Skip to content
Snippets Groups Projects
Commit 033c1c0c authored by Sanad Liaquat's avatar Sanad Liaquat
Browse files

Create user as admin

parent 4c30b0a1
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
+ 12
2
View file @ 033c1c0c
@@ -4,14 +4,24 @@ module QA
context 'Plan' do
describe 'check xss occurence in @mentions in issues' do
before do
Runtime::Browser.visit(:gitlab, Page::Main::Login)
Page::Main::Login.perform(&:sign_in_using_credentials)
QA::Runtime::Env.personal_access_token = QA::Runtime::Env.admin_personal_access_token
unless QA::Runtime::Env.personal_access_token
Runtime::Browser.visit(:gitlab, Page::Main::Login)
Page::Main::Login.perform(&:sign_in_using_admin_credentials)
end
 
user = Resource::User.fabricate_via_api! do |user|
user.name = "eve <img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;"
user.password = "test1234"
end
 
QA::Runtime::Env.personal_access_token = nil
Page::Main::Menu.perform(&:sign_out) if Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
Page::Main::Login.perform(&:sign_in_using_credentials)
project = Resource::Project.fabricate_via_api! do |resource|
resource.name = 'xss-test-for-mentions-project'
end
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment