Commit 5b154daf authored by Kamil Trzciński's avatar Kamil Trzciński

Merge branch '60569-timeline-entry-label-link-is-not-applying-the-filter-on-issues' into 'master'

Adds `label_name` back as a scalar param in `IssuableFinder`

Closes #60569

See merge request gitlab-org/gitlab-ce!27507
parents 758f2eb3 ff627511
......@@ -53,6 +53,7 @@ class IssuableFinder
assignee_username
author_id
author_username
label_name
milestone_title
my_reaction_emoji
search
......
---
title: Fix filtering of labels from system note link
merge_request: 27507
author:
type: fixed
......@@ -108,51 +108,77 @@ describe IssuableCollections do
end
describe '#finder_options' do
let(:params) do
{
assignee_id: '1',
assignee_username: 'user1',
author_id: '2',
author_username: 'user2',
authorized_only: 'yes',
confidential: true,
due_date: '2017-01-01',
group_id: '3',
iids: '4',
label_name: ['foo'],
milestone_title: 'bar',
my_reaction_emoji: 'thumbsup',
non_archived: 'true',
project_id: '5',
scope: 'all',
search: 'baz',
sort: 'priority',
state: 'opened',
invalid_param: 'invalid_param'
}
end
it 'only allows whitelisted params' do
before do
allow(controller).to receive(:cookies).and_return({})
allow(controller).to receive(:current_user).and_return(nil)
end
subject { controller.send(:finder_options).to_h }
context 'scalar params' do
let(:params) do
{
assignee_id: '1',
assignee_username: 'user1',
author_id: '2',
author_username: 'user2',
authorized_only: 'yes',
confidential: true,
due_date: '2017-01-01',
group_id: '3',
iids: '4',
label_name: 'foo',
milestone_title: 'bar',
my_reaction_emoji: 'thumbsup',
non_archived: 'true',
project_id: '5',
scope: 'all',
search: 'baz',
sort: 'priority',
state: 'opened',
invalid_param: 'invalid_param'
}
end
it 'only allows whitelisted params' do
is_expected.to include({
'assignee_id' => '1',
'assignee_username' => 'user1',
'author_id' => '2',
'author_username' => 'user2',
'confidential' => true,
'label_name' => 'foo',
'milestone_title' => 'bar',
'my_reaction_emoji' => 'thumbsup',
'due_date' => '2017-01-01',
'scope' => 'all',
'search' => 'baz',
'sort' => 'priority',
'state' => 'opened'
})
is_expected.not_to include('invalid_param')
end
end
context 'array params' do
let(:params) do
{
assignee_username: %w[user1 user2],
label_name: %w[label1 label2],
invalid_param: 'invalid_param',
invalid_array: ['param']
}
end
it 'only allows whitelisted params' do
is_expected.to include({
'label_name' => %w[label1 label2],
'assignee_username' => %w[user1 user2]
})
finder_options = controller.send(:finder_options)
expect(finder_options).to eq(ActionController::Parameters.new({
'assignee_id' => '1',
'assignee_username' => 'user1',
'author_id' => '2',
'author_username' => 'user2',
'confidential' => true,
'label_name' => ['foo'],
'milestone_title' => 'bar',
'my_reaction_emoji' => 'thumbsup',
'due_date' => '2017-01-01',
'scope' => 'all',
'search' => 'baz',
'sort' => 'priority',
'state' => 'opened'
}).permit!)
is_expected.not_to include('invalid_param', 'invalid_array')
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment