Commit 50491d32 authored by Lin Jen-Shin's avatar Lin Jen-Shin

Instead of returning all or nothing, return whichever passed

And add tests
parent 30918929
...@@ -45,15 +45,12 @@ module Gitlab ...@@ -45,15 +45,12 @@ module Gitlab
end end
end end
checked = case value
case value when Array
when Array value.select(&check)
value.all?(&check) else
else value if check.call(value)
check.call(value) end
end
value if checked
end end
end end
end end
......
...@@ -15,7 +15,7 @@ describe Gitlab::Graphql::Authorize::Instrumentation do ...@@ -15,7 +15,7 @@ describe Gitlab::Graphql::Authorize::Instrumentation do
object = double(:object) object = double(:object)
abilities.each do |ability| abilities.each do |ability|
spy_ability_check_for(ability, object) spy_ability_check_for(ability, object, passed: true)
end end
expect(checker.call(object)).to eq(object) expect(checker.call(object)).to eq(object)
...@@ -26,18 +26,42 @@ describe Gitlab::Graphql::Authorize::Instrumentation do ...@@ -26,18 +26,42 @@ describe Gitlab::Graphql::Authorize::Instrumentation do
abilities.each do |ability| abilities.each do |ability|
objects.each do |object| objects.each do |object|
spy_ability_check_for(ability, object) spy_ability_check_for(ability, object, passed: true)
end end
end end
expect(checker.call(objects)).to eq(objects) expect(checker.call(objects)).to eq(objects)
end end
def spy_ability_check_for(ability, object) context 'when some objects would not pass the check' do
it 'returns nil when it is single object' do
disallowed = double(:object)
spy_ability_check_for(abilities.first, disallowed, passed: false)
expect(checker.call(disallowed)).to be_nil
end
it 'returns only objects which passed when there are more than one' do
allowed = double(:allowed)
disallowed = double(:disallowed)
spy_ability_check_for(abilities.first, disallowed, passed: false)
abilities.each do |ability|
spy_ability_check_for(ability, allowed, passed: true)
end
expect(checker.call([disallowed, allowed]))
.to contain_exactly(allowed)
end
end
def spy_ability_check_for(ability, object, passed: true)
expect(Ability) expect(Ability)
.to receive(:allowed?) .to receive(:allowed?)
.with(current_user, ability, object) .with(current_user, ability, object)
.and_return(true) .and_return(passed)
end end
end end
end end
...@@ -56,4 +56,40 @@ describe 'getting an issue list for a project' do ...@@ -56,4 +56,40 @@ describe 'getting an issue list for a project' do
expect(issues_data).to eq [] expect(issues_data).to eq []
end end
end end
context 'when there is a confidential issue' do
let!(:confidential_issue) do
create(:issue, :confidential, project: project)
end
context 'when the user cannot see confidential issues' do
it 'returns issues without confidential issues' do
post_graphql(query, current_user: current_user)
expect(issues_data.size).to eq(2)
issues_data.each do |issue|
expect(issue.dig('node', 'confidential')).to eq(false)
end
end
end
context 'when the user can see confidential issues' do
before do
project.add_developer(current_user)
end
it 'returns issues with confidential issues' do
post_graphql(query, current_user: current_user)
expect(issues_data.size).to eq(3)
confidentials = issues_data.map do |issue|
issue.dig('node', 'confidential')
end
expect(confidentials).to eq([true, false, false])
end
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment