From 9fe7f0c706818ae07b188d4efdd00aaeae74139f Mon Sep 17 00:00:00 2001
From: Shinya Maeda <shinya@gitlab.com>
Date: Fri, 30 Jun 2017 02:58:36 +0900
Subject: [PATCH] Improved AccessMatchers and tests

---
 .../pipeline_schedules_controller_spec.rb     |  6 ++---
 .../access_matchers_for_controller.rb         | 26 ++++++++++++++++---
 2 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/spec/controllers/projects/pipeline_schedules_controller_spec.rb b/spec/controllers/projects/pipeline_schedules_controller_spec.rb
index 82219db45cb..a3a5fe32307 100644
--- a/spec/controllers/projects/pipeline_schedules_controller_spec.rb
+++ b/spec/controllers/projects/pipeline_schedules_controller_spec.rb
@@ -357,7 +357,7 @@ describe Projects::PipelineSchedulesController do
       it { expect { go }.to be_allowed_for(:admin) }
       it { expect { go }.to be_allowed_for(:owner).of(project) }
       it { expect { go }.to be_allowed_for(:master).of(project) }
-      # it { expect { go }.to be_allowed_for(:developer).of(project) }
+      it { expect { go }.to be_allowed_for(:developer).of(project).own([pipeline_schedule]) }
       it { expect { go }.to be_denied_for(:reporter).of(project) }
       it { expect { go }.to be_denied_for(:guest).of(project) }
       it { expect { go }.to be_denied_for(:user) }
@@ -420,7 +420,7 @@ describe Projects::PipelineSchedulesController do
       it { expect { go }.to be_allowed_for(:admin) }
       it { expect { go }.to be_allowed_for(:owner).of(project) }
       it { expect { go }.to be_allowed_for(:master).of(project) }
-      # it { expect { go }.to be_allowed_for(:developer).of(project) }
+      it { expect { go }.to be_allowed_for(:developer).of(project).own([pipeline_schedule]) }
       it { expect { go }.to be_denied_for(:reporter).of(project) }
       it { expect { go }.to be_denied_for(:guest).of(project) }
       it { expect { go }.to be_denied_for(:user) }
@@ -438,7 +438,7 @@ describe Projects::PipelineSchedulesController do
       it { expect { go }.to be_allowed_for(:admin) }
       it { expect { go }.to be_allowed_for(:owner).of(project) }
       it { expect { go }.to be_allowed_for(:master).of(project) }
-      # it { expect { go }.to be_allowed_for(:developer).of(project) }
+      it { expect { go }.to be_allowed_for(:developer).of(project).own([pipeline_schedule]) }
       it { expect { go }.to be_denied_for(:reporter).of(project) }
       it { expect { go }.to be_denied_for(:guest).of(project) }
       it { expect { go }.to be_denied_for(:user) }
diff --git a/spec/support/matchers/access_matchers_for_controller.rb b/spec/support/matchers/access_matchers_for_controller.rb
index fb43f51c70c..21128bcc73d 100644
--- a/spec/support/matchers/access_matchers_for_controller.rb
+++ b/spec/support/matchers/access_matchers_for_controller.rb
@@ -50,9 +50,24 @@ module AccessMatchersForController
     "be #{type} for #{role}. Expected: #{expected.join(',')} Got: #{result}"
   end
 
+  def update_owner(objects, user)
+    return unless objects
+
+    objects.each do |object|
+      if object.respond_to?(:owner)
+        object.update_attribute(:owner, user)
+      elsif object.respond_to?(:user)
+        object.update_attribute(:user, user)
+      else
+        raise ArgumentError, "cannot own this object #{object}"
+      end
+    end
+  end
+
   matcher :be_allowed_for do |role|
-    match do |action|
-      emulate_user(role, @membership)
+    match do |action, &block|
+      user = emulate_user(role, @membership)
+      update_owner(@objects, user)
       action.call
 
       EXPECTED_STATUS_CODE_ALLOWED.include?(response.status)
@@ -62,13 +77,18 @@ module AccessMatchersForController
       @membership = membership
     end
 
+    chain :own do |objects|
+      @objects = objects
+    end
+
     description { description_for(role, 'allowed', EXPECTED_STATUS_CODE_ALLOWED, response.status) }
     supports_block_expectations
   end
 
   matcher :be_denied_for do |role|
     match do |action|
-      emulate_user(role, @membership)
+      user = emulate_user(role, @membership)
+      update_owner(@objects, user)
       action.call
 
       EXPECTED_STATUS_CODE_DENIED.include?(response.status)
-- 
2.30.9