diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb index db3c90007bca2b3f9dfb80209d3abfc538fa7ab2..d3260e3b60926a675478808929ebd3485ed42d09 100644 --- a/app/controllers/search_controller.rb +++ b/app/controllers/search_controller.rb @@ -15,6 +15,7 @@ class SearchController < ApplicationController around_action :allow_gitaly_ref_name_caching + before_action :block_anonymous_global_searches skip_before_action :authenticate_user! requires_cross_project_access if: -> do search_term_present = params[:search].present? || params[:term].present? @@ -128,6 +129,16 @@ def append_info_to_payload(payload) payload[:metadata]['meta.search.search'] = params[:search] payload[:metadata]['meta.search.scope'] = params[:scope] end + + def block_anonymous_global_searches + return if params[:project_id].present? || params[:group_id].present? + return if current_user + return unless ::Feature.enabled?(:block_anonymous_global_searches) + + store_location_for(:user, request.fullpath) + + redirect_to new_user_session_path, alert: _('You must be logged in to search across all of GitLab') + end end SearchController.prepend_if_ee('EE::SearchController') diff --git a/config/feature_flags/development/block_anonymous_global_searches.yml b/config/feature_flags/development/block_anonymous_global_searches.yml new file mode 100644 index 0000000000000000000000000000000000000000..527e99ad8a8b5e8b709f298b558201116099fe84 --- /dev/null +++ b/config/feature_flags/development/block_anonymous_global_searches.yml @@ -0,0 +1,7 @@ +--- +name: block_anonymous_global_searches +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/41041 +rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/244276 +group: group::global search +type: development +default_enabled: false \ No newline at end of file diff --git a/ee/app/models/ee/application_setting.rb b/ee/app/models/ee/application_setting.rb index 688e8a393a7c1c192f868217165347e55e44bdf7..d3b96e640489435f9d15db16bed1ee5768fed07b 100644 --- a/ee/app/models/ee/application_setting.rb +++ b/ee/app/models/ee/application_setting.rb @@ -244,7 +244,7 @@ def search_using_elasticsearch?(scope: nil) when Project elasticsearch_indexes_project?(scope) else - false # Never use elasticsearch for the global scope when limiting is on + ::Feature.enabled?(:advanced_global_search_for_limited_indexing) end end diff --git a/ee/config/feature_flags/development/advanced_global_search_for_limited_indexing.yml b/ee/config/feature_flags/development/advanced_global_search_for_limited_indexing.yml new file mode 100644 index 0000000000000000000000000000000000000000..1b4977fe6cfd517feefd4818918ac90cfc6725f9 --- /dev/null +++ b/ee/config/feature_flags/development/advanced_global_search_for_limited_indexing.yml @@ -0,0 +1,7 @@ +--- +name: advanced_global_search_for_limited_indexing +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/41041 +rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/244276 +group: group::global search +type: development +default_enabled: false \ No newline at end of file diff --git a/ee/spec/features/search/elastic/global_search_spec.rb b/ee/spec/features/search/elastic/global_search_spec.rb index e8db327e4159964b4e9af3b6db8c9a5f62637c7c..22c2adcf1a6dcc1274c1f416f721061424f423e7 100644 --- a/ee/spec/features/search/elastic/global_search_spec.rb +++ b/ee/spec/features/search/elastic/global_search_spec.rb @@ -266,7 +266,19 @@ end RSpec.describe 'Global elastic search redactions', :elastic do - it_behaves_like 'a redacted search results page' do - let(:search_path) { explore_root_path } + context 'when block_anonymous_global_searches is disabled' do + before do + stub_feature_flags(block_anonymous_global_searches: false) + end + + it_behaves_like 'a redacted search results page' do + let(:search_path) { explore_root_path } + end + end + + context 'when block_anonymous_global_searches is enabled' do + it_behaves_like 'a redacted search results page', include_anonymous: false do + let(:search_path) { explore_root_path } + end end end diff --git a/ee/spec/features/search/elastic/snippet_search_spec.rb b/ee/spec/features/search/elastic/snippet_search_spec.rb index 42c750849d8e56c774560260c3c3dca9ee90b890..ae6d3ad9449d2c6b610c94f17d2284be7680e901 100644 --- a/ee/spec/features/search/elastic/snippet_search_spec.rb +++ b/ee/spec/features/search/elastic/snippet_search_spec.rb @@ -37,19 +37,31 @@ context 'as anonymous user' do let(:current_user) { nil } - it 'finds only public snippets' do - within('.results') do - expect(page).to have_content('public personal snippet') - expect(page).not_to have_content('public project snippet') + context 'when block_anonymous_global_searches is enabled' do + it 'redirects to login page' do + expect(page).to have_content('You must be logged in to search across all of GitLab') + end + end - expect(page).not_to have_content('internal personal snippet') - expect(page).not_to have_content('internal project snippet') + context 'when block_anonymous_global_searches is disabled' do + before(:context) do + stub_feature_flags(block_anonymous_global_searches: false) + end - expect(page).not_to have_content('authorized personal snippet') - expect(page).not_to have_content('authorized project snippet') + it 'finds only public snippets' do + within('.results') do + expect(page).to have_content('public personal snippet') + expect(page).not_to have_content('public project snippet') - expect(page).not_to have_content('private personal snippet') - expect(page).not_to have_content('private project snippet') + expect(page).not_to have_content('internal personal snippet') + expect(page).not_to have_content('internal project snippet') + + expect(page).not_to have_content('authorized personal snippet') + expect(page).not_to have_content('authorized project snippet') + + expect(page).not_to have_content('private personal snippet') + expect(page).not_to have_content('private project snippet') + end end end end diff --git a/ee/spec/models/application_setting_spec.rb b/ee/spec/models/application_setting_spec.rb index 2a387037cb59888a3b7f0ee8601d3e80c949077c..e451aba5d15903b9a775e2836629a4dc0637daad 100644 --- a/ee/spec/models/application_setting_spec.rb +++ b/ee/spec/models/application_setting_spec.rb @@ -407,8 +407,8 @@ def expect_is_es_licensed end describe '#search_using_elasticsearch?' do - # Constructs a truth table with 16 entries to run the specs against - where(indexing: [true, false], searching: [true, false], limiting: [true, false]) + # Constructs a truth table to run the specs against + where(indexing: [true, false], searching: [true, false], limiting: [true, false], advanced_global_search_for_limited_indexing: [true, false]) with_them do let_it_be(:included_project_container) { create(:elasticsearch_indexed_project) } @@ -430,12 +430,14 @@ def expect_is_es_licensed elasticsearch_search: searching, elasticsearch_limit_indexing: limiting ) + + stub_feature_flags(advanced_global_search_for_limited_indexing: advanced_global_search_for_limited_indexing) end context 'global scope' do let(:scope) { nil } - it { is_expected.to eq(only_when_enabled_globally) } + it { is_expected.to eq(indexing && searching && (!limiting || advanced_global_search_for_limited_indexing)) } end context 'namespace (in scope)' do diff --git a/ee/spec/requests/api/search_spec.rb b/ee/spec/requests/api/search_spec.rb index ee44bebc04060567dcb609788bc0ae8475c1f78d..4b401f4e92c31998c889e72f6ab1a7202c09b452 100644 --- a/ee/spec/requests/api/search_spec.rb +++ b/ee/spec/requests/api/search_spec.rb @@ -61,10 +61,7 @@ shared_examples 'elasticsearch enabled' do |level:| context 'for merge_requests scope', :sidekiq_inline do before do - create(:labeled_merge_request, target_branch: 'feature_1', source_project: project, labels: [create(:label), create(:label)]) - create(:merge_request, target_branch: 'feature_2', source_project: project, author: create(:user)) - create(:merge_request, target_branch: 'feature_3', source_project: project, milestone: create(:milestone, project: project)) - create(:merge_request, target_branch: 'feature_4', source_project: project) + create_list(:merge_request, 3, :unique_branches, source_project: project, author: create(:user), milestone: create(:milestone, project: project), labels: [create(:label)]) ensure_elasticsearch_index! end @@ -72,19 +69,14 @@ it 'avoids N+1 queries' do control = ActiveRecord::QueryRecorder.new { get api(endpoint, user), params: { scope: 'merge_requests', search: '*' } } - - create(:labeled_merge_request, target_branch: 'feature_5', source_project: project, labels: [create(:label), create(:label)]) - create(:merge_request, target_branch: 'feature_6', source_project: project, author: create(:user)) - create(:merge_request, target_branch: 'feature_7', source_project: project, milestone: create(:milestone, project: project)) - create(:merge_request, target_branch: 'feature_8', source_project: project) - + create_list(:merge_request, 3, :unique_branches, source_project: project, author: create(:user), milestone: create(:milestone, project: project), labels: [create(:label)]) ensure_elasticsearch_index! expect { get api(endpoint, user), params: { scope: 'merge_requests', search: '*' } }.not_to exceed_query_limit(control) end end - context 'for wiki_blobs scope', :sidekiq_might_not_need_inline do + context 'for wiki_blobs scope', :sidekiq_inline do before do wiki = create(:project_wiki, project: project) create(:wiki_page, wiki: wiki, title: 'home', content: "Awesome page") @@ -101,105 +93,105 @@ it_behaves_like 'pagination', scope: 'wiki_blobs' end - context 'for commits scope', :sidekiq_inline do + context 'for commits and blobs', :sidekiq_inline do before do project.repository.index_commits_and_blobs ensure_elasticsearch_index! - - get api(endpoint, user), params: { scope: 'commits', search: 'folder' } end - it_behaves_like 'response is correct', schema: 'public_api/v4/commits_details', size: 2 - - it_behaves_like 'pagination', scope: 'commits' + context 'for commits scope' do + before do + get api(endpoint, user), params: { scope: 'commits', search: 'folder' } + end - it 'avoids N+1 queries' do - control = ActiveRecord::QueryRecorder.new { get api(endpoint, user), params: { scope: 'commits', search: 'folder' } } + it_behaves_like 'response is correct', schema: 'public_api/v4/commits_details', size: 2 - project_2 = create(:project, :public, :repository, :wiki_repo, name: 'awesome project 2') - project_3 = create(:project, :public, :repository, :wiki_repo, name: 'awesome project 3') - project_2.repository.index_commits_and_blobs - project_3.repository.index_commits_and_blobs + it_behaves_like 'pagination', scope: 'commits' - ensure_elasticsearch_index! + it 'avoids N+1 queries' do + control = ActiveRecord::QueryRecorder.new { get api(endpoint, user), params: { scope: 'commits', search: 'folder' } } - # Some N+1 queries still exist - expect { get api(endpoint, user), params: { scope: 'commits', search: 'folder' } }.not_to exceed_query_limit(control).with_threshold(9) - end - end + project_2 = create(:project, :public, :repository, :wiki_repo, name: 'awesome project 2') + project_3 = create(:project, :public, :repository, :wiki_repo, name: 'awesome project 3') + project_2.repository.index_commits_and_blobs + project_3.repository.index_commits_and_blobs - context 'for blobs scope', :sidekiq_might_not_need_inline do - before do - project.repository.index_commits_and_blobs - ensure_elasticsearch_index! + ensure_elasticsearch_index! - get api(endpoint, user), params: { scope: 'blobs', search: 'monitors' } + # Some N+1 queries still exist + expect { get api(endpoint, user), params: { scope: 'commits', search: 'folder' } }.not_to exceed_query_limit(control).with_threshold(9) + end end - it_behaves_like 'response is correct', schema: 'public_api/v4/blobs' - - it_behaves_like 'pagination', scope: 'blobs' - - context 'filters' do - def results_filenames - json_response.map { |h| h['filename'] }.compact + context 'for blobs scope' do + before do + get api(endpoint, user), params: { scope: 'blobs', search: 'monitors' } end - def results_paths - json_response.map { |h| h['path'] }.compact - end + it_behaves_like 'response is correct', schema: 'public_api/v4/blobs' - context 'with an including filter' do - it 'by filename' do - get api("/projects/#{project.id}/search", user), params: { scope: 'blobs', search: 'mon* filename:PROCESS.md' } + it_behaves_like 'pagination', scope: 'blobs' - expect(response).to have_gitlab_http_status(:ok) - expect(json_response.size).to eq(1) - expect(results_filenames).to all(match(%r{PROCESS.md$})) + context 'filters' do + def results_filenames + json_response.map { |h| h['filename'] }.compact end - it 'by path' do - get api("/projects/#{project.id}/search", user), params: { scope: 'blobs', search: 'mon* path:files/markdown' } - - expect(response).to have_gitlab_http_status(:ok) - expect(json_response.size).to eq(1) - expect(results_paths).to all(match(%r{^files/markdown/})) + def results_paths + json_response.map { |h| h['path'] }.compact end - it 'by extension' do - get api("/projects/#{project.id}/search", user), params: { scope: 'blobs', search: 'mon* extension:md' } + context 'with an including filter' do + it 'by filename' do + get api("/projects/#{project.id}/search", user), params: { scope: 'blobs', search: 'mon* filename:PROCESS.md' } - expect(response).to have_gitlab_http_status(:ok) - expect(json_response.size).to eq(3) + expect(response).to have_gitlab_http_status(:ok) + expect(json_response.size).to eq(1) + expect(results_filenames).to all(match(%r{PROCESS.md$})) + end - expect(results_filenames).to all(match(%r{.*.md$})) - end - end + it 'by path' do + get api("/projects/#{project.id}/search", user), params: { scope: 'blobs', search: 'mon* path:markdown' } - context 'with an excluding filter' do - it 'by filename' do - get api(endpoint, user), params: { scope: 'blobs', search: '* -filename:PROCESS.md' } + expect(response).to have_gitlab_http_status(:ok) + expect(json_response.size).to eq(1) + expect(results_paths).to all(match(%r{^files/markdown/})) + end - expect(response).to have_gitlab_http_status(:ok) - expect(results_filenames).not_to include('PROCESS.md') - expect(json_response.size).to eq(20) + it 'by extension' do + get api("/projects/#{project.id}/search", user), params: { scope: 'blobs', search: 'mon* extension:md' } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response.size).to eq(3) + expect(results_filenames).to all(match(%r{.*.md$})) + end end - it 'by path' do - get api(endpoint, user), params: { scope: 'blobs', search: '* -path:files/markdown' } + context 'with an excluding filter' do + it 'by filename' do + get api(endpoint, user), params: { scope: 'blobs', search: '* -filename:PROCESS.md' } - expect(response).to have_gitlab_http_status(:ok) - expect(results_paths).not_to include(a_string_matching(%r{^files/markdown/})) - expect(json_response.size).to eq(20) - end + expect(response).to have_gitlab_http_status(:ok) + expect(results_filenames).not_to include('PROCESS.md') + expect(json_response.size).to eq(20) + end - it 'by extension' do - get api(endpoint, user), params: { scope: 'blobs', search: '* -extension:md' } + it 'by path' do + get api(endpoint, user), params: { scope: 'blobs', search: '* -path:files/markdown' } - expect(response).to have_gitlab_http_status(:ok) + expect(response).to have_gitlab_http_status(:ok) + expect(results_paths).not_to include(a_string_matching(%r{^files/markdown/})) + expect(json_response.size).to eq(20) + end + + it 'by extension' do + get api(endpoint, user), params: { scope: 'blobs', search: '* -extension:md' } - expect(results_filenames).not_to include(a_string_matching(%r{.*.md$})) - expect(json_response.size).to eq(20) + expect(response).to have_gitlab_http_status(:ok) + + expect(results_filenames).not_to include(a_string_matching(%r{.*.md$})) + expect(json_response.size).to eq(20) + end end end end @@ -270,7 +262,7 @@ def results_paths end end - context 'for users scope', :sidekiq_inline do + context 'for users scope', :sidekiq_might_not_need_inline do before do create_list(:user, 2).each do |user| project.add_developer(user) @@ -326,7 +318,13 @@ def results_paths stub_ee_application_setting(elasticsearch_limit_indexing: true) end - it_behaves_like 'elasticsearch disabled' + context 'and namespace is indexed' do + before do + create :elasticsearch_indexed_namespace, namespace: group + end + + it_behaves_like 'elasticsearch enabled', level: :global + end end context 'when elasticsearch_limit_indexing off' do diff --git a/ee/spec/services/search/global_service_spec.rb b/ee/spec/services/search/global_service_spec.rb index aa4541656080a76edc3fbc13801eda72770aa665..88a281fe6a70aef1fa88bfddd348f2a8665eea94 100644 --- a/ee/spec/services/search/global_service_spec.rb +++ b/ee/spec/services/search/global_service_spec.rb @@ -177,15 +177,37 @@ end end - context 'when ES is not used' do + context 'when elasticearch_search is disabled' do before do - stub_ee_application_setting(elasticsearch_limit_indexing: true) + stub_ee_application_setting(elasticsearch_search: false) end it 'does not include ES-specific scopes' do expect(described_class.new(user, {}).allowed_scopes).not_to include('commits') end end + + context 'when elasticsearch_limit_indexing is enabled' do + before do + stub_ee_application_setting(elasticsearch_limit_indexing: true) + end + + context 'when advanced_global_search_for_limited_indexing feature flag is disabled' do + before do + stub_feature_flags(advanced_global_search_for_limited_indexing: false) + end + + it 'does not include ES-specific scopes' do + expect(described_class.new(user, {}).allowed_scopes).not_to include('commits') + end + end + + context 'when advanced_global_search_for_limited_indexing feature flag is enabled' do + it 'includes ES-specific scopes' do + expect(described_class.new(user, {}).allowed_scopes).to include('commits') + end + end + end end context 'confidential notes' do diff --git a/ee/spec/support/features/redacted_search_results_examples.rb b/ee/spec/support/features/redacted_search_results_examples.rb index 67c5501fc8e45e5b1ae923330b9752462c67701f..20313640351801021d5795f1dd64a24e290faacf 100644 --- a/ee/spec/support/features/redacted_search_results_examples.rb +++ b/ee/spec/support/features/redacted_search_results_examples.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -RSpec.shared_examples 'a redacted search results page' do +RSpec.shared_examples 'a redacted search results page' do |include_anonymous: true| let(:public_group) { create(:group, :public) } let(:public_restricted_project) { create(:project, :repository, :public, :wiki_repo, namespace: public_group, name: 'The Project') } let(:issue_access_level) { ProjectFeature::PRIVATE } @@ -41,7 +41,7 @@ end it_behaves_like 'redacted search results page assertions', true - it_behaves_like 'redacted search results page assertions', false + it_behaves_like 'redacted search results page assertions', false if include_anonymous end # Only intended to be used in the above shared examples to avoid duplication of diff --git a/locale/gitlab.pot b/locale/gitlab.pot index a43e40daecf30367c8913a5b4fef59d2352c5908..dde50f45f336149427c2835d21d471be037689d6 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -28853,6 +28853,9 @@ msgstr "" msgid "You