Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
48e8ef0a
Commit
48e8ef0a
authored
Feb 09, 2021
by
Sanad Liaquat
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add specs for user access after membership termination
parent
a1437260
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
159 additions
and
2 deletions
+159
-2
qa/qa/specs/features/api/1_manage/user_access_termination_spec.rb
...ecs/features/api/1_manage/user_access_termination_spec.rb
+84
-0
qa/qa/specs/features/browser_ui/1_manage/user/user_access_termination_spec.rb
.../browser_ui/1_manage/user/user_access_termination_spec.rb
+65
-0
qa/qa/specs/features/ee/api/1_manage/user/minimal_access_user_spec.rb
...features/ee/api/1_manage/user/minimal_access_user_spec.rb
+5
-1
qa/qa/specs/features/ee/browser_ui/1_manage/user/minimal_access_user_spec.rb
...s/ee/browser_ui/1_manage/user/minimal_access_user_spec.rb
+5
-1
No files found.
qa/qa/specs/features/api/1_manage/user_access_termination_spec.rb
0 → 100644
View file @
48e8ef0a
# frozen_string_literal: true
module
QA
RSpec
.
describe
'Manage'
do
describe
'User'
,
:requires_admin
do
before
(
:all
)
do
admin_api_client
=
Runtime
::
API
::
Client
.
as_admin
@user
=
Resource
::
User
.
fabricate_via_api!
do
|
user
|
user
.
api_client
=
admin_api_client
end
@user_api_client
=
Runtime
::
API
::
Client
.
new
(
:gitlab
,
user:
@user
)
@group
=
Resource
::
Group
.
fabricate_via_api!
@group
.
sandbox
.
add_member
(
@user
)
@project
=
Resource
::
Project
.
fabricate_via_api!
do
|
project
|
project
.
group
=
@group
project
.
name
=
"project-for-user-group-access-termination"
project
.
initialize_with_readme
=
true
end
end
context
'after parent group membership termination'
do
before
do
@group
.
sandbox
.
remove_member
(
@user
)
end
it
'is not allowed to push code via the CLI'
,
testcase:
'https://gitlab.com/gitlab-org/quality/testcases/-/issues/1660'
do
expect
do
Resource
::
Repository
::
Push
.
fabricate!
do
|
push
|
push
.
repository_http_uri
=
@project
.
repository_http_location
.
uri
push
.
file_name
=
'test.txt'
push
.
file_content
=
"# This is a test project named
#{
@project
.
name
}
"
push
.
commit_message
=
'Add test.txt'
push
.
branch_name
=
'new_branch'
push
.
user
=
@user
end
end
.
to
raise_error
(
QA
::
Support
::
Run
::
CommandError
,
/You are not allowed to push code to this project/
)
end
it
'is not allowed to create a file via the API'
,
testcase:
'https://gitlab.com/gitlab-org/quality/testcases/-/issues/1661'
do
expect
do
Resource
::
File
.
fabricate_via_api!
do
|
file
|
file
.
api_client
=
@user_api_client
file
.
project
=
@project
file
.
branch
=
'new_branch'
file
.
commit_message
=
'Add new file'
file
.
name
=
'test.txt'
file
.
content
=
"New file"
end
end
.
to
raise_error
(
Resource
::
ApiFabricator
::
ResourceFabricationFailedError
,
/403 Forbidden/
)
end
it
'is not allowed to commit via the API'
,
testcase:
'https://gitlab.com/gitlab-org/quality/testcases/-/issues/1662'
do
expect
do
Resource
::
Repository
::
Commit
.
fabricate_via_api!
do
|
commit
|
commit
.
api_client
=
@user_api_client
commit
.
project
=
@project
commit
.
branch
=
'new_branch'
commit
.
start_branch
=
@project
.
default_branch
commit
.
commit_message
=
'Add new file'
commit
.
add_files
([
{
file_path:
'test.txt'
,
content:
'new file'
}
])
end
end
.
to
raise_error
(
Resource
::
ApiFabricator
::
ResourceFabricationFailedError
,
/403 Forbidden - You are not allowed to push into this branch/
)
end
end
after
(
:all
)
do
@user
.
remove_via_api!
@project
.
remove_via_api!
begin
@group
.
remove_via_api!
rescue
Resource
::
ApiFabricator
::
ResourceNotDeletedError
# It is ok if the group is already marked for deletion by another test
end
end
end
end
end
qa/qa/specs/features/browser_ui/1_manage/user/user_access_termination_spec.rb
0 → 100644
View file @
48e8ef0a
# frozen_string_literal: true
module
QA
RSpec
.
describe
'Manage'
do
describe
'User'
,
:requires_admin
do
let
(
:admin_api_client
)
{
Runtime
::
API
::
Client
.
as_admin
}
let!
(
:user
)
do
Resource
::
User
.
fabricate_via_api!
do
|
user
|
user
.
api_client
=
admin_api_client
end
end
let!
(
:group
)
do
group
=
Resource
::
Group
.
fabricate_via_api!
group
.
sandbox
.
add_member
(
user
)
group
end
let!
(
:project
)
do
Resource
::
Project
.
fabricate_via_api!
do
|
project
|
project
.
group
=
group
project
.
name
=
"project-for-user-access-termination"
project
.
initialize_with_readme
=
true
end
end
context
'after parent group membership termination'
do
before
do
Flow
::
Login
.
while_signed_in_as_admin
do
group
.
sandbox
.
visit!
Page
::
Group
::
Menu
.
perform
(
&
:click_group_members_item
)
Page
::
Group
::
Members
.
perform
do
|
members_page
|
members_page
.
remove_member
(
user
.
username
)
end
end
end
it
'is not allowed to edit the project files'
,
testcase:
'https://gitlab.com/gitlab-org/quality/testcases/-/issues/1663'
do
Flow
::
Login
.
sign_in
(
as:
user
)
project
.
visit!
Page
::
Project
::
Show
.
perform
do
|
project
|
project
.
click_file
(
'README.md'
)
end
Page
::
File
::
Show
.
perform
(
&
:click_edit
)
expect
(
page
).
to
have_text
(
"You're not allowed to edit files in this project directly."
)
end
after
do
user
.
remove_via_api!
project
.
remove_via_api!
begin
group
.
remove_via_api!
rescue
Resource
::
ApiFabricator
::
ResourceNotDeletedError
# It is ok if the group is already marked for deletion by another test
end
end
end
end
end
end
qa/qa/specs/features/ee/api/1_manage/user/minimal_access_user_spec.rb
View file @
48e8ef0a
...
...
@@ -67,7 +67,11 @@ module QA
after
(
:all
)
do
@user_with_minimal_access
.
remove_via_api!
@project
.
remove_via_api!
begin
@group
.
remove_via_api!
rescue
Resource
::
ApiFabricator
::
ResourceNotDeletedError
# It is ok if the group is already marked for deletion by another test
end
end
end
end
...
...
qa/qa/specs/features/ee/browser_ui/1_manage/user/minimal_access_user_spec.rb
View file @
48e8ef0a
...
...
@@ -41,7 +41,11 @@ module QA
after
do
user_with_minimal_access
.
remove_via_api!
project
.
remove_via_api!
begin
group
.
remove_via_api!
rescue
Resource
::
ApiFabricator
::
ResourceNotDeletedError
# It is ok if the group is already marked for deletion by another test
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment