Skip to content
Snippets Groups Projects
Commit ca055120 authored by GitLab Bot's avatar GitLab Bot
Browse files

Add latest changes from gitlab-org/gitlab@master

parent 6b833f1e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 230 additions and 578 deletions
lib/gitlab/diff/highlight_cache.rb
+ 6
0
View file @ ca055120
@@ -93,6 +93,8 @@ module Gitlab
#
redis.expire(key, EXPIRATION)
end
record_metrics(redis.memory("USAGE", key))
end
 
# Subsequent read_file calls would need the latest cache.
@@ -101,6 +103,10 @@ module Gitlab
clear_memoization(:cacheable_files)
end
 
def record_metrics(memory_usage)
self.class.gitlab_redis_diff_caching_memory_usage_bytes.observe({}, memory_usage)
end
def file_paths
strong_memoize(:file_paths) do
diff_files.collect(&:file_path)
lib/gitlab/sidekiq_middleware.rb
+ 0
2
View file @ ca055120
@@ -17,7 +17,6 @@ module Gitlab
chain.add Gitlab::SidekiqMiddleware::BatchLoader
chain.add Labkit::Middleware::Sidekiq::Server
chain.add Gitlab::SidekiqMiddleware::InstrumentationLogger
chain.add Gitlab::SidekiqMiddleware::AdminMode::Server
chain.add Gitlab::SidekiqStatus::ServerMiddleware
chain.add Gitlab::SidekiqMiddleware::WorkerContext::Server
end
@@ -32,7 +31,6 @@ module Gitlab
chain.add Gitlab::SidekiqMiddleware::ClientMetrics
chain.add Gitlab::SidekiqMiddleware::WorkerContext::Client # needs to be before the Labkit middleware
chain.add Labkit::Middleware::Sidekiq::Client
chain.add Gitlab::SidekiqMiddleware::AdminMode::Client
end
end
end
lib/gitlab/sidekiq_middleware/admin_mode/client.rb deleted 100644 → 0
+ 0
34
View file @ 6b833f1e
# frozen_string_literal: true
module Gitlab
module SidekiqMiddleware
module AdminMode
# Checks if admin mode is enabled for the request creating the sidekiq job
# by examining if admin mode has been enabled for the user
# If enabled then it injects a job field that persists through the job execution
class Client
def call(_worker_class, job, _queue, _redis_pool)
return yield unless Feature.enabled?(:user_mode_in_session)
# Admin mode enabled in the original request or in a nested sidekiq job
admin_mode_user_id = find_admin_user_id
if admin_mode_user_id
job['admin_mode_user_id'] ||= admin_mode_user_id
Gitlab::AppLogger.debug("AdminMode::Client injected admin mode for job: #{job.inspect}")
end
yield
end
private
def find_admin_user_id
Gitlab::Auth::CurrentUserMode.current_admin&.id ||
Gitlab::Auth::CurrentUserMode.bypass_session_admin_id
end
end
end
end
end
lib/gitlab/sidekiq_middleware/admin_mode/server.rb deleted 100644 → 0
+ 0
24
View file @ 6b833f1e
# frozen_string_literal: true
module Gitlab
module SidekiqMiddleware
module AdminMode
class Server
def call(_worker, job, _queue)
return yield unless Feature.enabled?(:user_mode_in_session)
admin_mode_user_id = job['admin_mode_user_id']
# Do not bypass session if this job was not enabled with admin mode on
return yield unless admin_mode_user_id
Gitlab::Auth::CurrentUserMode.bypass_session!(admin_mode_user_id) do
Gitlab::AppLogger.debug("AdminMode::Server bypasses session for admin mode in job: #{job.inspect}")
yield
end
end
end
end
end
end
locale/gitlab.pot
+ 27
3
View file @ ca055120
@@ -7137,6 +7137,21 @@ msgstr ""
msgid "Enable/disable your service desk. %{link_start}Learn more about service desk%{link_end}."
msgstr ""
 
msgid "EnableReviewApp|%{stepStart}Step 1%{stepEnd}. Ensure you have Kubernetes set up and have a base domain for your %{linkStart}cluster%{linkEnd}."
msgstr ""
msgid "EnableReviewApp|%{stepStart}Step 2%{stepEnd}. Copy the following snippet:"
msgstr ""
msgid "EnableReviewApp|%{stepStart}Step 3%{stepEnd}. Add it to the project %{linkStart}gitlab-ci.yml%{linkEnd} file."
msgstr ""
msgid "EnableReviewApp|Close"
msgstr ""
msgid "EnableReviewApp|Copy snippet text"
msgstr ""
msgid "Enabled"
msgstr ""
 
@@ -7311,6 +7326,9 @@ msgstr ""
msgid "Environments|Deployment"
msgstr ""
 
msgid "Environments|Enable review app"
msgstr ""
msgid "Environments|Environment"
msgstr ""
 
@@ -11529,6 +11547,9 @@ msgstr ""
msgid "Manage two-factor authentication"
msgstr ""
 
msgid "Manage your license"
msgstr ""
msgid "Manifest"
msgstr ""
 
@@ -16189,6 +16210,9 @@ msgstr ""
msgid "Review time is defined as the time it takes from first comment until merged."
msgstr ""
 
msgid "ReviewApp|Enable Review App"
msgstr ""
msgid "Reviewing"
msgstr ""
 
@@ -19205,6 +19229,9 @@ msgstr ""
msgid "This GitLab instance does not provide any shared Runners yet. Instance administrators can register shared Runners in the admin area."
msgstr ""
 
msgid "This GitLab instance is licensed at the %{insufficient_license} tier. Geo is only available for users who have at least a Premium license."
msgstr ""
msgid "This action can lead to data loss. To prevent accidental actions we ask you to confirm your intention."
msgstr ""
 
@@ -21868,9 +21895,6 @@ msgstr ""
msgid "You need a different license to enable FileLocks feature"
msgstr ""
 
msgid "You need a different license to use Geo replication."
msgstr ""
msgid "You need git-lfs version %{min_git_lfs_version} (or greater) to continue. Please visit https://git-lfs.github.com"
msgstr ""
 
qa/qa/page/project/pipeline/show.rb
+ 2
2
View file @ ca055120
@@ -30,9 +30,9 @@ module QA::Page
element :pipeline_badges
end
 
def running?
def running?(wait: 0)
within('.ci-header-container') do
page.has_content?('running')
page.has_content?('running', wait: wait)
end
end
 
qa/qa/specs/features/browser_ui/4_verify/pipeline/create_and_process_pipeline_spec.rb
+ 49
53
View file @ ca055120
# frozen_string_literal: true
 
module QA
context 'Verify', :orchestrated, :docker do
context 'Verify', :docker do
describe 'Pipeline creation and processing' do
let(:executor) { "qa-runner-#{Time.now.to_i}" }
 
after do
Service::DockerRun::GitlabRunner.new(executor).remove!
end
it 'users creates a pipeline which gets processed' do
Flow::Login.sign_in
project = Resource::Project.fabricate! do |project|
project.name = 'project-with-pipelines'
project.description = 'Project with CI/CD Pipelines.'
let(:project) do
Resource::Project.fabricate_via_api! do |project|
project.name = 'project-with-pipeline'
end
end
 
before do
Resource::Runner.fabricate! do |runner|
runner.project = project
runner.name = executor
runner.tags = %w[qa test]
runner.tags = [executor]
end
end
 
Resource::Repository::ProjectPush.fabricate! do |push|
push.project = project
push.file_name = '.gitlab-ci.yml'
push.commit_message = 'Add .gitlab-ci.yml'
push.file_content = <<~EOF
test-success:
tags:
- qa
- test
script: echo 'OK'
test-failure:
tags:
- qa
- test
script:
- echo 'FAILURE'
- exit 1
test-tags:
tags:
- qa
- docker
script: echo 'NOOP'
after do
Service::DockerRun::GitlabRunner.new(executor).remove!
end
 
test-artifacts:
tags:
- qa
- test
script: mkdir my-artifacts; echo "CONTENTS" > my-artifacts/artifact.txt
artifacts:
paths:
- my-artifacts/
EOF
end.project.visit!
it 'users creates a pipeline which gets processed', :smoke do
Flow::Login.sign_in
 
expect(page).to have_content('Add .gitlab-ci.yml')
Resource::Repository::Commit.fabricate_via_api! do |commit|
commit.project = project
commit.commit_message = 'Add .gitlab-ci.yml'
commit.add_files(
[
{
file_path: '.gitlab-ci.yml',
content: <<~YAML
test-success:
tags:
- #{executor}
script: echo 'OK'
 
Page::Project::Menu.perform(&:click_ci_cd_pipelines)
test-failure:
tags:
- #{executor}
script:
- echo 'FAILURE'
- exit 1
 
expect(page).to have_content('All 1')
expect(page).to have_content('Add .gitlab-ci.yml')
test-tags:
tags:
- invalid
script: echo 'NOOP'
 
puts 'Waiting for the runner to process the pipeline'
sleep 15 # Runner should process all jobs within 15 seconds.
test-artifacts:
tags:
- #{executor}
script: mkdir my-artifacts; echo "CONTENTS" > my-artifacts/artifact.txt
artifacts:
paths:
- my-artifacts/
YAML
}
]
)
end.project.visit!
 
Page::Project::Menu.perform(&:click_ci_cd_pipelines)
Page::Project::Pipeline::Index.perform(&:click_on_latest_pipeline)
 
Page::Project::Pipeline::Show.perform do |pipeline|
expect(pipeline).to be_running
expect(pipeline).to be_running(wait: 30)
expect(pipeline).to have_build('test-success', status: :success)
expect(pipeline).to have_build('test-failure', status: :failed)
expect(pipeline).to have_build('test-tags', status: :pending)
spec/features/admin/admin_mode/workers_spec.rb deleted 100644 → 0
+ 0
77
View file @ 6b833f1e
# frozen_string_literal: true
require 'spec_helper'
# Test an operation that triggers background jobs requiring administrative rights
describe 'Admin mode for workers', :do_not_mock_admin_mode, :request_store, :clean_gitlab_redis_shared_state do
let(:user) { create(:user) }
let(:user_to_delete) { create(:user) }
before do
add_sidekiq_middleware
sign_in(user)
end
context 'as a regular user' do
it 'cannot delete user' do
visit admin_user_path(user_to_delete)
expect(page).to have_gitlab_http_status(:not_found)
end
end
context 'as an admin user' do
let(:user) { create(:admin) }
context 'when admin mode disabled' do
it 'cannot delete user', :js do
visit admin_user_path(user_to_delete)
expect(page).to have_content('Re-authentication required')
end
end
context 'when admin mode enabled', :delete do
before do
gitlab_enable_admin_mode_sign_in(user)
end
it 'can delete user', :js do
visit admin_user_path(user_to_delete)
click_button 'Delete user'
page.within '.modal-dialog' do
find("input[name='username']").send_keys(user_to_delete.name)
click_button 'Delete user'
wait_for_requests
end
expect(page).to have_content('The user is being deleted.')
# Perform jobs while logged out so that admin mode is only enabled in job metadata
execute_jobs_signed_out(user)
visit admin_user_path(user_to_delete)
expect(page).to have_title('Not Found')
end
end
end
def add_sidekiq_middleware
Sidekiq::Testing.server_middleware do |chain|
chain.add Gitlab::SidekiqMiddleware::AdminMode::Server
end
end
def execute_jobs_signed_out(user)
gitlab_sign_out
Sidekiq::Worker.drain_all
sign_in(user)
gitlab_enable_admin_mode_sign_in(user)
end
end
spec/features/admin/admin_uses_repository_checks_spec.rb
+ 24
42
View file @ ca055120
@@ -2,64 +2,46 @@
 
require 'spec_helper'
 
describe 'Admin uses repository checks', :request_store, :clean_gitlab_redis_shared_state, :do_not_mock_admin_mode do
describe 'Admin uses repository checks' do
include StubENV
 
let(:admin) { create(:admin) }
before do
stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
sign_in(admin)
sign_in(create(:admin))
end
 
context 'when admin mode is disabled' do
it 'admin project page requires admin mode' do
project = create(:project)
visit_admin_project_page(project)
it 'to trigger a single check' do
project = create(:project)
visit_admin_project_page(project)
 
expect(page).not_to have_css('.repository-check')
expect(page).to have_content('Enter Admin Mode')
page.within('.repository-check') do
click_button 'Trigger repository check'
end
end
context 'when admin mode is enabled' do
before do
gitlab_enable_admin_mode_sign_in(admin)
end
it 'to trigger a single check', :js do
project = create(:project)
visit_admin_project_page(project)
 
page.within('.repository-check') do
click_button 'Trigger repository check'
end
expect(page).to have_content('Repository check was triggered')
end
expect(page).to have_content('Repository check was triggered')
end
 
it 'to see a single failed repository check', :js do
project = create(:project)
project.update_columns(
last_repository_check_failed: true,
last_repository_check_at: Time.now
)
visit_admin_project_page(project)
it 'to see a single failed repository check', :js do
project = create(:project)
project.update_columns(
last_repository_check_failed: true,
last_repository_check_at: Time.now
)
visit_admin_project_page(project)
 
page.within('.alert') do
expect(page.text).to match(/Last repository check \(just now\) failed/)
end
page.within('.alert') do
expect(page.text).to match(/Last repository check \(just now\) failed/)
end
end
 
it 'to clear all repository checks', :js do
visit repository_admin_application_settings_path
it 'to clear all repository checks', :js do
visit repository_admin_application_settings_path
 
expect(RepositoryCheck::ClearWorker).to receive(:perform_async)
expect(RepositoryCheck::ClearWorker).to receive(:perform_async)
 
accept_confirm { find(:link, 'Clear all repository checks').send_keys(:return) }
accept_confirm { find(:link, 'Clear all repository checks').send_keys(:return) }
 
expect(page).to have_content('Started asynchronous removal of all repository check states.')
end
expect(page).to have_content('Started asynchronous removal of all repository check states.')
end
 
def visit_admin_project_page(project)
spec/frontend/environments/enable_review_app_button_spec.js 0 → 100644
+ 31
0
View file @ ca055120
import { shallowMount, mount } from '@vue/test-utils';
import ModalCopyButton from '~/vue_shared/components/modal_copy_button.vue';
import EnableReviewAppButton from '~/environments/components/enable_review_app_button.vue';
describe('Enable Review App Button', () => {
let wrapper;
afterEach(() => {
wrapper.destroy();
});
describe('renders button with text', () => {
beforeEach(() => {
wrapper = mount(EnableReviewAppButton);
});
it('renders Enable Review text', () => {
expect(wrapper.text()).toBe('Enable review app');
});
});
describe('renders the modal', () => {
beforeEach(() => {
wrapper = shallowMount(EnableReviewAppButton);
});
it('renders the copyToClipboard button', () => {
expect(wrapper.find(ModalCopyButton).exists()).toBe(true);
});
});
});
spec/javascripts/environments/environments_app_spec.js
+ 20
0
View file @ ca055120
@@ -55,6 +55,26 @@ describe('Environment', () => {
"You don't have any environments right now",
);
});
describe('when it is possible to enable a review app', () => {
beforeEach(done => {
mock
.onGet(mockData.endpoint)
.reply(200, { environments: [], review_app: { can_setup_review_app: true } });
component = mountComponent(EnvironmentsComponent, mockData);
setTimeout(() => {
done();
}, 0);
});
it('should render the enable review app button', () => {
expect(component.$el.querySelector('.js-enable-review-app-button').textContent).toContain(
'Enable review app',
);
});
});
});
 
describe('with paginated environments', () => {
spec/lib/gitlab/auth/current_user_mode_spec.rb
+ 34
138
View file @ ca055120
@@ -2,10 +2,10 @@
 
require 'spec_helper'
 
describe Gitlab::Auth::CurrentUserMode, :do_not_mock_admin_mode, :request_store do
describe Gitlab::Auth::CurrentUserMode, :do_not_mock_admin_mode do
include_context 'custom session'
 
let(:user) { build_stubbed(:user) }
let(:user) { build(:user) }
 
subject { described_class.new(user) }
 
@@ -13,66 +13,54 @@ describe Gitlab::Auth::CurrentUserMode, :do_not_mock_admin_mode, :request_store
allow(ActiveSession).to receive(:list_sessions).with(user).and_return([session])
end
 
shared_examples 'admin mode cannot be enabled' do
it 'is false by default' do
expect(subject.admin_mode?).to be(false)
end
it 'cannot be enabled with a valid password' do
subject.enable_admin_mode!(password: user.password)
expect(subject.admin_mode?).to be(false)
end
it 'cannot be enabled with an invalid password' do
subject.enable_admin_mode!(password: nil)
expect(subject.admin_mode?).to be(false)
end
describe '#admin_mode?', :request_store do
context 'when the user is a regular user' do
it 'is false by default' do
expect(subject.admin_mode?).to be(false)
end
 
it 'cannot be enabled with empty params' do
subject.enable_admin_mode!
it 'cannot be enabled with a valid password' do
subject.enable_admin_mode!(password: user.password)
 
expect(subject.admin_mode?).to be(false)
end
expect(subject.admin_mode?).to be(false)
end
 
it 'disable has no effect' do
subject.enable_admin_mode!
subject.disable_admin_mode!
it 'cannot be enabled with an invalid password' do
subject.enable_admin_mode!(password: nil)
 
expect(subject.admin_mode?).to be(false)
end
expect(subject.admin_mode?).to be(false)
end
 
context 'skipping password validation' do
it 'cannot be enabled with a valid password' do
subject.enable_admin_mode!(password: user.password, skip_password_validation: true)
it 'cannot be enabled with empty params' do
subject.enable_admin_mode!
 
expect(subject.admin_mode?).to be(false)
end
 
it 'cannot be enabled with an invalid password' do
subject.enable_admin_mode!(skip_password_validation: true)
it 'disable has no effect' do
subject.enable_admin_mode!
subject.disable_admin_mode!
 
expect(subject.admin_mode?).to be(false)
end
end
end
 
describe '#admin_mode?' do
context 'when the user is a regular user' do
it_behaves_like 'admin mode cannot be enabled'
context 'skipping password validation' do
it 'cannot be enabled with a valid password' do
subject.enable_admin_mode!(password: user.password, skip_password_validation: true)
 
context 'bypassing session' do
it_behaves_like 'admin mode cannot be enabled' do
around do |example|
described_class.bypass_session!(user.id) { example.run }
end
expect(subject.admin_mode?).to be(false)
end
it 'cannot be enabled with an invalid password' do
subject.enable_admin_mode!(skip_password_validation: true)
expect(subject.admin_mode?).to be(false)
end
end
end
 
context 'when the user is an admin' do
let(:user) { build_stubbed(:user, :admin) }
let(:user) { build(:user, :admin) }
 
context 'when admin mode not requested' do
it 'is false by default' do
@@ -160,36 +148,11 @@ describe Gitlab::Auth::CurrentUserMode, :do_not_mock_admin_mode, :request_store
end
end
end
context 'bypassing session' do
it 'is active by default' do
described_class.bypass_session!(user.id) do
expect(subject.admin_mode?).to be(true)
end
end
it 'enable has no effect' do
described_class.bypass_session!(user.id) do
subject.request_admin_mode!
subject.enable_admin_mode!(password: user.password)
expect(subject.admin_mode?).to be(true)
end
end
it 'disable has no effect' do
described_class.bypass_session!(user.id) do
subject.disable_admin_mode!
expect(subject.admin_mode?).to be(true)
end
end
end
end
end
 
describe '#enable_admin_mode!' do
let(:user) { build_stubbed(:user, :admin) }
let(:user) { build(:user, :admin) }
 
it 'creates a timestamp in the session' do
subject.request_admin_mode!
@@ -200,7 +163,7 @@ describe Gitlab::Auth::CurrentUserMode, :do_not_mock_admin_mode, :request_store
end
 
describe '#enable_sessionless_admin_mode!' do
let(:user) { build_stubbed(:user, :admin) }
let(:user) { build(:user, :admin) }
 
it 'enabled admin mode without password' do
subject.enable_sessionless_admin_mode!
@@ -210,7 +173,7 @@ describe Gitlab::Auth::CurrentUserMode, :do_not_mock_admin_mode, :request_store
end
 
describe '#disable_admin_mode!' do
let(:user) { build_stubbed(:user, :admin) }
let(:user) { build(:user, :admin) }
 
it 'sets the session timestamp to nil' do
subject.request_admin_mode!
@@ -220,73 +183,6 @@ describe Gitlab::Auth::CurrentUserMode, :do_not_mock_admin_mode, :request_store
end
end
 
describe '.bypass_session!' do
context 'with a regular user' do
it 'admin mode is false' do
described_class.bypass_session!(user.id) do
expect(subject.admin_mode?).to be(false)
expect(described_class.bypass_session_admin_id).to be(user.id)
end
expect(described_class.bypass_session_admin_id).to be_nil
end
end
context 'with an admin user' do
let(:user) { build_stubbed(:user, :admin) }
it 'admin mode is true' do
described_class.bypass_session!(user.id) do
expect(subject.admin_mode?).to be(true)
expect(described_class.bypass_session_admin_id).to be(user.id)
end
expect(described_class.bypass_session_admin_id).to be_nil
end
end
end
describe '.with_current_request_admin_mode' do
context 'with a regular user' do
it 'user is not available inside nor outside the yielded block' do
described_class.with_current_admin(user) do
expect(described_class.current_admin).to be_nil
end
expect(described_class.bypass_session_admin_id).to be_nil
end
end
context 'with an admin user' do
let(:user) { build_stubbed(:user, :admin) }
context 'admin mode is disabled' do
it 'user is not available inside nor outside the yielded block' do
described_class.with_current_admin(user) do
expect(described_class.current_admin).to be_nil
end
expect(described_class.bypass_session_admin_id).to be_nil
end
end
context 'admin mode is enabled' do
before do
subject.request_admin_mode!
subject.enable_admin_mode!(password: user.password)
end
it 'user is available only inside the yielded block' do
described_class.with_current_admin(user) do
expect(described_class.current_admin).to be(user)
end
expect(described_class.current_admin).to be_nil
end
end
end
end
def expected_session_entry(value_matcher)
{
Gitlab::Auth::CurrentUserMode::SESSION_STORE_KEY => a_hash_including(
spec/lib/gitlab/diff/highlight_cache_spec.rb
+ 7
0
View file @ ca055120
@@ -101,6 +101,13 @@ describe Gitlab::Diff::HighlightCache, :clean_gitlab_redis_cache do
let(:paths) { merge_request.diffs.raw_diff_files.select(&:text?).map(&:file_path) }
end
 
