IMprove access_matchers

2 files changed, 24 insertions, 26 deletions

diff --git a/spec/controllers/projects/pipeline_schedules_controller_spec.rb b/spec/controllers/projects/pipeline_schedules_controller_spec.rb
index 575e2050354..4f37548a447 100644
--- a/spec/controllers/projects/pipeline_schedules_controller_spec.rb
+++ b/spec/controllers/projects/pipeline_schedules_controller_spec.rb
@@ -127,7 +127,8 @@ describe Projects::PipelineSchedulesController do
     describe 'PUT update' do
       let(:action) do
         proc do |user|
-          put :update, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id
+          put :update, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id,
+          schedule: { description: 'a' }
         end
       end
 
diff --git a/spec/support/matchers/access_matchers_for_controller.rb b/spec/support/matchers/access_matchers_for_controller.rb
index 844464233b8..59c6f528e74 100644
--- a/spec/support/matchers/access_matchers_for_controller.rb
+++ b/spec/support/matchers/access_matchers_for_controller.rb
@@ -5,8 +5,8 @@ module AccessMatchersForController
   extend RSpec::Matchers::DSL
   include Warden::Test::Helpers
 
-  EXPECTED_STATUS_CODE_ALLOWED = [200, 302].freeze
-  EXPECTED_STATUS_CODE_DENIED = [404].freeze
+  EXPECTED_STATUS_CODE_ALLOWED = [200, 201, 302].freeze
+  EXPECTED_STATUS_CODE_DENIED = [401, 404].freeze
 
   def emulate_user(role, membership = nil)
     case role
@@ -19,18 +19,13 @@ module AccessMatchersForController
     when :external
       user = create(:user, external: true)
       sign_in(user)
-    when :visitor # rubocop:disable Lint/EmptyWhen
-      # no-op
+    when :visitor
+      user = nil
+    when User
+      user = role
+      sign_in(user)
     when *Gitlab::Access.sym_options_with_owner.keys # owner, master, developer, reporter, guest
-      raise ArgumentError, "cannot emulate #{role} without membership parent" unless membership
-
-      if role == :owner && membership.owner
-        user = membership.owner
-      else
-        user = create(:user)
-        membership.public_send(:"add_#{role}", user)
-      end
-
+      user = cerate_user_by_membership(role, membership)
       sign_in(user)
     else
       raise ArgumentError, "cannot emulate user #{role}"
@@ -39,6 +34,18 @@ module AccessMatchersForController
     user
   end
 
+  def cerate_user_by_membership(role, membership = nil)
+    raise ArgumentError, "cannot emulate #{role} without membership parent" unless membership
+
+    if role == :owner && membership.owner
+      user = membership.owner
+    else
+      user = create(:user)
+      membership.public_send(:"add_#{role}", user)
+    end
+    user
+  end
+
   def description_for(role, type, expected, result)
     "be #{type} for #{role}." \
     " Expected: #{expected.join(',')} Got: #{result}"
@@ -47,12 +54,7 @@ module AccessMatchersForController
   matcher :be_allowed_for do |role|
     match do |action|
       user = emulate_user(role, @membership)
-      begin
-        action.call(user)
-      rescue
-        # Ignore internal exceptions which will be caused in the controller
-        # In such cases, response.status will be 200.
-      end
+      action.call(user)
 
       EXPECTED_STATUS_CODE_ALLOWED.include?(response.status)
     end
@@ -68,12 +70,7 @@ module AccessMatchersForController
   matcher :be_denied_for do |role|
     match do |action|
       user = emulate_user(role, @membership)
-      begin
-        action.call(user)
-      rescue
-        # Ignore internal exceptions which will be caused in the controller
-        # In such cases, response.status will be 200.
-      end
+      action.call(user)
 
       EXPECTED_STATUS_CODE_DENIED.include?(response.status)
     end