features_visibility_spec.rb 8.28 KB
Newer Older
1 2 3 4 5
require 'spec_helper'

describe 'Edit Project Settings', feature: true do
  let(:member) { create(:user) }
  let!(:project) { create(:project, :public, path: 'gitlab', name: 'sample') }
6
  let!(:issue) { create(:issue, project: project) }
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40
  let(:non_member) { create(:user) }

  describe 'project features visibility selectors', js: true do
    before do
      project.team << [member, :master]
      login_as(member)
    end

    tools = { builds: "pipelines", issues: "issues", wiki: "wiki", snippets: "snippets", merge_requests: "merge_requests" }

    tools.each do |tool_name, shortcut_name|
      describe "feature #{tool_name}" do
        it 'toggles visibility' do
          visit edit_namespace_project_path(project.namespace, project)

          select 'Disabled', from: "project_project_feature_attributes_#{tool_name}_access_level"
          click_button 'Save changes'
          wait_for_ajax
          expect(page).not_to have_selector(".shortcuts-#{shortcut_name}")

          select 'Everyone with access', from: "project_project_feature_attributes_#{tool_name}_access_level"
          click_button 'Save changes'
          wait_for_ajax
          expect(page).to have_selector(".shortcuts-#{shortcut_name}")

          select 'Only team members', from: "project_project_feature_attributes_#{tool_name}_access_level"
          click_button 'Save changes'
          wait_for_ajax
          expect(page).to have_selector(".shortcuts-#{shortcut_name}")

          sleep 0.1
        end
      end
    end
Felipe Artur's avatar
Felipe Artur committed
41

42 43 44 45 46 47 48 49 50 51 52
    context "When external issue tracker is enabled" do
      it "does not hide issues tab" do
        project.project_feature.update(issues_access_level: ProjectFeature::DISABLED)
        allow_any_instance_of(Project).to receive(:external_issue_tracker).and_return(JiraService.new)

        visit namespace_project_path(project.namespace, project)

        expect(page).to have_selector(".shortcuts-issues")
      end
    end

Felipe Artur's avatar
Felipe Artur committed
53 54 55 56 57 58 59 60 61 62 63 64 65 66 67
    context "pipelines subtabs" do
      it "shows builds when enabled" do
        visit namespace_project_pipelines_path(project.namespace, project)

        expect(page).to have_selector(".shortcuts-builds")
      end

      it "hides builds when disabled" do
        allow(Ability).to receive(:allowed?).with(member, :read_builds, project).and_return(false)

        visit namespace_project_pipelines_path(project.namespace, project)

        expect(page).not_to have_selector(".shortcuts-builds")
      end
    end
68 69 70
  end

  describe 'project features visibility pages' do
71 72 73 74 75 76 77 78 79
    let(:tools) {
      {
        builds: namespace_project_pipelines_path(project.namespace, project),
        issues: namespace_project_issues_path(project.namespace, project),
        wiki: namespace_project_wiki_path(project.namespace, project, :home),
        snippets: namespace_project_snippets_path(project.namespace, project),
        merge_requests: namespace_project_merge_requests_path(project.namespace, project),
      }
    }
80 81

    context 'normal user' do
82 83 84 85
      before do
        login_as(member)
      end

86
      it 'renders 200 if tool is enabled' do
87
        tools.each do |method_name, url|
88 89 90 91 92 93 94
          project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::ENABLED)
          visit url
          expect(page.status_code).to eq(200)
        end
      end

      it 'renders 404 if feature is disabled' do
95
        tools.each do |method_name, url|
96 97 98 99 100 101 102 103 104
          project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::DISABLED)
          visit url
          expect(page.status_code).to eq(404)
        end
      end

      it 'renders 404 if feature is enabled only for team members' do
        project.team.truncate

105
        tools.each do |method_name, url|
106 107 108 109 110 111
          project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::PRIVATE)
          visit url
          expect(page.status_code).to eq(404)
        end
      end

112
      it 'renders 200 if user is member of group' do
113 114 115 116 117 118
        group = create(:group)
        project.group = group
        project.save

        group.add_owner(member)

119
        tools.each do |method_name, url|
120 121 122 123 124 125 126 127 128 129 130 131 132 133
          project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::PRIVATE)
          visit url
          expect(page.status_code).to eq(200)
        end
      end
    end

    context 'admin user' do
      before do
        non_member.update_attribute(:admin, true)
        login_as(non_member)
      end

      it 'renders 404 if feature is disabled' do
134
        tools.each do |method_name, url|
135 136 137 138 139 140 141 142 143
          project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::DISABLED)
          visit url
          expect(page.status_code).to eq(404)
        end
      end

      it 'renders 200 if feature is enabled only for team members' do
        project.team.truncate

144
        tools.each do |method_name, url|
145 146 147 148 149 150 151
          project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::PRIVATE)
          visit url
          expect(page.status_code).to eq(200)
        end
      end
    end
  end
152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177

  describe 'repository visibility', js: true do
    before do
      project.team << [member, :master]
      login_as(member)
      visit edit_namespace_project_path(project.namespace, project)
    end

    it "disables repository related features" do
      select "Disabled", from: "project_project_feature_attributes_repository_access_level"

      expect(find(".edit-project")).to have_selector("select.disabled", count: 2)
    end

    it "shows empty features project homepage" do
      select "Disabled", from: "project_project_feature_attributes_repository_access_level"
      select "Disabled", from: "project_project_feature_attributes_issues_access_level"
      select "Disabled", from: "project_project_feature_attributes_wiki_access_level"

      click_button "Save changes"
      wait_for_ajax

      visit namespace_project_path(project.namespace, project)

      expect(page).to have_content "Customize your workflow!"
    end
178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195

    it "hides project activity tabs" do
      select "Disabled", from: "project_project_feature_attributes_repository_access_level"
      select "Disabled", from: "project_project_feature_attributes_issues_access_level"
      select "Disabled", from: "project_project_feature_attributes_wiki_access_level"

      click_button "Save changes"
      wait_for_ajax

      visit activity_namespace_project_path(project.namespace, project)

      page.within(".event-filter") do
        expect(page).to have_selector("a", count: 2)
        expect(page).not_to have_content("Push events")
        expect(page).not_to have_content("Merge events")
        expect(page).not_to have_content("Comments")
      end
    end
196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233

    # Regression spec for https://gitlab.com/gitlab-org/gitlab-ce/issues/25272
    it "hides comments activity tab only on disabled issues, merge requests and repository" do
      select "Disabled", from: "project_project_feature_attributes_issues_access_level"

      save_changes_and_check_activity_tab do
        expect(page).to have_content("Comments")
      end

      visit edit_namespace_project_path(project.namespace, project)

      select "Disabled", from: "project_project_feature_attributes_merge_requests_access_level"

      save_changes_and_check_activity_tab do
        expect(page).to have_content("Comments")
      end

      visit edit_namespace_project_path(project.namespace, project)

      select "Disabled", from: "project_project_feature_attributes_repository_access_level"

      save_changes_and_check_activity_tab do
        expect(page).not_to have_content("Comments")
      end

      visit edit_namespace_project_path(project.namespace, project)
    end

    def save_changes_and_check_activity_tab
      click_button "Save changes"
      wait_for_ajax

      visit activity_namespace_project_path(project.namespace, project)

      page.within(".event-filter") do
        yield
      end
    end
234
  end
235 236 237 238 239 240 241 242 243 244 245 246 247 248 249

  # Regression spec for https://gitlab.com/gitlab-org/gitlab-ce/issues/24056
  describe 'project statistic visibility' do
    let!(:project) { create(:project, :private) }

    before do
      project.team << [member, :guest]
      login_as(member)
      visit namespace_project_path(project.namespace, project)
    end

    it "does not show project statistic for guest" do
      expect(page).not_to have_selector('.project-stats')
    end
  end
250
end