Adds update endpoint specs for group namespacefeature/add_cluster_update_app_endpoint

1 files changed, 80 insertions, 20 deletions

diff --git a/spec/controllers/groups/clusters/applications_controller_spec.rb b/spec/controllers/groups/clusters/applications_controller_spec.rb
index dd5263b077c..84da43fe2ef 100644
--- a/spec/controllers/groups/clusters/applications_controller_spec.rb
+++ b/spec/controllers/groups/clusters/applications_controller_spec.rb
@@ -9,9 +9,25 @@ describe Groups::Clusters::ApplicationsController do
     Clusters::Cluster::APPLICATIONS[application]
   end
 
+  shared_examples 'a secure endpoint' do
+    it { expect { subject }.to be_allowed_for(:admin) }
+    it { expect { subject }.to be_allowed_for(:owner).of(group) }
+    it { expect { subject }.to be_allowed_for(:maintainer).of(group) }
+    it { expect { subject }.to be_denied_for(:developer).of(group) }
+    it { expect { subject }.to be_denied_for(:reporter).of(group) }
+    it { expect { subject }.to be_denied_for(:guest).of(group) }
+    it { expect { subject }.to be_denied_for(:user) }
+    it { expect { subject }.to be_denied_for(:external) }
+  end
+
+  let(:cluster) { create(:cluster, :group, :provided_by_gcp) }
+  let(:group) { cluster.group }
+
   describe 'POST create' do
-    let(:cluster) { create(:cluster, :group, :provided_by_gcp) }
-    let(:group) { cluster.group }
+    subject do
+      post :create, params: params.merge(group_id: group)
+    end
+
     let(:application) { 'helm' }
     let(:params) { { application: application, id: cluster.id } }
 
@@ -26,7 +42,7 @@ describe Groups::Clusters::ApplicationsController do
       it 'schedule an application installation' do
         expect(ClusterInstallAppWorker).to receive(:perform_async).with(application, anything).once
 
-        expect { go }.to change { current_application.count }
+        expect { subject }.to change { current_application.count }
         expect(response).to have_http_status(:no_content)
         expect(cluster.application_helm).to be_scheduled
       end
@@ -37,7 +53,7 @@ describe Groups::Clusters::ApplicationsController do
         end
 
         it 'return 404' do
-          expect { go }.not_to change { current_application.count }
+          expect { subject }.not_to change { current_application.count }
           expect(response).to have_http_status(:not_found)
         end
       end
@@ -46,9 +62,7 @@ describe Groups::Clusters::ApplicationsController do
         let(:application) { 'unkwnown-app' }
 
         it 'return 404' do
-          go
-
-          expect(response).to have_http_status(:not_found)
+          is_expected.to have_http_status(:not_found)
         end
       end
 
@@ -58,9 +72,7 @@ describe Groups::Clusters::ApplicationsController do
         end
 
         it 'returns 400' do
-          go
-
-          expect(response).to have_http_status(:bad_request)
+          is_expected.to have_http_status(:bad_request)
         end
       end
     end
@@ -70,18 +82,66 @@ describe Groups::Clusters::ApplicationsController do
         allow(ClusterInstallAppWorker).to receive(:perform_async)
       end
 
-      it { expect { go }.to be_allowed_for(:admin) }
-      it { expect { go }.to be_allowed_for(:owner).of(group) }
-      it { expect { go }.to be_allowed_for(:maintainer).of(group) }
-      it { expect { go }.to be_denied_for(:developer).of(group) }
-      it { expect { go }.to be_denied_for(:reporter).of(group) }
-      it { expect { go }.to be_denied_for(:guest).of(group) }
-      it { expect { go }.to be_denied_for(:user) }
-      it { expect { go }.to be_denied_for(:external) }
+      it_behaves_like 'a secure endpoint'
     end
+  end
 
-    def go
-      post :create, params: params.merge(group_id: group)
+  describe 'PATCH update' do
+    subject do
+      patch :update, params: params.merge(group_id: group)
+    end
+
+    let!(:application) { create(:clusters_applications_cert_managers, :installed, cluster: cluster) }
+    let(:application_name) { application.name }
+    let(:params) { { application: application_name, id: cluster.id, email: "new-email@example.com" } }
+
+    describe 'functionality' do
+      let(:user) { create(:user) }
+
+      before do
+        group.add_maintainer(user)
+        sign_in(user)
+      end
+
+      context "when cluster and app exists" do
+        it "schedules an application update" do
+          expect(ClusterUpdateAppWorker).to receive(:perform_async).with(application.name, anything).once
+
+          is_expected.to have_http_status(:no_content)
+
+          expect(cluster.application_cert_manager).to be_scheduled
+        end
+      end
+
+      context 'when cluster do not exists' do
+        before do
+          cluster.destroy!
+        end
+
+        it { is_expected.to have_http_status(:not_found) }
+      end
+
+      context 'when application is unknown' do
+        let(:application_name) { 'unkwnown-app' }
+
+        it { is_expected.to have_http_status(:not_found) }
+      end
+
+      context 'when application is already scheduled' do
+        before do
+          application.make_scheduled!
+        end
+
+        it { is_expected.to have_http_status(:bad_request) }
+      end
+    end
+
+    describe 'security' do
+      before do
+        allow(ClusterUpdateAppWorker).to receive(:perform_async)
+      end
+
+      it_behaves_like 'a secure endpoint'
     end
   end
 end