diff options
| author | Mark Lapierre <mlapierre@gitlab.com> | 2019-09-12 12:54:45 +1000 |
|---|---|---|
| committer | Mark Lapierre <mlapierre@gitlab.com> | 2019-09-12 12:55:04 +1000 |
| commit | 9f52068a061ffa8064939b54b32de8d08fb85380 (patch) | |
| tree | 229daeadfdb8ff6c7beb0913bb2466e46e7df0d7 | |
| parent | a52935fbd8132180f19fa27dc397c14087b5d936 (diff) | |
| download | gitlab-ce-qa-ml-add-restricted-protected-branch-test.tar.gz | |
Backport EE E2E protected branch changesqa-ml-add-restricted-protected-branch-test
Makes configuring projected branch roles compatible with adding a
user or group when using EE.
Adds some login convenience methods.
Allows projects and groups to add members.
| -rw-r--r-- | app/views/projects/protected_branches/shared/_create_protected_branch.html.haml | 2 | ||||
| -rw-r--r-- | qa/qa.rb | 1 | ||||
| -rw-r--r-- | qa/qa/page/main/login.rb | 9 | ||||
| -rw-r--r-- | qa/qa/page/main/menu.rb | 6 | ||||
| -rw-r--r-- | qa/qa/page/project/settings/protected_branches.rb | 37 | ||||
| -rw-r--r-- | qa/qa/resource/group.rb | 11 | ||||
| -rw-r--r-- | qa/qa/resource/members.rb | 28 | ||||
| -rw-r--r-- | qa/qa/resource/project.rb | 10 | ||||
| -rw-r--r-- | qa/qa/resource/protected_branch.rb | 35 | ||||
| -rw-r--r-- | qa/qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb | 20 |
10 files changed, 84 insertions, 75 deletions
diff --git a/app/views/projects/protected_branches/shared/_create_protected_branch.html.haml b/app/views/projects/protected_branches/shared/_create_protected_branch.html.haml index 3644a623d2c..bba4949277d 100644 --- a/app/views/projects/protected_branches/shared/_create_protected_branch.html.haml +++ b/app/views/projects/protected_branches/shared/_create_protected_branch.html.haml @@ -29,4 +29,4 @@ = yield :push_access_levels .card-footer - = f.submit 'Protect', class: 'btn-success btn', disabled: true + = f.submit 'Protect', class: 'btn-success btn', disabled: true, data: { qa_selector: 'protect_button' } @@ -61,6 +61,7 @@ module QA autoload :KubernetesCluster, 'qa/resource/kubernetes_cluster' autoload :User, 'qa/resource/user' autoload :ProjectMilestone, 'qa/resource/project_milestone' + autoload :Members, 'qa/resource/members' autoload :Wiki, 'qa/resource/wiki' autoload :File, 'qa/resource/file' autoload :Fork, 'qa/resource/fork' diff --git a/qa/qa/page/main/login.rb b/qa/qa/page/main/login.rb index 65d83926f38..ca93663dba2 100644 --- a/qa/qa/page/main/login.rb +++ b/qa/qa/page/main/login.rb @@ -44,7 +44,7 @@ module QA def sign_in_using_credentials(user = nil) # Don't try to log-in if we're already logged-in - return if Page::Main::Menu.perform { |menu| menu.has_personal_area?(wait: 0) } + return if Page::Main::Menu.perform(&:signed_in?) using_wait_time 0 do set_initial_password_if_present @@ -75,10 +75,7 @@ module QA end def sign_in_using_ldap_credentials(user) - # Log out if already logged in - Page::Main::Menu.perform do |menu| - menu.sign_out if menu.has_personal_area?(wait: 0) - end + Page::Main::Menu.perform(&:sign_out_if_signed_in) using_wait_time 0 do set_initial_password_if_present @@ -149,7 +146,7 @@ module QA end def sign_out_and_sign_in_as(user:) - Menu.perform(&:sign_out) + Menu.perform(&:sign_out_if_signed_in) has_sign_in_tab? sign_in_using_credentials(user) end diff --git a/qa/qa/page/main/menu.rb b/qa/qa/page/main/menu.rb index 4676dc8d077..751b67d7695 100644 --- a/qa/qa/page/main/menu.rb +++ b/qa/qa/page/main/menu.rb @@ -55,6 +55,10 @@ module QA within_top_menu { click_element :admin_area_link } end + def signed_in? + has_personal_area?(wait: 0) + end + def sign_out within_user_menu do click_element :sign_out_link @@ -62,7 +66,7 @@ module QA end def sign_out_if_signed_in - sign_out if has_personal_area?(wait: 0) + sign_out if signed_in? end def click_settings_link diff --git a/qa/qa/page/project/settings/protected_branches.rb b/qa/qa/page/project/settings/protected_branches.rb index 1e707f1d315..3756e63fb1b 100644 --- a/qa/qa/page/project/settings/protected_branches.rb +++ b/qa/qa/page/project/settings/protected_branches.rb @@ -25,6 +25,10 @@ module QA element :protected_branches_list end + view 'app/views/projects/protected_branches/shared/_create_protected_branch.html.haml' do + element :protect_button + end + def select_branch(branch_name) click_element :protected_branch_select @@ -33,40 +37,31 @@ module QA end end - def allow_no_one_to_push - go_to_allow(:push, 'No one') - end - - def allow_devs_and_maintainers_to_push - go_to_allow(:push, 'Developers + Maintainers') + def select_allowed_to_merge(allowed) + select_allowed(:merge, allowed) end - # @deprecated - alias_method :allow_devs_and_masters_to_push, :allow_devs_and_maintainers_to_push - - def allow_no_one_to_merge - go_to_allow(:merge, 'No one') + def select_allowed_to_push(allowed) + select_allowed(:push, allowed) end - def allow_devs_and_maintainers_to_merge - go_to_allow(:merge, 'Developers + Maintainers') - end - - # @deprecated - alias_method :allow_devs_and_masters_to_merge, :allow_devs_and_maintainers_to_merge - def protect_branch - click_on 'Protect' + click_element :protect_button end private - def go_to_allow(action, text) + def select_allowed(action, allowed) click_element :"allowed_to_#{action}_select" + allowed[:roles] = Resource::ProtectedBranch::Roles::NO_ONE unless allowed.key? :roles + within_element(:"allowed_to_#{action}_dropdown") do - click_on text + click_on allowed[:roles] end + + # Click the select element again to close the dropdown + click_element :protected_branch_select end end end diff --git a/qa/qa/resource/group.rb b/qa/qa/resource/group.rb index b5beba64c61..e11bd5728fb 100644 --- a/qa/qa/resource/group.rb +++ b/qa/qa/resource/group.rb @@ -3,6 +3,8 @@ module QA module Resource class Group < Base + include Members + attr_accessor :path, :description attribute :sandbox do @@ -48,19 +50,10 @@ module QA super end - def add_member(user, access_level = '30') - # 30 = developer access - post Runtime::API::Request.new(api_client, api_members_path).url, { user_id: user.id, access_level: access_level } - end - def api_get_path "/groups/#{CGI.escape("#{sandbox.path}/#{path}")}" end - def api_members_path - "#{api_get_path}/members" - end - def api_post_path '/groups' end diff --git a/qa/qa/resource/members.rb b/qa/qa/resource/members.rb new file mode 100644 index 00000000000..d70a2907523 --- /dev/null +++ b/qa/qa/resource/members.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +module QA + module Resource + # + # Included in Resource::Project and Resource::Group to allow changes to + # project/group membership + # + module Members + def add_member(user, access_level = AccessLevel::DEVELOPER) + post Runtime::API::Request.new(api_client, api_members_path).url, { user_id: user.id, access_level: access_level } + end + + def api_members_path + "#{api_get_path}/members" + end + + class AccessLevel + NO_ACCESS = 0 + GUEST = 10 + REPORTER = 20 + DEVELOPER = 30 + MAINTAINER = 40 + OWNER = 50 + end + end + end +end diff --git a/qa/qa/resource/project.rb b/qa/qa/resource/project.rb index 157064dfe37..f1d8cf583a6 100644 --- a/qa/qa/resource/project.rb +++ b/qa/qa/resource/project.rb @@ -6,6 +6,7 @@ module QA module Resource class Project < Base include Events::Project + include Members attr_writer :initialize_with_readme attr_writer :visibility @@ -75,11 +76,6 @@ module QA super end - def add_member(user, access_level = '30') - # 30 = developer access - post Runtime::API::Request.new(api_client, api_members_path).url, { user_id: user.id, access_level: access_level } - end - def api_get_path "/projects/#{CGI.escape(path_with_namespace)}" end @@ -112,6 +108,10 @@ module QA post_body end + def share_with_group(invitee, access_level = Resource::Members::AccessLevel::DEVELOPER) + post Runtime::API::Request.new(api_client, "/projects/#{id}/share").url, { group_id: invitee.id, group_access: access_level } + end + private def transform_api_resource(api_resource) diff --git a/qa/qa/resource/protected_branch.rb b/qa/qa/resource/protected_branch.rb index c27647cf3ce..f0cef624e0b 100644 --- a/qa/qa/resource/protected_branch.rb +++ b/qa/qa/resource/protected_branch.rb @@ -3,7 +3,7 @@ module QA module Resource class ProtectedBranch < Base - attr_accessor :branch_name, :allow_to_push, :allow_to_merge, :protected + attr_accessor :branch_name, :allowed_to_push, :allowed_to_merge, :protected attribute :project do Project.fabricate_via_api! do |resource| @@ -25,8 +25,12 @@ module QA def initialize @branch_name = 'test/branch' - @allow_to_push = true - @allow_to_merge = true + @allowed_to_push = { + roles: Resource::ProtectedBranch::Roles::DEVS_AND_MAINTAINERS + } + @allowed_to_merge = { + roles: Resource::ProtectedBranch::Roles::DEVS_AND_MAINTAINERS + } @protected = false end @@ -35,29 +39,14 @@ module QA project.wait_for_push_new_branch @branch_name - # The upcoming process will make it access the Protected Branches page, - # select the already created branch and protect it according - # to `allow_to_push` variable. - return branch unless @protected - project.visit! Page::Project::Menu.perform(&:go_to_repository_settings) Page::Project::Settings::Repository.perform do |setting| setting.expand_protected_branches do |page| page.select_branch(branch_name) - - if allow_to_push - page.allow_devs_and_maintainers_to_push - else - page.allow_no_one_to_push - end - - if allow_to_merge - page.allow_devs_and_maintainers_to_merge - else - page.allow_no_one_to_merge - end + page.select_allowed_to_merge(allowed_to_merge) + page.select_allowed_to_push(allowed_to_push) page.wait(reload: false) do !page.first('.btn-success').disabled? @@ -79,6 +68,12 @@ module QA def api_delete_path "/projects/#{@project.api_resource[:id]}/protected_branches/#{@branch_name}" end + + class Roles + NO_ONE = 'No one' + DEVS_AND_MAINTAINERS = 'Developers + Maintainers' + MAINTAINERS = 'Maintainers' + end end end end diff --git a/qa/qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb b/qa/qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb index dd80905d184..5d0f4b215f4 100644 --- a/qa/qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb +++ b/qa/qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb @@ -17,16 +17,11 @@ module QA Page::Main::Login.perform(&:sign_in_using_credentials) end - after do - # We need to clear localStorage because we're using it for the dropdown, - # and capybara doesn't do this for us. - # https://github.com/teamcapybara/capybara/issues/1702 - Capybara.execute_script 'localStorage.clear()' - end - context 'when developers and maintainers are allowed to push to a protected branch' do it 'user with push rights successfully pushes to the protected branch' do - create_protected_branch(allow_to_push: true) + create_protected_branch(allowed_to_push: { + roles: Resource::ProtectedBranch::Roles::DEVS_AND_MAINTAINERS + }) push = push_new_file(branch_name) @@ -36,18 +31,19 @@ module QA context 'when developers and maintainers are not allowed to push to a protected branch' do it 'user without push rights fails to push to the protected branch' do - create_protected_branch(allow_to_push: false) + create_protected_branch(allowed_to_push: { + roles: Resource::ProtectedBranch::Roles::NO_ONE + }) expect { push_new_file(branch_name) }.to raise_error(QA::Git::Repository::RepositoryCommandError, /remote: GitLab: You are not allowed to push code to protected branches on this project\.([\s\S]+)\[remote rejected\] #{branch_name} -> #{branch_name} \(pre-receive hook declined\)/) end end - def create_protected_branch(allow_to_push:) + def create_protected_branch(allowed_to_push:) Resource::ProtectedBranch.fabricate! do |resource| resource.branch_name = branch_name resource.project = project - resource.allow_to_push = allow_to_push - resource.protected = true + resource.allowed_to_push = allowed_to_push end end |