Add feature spec for group membership locking.

features/groups_management.feature

+Feature: Groups Management
+  Background:
+    Given "Pete Peters" is owner of group "Sourcing"
+    And "Open" is in group "Sourcing"
+    And "Mary Jane" has master access for project "Open"
+
+  Scenario: Project master can add members before lock
+    Given I sign in as "Mary Jane"
+    And I go to "Open" project members page
+    Then I can control user membership
+    When Group membership lock is enabled
+    And I reload "Open" project members page
+    Then I cannot control user membership from project page
+    And I logout
+
+  Scenario: Group owner lock membership controls
+    Given I sign in as "Pete Peters"
+    And I go to group settings page
+    And I enable membership lock
+    And I go to project settings
+    Then I cannot control user membership from project page
+    And I logout

features/steps/groups_management.rb

+class Spinach::Features::GroupsManagement < Spinach::FeatureSteps
+  include SharedAuthentication
+  include SharedPaths
+  include SharedGroup
+  include SharedUser
+  include Select2Helper
+
+  step '"Open" is in group "Sourcing"' do
+    @group = Group.find_by(name: "Sourcing")
+    @project ||= create(:project, name: "Open", namespace: @group)
+
+  end
+
+  step '"Mary Jane" has master access for project "Open"' do
+    @user = User.find_by(name: "Mary Jane") || create(:user, name: "Mary Jane")
+    @project = Project.find_by(name: "Open")
+    @project.team << [@user, :master]
+  end
+
+  step "Group membership lock is enabled" do
+    @group = Group.find_by(name: "Sourcing")
+    @group.update_attributes(membership_lock: true)
+  end
+
+  step 'I go to "Open" project members page' do
+    click_link 'Sourcing / Open'
+    click_link 'Settings'
+    click_link 'Members'
+  end
+
+  step 'I can control user membership' do
+    page.should have_link 'New project member'
+    page.should have_link 'Import members'
+    page.should have_selector '#project_member_access_level', text: 'Master'
+  end
+
+  step 'I reload "Open" project members page' do
+    click_link 'Members'
+  end
+
+  step 'I go to group settings page' do
+    click_link 'sidebar-groups-tab'
+    click_link 'Sourcing'
+    click_link 'Settings'
+  end
+
+  step 'I enable membership lock' do
+    check 'group_membership_lock'
+    click_button 'Save group'
+  end
+
+  step 'I go to project settings' do
+    @project = Project.find_by(name: "Open")
+    click_link 'Projects'
+
+    link = "/#{@project.path_with_namespace}/team"
+    find(:xpath, "//a[@href=\"#{link}\"]").click
+  end
+
+  step 'I cannot control user membership from project page' do
+    page.should_not have_link 'New project member'
+    page.should_not have_link 'Import members'
+    page.should_not have_selector '#project_member_access_level', text: 'Master'
+  end
+end

features/steps/shared/authentication.rb

@@ -20,6 +20,10 @@ module SharedAuthentication
     login_with(user_exists("Mary Jane"))
   end
 
+  step 'I sign in as "Pete Peters"' do
+    login_with(user_exists("Pete Peters"))
+  end
+
   step 'I should be redirected to sign in page' do
     current_path.should == new_user_session_path
   end

features/steps/shared/group.rb

@@ -21,6 +21,10 @@ module SharedGroup
     is_member_of("Mary Jane", "Guest", Gitlab::Access::GUEST)
   end
 
+  step '"Pete Peters" is owner of group "Sourcing"' do
+    is_member_of("Pete Peters", "Sourcing", Gitlab::Access::OWNER)
+  end
+
   step 'I should see group "TestGroup"' do
     page.should have_content "TestGroup"
   end