Merge branch 'dry-user-spec-deactivate' into 'master'

DRY api/users_spec deactivation tests See merge request gitlab-org/gitlab!43904

Merge branch 'dry-user-spec-deactivate' into 'master'
DRY api/users_spec deactivation tests See merge request gitlab-org/gitlab!43904
457b6315 · Dylan Griffith · 0ac7a939 · 47d088b5 · 457b6315
Commit 457b6315 authored Oct 16, 2020 by Dylan Griffith
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 19 deletions

spec/requests/api/users_spec.rb spec/requests/api/users_spec.rb +25 -19

No files found.
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -2400,15 +2400,23 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
    end

    describe 'POST /users/:id/deactivate' do
+      subject(:deactivate) { post api("/users/#{user_id}/deactivate", api_user) }
+
+      let(:user_id) { user.id }
+
      context 'performed by a non-admin user' do
+        let(:api_user) { user }
+
        it 'is not authorized to perform the action' do
-          post api("/users/#{user.id}/deactivate", user)
+          deactivate

          expect(response).to have_gitlab_http_status(:forbidden)
        end
      end

      context 'performed by an admin user' do
+        let(:api_user) { admin }
+
        context 'for an active user' do
          let(:activity) { {} }
          let(:user) { create(:user, **activity) }
@@ -2416,11 +2424,9 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
          context 'with no recent activity' do
            let(:activity) { { last_activity_on: ::User::MINIMUM_INACTIVE_DAYS.next.days.ago } }

-            before do
-              post api("/users/#{user.id}/deactivate", admin)
-            end
-
            it 'deactivates an active user' do
+              deactivate
+
              expect(response).to have_gitlab_http_status(:created)
              expect(user.reload.state).to eq('deactivated')
            end
@@ -2429,11 +2435,9 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
          context 'with recent activity' do
            let(:activity) { { last_activity_on: ::User::MINIMUM_INACTIVE_DAYS.pred.days.ago } }

-            before do
-              post api("/users/#{user.id}/deactivate", admin)
-            end
-
            it 'does not deactivate an active user' do
+              deactivate
+
              expect(response).to have_gitlab_http_status(:forbidden)
              expect(json_response['message']).to eq("403 Forbidden  - The user you are trying to deactivate has been active in the past #{::User::MINIMUM_INACTIVE_DAYS} days and cannot be deactivated")
              expect(user.reload.state).to eq('active')
@@ -2444,11 +2448,11 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
        context 'for a deactivated user' do
          before do
            user.deactivate
-
-            post api("/users/#{user.id}/deactivate", admin)
          end

          it 'returns 201' do
+            deactivate
+
            expect(response).to have_gitlab_http_status(:created)
            expect(user.reload.state).to eq('deactivated')
          end
@@ -2457,11 +2461,11 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
        context 'for a blocked user' do
          before do
            user.block
-
-            post api("/users/#{user.id}/deactivate", admin)
          end

          it 'returns 403' do
+            deactivate
+
            expect(response).to have_gitlab_http_status(:forbidden)
            expect(json_response['message']).to eq('403 Forbidden  - A blocked user cannot be deactivated by the API')
            expect(user.reload.state).to eq('blocked')
@@ -2471,11 +2475,11 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
        context 'for a ldap blocked user' do
          before do
            user.ldap_block
-
-            post api("/users/#{user.id}/deactivate", admin)
          end

          it 'returns 403' do
+            deactivate
+
            expect(response).to have_gitlab_http_status(:forbidden)
            expect(json_response['message']).to eq('403 Forbidden  - A blocked user cannot be deactivated by the API')
            expect(user.reload.state).to eq('ldap_blocked')
@@ -2483,10 +2487,10 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
        end

        context 'for an internal user' do
-          it 'returns 403' do
-            internal_user = User.alert_bot
+          let(:user) { User.alert_bot }

-            post api("/users/#{internal_user.id}/deactivate", admin)
+          it 'returns 403' do
+            deactivate

            expect(response).to have_gitlab_http_status(:forbidden)
            expect(json_response['message']).to eq('403 Forbidden  - An internal user cannot be deactivated by the API')
@@ -2494,8 +2498,10 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
        end

        context 'for a user that does not exist' do
+          let(:user_id) { 0 }
+
          before do
-            post api("/users/0/deactivate", admin)
+            deactivate
          end

          it_behaves_like '404'