Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
167894d0e7
commit
4f749a9b30
|
@ -24,8 +24,9 @@ module Gitlab
|
|||
'projects/compare' => %w{create}
|
||||
}.freeze
|
||||
|
||||
WHITELISTED_LOGOUT_ROUTES = {
|
||||
'sessions' => %w{destroy}
|
||||
WHITELISTED_SESSION_ROUTES = {
|
||||
'sessions' => %w{destroy},
|
||||
'admin/sessions' => %w{create destroy}
|
||||
}.freeze
|
||||
|
||||
GRAPHQL_URL = '/api/graphql'
|
||||
|
@ -89,7 +90,7 @@ module Gitlab
|
|||
|
||||
# Overridden in EE module
|
||||
def whitelisted_routes
|
||||
grack_route? || internal_route? || lfs_route? || compare_git_revisions_route? || sidekiq_route? || logout_route? || graphql_query?
|
||||
grack_route? || internal_route? || lfs_route? || compare_git_revisions_route? || sidekiq_route? || session_route? || graphql_query?
|
||||
end
|
||||
|
||||
def grack_route?
|
||||
|
@ -122,11 +123,12 @@ module Gitlab
|
|||
WHITELISTED_GIT_LFS_ROUTES[route_hash[:controller]]&.include?(route_hash[:action])
|
||||
end
|
||||
|
||||
def logout_route?
|
||||
def session_route?
|
||||
# Calling route_hash may be expensive. Only do it if we think there's a possible match
|
||||
return false unless request.post? && request.path.end_with?('/users/sign_out')
|
||||
return false unless request.post? && request.path.end_with?('/users/sign_out',
|
||||
'/admin/session', '/admin/session/destroy')
|
||||
|
||||
WHITELISTED_LOGOUT_ROUTES[route_hash[:controller]]&.include?(route_hash[:action])
|
||||
WHITELISTED_SESSION_ROUTES[route_hash[:controller]]&.include?(route_hash[:action])
|
||||
end
|
||||
|
||||
def sidekiq_route?
|
||||
|
|
|
@ -0,0 +1,173 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'Admin mode', :clean_gitlab_redis_shared_state, :do_not_mock_admin_mode do
|
||||
include MobileHelpers
|
||||
include StubENV
|
||||
|
||||
let(:admin) { create(:admin) }
|
||||
|
||||
before do
|
||||
stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
|
||||
end
|
||||
|
||||
context 'feature flag :user_mode_in_session is enabled', :request_store do
|
||||
before do
|
||||
sign_in(admin)
|
||||
end
|
||||
|
||||
context 'when not in admin mode' do
|
||||
it 'has no leave admin mode button' do
|
||||
visit new_admin_session_path
|
||||
|
||||
page.within('.navbar-sub-nav') do
|
||||
expect(page).not_to have_link(href: destroy_admin_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
it 'can open pages not in admin scope' do
|
||||
visit new_admin_session_path
|
||||
|
||||
page.within('.navbar-sub-nav') do
|
||||
find_all('a', text: 'Projects').first.click
|
||||
end
|
||||
|
||||
expect(page).to have_current_path(dashboard_projects_path)
|
||||
end
|
||||
|
||||
it 'is necessary to provide credentials again before opening pages in admin scope' do
|
||||
visit admin_application_settings_path # admin logged out because not in admin_mode
|
||||
|
||||
expect(page).to have_current_path(new_admin_session_path)
|
||||
end
|
||||
|
||||
it 'can enter admin mode' do
|
||||
visit new_admin_session_path
|
||||
|
||||
fill_in 'password', with: admin.password
|
||||
|
||||
click_button 'Enter Admin Mode'
|
||||
|
||||
expect(page).to have_current_path(admin_root_path)
|
||||
end
|
||||
|
||||
context 'on a read-only instance' do
|
||||
before do
|
||||
allow(Gitlab::Database).to receive(:read_only?).and_return(true)
|
||||
end
|
||||
|
||||
it 'can enter admin mode' do
|
||||
visit new_admin_session_path
|
||||
|
||||
fill_in 'password', with: admin.password
|
||||
|
||||
click_button 'Enter Admin Mode'
|
||||
|
||||
expect(page).to have_current_path(admin_root_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when in admin_mode' do
|
||||
before do
|
||||
gitlab_enable_admin_mode_sign_in(admin)
|
||||
end
|
||||
|
||||
it 'contains link to leave admin mode' do
|
||||
page.within('.navbar-sub-nav') do
|
||||
expect(page).to have_link(href: destroy_admin_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
it 'can leave admin mode using main dashboard link', :js do
|
||||
page.within('.navbar-sub-nav') do
|
||||
click_on 'Leave Admin Mode'
|
||||
|
||||
expect(page).to have_link(href: new_admin_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
it 'can leave admin mode using dropdown menu on smaller screens', :js do
|
||||
resize_screen_xs
|
||||
visit root_dashboard_path
|
||||
|
||||
find('.header-more').click
|
||||
|
||||
page.within '.navbar-sub-nav' do
|
||||
click_on 'Leave Admin Mode'
|
||||
|
||||
find('.header-more').click
|
||||
|
||||
expect(page).to have_link(href: new_admin_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
it 'can open pages not in admin scope' do
|
||||
page.within('.navbar-sub-nav') do
|
||||
find_all('a', text: 'Projects').first.click
|
||||
|
||||
expect(page).to have_current_path(dashboard_projects_path)
|
||||
end
|
||||
end
|
||||
|
||||
context 'nav bar' do
|
||||
it 'shows admin dashboard links on bigger screen' do
|
||||
visit root_dashboard_path
|
||||
|
||||
page.within '.navbar' do
|
||||
expect(page).to have_link(text: 'Admin Area', href: admin_root_path, visible: true)
|
||||
expect(page).to have_link(text: 'Leave Admin Mode', href: destroy_admin_session_path, visible: true)
|
||||
end
|
||||
end
|
||||
|
||||
it 'relocates admin dashboard links to dropdown list on smaller screen', :js do
|
||||
resize_screen_xs
|
||||
visit root_dashboard_path
|
||||
|
||||
page.within '.navbar' do
|
||||
expect(page).not_to have_link(text: 'Admin Area', href: admin_root_path, visible: true)
|
||||
expect(page).not_to have_link(text: 'Leave Admin Mode', href: destroy_admin_session_path, visible: true)
|
||||
end
|
||||
|
||||
find('.header-more').click
|
||||
|
||||
page.within '.navbar' do
|
||||
expect(page).to have_link(text: 'Admin Area', href: admin_root_path, visible: true)
|
||||
expect(page).to have_link(text: 'Leave Admin Mode', href: destroy_admin_session_path, visible: true)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'on a read-only instance' do
|
||||
before do
|
||||
allow(Gitlab::Database).to receive(:read_only?).and_return(true)
|
||||
end
|
||||
|
||||
it 'can leave admin mode', :js do
|
||||
page.within('.navbar-sub-nav') do
|
||||
click_on 'Leave Admin Mode'
|
||||
|
||||
expect(page).to have_link(href: new_admin_session_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'feature flag :user_mode_in_session is disabled' do
|
||||
before do
|
||||
stub_feature_flags(user_mode_in_session: false)
|
||||
sign_in(admin)
|
||||
end
|
||||
|
||||
it 'shows no admin mode buttons in navbar' do
|
||||
visit admin_root_path
|
||||
|
||||
page.within('.navbar-sub-nav') do
|
||||
expect(page).not_to have_link(href: new_admin_session_path)
|
||||
expect(page).not_to have_link(href: destroy_admin_session_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -5,7 +5,6 @@ require 'spec_helper'
|
|||
describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_mock_admin_mode do
|
||||
include StubENV
|
||||
include TermsHelper
|
||||
include MobileHelpers
|
||||
|
||||
let(:admin) { create(:admin) }
|
||||
|
||||
|
@ -449,100 +448,6 @@ describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_moc
|
|||
expect(page).to have_link(text: 'Support', href: new_support_url)
|
||||
end
|
||||
end
|
||||
|
||||
it 'Shows admin dashboard links on bigger screen' do
|
||||
visit root_dashboard_path
|
||||
|
||||
page.within '.navbar' do
|
||||
expect(page).to have_link(text: 'Admin Area', href: admin_root_path, visible: true)
|
||||
expect(page).to have_link(text: 'Leave Admin Mode', href: destroy_admin_session_path, visible: true)
|
||||
end
|
||||
end
|
||||
|
||||
it 'Relocates admin dashboard links to dropdown list on smaller screen', :js do
|
||||
resize_screen_xs
|
||||
visit root_dashboard_path
|
||||
|
||||
page.within '.navbar' do
|
||||
expect(page).not_to have_link(text: 'Admin Area', href: admin_root_path, visible: true)
|
||||
expect(page).not_to have_link(text: 'Leave Admin Mode', href: destroy_admin_session_path, visible: true)
|
||||
end
|
||||
|
||||
find('.header-more').click
|
||||
|
||||
page.within '.navbar' do
|
||||
expect(page).to have_link(text: 'Admin Area', href: admin_root_path, visible: true)
|
||||
expect(page).to have_link(text: 'Leave Admin Mode', href: destroy_admin_session_path, visible: true)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when in admin_mode' do
|
||||
it 'contains link to leave admin mode' do
|
||||
page.within('.navbar-sub-nav') do
|
||||
expect(page).to have_link(href: destroy_admin_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
it 'can leave admin mode using main dashboard link', :js do
|
||||
page.within('.navbar-sub-nav') do
|
||||
click_on 'Leave Admin Mode'
|
||||
|
||||
expect(page).to have_link(href: new_admin_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
it 'can leave admin mode using dropdown menu on smaller screens', :js do
|
||||
resize_screen_xs
|
||||
visit root_dashboard_path
|
||||
|
||||
find('.header-more').click
|
||||
|
||||
page.within '.navbar-sub-nav' do
|
||||
click_on 'Leave Admin Mode'
|
||||
|
||||
find('.header-more').click
|
||||
|
||||
expect(page).to have_link(href: new_admin_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
it 'can open pages not in admin scope' do
|
||||
page.within('.navbar-sub-nav') do
|
||||
find_all('a', text: 'Projects').first.click
|
||||
|
||||
expect(page).to have_current_path(dashboard_projects_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when not in admin mode' do
|
||||
before do
|
||||
page.within('.navbar-sub-nav') do
|
||||
# Select first, link is also included in mobile view list
|
||||
click_on 'Leave Admin Mode', match: :first
|
||||
end
|
||||
end
|
||||
|
||||
it 'has no leave admin mode button' do
|
||||
page.within('.navbar-sub-nav') do
|
||||
expect(page).not_to have_link(href: destroy_admin_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
it 'is necessary to provide credentials again before opening admin settings' do
|
||||
visit admin_application_settings_path # admin logged out because not in admin_mode
|
||||
|
||||
expect(page).to have_current_path(new_admin_session_path)
|
||||
end
|
||||
|
||||
it 'can open pages not in admin scope' do
|
||||
page.within('.navbar-sub-nav') do
|
||||
find_all('a', text: 'Projects').first.click
|
||||
end
|
||||
|
||||
expect(page).to have_current_path(dashboard_projects_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -559,13 +464,6 @@ describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_moc
|
|||
it 'loads admin settings page without redirect for reauthentication' do
|
||||
expect(current_path).to eq admin_application_settings_path
|
||||
end
|
||||
|
||||
it 'shows no admin mode buttons in navbar' do
|
||||
page.within('.navbar-sub-nav') do
|
||||
expect(page).not_to have_link(href: new_admin_session_path)
|
||||
expect(page).not_to have_link(href: destroy_admin_session_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def check_all_events
|
||||
|
|
Loading…
Reference in New Issue