Commit graph

16 commits

Author SHA1 Message Date
Micaël Bergeron
a5bb17ffd5 porting changes from upstream 2018-02-01 15:08:35 -05:00
Rémy Coutable
4af9d592c5 Replace factory_girl_rails with factory_bot_rails
I've followed the [upgrade guide](https://github.com/thoughtbot/factory_bot/blob/4-9-0-stable/UPGRADE_FROM_FACTORY_GIRL.md) and ran these two commands:

```
grep -e FactoryGirl **/*.rake **/*.rb -s -l | xargs sed -i "" "s|FactoryGirl|FactoryBot|"
grep -e factory_girl **/*.rake **/*.rb -s -l | xargs sed -i "" "s|factory_girl|factory_bot|"
```

Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-12-14 15:01:55 +01:00
Douwe Maan
d332c8c78a Merge branch '36679-non-authorized-user-may-see-wikis-or-pipeline-page' into 'security-10-2'
Fixes project visibility guidelines

See merge request gitlab/gitlabhq!2226

(cherry picked from commit 877c42c0aaf3298d6001614c9706bc366ae4014c)

e4fd1c26 Ensure project wiki visibility guidelines are met
2017-12-08 13:44:36 -08:00
Robert Speicher
130c369aa7 Merge branch 'rc/improve-projects-factory' into 'master'
Improve the Project factory to make `creator` defaults to `namespace.owner`

See merge request !13412
2017-08-10 21:48:47 +00:00
Rémy Coutable
449a0587f6 Improve the Project factory to make creator defaults to namespace.owner
Also improves the `create_templates` transient attribute and use
`project.project_feature.update_columns` instead of
`project.project_feature.update_attributes!` since it's faster.

Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-08-10 09:28:58 +02:00
Robert Speicher
76544283ea Manually assign notification_email in the User factory when stubbed
Because we assign this value in the model via a callback conditionally
on `email_changed?`, this never gets set when using `build_stubbed`,
resulting in a "can't be blank" validation error on this field.

In this case, we can just assign it manually to the same value as
`email`, which is generated via a sequence.
2017-08-08 15:54:13 -04:00
Alexis Reigel
4cd6fc6e3b create User#rss_token in user factory explicitely
otherwise we'll have to use `user.reload` in the specs to get the
current rss_token value.
2017-05-24 22:29:59 +02:00
Rémy Coutable
f1ace97f8b Backport avatar-related spec changes from gitlab-org/gitlab-ee@4b464eaaee
Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-05-04 17:04:36 +02:00
Rémy Coutable
4e3516788f Don't use FFaker in factories, use sequences instead
FFaker can generate data that randomly break our test suite. This
simplifies our factories and use sequences which are more predictive.

Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-04-03 18:54:48 +02:00
Timothy Andrew
6fdb17cbbe
Don't allow deleting a ghost user.
- Add a `destroy_user` ability. This didn't exist before, and was implicit in
  other abilities (only admins could access the admin area, so only they could
  destroy all users; a user can only access their own account page, and so can
  destroy only themselves).

- Grant this ability to admins, and when the current user is trying to destroy
  themselves. Disallow destroying ghost users in all cases.

- Modify the `Users::DestroyService` to check this ability. Also check it in
  views to decide whether or not to show the "Delete User" button.

- Add a short summary of the Ghost User to the bio.
2017-02-24 16:50:20 +05:30
Timothy Andrew
8e68480976
Use a ghost boolean to track ghost users.
Rather than using a separate `ghost` state. This lets us have the benefits of
both ghost and blocked users (ghost: true, state: blocked) without having to
rewrite a number of queries to include cases for `state: ghost`.
2017-02-24 16:50:20 +05:30
Robert Speicher
191bcb4d1b Don't perform Devise trackable updates on blocked User records 2017-02-10 11:51:14 -05:00
Timothy Andrew
791cc9138b Add a U2fRegistrations table/model.
- To hold registrations from U2F devices, and to authenticate them.
- Previously, `User#two_factor_enabled` was aliased to the
  `otp_required_for_login` column on `users`.
- This commit changes things a bit:
    - `User#two_factor_enabled` is not a method anymore
    - `User#two_factor_enabled?` checks both the
      `otp_required_for_login` column, as well as `U2fRegistration`s
    - Change all instances of `User#two_factor_enabled` to
      `User#two_factor_enabled?`
- Add the `u2f` gem, and implement registration/authentication at the
  model level.
2016-06-06 12:50:31 +05:30
Stan Hu
c7e384aab2 Add spec for deletion of authorized OAuth2 application
Closes #14370

Move gon function into its own helper
2016-04-14 07:24:58 -07:00
Rémy Coutable
1714883107 Revert "Merge branch 'avatar-cropping' into 'master' "
This reverts commit 01160fc061, reversing
changes made to 4bff9daf8b.
2016-03-15 14:55:40 +01:00
Robert Speicher
6df45eb463 Move all factory definitions to their own file 2016-03-04 15:26:51 -05:00