mirror of
https://gitlab.com/gitlab-org/gitlab-foss.git
synced 2025-08-10 01:31:45 +00:00
181 lines
6.1 KiB
Ruby
181 lines
6.1 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe ProjectAuthorization, feature_category: :groups_and_projects do
|
|
describe 'create' do
|
|
let_it_be(:user) { create(:user) }
|
|
let_it_be(:project_1) { create(:project) }
|
|
|
|
let(:project_auth) do
|
|
build(
|
|
:project_authorization,
|
|
user: user,
|
|
project: project_1
|
|
)
|
|
end
|
|
|
|
it 'sets is_unique' do
|
|
expect { project_auth.save! }.to change { project_auth.is_unique }.to(true)
|
|
end
|
|
end
|
|
|
|
describe 'unique user, project authorizations' do
|
|
let_it_be(:user) { create(:user) }
|
|
let_it_be(:project_1) { create(:project) }
|
|
|
|
let!(:project_auth) do
|
|
create(
|
|
:project_authorization,
|
|
user: user,
|
|
project: project_1,
|
|
access_level: Gitlab::Access::DEVELOPER
|
|
)
|
|
end
|
|
|
|
context 'with duplicate user and project authorization' do
|
|
subject do
|
|
project_auth.dup.tap do |auth|
|
|
auth.project = project_1
|
|
auth.user = user
|
|
end
|
|
end
|
|
|
|
it { is_expected.to be_invalid }
|
|
|
|
context 'after validation' do
|
|
before do
|
|
subject.valid?
|
|
end
|
|
|
|
it 'contains duplicate error' do
|
|
expect(subject.errors[:user]).to include('has already been taken')
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'with multiple access levels for the same user and project' do
|
|
subject do
|
|
project_auth.dup.tap do |auth|
|
|
auth.project = project_1
|
|
auth.user = user
|
|
auth.access_level = Gitlab::Access::MAINTAINER
|
|
end
|
|
end
|
|
|
|
it { is_expected.to be_invalid }
|
|
|
|
context 'after validation' do
|
|
before do
|
|
subject.valid?
|
|
end
|
|
|
|
it 'contains duplicate error' do
|
|
expect(subject.errors[:user]).to include('has already been taken')
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'relations' do
|
|
it { is_expected.to belong_to(:user) }
|
|
it { is_expected.to belong_to(:project) }
|
|
end
|
|
|
|
describe 'validations' do
|
|
it { is_expected.to validate_presence_of(:project) }
|
|
it { is_expected.to validate_presence_of(:user) }
|
|
it { is_expected.to validate_presence_of(:access_level) }
|
|
it { is_expected.to validate_inclusion_of(:access_level).in_array(Gitlab::Access.all_values) }
|
|
end
|
|
|
|
describe 'scopes' do
|
|
let_it_be(:user) { create(:user) }
|
|
let_it_be(:project) { create(:project, namespace: user.namespace) }
|
|
|
|
describe '.non_guests' do
|
|
let_it_be(:project_original_owner_authorization) { project.owner.project_authorizations.first }
|
|
let_it_be(:project_authorization_guest) { create(:project_authorization, :guest, project: project) }
|
|
let_it_be(:project_authorization_reporter) { create(:project_authorization, :reporter, project: project) }
|
|
let_it_be(:project_authorization_developer) { create(:project_authorization, :developer, project: project) }
|
|
let_it_be(:project_authorization_maintainer) { create(:project_authorization, :maintainer, project: project) }
|
|
let_it_be(:project_authorization_owner) { create(:project_authorization, :owner, project: project) }
|
|
|
|
it 'returns all records which are greater than Guests access' do
|
|
expect(described_class.non_guests.map(&:attributes)).to match_array([
|
|
project_authorization_reporter, project_authorization_developer,
|
|
project_authorization_maintainer, project_authorization_owner,
|
|
project_original_owner_authorization
|
|
].map(&:attributes))
|
|
end
|
|
end
|
|
|
|
describe '.owners' do
|
|
let_it_be(:project_original_owner_authorization) { project.owner.project_authorizations.first }
|
|
let_it_be(:project_authorization_owner) { create(:project_authorization, :owner, project: project) }
|
|
|
|
before_all do
|
|
create(:project_authorization, :guest, project: project)
|
|
create(:project_authorization, :developer, project: project)
|
|
end
|
|
|
|
it 'returns all records which only have Owners access' do
|
|
expect(described_class.owners.map(&:attributes)).to match_array([
|
|
project_original_owner_authorization,
|
|
project_authorization_owner
|
|
].map(&:attributes))
|
|
end
|
|
end
|
|
|
|
describe '.for_project' do
|
|
let_it_be(:project_2) { create(:project, namespace: user.namespace) }
|
|
let_it_be(:project_3) { create(:project, namespace: user.namespace) }
|
|
|
|
let_it_be(:project_authorization_3) { project_3.project_authorizations.first }
|
|
let_it_be(:project_authorization_2) { project_2.project_authorizations.first }
|
|
let_it_be(:project_authorization) { project.project_authorizations.first }
|
|
|
|
it 'returns all records for the project' do
|
|
expect(described_class.for_project(project).map(&:attributes)).to match_array([
|
|
project_authorization
|
|
].map(&:attributes))
|
|
end
|
|
|
|
it 'returns all records for multiple projects' do
|
|
expect(described_class.for_project([project, project_3]).map(&:attributes)).to match_array([
|
|
project_authorization,
|
|
project_authorization_3
|
|
].map(&:attributes))
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '.insert_all' do
|
|
let_it_be(:user) { create(:user) }
|
|
let_it_be(:project_1) { create(:project) }
|
|
let_it_be(:project_2) { create(:project) }
|
|
let_it_be(:project_3) { create(:project) }
|
|
|
|
it 'skips duplicates and inserts the remaining rows without error' do
|
|
create(:project_authorization, user: user, project: project_1, access_level: Gitlab::Access::MAINTAINER)
|
|
|
|
attributes = [
|
|
{ user_id: user.id, project_id: project_1.id, access_level: Gitlab::Access::MAINTAINER },
|
|
{ user_id: user.id, project_id: project_2.id, access_level: Gitlab::Access::MAINTAINER },
|
|
{ user_id: user.id, project_id: project_3.id, access_level: Gitlab::Access::MAINTAINER }
|
|
]
|
|
|
|
described_class.insert_all(attributes)
|
|
|
|
expect(user.project_authorizations.pluck(:user_id, :project_id, :access_level)).to match_array(attributes.map(&:values))
|
|
end
|
|
end
|
|
|
|
context 'with loose foreign key on project_authorizations.user_id' do
|
|
it_behaves_like 'cleanup by a loose foreign key' do
|
|
let_it_be(:parent) { create(:user) }
|
|
let_it_be(:model) { create(:project_authorization, user: parent) }
|
|
end
|
|
end
|
|
end
|