From 87e52b55b11b486789d50c2c1bfc100bf828050f Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Sat, 22 Nov 2025 07:52:25 +0000 Subject: [PATCH 01/18] Pass organization_id to SnippetsFinder in API and GraphQL This MR updates API and GraphQL snippet resolvers to pass organization_id to SnippetsFinder, positioning it immediately after the current_user parameter. This prepares for organization_id to become a required parameter in the future. The organization_id is obtained from Current.organization.id and passed consistently across: - lib/api/snippets.rb - lib/api/project_snippets.rb - app/graphql/resolvers/concerns/resolves_snippets.rb This is MR 2 of 3 in the planned rollout for https://gitlab.com/gitlab-org/gitlab/-/issues/570399. Related to https://gitlab.com/gitlab-org/gitlab/-/merge_requests/212826 Changelog: changed --- app/graphql/resolvers/concerns/resolves_snippets.rb | 3 ++- lib/api/project_snippets.rb | 2 +- lib/api/snippets.rb | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/app/graphql/resolvers/concerns/resolves_snippets.rb b/app/graphql/resolvers/concerns/resolves_snippets.rb index d5808cf96f89de..3c0275588b2648 100644 --- a/app/graphql/resolvers/concerns/resolves_snippets.rb +++ b/app/graphql/resolvers/concerns/resolves_snippets.rb @@ -23,7 +23,8 @@ def resolve(**args) private def resolve_snippets(args) - SnippetsFinder.new(context[:current_user], snippet_finder_params(args)).execute + SnippetsFinder.new(context[:current_user], organization_id: Current.organization.id, + **snippet_finder_params(args)).execute end def snippet_finder_params(args) diff --git a/lib/api/project_snippets.rb b/lib/api/project_snippets.rb index 59f119d30e1388..1bd625b498385c 100644 --- a/lib/api/project_snippets.rb +++ b/lib/api/project_snippets.rb @@ -31,7 +31,7 @@ def handle_project_member_errors(errors) end def snippets_for_current_user - SnippetsFinder.new(current_user, project: user_project).execute + SnippetsFinder.new(current_user, organization_id: Current.organization.id, project: user_project).execute end end diff --git a/lib/api/snippets.rb b/lib/api/snippets.rb index 0dc7542f889bf3..f5b86c18a0a62b 100644 --- a/lib/api/snippets.rb +++ b/lib/api/snippets.rb @@ -14,7 +14,7 @@ class Snippets < ::API::Base helpers do def find_snippets(user: current_user, params: {}) - SnippetsFinder.new(user, params).execute + SnippetsFinder.new(user, organization_id: Current.organization.id, **params).execute end def snippets_for_current_user -- GitLab From c5cb135b9f16894eb797ec4d34b769962c693be9 Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Sat, 22 Nov 2025 07:53:38 +0000 Subject: [PATCH 02/18] Add :with_current_organization to GraphQL snippets spec Update spec to include :with_current_organization metadata to ensure Current.organization is properly set during tests. --- spec/requests/api/graphql/snippets_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/requests/api/graphql/snippets_spec.rb b/spec/requests/api/graphql/snippets_spec.rb index f2a7679bff585c..1450b5b407f4f1 100644 --- a/spec/requests/api/graphql/snippets_spec.rb +++ b/spec/requests/api/graphql/snippets_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe 'snippets', feature_category: :source_code_management do +RSpec.describe 'snippets', :with_current_organization, feature_category: :source_code_management do include GraphqlHelpers let_it_be(:current_user) { create(:user) } -- GitLab From f40e844a7c50f868bba8d44870788b86429159ab Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Sun, 23 Nov 2025 07:33:12 +0000 Subject: [PATCH 03/18] Fix GraphQL snippet resolver specs with organization context Add :with_current_organization metadata tag to the three GraphQL snippet resolver specs that were failing with Current::OrganizationNotAssignedError. This ensures Current.organization is properly set before the resolvers execute, fixing 20 test failures in the rspec fail-fast job. --- spec/graphql/resolvers/projects/snippets_resolver_spec.rb | 2 +- spec/graphql/resolvers/snippets_resolver_spec.rb | 2 +- spec/graphql/resolvers/users/snippets_resolver_spec.rb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/spec/graphql/resolvers/projects/snippets_resolver_spec.rb b/spec/graphql/resolvers/projects/snippets_resolver_spec.rb index 47e4629a3cd780..586b983a9fb045 100644 --- a/spec/graphql/resolvers/projects/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/projects/snippets_resolver_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Resolvers::Projects::SnippetsResolver, feature_category: :source_code_management do +RSpec.describe Resolvers::Projects::SnippetsResolver, :with_current_organization, feature_category: :source_code_management do include GraphqlHelpers describe '#resolve' do diff --git a/spec/graphql/resolvers/snippets_resolver_spec.rb b/spec/graphql/resolvers/snippets_resolver_spec.rb index ee9a6e67243c6e..e7ea3a81b365e1 100644 --- a/spec/graphql/resolvers/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/snippets_resolver_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Resolvers::SnippetsResolver do +RSpec.describe Resolvers::SnippetsResolver, :with_current_organization do include GraphqlHelpers describe '#resolve' do diff --git a/spec/graphql/resolvers/users/snippets_resolver_spec.rb b/spec/graphql/resolvers/users/snippets_resolver_spec.rb index 12baed2560ee29..58d36182bbc6cc 100644 --- a/spec/graphql/resolvers/users/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/users/snippets_resolver_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Resolvers::Users::SnippetsResolver do +RSpec.describe Resolvers::Users::SnippetsResolver, :with_current_organization do include GraphqlHelpers describe '#resolve' do -- GitLab From e847b8af3f5d4055e3adabde9d7896391bb059e0 Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Tue, 25 Nov 2025 04:58:06 +0000 Subject: [PATCH 04/18] Add feature_category metadata to snippet resolver specs --- spec/graphql/resolvers/snippets_resolver_spec.rb | 2 +- spec/graphql/resolvers/users/snippets_resolver_spec.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/graphql/resolvers/snippets_resolver_spec.rb b/spec/graphql/resolvers/snippets_resolver_spec.rb index e7ea3a81b365e1..fc3e41079584aa 100644 --- a/spec/graphql/resolvers/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/snippets_resolver_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Resolvers::SnippetsResolver, :with_current_organization do +RSpec.describe Resolvers::SnippetsResolver, :with_current_organization, feature_category: :source_code_management do include GraphqlHelpers describe '#resolve' do diff --git a/spec/graphql/resolvers/users/snippets_resolver_spec.rb b/spec/graphql/resolvers/users/snippets_resolver_spec.rb index 58d36182bbc6cc..3aac0af27ff950 100644 --- a/spec/graphql/resolvers/users/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/users/snippets_resolver_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Resolvers::Users::SnippetsResolver, :with_current_organization do +RSpec.describe Resolvers::Users::SnippetsResolver, :with_current_organization, feature_category: :source_code_management do include GraphqlHelpers describe '#resolve' do -- GitLab From 9d7867bb751d3b0b3109381f0b55b63567c06e9b Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Tue, 25 Nov 2025 05:00:10 +0000 Subject: [PATCH 05/18] Fix GraphQL snippet resolver specs to set Current.organization The specs were failing because Current.organization was not being set properly. The :with_current_organization helper stubs Gitlab::Current::Organization, but the code uses Current.organization which requires explicit assignment. This commit adds a before block to set Current.organization directly in each spec file. --- spec/graphql/resolvers/projects/snippets_resolver_spec.rb | 4 ++++ spec/graphql/resolvers/snippets_resolver_spec.rb | 1 + spec/graphql/resolvers/users/snippets_resolver_spec.rb | 1 + 3 files changed, 6 insertions(+) diff --git a/spec/graphql/resolvers/projects/snippets_resolver_spec.rb b/spec/graphql/resolvers/projects/snippets_resolver_spec.rb index 586b983a9fb045..231ebca8bcd98f 100644 --- a/spec/graphql/resolvers/projects/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/projects/snippets_resolver_spec.rb @@ -20,6 +20,10 @@ project.add_developer(user) end + before do + Current.organization = current_organization + end + it 'calls SnippetsFinder' do expect_next_instance_of(SnippetsFinder) do |finder| expect(finder).to receive(:execute) diff --git a/spec/graphql/resolvers/snippets_resolver_spec.rb b/spec/graphql/resolvers/snippets_resolver_spec.rb index fc3e41079584aa..916dac7660a8a0 100644 --- a/spec/graphql/resolvers/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/snippets_resolver_spec.rb @@ -17,6 +17,7 @@ before do project.add_developer(current_user) + Current.organization = current_organization end it 'calls SnippetsFinder' do diff --git a/spec/graphql/resolvers/users/snippets_resolver_spec.rb b/spec/graphql/resolvers/users/snippets_resolver_spec.rb index 3aac0af27ff950..7dceb837a4b590 100644 --- a/spec/graphql/resolvers/users/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/users/snippets_resolver_spec.rb @@ -18,6 +18,7 @@ before do project.add_developer(current_user) + Current.organization = current_organization end it 'calls SnippetsFinder' do -- GitLab From 73d470ad0929ddd921270190a52b2aaff2ff898b Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Tue, 25 Nov 2025 05:10:32 +0000 Subject: [PATCH 06/18] Add explanatory comment for Current.organization assignment in specs Following the pattern from ee/spec/graphql/mutations/ai/action_spec.rb, add a comment explaining why we need to manually set Current.organization in GraphQL specs that don't go through the request flow. --- spec/graphql/resolvers/projects/snippets_resolver_spec.rb | 1 + spec/graphql/resolvers/snippets_resolver_spec.rb | 1 + spec/graphql/resolvers/users/snippets_resolver_spec.rb | 1 + 3 files changed, 3 insertions(+) diff --git a/spec/graphql/resolvers/projects/snippets_resolver_spec.rb b/spec/graphql/resolvers/projects/snippets_resolver_spec.rb index 231ebca8bcd98f..0716124788e496 100644 --- a/spec/graphql/resolvers/projects/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/projects/snippets_resolver_spec.rb @@ -21,6 +21,7 @@ end before do + # Since this doesn't go through a request flow, we need to manually set Current.organization Current.organization = current_organization end diff --git a/spec/graphql/resolvers/snippets_resolver_spec.rb b/spec/graphql/resolvers/snippets_resolver_spec.rb index 916dac7660a8a0..98778a12ba119f 100644 --- a/spec/graphql/resolvers/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/snippets_resolver_spec.rb @@ -17,6 +17,7 @@ before do project.add_developer(current_user) + # Since this doesn't go through a request flow, we need to manually set Current.organization Current.organization = current_organization end diff --git a/spec/graphql/resolvers/users/snippets_resolver_spec.rb b/spec/graphql/resolvers/users/snippets_resolver_spec.rb index 7dceb837a4b590..c032c8c8d11c4e 100644 --- a/spec/graphql/resolvers/users/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/users/snippets_resolver_spec.rb @@ -18,6 +18,7 @@ before do project.add_developer(current_user) + # Since this doesn't go through a request flow, we need to manually set Current.organization Current.organization = current_organization end -- GitLab From a92380586079041865db936489644bf0afa95a30 Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Tue, 25 Nov 2025 06:21:24 +0000 Subject: [PATCH 07/18] Handle nil Current.organization in API snippets For unauthenticated API requests, Current.organization can be nil. Use safe navigation operator to handle this case gracefully. --- lib/api/snippets.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/api/snippets.rb b/lib/api/snippets.rb index f5b86c18a0a62b..cf200c0d798d7a 100644 --- a/lib/api/snippets.rb +++ b/lib/api/snippets.rb @@ -14,7 +14,7 @@ class Snippets < ::API::Base helpers do def find_snippets(user: current_user, params: {}) - SnippetsFinder.new(user, organization_id: Current.organization.id, **params).execute + SnippetsFinder.new(user, organization_id: Current.organization&.id, **params).execute end def snippets_for_current_user -- GitLab From 639a7d96f6d1d9e9007092f27be5b3a99091f0fc Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Tue, 25 Nov 2025 06:25:42 +0000 Subject: [PATCH 08/18] Revert "Handle nil Current.organization in API snippets" This reverts commit aa55b1af0b925d0a25f5960f1660e96d122ff23d. --- lib/api/snippets.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/api/snippets.rb b/lib/api/snippets.rb index cf200c0d798d7a..f5b86c18a0a62b 100644 --- a/lib/api/snippets.rb +++ b/lib/api/snippets.rb @@ -14,7 +14,7 @@ class Snippets < ::API::Base helpers do def find_snippets(user: current_user, params: {}) - SnippetsFinder.new(user, organization_id: Current.organization&.id, **params).execute + SnippetsFinder.new(user, organization_id: Current.organization.id, **params).execute end def snippets_for_current_user -- GitLab From da014e71ad46d29f88e5fd539835b8c99c77365a Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Tue, 25 Nov 2025 06:30:52 +0000 Subject: [PATCH 09/18] Add :with_current_organization to API::Snippets spec This ensures Current.organization is set for all API snippet tests, including unauthenticated requests. --- spec/requests/api/snippets_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/requests/api/snippets_spec.rb b/spec/requests/api/snippets_spec.rb index ecd5310e361d16..6985e891cd8837 100644 --- a/spec/requests/api/snippets_spec.rb +++ b/spec/requests/api/snippets_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe API::Snippets, :aggregate_failures, factory_default: :keep, feature_category: :source_code_management do +RSpec.describe API::Snippets, :aggregate_failures, :with_current_organization, factory_default: :keep, feature_category: :source_code_management do include SnippetHelpers let_it_be(:admin) { create(:user, :admin) } -- GitLab From 3d08fbee79d3df73d1eb22a584afb96956a88b28 Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Wed, 26 Nov 2025 15:42:17 +0000 Subject: [PATCH 10/18] Add test for organization filtering in SnippetsResolver Add test to verify that snippets from other organizations are not returned when querying snippets. This ensures the organization_id parameter is working correctly. Addresses review comment: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/213784#note_2915074620 --- spec/graphql/resolvers/snippets_resolver_spec.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/spec/graphql/resolvers/snippets_resolver_spec.rb b/spec/graphql/resolvers/snippets_resolver_spec.rb index 98778a12ba119f..32fca90d70ba93 100644 --- a/spec/graphql/resolvers/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/snippets_resolver_spec.rb @@ -36,6 +36,18 @@ end context 'when using filters' do + context 'by organization' do + let_it_be(:other_organization) { create(:organization) } + let_it_be(:snippet_in_other_org) { create(:personal_snippet, :public, author: current_user, organization: other_organization) } + + it 'only returns snippets from the current organization' do + snippets = resolve_snippets + + expect(snippets).to contain_exactly(personal_snippet, other_personal_snippet, project_snippet, other_project_snippet) + expect(snippets).not_to include(snippet_in_other_org) + end + end + context 'by author id' do it 'returns the snippets' do snippets = resolve_snippets(args: { author_id: global_id_of(current_user) }) -- GitLab From 40f89d845a19cfa44dea02d74d8290bf5f0e11bf Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Thu, 27 Nov 2025 21:02:24 +0000 Subject: [PATCH 11/18] Add org filter tests for API endpoints, restructure GraphQLRetry --- .../resolvers/snippets_resolver_spec.rb | 18 +++++++++--------- spec/requests/api/project_snippets_spec.rb | 17 +++++++++++++++++ spec/requests/api/snippets_spec.rb | 14 ++++++++++++++ 3 files changed, 40 insertions(+), 9 deletions(-) diff --git a/spec/graphql/resolvers/snippets_resolver_spec.rb b/spec/graphql/resolvers/snippets_resolver_spec.rb index 32fca90d70ba93..04b478780ce5c1 100644 --- a/spec/graphql/resolvers/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/snippets_resolver_spec.rb @@ -35,19 +35,19 @@ end end - context 'when using filters' do - context 'by organization' do - let_it_be(:other_organization) { create(:organization) } - let_it_be(:snippet_in_other_org) { create(:personal_snippet, :public, author: current_user, organization: other_organization) } + context 'organization filtering' do + let_it_be(:other_organization) { create(:organization) } + let_it_be(:snippet_in_other_org) { create(:personal_snippet, :public, author: current_user, organization: other_organization) } - it 'only returns snippets from the current organization' do - snippets = resolve_snippets + it 'only returns snippets from the current organization' do + snippets = resolve_snippets - expect(snippets).to