it 'updates memory usage metrics' do
expect(described_class.gitlab_redis_diff_caching_memory_usage_bytes)
.to receive(:observe).and_call_original
cache.send(:write_to_redis_hash, diff_hash)
end
context 'different diff_collections for the same diffable' do
before do
cache.write_if_empty
spec/lib/gitlab/sidekiq_middleware/admin_mode/client_spec.rb deleted 100644 → 0
+ 0
94
View file @ 6b833f1e
# frozen_string_literal: true
require 'spec_helper'
describe Gitlab::SidekiqMiddleware::AdminMode::Client, :do_not_mock_admin_mode, :request_store do
include AdminModeHelper
let(:worker) do
Class.new do
def perform; end
end
end
let(:job) { {} }
let(:queue) { :test }
it 'yields block' do
expect do |b|
subject.call(worker, job, queue, nil, &b)
end.to yield_control.once
end
context 'user is a regular user' do
it 'no admin mode field in payload' do
subject.call(worker, job, queue, nil) { nil }
expect(job).not_to include('admin_mode_user_id')
end
end
context 'user is an administrator' do
let(:admin) { create(:admin) }
context 'admin mode disabled' do
it 'no admin mode field in payload' do
subject.call(worker, job, queue, nil) { nil }
expect(job).not_to include('admin_mode_user_id')
end
end
context 'admin mode enabled' do
before do
enable_admin_mode!(admin)
end
context 'when sidekiq required context not set' do
it 'no admin mode field in payload' do
subject.call(worker, job, queue, nil) { nil }
expect(job).not_to include('admin_mode_user_id')
end
end
context 'when user stored in current request' do
it 'has admin mode field in payload' do
Gitlab::Auth::CurrentUserMode.with_current_admin(admin) do
subject.call(worker, job, queue, nil) { nil }
expect(job).to include('admin_mode_user_id' => admin.id)
end
end
end
context 'when bypassing session' do
it 'has admin mode field in payload' do
Gitlab::Auth::CurrentUserMode.bypass_session!(admin.id) do
subject.call(worker, job, queue, nil) { nil }
expect(job).to include('admin_mode_user_id' => admin.id)
end
end
end
end
end
context 'admin mode feature disabled' do
before do
stub_feature_flags(user_mode_in_session: false)
end
it 'yields block' do
expect do |b|
subject.call(worker, job, queue, nil, &b)
end.to yield_control.once
end
it 'no admin mode field in payload' do
subject.call(worker, job, queue, nil) { nil }
expect(job).not_to include('admin_mode_user_id')
end
end
end
spec/lib/gitlab/sidekiq_middleware/admin_mode/server_spec.rb deleted 100644 → 0
+ 0
72
View file @ 6b833f1e
# frozen_string_literal: true
require 'spec_helper'
describe Gitlab::SidekiqMiddleware::AdminMode::Server, :do_not_mock_admin_mode, :request_store do
include AdminModeHelper
let(:worker) do
Class.new do
def perform; end
end
end
let(:job) { {} }
let(:queue) { :test }
it 'yields block' do
expect do |b|
subject.call(worker, job, queue, &b)
end.to yield_control.once
end
context 'job has no admin mode field' do
it 'session is not bypassed' do
subject.call(worker, job, queue) do
expect(Gitlab::Auth::CurrentUserMode.bypass_session_admin_id).to be_nil
end
end
end
context 'job has admin mode field' do
let(:admin) { create(:admin) }
context 'nil admin mode id' do
let(:job) { { 'admin_mode_user_id' => nil } }
it 'session is not bypassed' do
subject.call(worker, job, queue) do
expect(Gitlab::Auth::CurrentUserMode.bypass_session_admin_id).to be_nil
end
end
end
context 'valid admin mode id' do
let(:job) { { 'admin_mode_user_id' => admin.id } }
it 'session is bypassed' do
subject.call(worker, job, queue) do
expect(Gitlab::Auth::CurrentUserMode.bypass_session_admin_id).to be(admin.id)
end
end
end
end
context 'admin mode feature disabled' do
before do
stub_feature_flags(user_mode_in_session: false)
end
it 'yields block' do
expect do |b|
subject.call(worker, job, queue, &b)
end.to yield_control.once
end
it 'session is not bypassed' do
subject.call(worker, job, queue) do
expect(Gitlab::Auth::CurrentUserMode.bypass_session_admin_id).to be_nil
end
end
end
end
spec/lib/gitlab/sidekiq_middleware_spec.rb
+ 2
4
View file @ ca055120
@@ -45,8 +45,7 @@ describe Gitlab::SidekiqMiddleware do
Gitlab::SidekiqMiddleware::ArgumentsLogger,
Gitlab::SidekiqMiddleware::MemoryKiller,
Gitlab::SidekiqMiddleware::RequestStoreMiddleware,
Gitlab::SidekiqMiddleware::WorkerContext::Server,
Gitlab::SidekiqMiddleware::AdminMode::Server
Gitlab::SidekiqMiddleware::WorkerContext::Server
]
end
let(:enabled_sidekiq_middlewares) { all_sidekiq_middlewares - disabled_sidekiq_middlewares }
@@ -116,8 +115,7 @@ describe Gitlab::SidekiqMiddleware do
Gitlab::SidekiqStatus::ClientMiddleware,
Gitlab::SidekiqMiddleware::ClientMetrics,
Gitlab::SidekiqMiddleware::WorkerContext::Client,
Labkit::Middleware::Sidekiq::Client,
Gitlab::SidekiqMiddleware::AdminMode::Client
Labkit::Middleware::Sidekiq::Client
]
end
 
spec/models/user_spec.rb
+ 3
3
View file @ ca055120
@@ -2985,9 +2985,9 @@ describe User, :do_not_mock_admin_mode do
end
end
 
describe '#can_read_all_resources?', :request_store do
describe '#can_read_all_resources?' do
it 'returns false for regular user' do
user = build_stubbed(:user)
user = build(:user)
 
expect(user.can_read_all_resources?).to be_falsy
end
@@ -2995,7 +2995,7 @@ describe User, :do_not_mock_admin_mode do
context 'for admin user' do
include_context 'custom session'
 
let(:user) { build_stubbed(:user, :admin) }
let(:user) { build(:user, :admin) }
 
context 'when admin mode is disabled' do
it 'returns false' do
spec/policies/base_policy_spec.rb
+ 5
5
View file @ ca055120
@@ -23,8 +23,8 @@ describe BasePolicy, :do_not_mock_admin_mode do
end
 
describe 'read cross project' do
let(:current_user) { build_stubbed(:user) }
let(:user) { build_stubbed(:user) }
let(:current_user) { create(:user) }
let(:user) { create(:user) }
 
subject { described_class.new(current_user, [user]) }
 
@@ -38,7 +38,7 @@ describe BasePolicy, :do_not_mock_admin_mode do
it { is_expected.not_to be_allowed(:read_cross_project) }
 
context 'for admins' do
let(:current_user) { build_stubbed(:admin) }
let(:current_user) { build(:admin) }
 
subject { described_class.new(current_user, nil) }
 
@@ -56,14 +56,14 @@ describe BasePolicy, :do_not_mock_admin_mode do
end
 
describe 'full private access' do
let(:current_user) { build_stubbed(:user) }
let(:current_user) { create(:user) }
 
subject { described_class.new(current_user, nil) }
 
it { is_expected.not_to be_allowed(:read_all_resources) }
 
context 'for admins' do
let(:current_user) { build_stubbed(:admin) }
let(:current_user) { build(:admin) }
 
it 'allowed when in admin mode' do
enable_admin_mode!(current_user)
spec/support/shared_examples/features/discussion_comments_shared_example.rb
+ 20
25
View file @ ca055120
@@ -8,44 +8,40 @@ RSpec.shared_examples 'thread comments' do |resource_name|
let(:submit_selector) { "#{form_selector} .js-comment-submit-button" }
let(:close_selector) { "#{form_selector} .btn-comment-and-close" }
let(:comments_selector) { '.timeline > .note.timeline-entry' }
let(:comment) { 'My comment' }
 
it 'clicking "Comment" will post a comment', :quarantine do
it 'clicking "Comment" will post a comment' do
expect(page).to have_selector toggle_selector
 
find("#{form_selector} .note-textarea").send_keys('a')
find("#{form_selector} .note-textarea").send_keys(comment)
 
find(submit_selector).click
click_button 'Comment'
 
wait_for_requests
expect(page).to have_content(comment)
 
find(comments_selector, match: :first)
new_comment = all(comments_selector).last
 
expect(new_comment).to have_content 'a'
expect(new_comment).not_to have_selector '.discussion'
end
 
if resource_name == 'issue'
it "clicking 'Comment & close #{resource_name}' will post a comment and close the #{resource_name}" do
find("#{form_selector} .note-textarea").send_keys('a')
find("#{form_selector} .note-textarea").send_keys(comment)
 
find(close_selector).click
wait_for_requests
click_button 'Comment & close issue'
 
find(comments_selector, match: :first)
find("#{comments_selector}.system-note")
entries = all(comments_selector)
close_note = entries.last
new_comment = entries[-2]
expect(page).to have_content(comment)
expect(page).to have_content "@#{user.username} closed"
new_comment = all(comments_selector).last
 
expect(close_note).to have_content 'closed'
expect(new_comment).not_to have_selector '.discussion'
end
end
 
describe 'when the toggle is clicked' do
before do
find("#{form_selector} .note-textarea").send_keys('a')
find("#{form_selector} .note-textarea").send_keys(comment)
 
find(toggle_selector).click
end
@@ -153,10 +149,11 @@ RSpec.shared_examples 'thread comments' do |resource_name|
end
 
it 'clicking "Start thread" will post a thread' do
expect(page).to have_content(comment)
new_comment = all(comments_selector).last
 
expect(new_comment).to have_content 'a'
expect(new_comment).to have_selector '.discussion'
expect(new_comment).to have_selector('.discussion')
end
 
if resource_name =~ /(issue|merge request)/
@@ -208,15 +205,13 @@ RSpec.shared_examples 'thread comments' do |resource_name|
 
if resource_name == 'issue'
it "clicking 'Start thread & close #{resource_name}' will post a thread and close the #{resource_name}" do
find(close_selector).click
click_button 'Start thread & close issue'
 
find(comments_selector, match: :first)
find("#{comments_selector}.system-note")
entries = all(comments_selector)
close_note = entries.last
new_discussion = entries[-2]
expect(page).to have_content(comment)
expect(page).to have_content "@#{user.username} closed"
new_discussion = all(comments_selector)[-2]
 
expect(close_note).to have_content 'closed'
expect(new_discussion).to have_selector '.discussion'
end
end
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment