { create(:project_snippet, author: admin) }

186 187 188 189 190 191
    it 'deletes snippet' do
      admin = create(:admin)
      snippet = create(:project_snippet, author: admin)

      delete api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin)

192
      expect(response).to have_http_status(204)
193
    end
194 195 196 197 198 199 200

    it 'returns 404 for invalid snippet id' do
      delete api("/projects/#{snippet.project.id}/snippets/1234", admin)

      expect(response).to have_http_status(404)
      expect(json_response['message']).to eq('404 Snippet Not Found')
    end
201 202 203
  end

  describe 'GET /projects/:project_id/snippets/:id/raw' do
204
    let(:snippet) { create(:project_snippet, author: admin) }
205

206
    it 'returns raw text' do
207 208
      get api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/raw", admin)

209
      expect(response).to have_http_status(200)
210 211 212
      expect(response.content_type).to eq 'text/plain'
      expect(response.body).to eq(snippet.content)
    end
213 214

    it 'returns 404 for invalid snippet id' do
Robert Schilling committed
215
      get api("/projects/#{snippet.project.id}/snippets/1234/raw", admin)
216 217 218 219

      expect(response).to have_http_status(404)
      expect(json_response['message']).to eq('404 Snippet Not Found')
    end
220
  end
221
end