must accept our Terms of Service and privacy policy in order to register an account" msgstr "" +msgid "You must be logged in to search across all of GitLab" +msgstr "" + msgid "You must disassociate %{domain} from all clusters it is attached to before deletion." msgstr "" diff --git a/spec/controllers/search_controller_spec.rb b/spec/controllers/search_controller_spec.rb index e85330b08f6c6698b9b1540ee1d7a6c9aaaab5f0..f244392bbad5912b50625cfd178a6727fc993353 100644 --- a/spec/controllers/search_controller_spec.rb +++ b/spec/controllers/search_controller_spec.rb @@ -95,49 +95,77 @@ using RSpec::Parameterized::TableSyntax render_views - it 'omits pipeline status from load' do - project = create(:project, :public) - expect(Gitlab::Cache::Ci::ProjectPipelineStatus).not_to receive(:load_in_batch_for_projects) + context 'when block_anonymous_global_searches is disabled' do + before do + stub_feature_flags(block_anonymous_global_searches: false) + end - get :show, params: { scope: 'projects', search: project.name } + it 'omits pipeline status from load' do + project = create(:project, :public) + expect(Gitlab::Cache::Ci::ProjectPipelineStatus).not_to receive(:load_in_batch_for_projects) - expect(assigns[:search_objects].first).to eq project - end + get :show, params: { scope: 'projects', search: project.name } - context 'check search term length' do - let(:search_queries) do - char_limit = SearchService::SEARCH_CHAR_LIMIT - term_limit = SearchService::SEARCH_TERM_LIMIT - { - chars_under_limit: ('a' * (char_limit - 1)), - chars_over_limit: ('a' * (char_limit + 1)), - terms_under_limit: ('abc ' * (term_limit - 1)), - terms_over_limit: ('abc ' * (term_limit + 1)) - } + expect(assigns[:search_objects].first).to eq project end - where(:string_name, :expectation) do - :chars_under_limit | :not_to_set_flash - :chars_over_limit | :set_chars_flash - :terms_under_limit | :not_to_set_flash - :terms_over_limit | :set_terms_flash - end + context 'check search term length' do + let(:search_queries) do + char_limit = SearchService::SEARCH_CHAR_LIMIT + term_limit = SearchService::SEARCH_TERM_LIMIT + { + chars_under_limit: ('a' * (char_limit - 1)), + chars_over_limit: ('a' * (char_limit + 1)), + terms_under_limit: ('abc ' * (term_limit - 1)), + terms_over_limit: ('abc ' * (term_limit + 1)) + } + end - with_them do - it do - get :show, params: { scope: 'projects', search: search_queries[string_name] } - - case expectation - when :not_to_set_flash - expect(controller).not_to set_flash[:alert] - when :set_chars_flash - expect(controller).to set_flash[:alert].to(/characters/) - when :set_terms_flash - expect(controller).to set_flash[:alert].to(/terms/) + where(:string_name, :expectation) do + :chars_under_limit | :not_to_set_flash + :chars_over_limit | :set_chars_flash + :terms_under_limit | :not_to_set_flash + :terms_over_limit | :set_terms_flash + end + + with_them do + it do + get :show, params: { scope: 'projects', search: search_queries[string_name] } + + case expectation + when :not_to_set_flash + expect(controller).not_to set_flash[:alert] + when :set_chars_flash + expect(controller).to set_flash[:alert].to(/characters/) + when :set_terms_flash + expect(controller).to set_flash[:alert].to(/terms/) + end end end end end + + context 'when block_anonymous_global_searches is enabled' do + context 'for unauthenticated user' do + before do + sign_out(user) + end + + it 'redirects to login page' do + get :show, params: { scope: 'projects', search: '*' } + + expect(response).to redirect_to new_user_session_path + end + end + + context 'for authenticated user' do + it 'succeeds' do + get :show, params: { scope: 'projects', search: '*' } + + expect(response).to have_gitlab_http_status(:ok) + end + end + end end it 'finds issue comments' do diff --git a/spec/features/search/user_searches_for_issues_spec.rb b/spec/features/search/user_searches_for_issues_spec.rb index d895e87f1cb599d43ea3dccf73a483e3bd4ebc9e..900ed35adeac7b85b3b036d5cbb6279cc00f33e8 100644 --- a/spec/features/search/user_searches_for_issues_spec.rb +++ b/spec/features/search/user_searches_for_issues_spec.rb @@ -86,20 +86,33 @@ def search_for_issue(search) end context 'when signed out' do - let(:project) { create(:project, :public) } + context 'when block_anonymous_global_searches is disabled' do + let(:project) { create(:project, :public) } - before do - visit(search_path) - end + before do + stub_feature_flags(block_anonymous_global_searches: false) + visit(search_path) + end - include_examples 'top right search form' + include_examples 'top right search form' - it 'finds an issue' do - search_for_issue(issue1.title) + it 'finds an issue' do + search_for_issue(issue1.title) - page.within('.results') do - expect(page).to have_link(issue1.title) - expect(page).not_to have_link(issue2.title) + page.within('.results') do + expect(page).to have_link(issue1.title) + expect(page).not_to have_link(issue2.title) + end + end + end + + context 'when block_anonymous_global_searches is enabled' do + before do + visit(search_path) + end + + it 'is redirected to login page' do + expect(page).to have_content('You must be logged in to search across all of GitLab') end end end diff --git a/spec/features/search/user_searches_for_projects_spec.rb b/spec/features/search/user_searches_for_projects_spec.rb index 7bb5a4da7d0895fa5608a808f8df6a1030e5e3bc..b64909dd42fdd3ba38eba346e13cf469cc89dbd2 100644 --- a/spec/features/search/user_searches_for_projects_spec.rb +++ b/spec/features/search/user_searches_for_projects_spec.rb @@ -6,31 +6,44 @@ let!(:project) { create(:project, :public, name: 'Shop') } context 'when signed out' do - include_examples 'top right search form' + context 'when block_anonymous_global_searches is disabled' do + before do + stub_feature_flags(block_anonymous_global_searches: false) + end - it 'finds a project' do - visit(search_path) + include_examples 'top right search form' - fill_in('dashboard_search', with: project.name[0..3]) - click_button('Search') + it 'finds a project' do + visit(search_path) - expect(page).to have_link(project.name) - end + fill_in('dashboard_search', with: project.name[0..3]) + click_button('Search') - it 'preserves the group being searched in' do - visit(search_path(group_id: project.namespace.id)) + expect(page).to have_link(project.name) + end - submit_search('foo') + it 'preserves the group being searched in' do + visit(search_path(group_id: project.namespace.id)) - expect(find('#group_id', visible: false).value).to eq(project.namespace.id.to_s) - end + submit_search('foo') + + expect(find('#group_id', visible: false).value).to eq(project.namespace.id.to_s) + end - it 'preserves the project being searched in' do - visit(search_path(project_id: project.id)) + it 'preserves the project being searched in' do + visit(search_path(project_id: project.id)) - submit_search('foo') + submit_search('foo') + + expect(find('#project_id', visible: false).value).to eq(project.id.to_s) + end + end - expect(find('#project_id', visible: false).value).to eq(project.id.to_s) + context 'when block_anonymous_global_searches is enabled' do + it 'is redirected to login page' do + visit(search_path) + expect(page).to have_content('You must be logged in to search across all of GitLab') + end end end end diff --git a/spec/frontend/fixtures/search.rb b/spec/frontend/fixtures/search.rb index fcd68662acc17a03f6f9cc4a8273a03751928ed9..40f613a9422b6e34cdeae26fa5e26ba65d0ab286 100644 --- a/spec/frontend/fixtures/search.rb +++ b/spec/frontend/fixtures/search.rb @@ -7,10 +7,16 @@ render_views + let_it_be(:user) { create(:admin) } + before(:all) do clean_frontend_fixtures('search/') end + before do + sign_in(user) + end + it 'search/show.html' do get :show