BigW Consortium Gitlab

snippets_controller_spec.rb 11.7 KB
Newer Older
1 2 3
require 'spec_helper'

describe Projects::SnippetsController do
4
  let(:project) { create(:project_empty_repo, :public) }
5 6 7 8
  let(:user)    { create(:user) }
  let(:user2)   { create(:user) }

  before do
9 10
    project.add_master(user)
    project.add_master(user2)
11 12 13
  end

  describe 'GET #index' do
14 15 16 17 18 19
    context 'when page param' do
      let(:last_page) { project.snippets.page().total_pages }
      let!(:project_snippet) { create(:project_snippet, :public, project: project, author: user) }

      it 'redirects to last_page if page number is larger than number of pages' do
        get :index,
20 21
          namespace_id: project.namespace,
          project_id: project, page: (last_page + 1).to_param
22 23 24 25 26 27

        expect(response).to redirect_to(namespace_project_snippets_path(page: last_page))
      end

      it 'redirects to specified page' do
        get :index,
28 29
          namespace_id: project.namespace,
          project_id: project, page: last_page.to_param
30 31 32 33 34 35

        expect(assigns(:snippets).current_page).to eq(last_page)
        expect(response).to have_http_status(200)
      end
    end

36 37 38 39 40
    context 'when the project snippet is private' do
      let!(:project_snippet) { create(:project_snippet, :private, project: project, author: user) }

      context 'when anonymous' do
        it 'does not include the private snippet' do
41
          get :index, namespace_id: project.namespace, project_id: project
42 43

          expect(assigns(:snippets)).not_to include(project_snippet)
44
          expect(response).to have_http_status(200)
45 46 47 48 49 50 51
        end
      end

      context 'when signed in as the author' do
        before { sign_in(user) }

        it 'renders the snippet' do
52
          get :index, namespace_id: project.namespace, project_id: project
53 54

          expect(assigns(:snippets)).to include(project_snippet)
55
          expect(response).to have_http_status(200)
56 57 58 59 60 61 62
        end
      end

      context 'when signed in as a project member' do
        before { sign_in(user2) }

        it 'renders the snippet' do
63
          get :index, namespace_id: project.namespace, project_id: project
64 65

          expect(assigns(:snippets)).to include(project_snippet)
66
          expect(response).to have_http_status(200)
67 68 69 70 71
        end
      end
    end
  end

72
  describe 'POST #create' do
73
    def create_snippet(project, snippet_params = {}, additional_params = {})
74 75
      sign_in(user)

76
      project.add_developer(user)
77 78 79

      post :create, {
        namespace_id: project.namespace.to_param,
80
        project_id: project,
81
        project_snippet: { title: 'Title', content: 'Content' }.merge(snippet_params)
82
      }.merge(additional_params)
83 84 85 86 87 88 89
    end

    context 'when the snippet is spam' do
      before do
        allow_any_instance_of(AkismetService).to receive(:is_spam?).and_return(true)
      end

90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115
      context 'when the snippet is private' do
        it 'creates the snippet' do
          expect { create_snippet(project, visibility_level: Snippet::PRIVATE) }.
            to change { Snippet.count }.by(1)
        end
      end

      context 'when the snippet is public' do
        it 'rejects the shippet' do
          expect { create_snippet(project, visibility_level: Snippet::PUBLIC) }.
            not_to change { Snippet.count }
          expect(response).to render_template(:new)
        end

        it 'creates a spam log' do
          expect { create_snippet(project, visibility_level: Snippet::PUBLIC) }.
            to change { SpamLog.count }.by(1)
        end

        it 'renders :new with recaptcha disabled' do
          stub_application_setting(recaptcha_enabled: false)

          create_snippet(project, visibility_level: Snippet::PUBLIC)

          expect(response).to render_template(:new)
        end
116

117 118 119
        context 'recaptcha enabled' do
          before do
            stub_application_setting(recaptcha_enabled: true)
120
          end
121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154

          it 'renders :verify with recaptcha enabled' do
            create_snippet(project, visibility_level: Snippet::PUBLIC)

            expect(response).to render_template(:verify)
          end

          it 'renders snippet page when recaptcha verified' do
            spammy_title = 'Whatever'

            spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
            create_snippet(project,
                           { visibility_level: Snippet::PUBLIC },
                           { spam_log_id: spam_logs.last.id,
                             recaptcha_verification: true })

            expect(response).to redirect_to(Snippet.last)
          end
        end
      end
    end
  end

  describe 'PUT #update' do
    let(:project) { create :project, :public }
    let(:snippet) { create :project_snippet, author: user, project: project, visibility_level: visibility_level }

    def update_snippet(snippet_params = {}, additional_params = {})
      sign_in(user)

      project.add_developer(user)

      put :update, {
        namespace_id: project.namespace.to_param,
155
        project_id: project,
156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173
        id: snippet.id,
        project_snippet: { title: 'Title', content: 'Content' }.merge(snippet_params)
      }.merge(additional_params)

      snippet.reload
    end

    context 'when the snippet is spam' do
      before do
        allow_any_instance_of(AkismetService).to receive(:is_spam?).and_return(true)
      end

      context 'when the snippet is private' do
        let(:visibility_level) { Snippet::PRIVATE }

        it 'updates the snippet' do
          expect { update_snippet(title: 'Foo') }.
            to change { snippet.reload.title }.to('Foo')
174 175 176
        end
      end

177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217
      context 'when the snippet is public' do
        let(:visibility_level) { Snippet::PUBLIC }

        it 'rejects the shippet' do
          expect { update_snippet(title: 'Foo') }.
            not_to change { snippet.reload.title }
        end

        it 'creates a spam log' do
          expect { update_snippet(title: 'Foo') }.
            to change { SpamLog.count }.by(1)
        end

        it 'renders :edit with recaptcha disabled' do
          stub_application_setting(recaptcha_enabled: false)

          update_snippet(title: 'Foo')

          expect(response).to render_template(:edit)
        end

        context 'recaptcha enabled' do
          before do
            stub_application_setting(recaptcha_enabled: true)
          end

          it 'renders :verify with recaptcha enabled' do
            update_snippet(title: 'Foo')

            expect(response).to render_template(:verify)
          end

          it 'renders snippet page when recaptcha verified' do
            spammy_title = 'Whatever'

            spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
            snippet = update_snippet({ title: spammy_title },
                                     { spam_log_id: spam_logs.last.id,
                                       recaptcha_verification: true })

            expect(response).to redirect_to(snippet)
218 219
          end
        end
220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236
      end

      context 'when the private snippet is made public' do
        let(:visibility_level) { Snippet::PRIVATE }

        it 'rejects the shippet' do
          expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) }.
            not_to change { snippet.reload.title }
        end

        it 'creates a spam log' do
          expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) }.
            to change { SpamLog.count }.by(1)
        end

        it 'renders :edit with recaptcha disabled' do
          stub_application_setting(recaptcha_enabled: false)
237

238 239 240 241 242 243 244 245 246 247 248 249 250 251
          update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC)

          expect(response).to render_template(:edit)
        end

        context 'recaptcha enabled' do
          before do
            stub_application_setting(recaptcha_enabled: true)
          end

          it 'renders :verify with recaptcha enabled' do
            update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC)

            expect(response).to render_template(:verify)
252 253
          end

254 255 256 257 258 259 260 261 262
          it 'renders snippet page when recaptcha verified' do
            spammy_title = 'Whatever'

            spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
            snippet = update_snippet({ title: spammy_title, visibility_level: Snippet::PUBLIC },
                                     { spam_log_id: spam_logs.last.id,
                                       recaptcha_verification: true })

            expect(response).to redirect_to(snippet)
263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279
          end
        end
      end
    end
  end

  describe 'POST #mark_as_spam' do
    let(:snippet) { create(:project_snippet, :private, project: project, author: user) }

    before do
      allow_any_instance_of(AkismetService).to receive_messages(submit_spam: true)
      stub_application_setting(akismet_enabled: true)
    end

    def mark_as_spam
      admin = create(:admin)
      create(:user_agent_detail, subject: snippet)
280
      project.add_master(admin)
281 282 283
      sign_in(admin)

      post :mark_as_spam,
284 285
           namespace_id: project.namespace,
           project_id: project,
286 287 288 289 290 291 292 293 294 295
           id: snippet.id
    end

    it 'updates the snippet' do
      mark_as_spam

      expect(snippet.reload).not_to be_submittable_as_spam
    end
  end

296 297 298 299 300 301 302
  %w[show raw].each do |action|
    describe "GET ##{action}" do
      context 'when the project snippet is private' do
        let(:project_snippet) { create(:project_snippet, :private, project: project, author: user) }

        context 'when anonymous' do
          it 'responds with status 404' do
303
            get action, namespace_id: project.namespace, project_id: project, id: project_snippet.to_param
304

305
            expect(response).to have_http_status(404)
306 307 308 309 310 311 312
          end
        end

        context 'when signed in as the author' do
          before { sign_in(user) }

          it 'renders the snippet' do
313
            get action, namespace_id: project.namespace, project_id: project, id: project_snippet.to_param
314 315

            expect(assigns(:snippet)).to eq(project_snippet)
316
            expect(response).to have_http_status(200)
317 318 319 320 321 322 323
          end
        end

        context 'when signed in as a project member' do
          before { sign_in(user2) }

          it 'renders the snippet' do
324
            get action, namespace_id: project.namespace, project_id: project, id: project_snippet.to_param
325 326

            expect(assigns(:snippet)).to eq(project_snippet)
327
            expect(response).to have_http_status(200)
328 329 330 331 332 333 334
          end
        end
      end

      context 'when the project snippet does not exist' do
        context 'when anonymous' do
          it 'responds with status 404' do
335
            get action, namespace_id: project.namespace, project_id: project, id: 42
336

337
            expect(response).to have_http_status(404)
338 339 340 341 342 343 344
          end
        end

        context 'when signed in' do
          before { sign_in(user) }

          it 'responds with status 404' do
345
            get action, namespace_id: project.namespace, project_id: project, id: 42
346

347
            expect(response).to have_http_status(404)
348 349 350 351 352
          end
        end
      end
    end
  end
353 354 355 356 357 358 359 360 361 362 363 364 365 366

  describe 'GET #raw' do
    let(:project_snippet) do
      create(
        :project_snippet, :public,
        project: project,
        author: user,
        content: "first line\r\nsecond line\r\nthird line"
      )
    end

    context 'CRLF line ending' do
      let(:params) do
        {
367 368
          namespace_id: project.namespace,
          project_id: project,
369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385
          id: project_snippet.to_param
        }
      end

      it 'returns LF line endings by default' do
        get :raw, params

        expect(response.body).to eq("first line\nsecond line\nthird line")
      end

      it 'does not convert line endings when parameter present' do
        get :raw, params.merge(line_ending: :raw)

        expect(response.body).to eq("first line\r\nsecond line\r\nthird line")
      end
    end
  end
386
end