require 'spec_helper'

describe SnippetsFinder do
  include ExternalAuthorizationServiceHelpers

  it_behaves_like 'a finder with external authorization service' do
    let!(:subject) { create(:project_snippet, project: project) }
    let(:project_params) { { project: project } }
  end

  context 'external authorization service enabled' do
    let(:user) { create(:user) }
    let(:project) { create(:project) }
    let!(:snippet) { create(:project_snippet, :public, project: project) }

    before do
      project.add_maintainer(user)
    end

    it 'includes the result if the external service allows access' do
      external_service_allow_access(user, project)

      results = described_class.new(user, project: project).execute

      expect(results).to contain_exactly(snippet)
    end

    it 'does not include any results if the external service denies access' do
      external_service_deny_access(user, project)

      results = described_class.new(user, project: project).execute

      expect(results).to be_empty
    end
  end

  context 'filter by project' do
    set(:user) { create(:user) }
    set(:group) { create(:group, :public) }
    set(:project) { create(:project, :public, group: group) }
    set(:private_project_snippet) { create(:project_snippet, :private, project: project) }
    set(:internal_project_snippet) { create(:project_snippet, :internal, project: project) }
    set(:public_project_snippet) { create(:project_snippet, :public, project: project) }

    it 'returns all snippets for auditor users' do
      user = create(:user, :auditor)

      snippets = described_class.new(user, project: project).execute

      expect(snippets).to include(private_project_snippet, internal_project_snippet, public_project_snippet)
    end
  end
end