Commit ea08abd1 authored by Arturo Herrero's avatar Arturo Herrero

Merge branch 'cngo-refactor-gfm_autocomplete_specrb' into 'master'

Re-organise `gfm_autocomplete_spec.rb` spec

See merge request gitlab-org/gitlab!55767
parents 8d53e3a2 31cbf8dc
...@@ -3,8 +3,6 @@ ...@@ -3,8 +3,6 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe 'GFM autocomplete', :js do RSpec.describe 'GFM autocomplete', :js do
let_it_be(:user_xss_title) { 'eve <img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;' }
let_it_be(:user_xss) { create(:user, name: user_xss_title, username: 'xss.user') }
let_it_be(:user) { create(:user, name: '💃speciąl someone💃', username: 'someone.special') } let_it_be(:user) { create(:user, name: '💃speciąl someone💃', username: 'someone.special') }
let_it_be(:user2) { create(:user, name: 'Marge Simpson', username: 'msimpson') } let_it_be(:user2) { create(:user, name: 'Marge Simpson', username: 'msimpson') }
...@@ -14,8 +12,15 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -14,8 +12,15 @@ RSpec.describe 'GFM autocomplete', :js do
let_it_be(:issue) { create(:issue, project: project, assignees: [user]) } let_it_be(:issue) { create(:issue, project: project, assignees: [user]) }
let_it_be(:label) { create(:label, project: project, title: 'special+') } let_it_be(:label) { create(:label, project: project, title: 'special+') }
let_it_be(:label_scoped) { create(:label, project: project, title: 'scoped::label') }
let_it_be(:label_with_spaces) { create(:label, project: project, title: 'Accepting merge requests') }
let_it_be(:snippet) { create(:project_snippet, project: project, title: 'code snippet') } let_it_be(:snippet) { create(:project_snippet, project: project, title: 'code snippet') }
let_it_be(:user_xss_title) { 'eve <img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;' }
let_it_be(:user_xss) { create(:user, name: user_xss_title, username: 'xss.user') }
let_it_be(:label_xss_title) { 'alert label &lt;img src=x onerror="alert(\'Hello xss\');" a' }
let_it_be(:label_xss) { create(:label, project: project, title: label_xss_title) }
before_all do before_all do
project.add_maintainer(user) project.add_maintainer(user)
project.add_maintainer(user_xss) project.add_maintainer(user_xss)
...@@ -117,6 +122,7 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -117,6 +122,7 @@ RSpec.describe 'GFM autocomplete', :js do
end end
end end
context 'xss checks' do
it 'opens autocomplete menu for Issues when field starts with text with item escaping HTML characters' do it 'opens autocomplete menu for Issues when field starts with text with item escaping HTML characters' do
issue_xss_title = 'This will execute alert<img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;' issue_xss_title = 'This will execute alert<img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;'
create(:issue, project: project, title: issue_xss_title) create(:issue, project: project, title: issue_xss_title)
...@@ -147,6 +153,15 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -147,6 +153,15 @@ RSpec.describe 'GFM autocomplete', :js do
expect(find_autocomplete_menu).to have_text('alert milestone') expect(find_autocomplete_menu).to have_text('alert milestone')
end end
it 'opens autocomplete menu for Labels when field starts with text with item escaping HTML characters' do
fill_in 'Comment', with: '~'
wait_for_requests
expect(find_autocomplete_menu).to have_text('alert label')
end
end
describe 'autocomplete highlighting' do describe 'autocomplete highlighting' do
it 'auto-selects the first item when there is a query, and only for assignees with no query', :aggregate_failures do it 'auto-selects the first item when there is a query, and only for assignees with no query', :aggregate_failures do
fill_in 'Comment', with: ':' fill_in 'Comment', with: ':'
...@@ -232,7 +247,7 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -232,7 +247,7 @@ RSpec.describe 'GFM autocomplete', :js do
context 'if a selected value has special characters' do context 'if a selected value has special characters' do
it 'wraps the result in double quotes' do it 'wraps the result in double quotes' do
fill_in 'Comment', with: "~#{label.title[0]}" fill_in 'Comment', with: "~#{label.title[0..2]}"
find_highlighted_autocomplete_item.click find_highlighted_autocomplete_item.click
...@@ -246,15 +261,9 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -246,15 +261,9 @@ RSpec.describe 'GFM autocomplete', :js do
expect(find_field('Comment').value).to have_text('cartwheel_tone1') expect(find_field('Comment').value).to have_text('cartwheel_tone1')
end end
it 'triggers autocomplete after selecting a quick action' do
fill_in 'Comment', with: '/as'
find_highlighted_autocomplete_item.click
expect(find_autocomplete_menu).to have_text(user2.username)
end end
context 'quick actions' do
it 'does not limit quick actions autocomplete list to 5' do it 'does not limit quick actions autocomplete list to 5' do
fill_in 'Comment', with: '/' fill_in 'Comment', with: '/'
...@@ -263,40 +272,15 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -263,40 +272,15 @@ RSpec.describe 'GFM autocomplete', :js do
end end
context 'labels' do context 'labels' do
it 'opens autocomplete menu for Labels when field starts with text with item escaping HTML characters' do
label_xss_title = 'alert label &lt;img src=x onerror="alert(\'Hello xss\');" a'
create(:label, project: project, title: label_xss_title)
fill_in 'Comment', with: '~'
wait_for_requests
expect(find_autocomplete_menu).to have_text('alert label')
end
it 'allows colons when autocompleting scoped labels' do it 'allows colons when autocompleting scoped labels' do
create(:label, project: project, title: 'scoped:label')
fill_in 'Comment', with: '~scoped:' fill_in 'Comment', with: '~scoped:'
wait_for_requests wait_for_requests
expect(find_autocomplete_menu).to have_text('scoped:label')
end
it 'allows colons when autocompleting scoped labels with double colons' do
create(:label, project: project, title: 'scoped::label')
fill_in 'Comment', with: '~scoped::'
wait_for_requests
expect(find_autocomplete_menu).to have_text('scoped::label') expect(find_autocomplete_menu).to have_text('scoped::label')
end end
it 'allows spaces when autocompleting multi-word labels' do it 'allows spaces when autocompleting multi-word labels' do
create(:label, project: project, title: 'Accepting merge requests')
fill_in 'Comment', with: '~Accepting merge' fill_in 'Comment', with: '~Accepting merge'
wait_for_requests wait_for_requests
...@@ -304,20 +288,15 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -304,20 +288,15 @@ RSpec.describe 'GFM autocomplete', :js do
expect(find_autocomplete_menu).to have_text('Accepting merge requests') expect(find_autocomplete_menu).to have_text('Accepting merge requests')
end end
it 'only autocompletes the latest label' do it 'only autocompletes the last label' do
create(:label, project: project, title: 'Accepting merge requests') fill_in 'Comment', with: '~scoped:: foo bar ~Accepting merge'
create(:label, project: project, title: 'Accepting job applicants')
fill_in 'Comment', with: '~Accepting merge requests foo bar ~Accepting job'
wait_for_requests wait_for_requests
expect(find_autocomplete_menu).to have_text('Accepting job applicants') expect(find_autocomplete_menu).to have_text('Accepting merge requests')
end end
it 'does not autocomplete labels if no tilde is typed' do it 'does not autocomplete labels if no tilde is typed' do
create(:label, project: project, title: 'Accepting merge requests')
fill_in 'Comment', with: 'Accepting merge' fill_in 'Comment', with: 'Accepting merge'
wait_for_requests wait_for_requests
...@@ -376,13 +355,6 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -376,13 +355,6 @@ RSpec.describe 'GFM autocomplete', :js do
it_behaves_like 'autocomplete suggestions' it_behaves_like 'autocomplete suggestions'
end end
context 'label' do
let!(:object) { label }
let(:expected_body) { object.title }
it_behaves_like 'autocomplete suggestions'
end
context 'milestone' do context 'milestone' do
let_it_be(:milestone_expired) { create(:milestone, project: project, due_date: 5.days.ago) } let_it_be(:milestone_expired) { create(:milestone, project: project, due_date: 5.days.ago) }
let_it_be(:milestone_no_duedate) { create(:milestone, project: project, title: 'Foo - No due date') } let_it_be(:milestone_no_duedate) { create(:milestone, project: project, title: 'Foo - No due date') }
...@@ -486,6 +458,7 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -486,6 +458,7 @@ RSpec.describe 'GFM autocomplete', :js do
end end
end end
context 'xss checks' do
it 'opens autocomplete menu for Issues when field starts with text with item escaping HTML characters' do it 'opens autocomplete menu for Issues when field starts with text with item escaping HTML characters' do
issue_xss_title = 'This will execute alert<img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;' issue_xss_title = 'This will execute alert<img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;'
create(:issue, project: project, title: issue_xss_title) create(:issue, project: project, title: issue_xss_title)
...@@ -516,6 +489,15 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -516,6 +489,15 @@ RSpec.describe 'GFM autocomplete', :js do
expect(find_tribute_autocomplete_menu).to have_text('alert milestone') expect(find_tribute_autocomplete_menu).to have_text('alert milestone')
end end
it 'opens autocomplete menu for Labels when field starts with text with item escaping HTML characters' do
fill_in 'Comment', with: '~'
wait_for_requests
expect(find_tribute_autocomplete_menu).to have_text('alert label')
end
end
describe 'autocomplete highlighting' do describe 'autocomplete highlighting' do
it 'auto-selects the first item with query', :aggregate_failures do it 'auto-selects the first item with query', :aggregate_failures do
fill_in 'Comment', with: ':1' fill_in 'Comment', with: ':1'
...@@ -592,7 +574,7 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -592,7 +574,7 @@ RSpec.describe 'GFM autocomplete', :js do
context 'if a selected value has special characters' do context 'if a selected value has special characters' do
it 'wraps the result in double quotes' do it 'wraps the result in double quotes' do
fill_in 'Comment', with: "~#{label.title[0]}" fill_in 'Comment', with: "~#{label.title[0..2]}"
find_highlighted_tribute_autocomplete_menu.click find_highlighted_tribute_autocomplete_menu.click
...@@ -606,7 +588,9 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -606,7 +588,9 @@ RSpec.describe 'GFM autocomplete', :js do
expect(find_field('Comment').value).to have_text('cartwheel_tone1') expect(find_field('Comment').value).to have_text('cartwheel_tone1')
end end
end
context 'quick actions' do
it 'autocompletes for quick actions' do it 'autocompletes for quick actions' do
fill_in 'Comment', with: '/as' fill_in 'Comment', with: '/as'
...@@ -617,40 +601,15 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -617,40 +601,15 @@ RSpec.describe 'GFM autocomplete', :js do
end end
context 'labels' do context 'labels' do
it 'opens autocomplete menu for Labels when field starts with text with item escaping HTML characters' do
label_xss_title = 'alert label &lt;img src=x onerror="alert(\'Hello xss\');" a'
create(:label, project: project, title: label_xss_title)
fill_in 'Comment', with: '~'
wait_for_requests
expect(find_tribute_autocomplete_menu).to have_text('alert label')
end
it 'allows colons when autocompleting scoped labels' do it 'allows colons when autocompleting scoped labels' do
create(:label, project: project, title: 'scoped:label')
fill_in 'Comment', with: '~scoped:' fill_in 'Comment', with: '~scoped:'
wait_for_requests wait_for_requests
expect(find_tribute_autocomplete_menu).to have_text('scoped:label')
end
it 'allows colons when autocompleting scoped labels with double colons' do
create(:label, project: project, title: 'scoped::label')
fill_in 'Comment', with: '~scoped::'
wait_for_requests
expect(find_tribute_autocomplete_menu).to have_text('scoped::label') expect(find_tribute_autocomplete_menu).to have_text('scoped::label')
end end
it 'autocompletes multi-word labels' do it 'autocompletes multi-word labels' do
create(:label, project: project, title: 'Accepting merge requests')
fill_in 'Comment', with: '~Acceptingmerge' fill_in 'Comment', with: '~Acceptingmerge'
wait_for_requests wait_for_requests
...@@ -658,24 +617,18 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -658,24 +617,18 @@ RSpec.describe 'GFM autocomplete', :js do
expect(find_tribute_autocomplete_menu).to have_text('Accepting merge requests') expect(find_tribute_autocomplete_menu).to have_text('Accepting merge requests')
end end
it 'only autocompletes the latest label' do it 'only autocompletes the last label' do
create(:label, project: project, title: 'documentation') fill_in 'Comment', with: '~scoped:: foo bar ~Acceptingmerge'
create(:label, project: project, title: 'feature')
fill_in 'Comment', with: '~documentation foo bar ~feat'
# Invoke autocompletion # Invoke autocompletion
find_field('Comment').native.send_keys(:right) find_field('Comment').native.send_keys(:right)
wait_for_requests wait_for_requests
expect(find_tribute_autocomplete_menu).to have_text('feature') expect(find_tribute_autocomplete_menu).to have_text('Accepting merge requests')
expect(find_tribute_autocomplete_menu).not_to have_text('documentation')
end end
it 'does not autocomplete labels if no tilde is typed' do it 'does not autocomplete labels if no tilde is typed' do
create(:label, project: project, title: 'documentation') fill_in 'Comment', with: 'Accepting'
fill_in 'Comment', with: 'document'
wait_for_requests wait_for_requests
...@@ -733,13 +686,6 @@ RSpec.describe 'GFM autocomplete', :js do ...@@ -733,13 +686,6 @@ RSpec.describe 'GFM autocomplete', :js do
it_behaves_like 'autocomplete suggestions' it_behaves_like 'autocomplete suggestions'
end end
context 'label' do
let!(:object) { label }
let(:expected_body) { object.title }
it_behaves_like 'autocomplete suggestions'
end
context 'milestone' do context 'milestone' do
let!(:object) { create(:milestone, project: project) } let!(:object) { create(:milestone, project: project) }
let(:expected_body) { object.to_reference } let(:expected_body) { object.to_reference }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment