Merge branch 'egb-refactor-use-api-add-user' into 'master'

Change tests to add members using API See merge request gitlab-org/gitlab!27858

Merge branch 'egb-refactor-use-api-add-user' into 'master'
Change tests to add members using API See merge request gitlab-org/gitlab!27858
832a2e08 · Dan Davison · 958bba33 · 5882b387 · 832a2e08 · 832a2e08
Commit 832a2e08 authored Apr 21, 2020 by Dan Davison
2 changed files
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
@@ -3,33 +3,42 @@
 module QA
  context 'Plan', :reliable do
    describe 'check xss occurence in @mentions in issues', :requires_admin do
-      it 'mentions a user in a comment' do
+      let(:user) do
+        Resource::User.fabricate_via_api! do |user|
+          user.name = "eve <img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;"
+          user.password = "test1234"
+        end
+      end
+      let(:project) do
+        Resource::Project.fabricate_via_api! do |project|
+          project.name = 'xss-test-for-mentions-project'
+          project.add_member(user)
+        end
+      end
+      let(:issue) do
+        Resource::Issue.fabricate_via_api! do |issue|
+          issue.project = project
+        end
+      end
+      before do
        QA::Runtime::Env.personal_access_token = QA::Runtime::Env.admin_personal_access_token
        unless QA::Runtime::Env.personal_access_token
          Flow::Login.sign_in_as_admin
        end
-        user = Resource::User.fabricate_via_api! do |user|
-          user.name = "eve <img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;"
-          user.password = "test1234"
-        end
        QA::Runtime::Env.personal_access_token = nil
        Page::Main::Menu.perform(&:sign_out) if Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
        Flow::Login.sign_in
+      end
-        project = Resource::Project.fabricate_via_api! do |project|
+      it 'mentions a user in a comment' do
-          project.name = 'xss-test-for-mentions-project'
+        issue.visit!
-        end
-        Flow::Project.add_member(project: project, username: user.username)
-        Resource::Issue.fabricate_via_api! do |issue|
-          issue.project = project
-        end.visit!
        Page::Project::Issue::Show.perform do |show|
          show.select_all_activities_filter

--- a/qa/qa/specs/features/ee/browser_ui/3_create/repository/code_owners_spec.rb
+++ b/qa/qa/specs/features/ee/browser_ui/3_create/repository/code_owners_spec.rb
@@ -16,30 +16,38 @@ module QA
        ]
      end
-      before do
+      let(:user) do
-        # Add two new users to a project as members
+        Resource::User.fabricate_or_use do |user|
-        Flow::Login.sign_in
+          user.name = Runtime::Env.gitlab_qa_username_1
+          user.password = Runtime::Env.gitlab_qa_password_1
+        end
+      end
-        @user = Resource::User.fabricate_or_use(Runtime::Env.gitlab_qa_username_1, Runtime::Env.gitlab_qa_password_1)
+      let(:user2) do
-        @user2 = Resource::User.fabricate_or_use(Runtime::Env.gitlab_qa_username_2, Runtime::Env.gitlab_qa_password_2)
+        Resource::User.fabricate_or_use do |user2|
+          user2.name = Runtime::Env.gitlab_qa_username_2
+          user2.password = Runtime::Env.gitlab_qa_password_2
+        end
+      end
-        @project = Resource::Project.fabricate_via_api! do |project|
+      let(:project) do
+        Resource::Project.fabricate_via_api! do |project|
          project.name = "codeowners"
        end
-        @project.visit!
+      end
-        Page::Project::Menu.perform(&:go_to_members_settings)
+      before do
-        Page::Project::Settings::Members.perform do |members_page|
+        project.add_member(user)
-          members_page.add_member(@user.username)
+        project.add_member(user2)
-          members_page.add_member(@user2.username)
-        end
      end
      it 'displays owners specified in CODEOWNERS file' do
+        Flow::Login.sign_in
+        project.visit!
        codeowners_file_content =
          <<-CONTENT
-            * @#{@user2.username}
+            * @#{user2.username}
-            *.txt @#{@user.username}
+            *.txt @#{user.username}
          CONTENT
        files << {
          name: 'CODEOWNERS',
@@ -48,27 +56,27 @@ module QA
        # Push CODEOWNERS and test files to the project
        Resource::Repository::ProjectPush.fabricate! do |push|
-          push.project = @project
+          push.project = project
          push.files = files
          push.commit_message = 'Add CODEOWNERS and test files'
        end
-        @project.visit!
+        project.visit!
        # Check the files and code owners
        Page::Project::Show.perform do |project_page|
          project_page.click_file 'file.txt'
        end
-        expect(page).to have_content(@user.name)
+        expect(page).to have_content(user.name)
-        expect(page).not_to have_content(@user2.name)
+        expect(page).not_to have_content(user2.name)
-        @project.visit!
+        project.visit!
        Page::Project::Show.perform do |project_page|
          project_page.click_file 'README.md'
        end
-        expect(page).to have_content(@user2.name)
+        expect(page).to have_content(user2.name)
-        expect(page).not_to have_content(@user.name)
+        expect(page).not_to have_content(user.name)
      end
    end
  end