Skip to content

G
gitlab-ce
Commit 33fdae9e authored by Alex Kalderimis's avatar Alex Kalderimis
Browse files
Options

Add tests for events on confidential designs

parent 6474fe0d
Hide whitespace changes
Inline Side-by-side
Showing with 67 additions and 16 deletions
ee/spec/factories/notes.rb
View file @ 33fdae9e
...@@ -9,6 +9,7 @@ FactoryBot.modify do ...@@ -9,6 +9,7 @@ FactoryBot.modify do
trait :on_design do trait :on_design do
noteable { create(:design, :with_file, issue: create(:issue, project: project)) } noteable { create(:design, :with_file, issue: create(:issue, project: project)) }
project { noteable.project }
end end
trait :with_review do trait :with_review do
......
ee/spec/models/ee/event_spec.rb
View file @ 33fdae9e
...@@ -7,10 +7,13 @@ describe Event do ...@@ -7,10 +7,13 @@ describe Event do
let_it_be(:non_member) { create(:user) } let_it_be(:non_member) { create(:user) }
let_it_be(:member) { create(:user) } let_it_be(:member) { create(:user) }
let_it_be(:guest) { create(:user) } let_it_be(:guest) { create(:user) }
let_it_be(:reporter) { create(:user) }
let_it_be(:author) { create(:author) } let_it_be(:author) { create(:author) }
let_it_be(:admin) { create(:admin) } let_it_be(:admin) { create(:admin) }
let_it_be(:project) { create(:project) } let_it_be(:project) { create(:project) }
let(:users) { [non_member, member, reporter, guest, author, admin] }
let(:epic) { create(:epic, group: group, author: author) } let(:epic) { create(:epic, group: group, author: author) }
let(:note_on_epic) { create(:note, :on_epic, noteable: epic) } let(:note_on_epic) { create(:note, :on_epic, noteable: epic) }
let(:event) { described_class.new(group: group, target: target, author: author) } let(:event) { described_class.new(group: group, target: target, author: author) }
...@@ -20,6 +23,7 @@ describe Event do ...@@ -20,6 +23,7 @@ describe Event do
project.add_developer(member) project.add_developer(member)
project.add_guest(guest) project.add_guest(guest)
project.add_reporter(reporter)
if defined?(group) if defined?(group)
group.add_developer(member) group.add_developer(member)
...@@ -27,21 +31,48 @@ describe Event do ...@@ -27,21 +31,48 @@ describe Event do
end end
end end
RSpec::Matchers.define :be_visible_to do |user|
match do |event|
event.visible_to_user?(user)
end
failure_message do |event|
"expected that #{event} should be visible to #{user}"
end
failure_message_when_negated do |event|
"expected that #{event} would not be visible to #{user}"
end
end
RSpec::Matchers.define :have_access_to do |event|
match do |user|
event.visible_to_user?(user)
end
failure_message do |user|
"expected that #{event} should be visible to #{user}"
end
failure_message_when_negated do |user|
"expected that #{event} would not be visible to #{user}"
end
end
shared_examples 'visible to group members only' do shared_examples 'visible to group members only' do
it 'is not visible to other users' do it 'is not visible to other users', :aggregate_failures do
expect(event.visible_to_user?(non_member)).to eq false expect(event).not_to be_visible_to(non_member)
expect(event.visible_to_user?(member)).to eq true expect(event).not_to be_visible_to(author)
expect(event.visible_to_user?(guest)).to eq true
expect(event.visible_to_user?(admin)).to eq true expect(event).to be_visible_to(member)
expect(event).to be_visible_to(guest)
expect(event).to be_visible_to(admin)
end end
end end
shared_examples 'visible to everybody' do shared_examples 'visible to everybody' do
it 'is visible to other users' do it 'is visible to other users', :aggregate_failures do
expect(event.visible_to_user?(non_member)).to eq true expect(users).to all(have_access_to(event))
expect(event.visible_to_user?(member)).to eq true
expect(event.visible_to_user?(guest)).to eq true
expect(event.visible_to_user?(admin)).to eq true
end end
end end
...@@ -52,13 +83,32 @@ describe Event do ...@@ -52,13 +83,32 @@ describe Event do
enable_design_management enable_design_management
end end
it 'is visible to authorised users' do it_behaves_like 'visible to group members only' do
event = create(:event, :for_design, project: project) let(:event) { create(:event, :for_design, project: project) }
end
context 'the event refers to a design on a confidential issue' do
let(:project) { create(:project, :public) }
let(:issue) { create(:issue, :confidential, project: project) }
let(:design) { create(:design, issue: issue) }
let(:note) { create(:note, :on_design, noteable: design) }
let(:event) { create(:event, project: project, target: note) }
let(:assignees) do
create_list(:user, 3).each { |user| issue.assignees << user }
end
it 'visible to group reporters, the issue author, and assignees', :aggregate_failures do
expect(event).not_to be_visible_to(non_member)
expect(event).not_to be_visible_to(guest)
expect(event).to be_visible_to(reporter)
expect(event).to be_visible_to(member)
expect(event).to be_visible_to(admin)
expect(event).to be_visible_to(issue.author)
expect(event.visible_to_user?(non_member)).to eq false expect(assignees).to all(have_access_to(event))
expect(event.visible_to_user?(member)).to eq true end
expect(event.visible_to_user?(guest)).to eq true
expect(event.visible_to_user?(admin)).to eq true
end end
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7