contain_exactly(personal_snippet, other_personal_snippet, project_snippet, other_project_snippet) - expect(snippets).not_to include(snippet_in_other_org) - end + expect(snippets).to contain_exactly(personal_snippet, other_personal_snippet, project_snippet, other_project_snippet) + expect(snippets).not_to include(snippet_in_other_org) end + end + context 'when using filters' do context 'by author id' do it 'returns the snippets' do snippets = resolve_snippets(args: { author_id: global_id_of(current_user) }) diff --git a/spec/requests/api/project_snippets_spec.rb b/spec/requests/api/project_snippets_spec.rb index 91d7bc1e403e34..7a2ac0c6a1dcf2 100644 --- a/spec/requests/api/project_snippets_spec.rb +++ b/spec/requests/api/project_snippets_spec.rb @@ -63,6 +63,23 @@ expect(json_response.last).to have_key('web_url') end + context 'organization filtering' do + let_it_be(:other_organization) { create(:organization) } + let_it_be(:other_project) { create(:project, :public, organization: other_organization) } + let_it_be(:snippet_in_other_org) { create(:project_snippet, :public, project: other_project) } + + it 'only returns snippets from projects in the current organization' do + project.add_developer(user) + + get api("/projects/#{project.id}/snippets", user) + + expect(response).to have_gitlab_http_status(:ok) + snippet_ids = json_response.map { |snippet| snippet['id'] } + expect(snippet_ids).to include(public_snippet.id) + expect(snippet_ids).not_to include(snippet_in_other_org.id) + end + end + it 'hides private snippets from regular user' do create(:project_snippet, :private, project: project) diff --git a/spec/requests/api/snippets_spec.rb b/spec/requests/api/snippets_spec.rb index 6985e891cd8837..b7f7b5944d7202 100644 --- a/spec/requests/api/snippets_spec.rb +++ b/spec/requests/api/snippets_spec.rb @@ -71,6 +71,20 @@ it_behaves_like "returns unauthorized when not authenticated" it_behaves_like "returns filtered snippets for user" + context 'organization filtering' do + let_it_be(:other_organization) { create(:organization) } + let_it_be(:snippet_in_other_org) { create(:personal_snippet, :public, author: user, organization: other_organization) } + + it 'only returns snippets from the current organization' do + get api(path, personal_access_token: user_token) + + expect(response).to have_gitlab_http_status(:ok) + snippet_ids = json_response.map { |snippet| snippet['id'] } + expect(snippet_ids).to include(public_snippet.id, internal_snippet.id, private_snippet.id) + expect(snippet_ids).not_to include(snippet_in_other_org.id) + end + end + it 'hides private snippets from regular user' do get api(path, personal_access_token: other_user_token) -- GitLab From e0e7527644387ff38b168492ce5df3c83a5edeac Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Fri, 28 Nov 2025 15:36:31 +0000 Subject: [PATCH 12/18] Test organization_id passed to SnippetsFinder in project snippets API --- spec/requests/api/project_snippets_spec.rb | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/spec/requests/api/project_snippets_spec.rb b/spec/requests/api/project_snippets_spec.rb index 7a2ac0c6a1dcf2..0bda22b2d97e59 100644 --- a/spec/requests/api/project_snippets_spec.rb +++ b/spec/requests/api/project_snippets_spec.rb @@ -63,21 +63,16 @@ expect(json_response.last).to have_key('web_url') end - context 'organization filtering' do - let_it_be(:other_organization) { create(:organization) } - let_it_be(:other_project) { create(:project, :public, organization: other_organization) } - let_it_be(:snippet_in_other_org) { create(:project_snippet, :public, project: other_project) } + it 'passes organization_id to SnippetsFinder' do + project.add_developer(user) - it 'only returns snippets from projects in the current organization' do - project.add_developer(user) + expect(SnippetsFinder).to receive(:new) + .with(user, hash_including(organization_id: current_organization.id, project: project)) + .and_call_original - get api("/projects/#{project.id}/snippets", user) + get api("/projects/#{project.id}/snippets", user) - expect(response).to have_gitlab_http_status(:ok) - snippet_ids = json_response.map { |snippet| snippet['id'] } - expect(snippet_ids).to include(public_snippet.id) - expect(snippet_ids).not_to include(snippet_in_other_org.id) - end + expect(response).to have_gitlab_http_status(:ok) end it 'hides private snippets from regular user' do -- GitLab From 912c2727e8294c43dbd40c80f1c8fabd9bbf6709 Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Fri, 28 Nov 2025 15:38:17 +0000 Subject: [PATCH 13/18] Test organization_id passed to SnippetsFinder in snippets API --- spec/requests/api/snippets_spec.rb | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/spec/requests/api/snippets_spec.rb b/spec/requests/api/snippets_spec.rb index b7f7b5944d7202..6f7e74398f4d8f 100644 --- a/spec/requests/api/snippets_spec.rb +++ b/spec/requests/api/snippets_spec.rb @@ -71,18 +71,14 @@ it_behaves_like "returns unauthorized when not authenticated" it_behaves_like "returns filtered snippets for user" - context 'organization filtering' do - let_it_be(:other_organization) { create(:organization) } - let_it_be(:snippet_in_other_org) { create(:personal_snippet, :public, author: user, organization: other_organization) } + it 'passes organization_id to SnippetsFinder' do + expect(SnippetsFinder).to receive(:new) + .with(user, hash_including(organization_id: current_organization.id)) + .and_call_original - it 'only returns snippets from the current organization' do - get api(path, personal_access_token: user_token) + get api(path, personal_access_token: user_token) - expect(response).to have_gitlab_http_status(:ok) - snippet_ids = json_response.map { |snippet| snippet['id'] } - expect(snippet_ids).to include(public_snippet.id, internal_snippet.id, private_snippet.id) - expect(snippet_ids).not_to include(snippet_in_other_org.id) - end + expect(response).to have_gitlab_http_status(:ok) end it 'hides private snippets from regular user' do -- GitLab From cc649fd4b1e0bab137bd59ec8896f2fcd5830535 Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Fri, 28 Nov 2025 16:07:58 +0000 Subject: [PATCH 14/18] Add spec for organization_id in SnippetsFinder --- spec/graphql/resolvers/snippets_resolver_spec.rb | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/spec/graphql/resolvers/snippets_resolver_spec.rb b/spec/graphql/resolvers/snippets_resolver_spec.rb index 04b478780ce5c1..a92879cd9c4f15 100644 --- a/spec/graphql/resolvers/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/snippets_resolver_spec.rb @@ -39,6 +39,14 @@ let_it_be(:other_organization) { create(:organization) } let_it_be(:snippet_in_other_org) { create(:personal_snippet, :public, author: current_user, organization: other_organization) } + it 'passes organization_id to SnippetsFinder' do + expect(SnippetsFinder).to receive(:new) + .with(current_user, hash_including(organization_id: current_organization.id)) + .and_call_original + + resolve_snippets + end + it 'only returns snippets from the current organization' do snippets = resolve_snippets -- GitLab From 77e2f8337d24d0356f2b635d674f3ad52f081953 Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Fri, 28 Nov 2025 16:52:48 +0000 Subject: [PATCH 15/18] Fix spec to use .items for proper array matching --- spec/graphql/resolvers/snippets_resolver_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/graphql/resolvers/snippets_resolver_spec.rb b/spec/graphql/resolvers/snippets_resolver_spec.rb index a92879cd9c4f15..08a2c9fbe7f4d7 100644 --- a/spec/graphql/resolvers/snippets_resolver_spec.rb +++ b/spec/graphql/resolvers/snippets_resolver_spec.rb @@ -48,7 +48,7 @@ end it 'only returns snippets from the current organization' do - snippets = resolve_snippets + snippets = resolve_snippets.items expect(snippets).to contain_exactly(personal_snippet, other_personal_snippet, project_snippet, other_project_snippet) expect(snippets).not_to include(snippet_in_other_org) -- GitLab From 1cdf08d321fcdae510973f9579b7f7e5b22608e3 Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Tue, 2 Dec 2025 05:18:55 +0000 Subject: [PATCH 16/18] Add organization setup to snippet_type_spec.rb The spec was failing with Current::OrganizationNotAssignedError because it was missing the :with_current_organization metadata and the manual Current.organization setup in the before block. This matches the pattern used in other GraphQL snippet resolver specs. --- spec/graphql/types/snippet_type_spec.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/spec/graphql/types/snippet_type_spec.rb b/spec/graphql/types/snippet_type_spec.rb index 30368bf236104f..62138a8a1db72d 100644 --- a/spec/graphql/types/snippet_type_spec.rb +++ b/spec/graphql/types/snippet_type_spec.rb @@ -2,11 +2,16 @@ require 'spec_helper' -RSpec.describe GitlabSchema.types['Snippet'] do +RSpec.describe GitlabSchema.types['Snippet'], :with_current_organization do include GraphqlHelpers let_it_be(:user) { create(:user) } + before do + # Since this doesn't go through a request flow, we need to manually set Current.organization + Current.organization = current_organization + end + it 'has the correct fields' do expected_fields = [:id, :title, :project, :author, :hidden, :file_name, :description, -- GitLab From c8a168f80db8cbded60d165a5c64a34170bd6027 Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Tue, 2 Dec 2025 05:21:56 +0000 Subject: [PATCH 17/18] Add organization setup to blob_viewer_type_spec.rb The spec was failing with Current::OrganizationNotAssignedError because it was missing the :with_current_organization metadata and the manual Current.organization setup in the before block. This matches the pattern used in other GraphQL snippet specs. --- spec/graphql/types/snippets/blob_viewer_type_spec.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/spec/graphql/types/snippets/blob_viewer_type_spec.rb b/spec/graphql/types/snippets/blob_viewer_type_spec.rb index d934f77901d3db..9b9979ce4cff27 100644 --- a/spec/graphql/types/snippets/blob_viewer_type_spec.rb +++ b/spec/graphql/types/snippets/blob_viewer_type_spec.rb @@ -2,10 +2,15 @@ require 'spec_helper' -RSpec.describe GitlabSchema.types['SnippetBlobViewer'], feature_category: :source_code_management do +RSpec.describe GitlabSchema.types['SnippetBlobViewer'], :with_current_organization, feature_category: :source_code_management do let_it_be(:snippet) { create(:personal_snippet, :repository) } let_it_be(:blob) { snippet.repository.blob_at('HEAD', 'files/images/6049019_460s.jpg') } + before do + # Since this doesn't go through a request flow, we need to manually set Current.organization + Current.organization = current_organization + end + it 'has the correct fields' do expected_fields = [:type, :load_async, :too_large, :collapsed, :render_error, :file_type, :loading_partial_name] -- GitLab From e3474f57680f92acf6a9e61f0bb8b7932928ccbb Mon Sep 17 00:00:00 2001 From: Chen Zhang Date: Tue, 2 Dec 2025 18:27:54 +0000 Subject: [PATCH 18/18] Add :with_current_organization to snippet feature specs The snippet feature specs need the organization context to properly execute GraphQL queries. Without it, the GraphQL API returns 500 errors when trying to access organization-related data, causing the Vue components to fail rendering. This fixes the failing tests in: - spec/features/snippets/show_spec.rb - spec/features/snippets/public_snippets_spec.rb Changelog: fixed --- spec/features/snippets/public_snippets_spec.rb | 2 +- spec/features/snippets/show_spec.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/features/snippets/public_snippets_spec.rb b/spec/features/snippets/public_snippets_spec.rb index 0f3d5e479d63dc..302d7be92e1063 100644 --- a/spec/features/snippets/public_snippets_spec.rb +++ b/spec/features/snippets/public_snippets_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe 'Public Snippets', :js, feature_category: :source_code_management do +RSpec.describe 'Public Snippets', :js, :with_current_organization, feature_category: :source_code_management do let(:public_snippet) { create(:personal_snippet, :public, :repository) } let(:content) { public_snippet.blobs.first.data.strip! } diff --git a/spec/features/snippets/show_spec.rb b/spec/features/snippets/show_spec.rb index 12f03277ec4c33..88aef01e96813b 100644 --- a/spec/features/snippets/show_spec.rb +++ b/spec/features/snippets/show_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe 'Snippet', :js, feature_category: :source_code_management do +RSpec.describe 'Snippet', :js, :with_current_organization, feature_category: :source_code_management do let_it_be(:owner) { create(:user) } let_it_be(:current_organization) { owner.organization } let_it_be(:snippet) { create(:personal_snippet, :public, :repository, author: owner) } -- GitLab