Commit 254a7ef3 authored by Heinrich Lee Yu's avatar Heinrich Lee Yu

Merge branch...

Merge branch '199473-nomethoderror-undefined-method-feature_available-for-nil-nilclass' into 'master'

Fix 500 error when browsing the roadmap page for a group the user is not authorized to view

Closes #199473

See merge request gitlab-org/gitlab!24002
parents 749bc8b2 90bb7820
......@@ -8,7 +8,6 @@ module Groups
EPICS_ROADMAP_LIMIT = 1000
before_action :check_epics_available!
before_action :group
before_action :persist_roadmap_layout, only: [:show]
before_action do
push_frontend_feature_flag(:roadmap_graphql, @group)
......
---
title: Fix 500 error when browsing the roadmap page for a group the user is not authorized
to view
merge_request: 24002
author:
type: fixed
......@@ -7,68 +7,98 @@ describe Groups::RoadmapController do
let(:user) { create(:user) }
describe '#show' do
before do
sign_in(user)
group.add_developer(user)
end
context 'when epics feature is disabled' do
it "returns 404 status" do
get :show, params: { group_id: group }
context 'when the user is signed in' do
shared_examples_for 'returns 404 status' do
it do
get :show, params: { group_id: group }
expect(response).to have_gitlab_http_status(404)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context 'when epics feature is enabled' do
before do
stub_licensed_features(epics: true)
sign_in(user)
end
it "returns 200 status" do
get :show, params: { group_id: group }
context 'when the user has access to the group' do
before do
group.add_developer(user)
end
expect(response).to have_gitlab_http_status(200)
end
context 'when epics feature is disabled' do
it_behaves_like 'returns 404 status'
end
context 'when there is no logged user' do
it 'stores epics sorting param in a cookie' do
group.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
sign_out(user)
context 'when epics feature is enabled' do
before do
stub_licensed_features(epics: true)
end
get :show, params: { group_id: group, sort: 'start_date_asc' }
it 'returns 200 status' do
get :show, params: { group_id: group }
expect(cookies['roadmap_sort']).to eq('start_date_asc')
expect(response).to have_gitlab_http_status(200)
end
end
expect(response).to have_gitlab_http_status(:ok)
end
context 'when there is a user logged in' do
context 'when roadmaps_sort is nil' do
it 'stores roadmaps sorting param in user preference' do
get :show, params: { group_id: group, sort: 'start_date_asc' }
context 'when roadmaps_sort is nil' do
it 'stores roadmaps sorting param in user preference' do
get :show, params: { group_id: group, sort: 'start_date_asc' }
expect(response).to have_gitlab_http_status(:ok)
expect(user.reload.user_preference.roadmaps_sort).to eq('start_date_asc')
end
expect(response).to have_gitlab_http_status(200)
expect(user.reload.user_preference.roadmaps_sort).to eq('start_date_asc')
it 'defaults to sort_value_start_date_soon' do
user.user_preference.update(roadmaps_sort: nil)
get :show, params: { group_id: group }
expect(assigns(:sort)).to eq('start_date_asc')
end
end
it 'defaults to sort_value_start_date_soon' do
user.user_preference.update(roadmaps_sort: nil)
context 'when roadmaps_sort is present' do
it 'update roadmaps_sort with current value' do
user.user_preference.update(roadmaps_sort: 'created_desc')
get :show, params: { group_id: group, sort: 'start_date_asc' }
expect(user.reload.user_preference.roadmaps_sort).to eq('start_date_asc')
expect(response).to have_gitlab_http_status(:ok)
end
end
end
end
context 'when the user does not have access to the group' do
it_behaves_like 'returns 404 status'
end
end
context 'when user is not signed in' do
context 'when epics feature is enabled' do
before do
stub_licensed_features(epics: true)
end
context 'when anonymous users does not have access to the group' do
it 'redirects to login page' do
get :show, params: { group_id: group }
expect(assigns(:sort)).to eq('start_date_asc')
expect(response).to redirect_to(new_user_session_path)
end
end
context 'when roadmaps_sort is present' do
it 'update roadmaps_sort with current value' do
user.user_preference.update(roadmaps_sort: 'created_desc')
context 'when anonymous users have access to the group' do
before do
group.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end
it 'stores epics sorting param in a cookie' do
get :show, params: { group_id: group, sort: 'start_date_asc' }
expect(user.reload.user_preference.roadmaps_sort).to eq('start_date_asc')
expect(response).to have_gitlab_http_status(200)
expect(cookies['roadmap_sort']).to eq('start_date_asc')
expect(response).to have_gitlab_http_status(:ok)
end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment