Merge branch 'quarantine-specs-members-api' into 'master'

Restore the sequence of test steps to unblock deploy See merge request gitlab-org/gitlab!30286

Merge branch 'quarantine-specs-members-api' into 'master'
Restore the sequence of test steps to unblock deploy See merge request gitlab-org/gitlab!30286
f72f7455 · Sanad Liaquat · bc797061 · 1c66d576 · f72f7455 · f72f7455
Commit f72f7455 authored Apr 23, 2020 by Sanad Liaquat
2 changed files
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
@@ -3,42 +3,33 @@
 module QA
  context 'Plan', :reliable do
    describe 'check xss occurence in @mentions in issues', :requires_admin do
-      let(:user) do
-        Resource::User.fabricate_via_api! do |user|
-          user.name = "eve <img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;"
-          user.password = "test1234"
-        end
-      end
-
-      let(:project) do
-        Resource::Project.fabricate_via_api! do |project|
-          project.name = 'xss-test-for-mentions-project'
-          project.add_member(user)
-        end
-      end
-
-      let(:issue) do
-        Resource::Issue.fabricate_via_api! do |issue|
-          issue.project = project
-        end
-      end
-
-      before do
+      it 'mentions a user in a comment' do
        QA::Runtime::Env.personal_access_token = QA::Runtime::Env.admin_personal_access_token

        unless QA::Runtime::Env.personal_access_token
          Flow::Login.sign_in_as_admin
        end

+        user = Resource::User.fabricate_via_api! do |user|
+          user.name = "eve <img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;"
+          user.password = "test1234"
+        end
+
        QA::Runtime::Env.personal_access_token = nil

        Page::Main::Menu.perform(&:sign_out) if Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }

        Flow::Login.sign_in
-      end

-      it 'mentions a user in a comment' do
-        issue.visit!
+        project = Resource::Project.fabricate_via_api! do |project|
+          project.name = 'xss-test-for-mentions-project'
+        end
+
+        Flow::Project.add_member(project: project, username: user.username)
+
+        Resource::Issue.fabricate_via_api! do |issue|
+          issue.project = project
+        end.visit!

        Page::Project::Issue::Show.perform do |show|
          show.select_all_activities_filter

--- a/qa/qa/specs/features/ee/browser_ui/3_create/repository/code_owners_spec.rb
+++ b/qa/qa/specs/features/ee/browser_ui/3_create/repository/code_owners_spec.rb
@@ -16,38 +16,30 @@ module QA
        ]
      end

-      let(:user) do
-        Resource::User.fabricate_or_use do |user|
-          user.name = Runtime::Env.gitlab_qa_username_1
-          user.password = Runtime::Env.gitlab_qa_password_1
-        end
-      end
+      before do
+        # Add two new users to a project as members
+        Flow::Login.sign_in

-      let(:user2) do
-        Resource::User.fabricate_or_use do |user2|
-          user2.name = Runtime::Env.gitlab_qa_username_2
-          user2.password = Runtime::Env.gitlab_qa_password_2
-        end
-      end
+        @user = Resource::User.fabricate_or_use(Runtime::Env.gitlab_qa_username_1, Runtime::Env.gitlab_qa_password_1)
+        @user2 = Resource::User.fabricate_or_use(Runtime::Env.gitlab_qa_username_2, Runtime::Env.gitlab_qa_password_2)

-      let(:project) do
-        Resource::Project.fabricate_via_api! do |project|
+        @project = Resource::Project.fabricate_via_api! do |project|
          project.name = "codeowners"
        end
-      end
+        @project.visit!

-      before do
-        project.add_member(user)
-        project.add_member(user2)
+        Page::Project::Menu.perform(&:go_to_members_settings)
+        Page::Project::Settings::Members.perform do |members_page|
+          members_page.add_member(@user.username)
+          members_page.add_member(@user2.username)
+        end
      end

      it 'displays owners specified in CODEOWNERS file' do
-        Flow::Login.sign_in
-        project.visit!
        codeowners_file_content =
          <<-CONTENT
-            * @#{user2.username}
-            *.txt @#{user.username}
+            * @#{@user2.username}
+            *.txt @#{@user.username}
          CONTENT
        files << {
          name: 'CODEOWNERS',
@@ -56,27 +48,27 @@ module QA

        # Push CODEOWNERS and test files to the project
        Resource::Repository::ProjectPush.fabricate! do |push|
-          push.project = project
+          push.project = @project
          push.files = files
          push.commit_message = 'Add CODEOWNERS and test files'
        end
-        project.visit!
+        @project.visit!

        # Check the files and code owners
        Page::Project::Show.perform do |project_page|
          project_page.click_file 'file.txt'
        end

-        expect(page).to have_content(user.name)
-        expect(page).not_to have_content(user2.name)
+        expect(page).to have_content(@user.name)
+        expect(page).not_to have_content(@user2.name)

-        project.visit!
+        @project.visit!
        Page::Project::Show.perform do |project_page|
          project_page.click_file 'README.md'
        end

-        expect(page).to have_content(user2.name)
-        expect(page).not_to have_content(user.name)
+        expect(page).to have_content(@user2.name)
+        expect(page).not_to have_content(@user.name)
      end
    end
  end