Add tests for starrers views

5 files changed, 255 insertions, 1 deletions

diff --git a/spec/controllers/projects/starrers_controller_spec.rb b/spec/controllers/projects/starrers_controller_spec.rb
new file mode 100644
index 00000000000..2ea80da08ca
--- /dev/null
+++ b/spec/controllers/projects/starrers_controller_spec.rb
@@ -0,0 +1,75 @@
+require 'spec_helper'
+
+describe Projects::StarrersController do
+  let(:user) { create(:user) }
+  let(:private_user) { create(:user, private_profile: true) }
+  let(:project) { create(:project, :public, :repository) }
+
+  before do
+    user.toggle_star(project)
+    private_user.toggle_star(project)
+  end
+
+  describe 'GET index' do
+    def get_starrers
+      get :index,
+        params: {
+          namespace_id: project.namespace,
+          project_id: project
+        }
+    end
+
+    context 'when project is public' do
+      before do
+        project.update_attribute(:visibility_level, Project::PUBLIC)
+      end
+
+      it 'only public starrers are visible for non logged in users' do
+        get_starrers
+
+        user_ids = assigns[:starrers].map { |s| s['user_id'] }
+        expect(user_ids).to include(user.id)
+        expect(user_ids).not_to include(private_user.id)
+      end
+
+      context 'when private user is logged in' do
+        before do
+          sign_in(private_user)
+        end
+
+        it 'their star is also visible' do
+          get_starrers
+
+          user_ids = assigns[:starrers].map { |s| s['user_id'] }
+          expect(user_ids).to include(user.id, private_user.id)
+        end
+      end
+    end
+
+    context 'when project is private' do
+      before do
+        project.update(visibility_level: Project::PRIVATE)
+      end
+
+      it 'starrers are not visible for non logged in users' do
+        get_starrers
+
+        expect(assigns[:starrers]).to be_blank
+      end
+
+      context 'when user is logged in' do
+        before do
+          sign_in(project.creator)
+        end
+
+        it 'only public starrers are visible' do
+          get_starrers
+
+          user_ids = assigns[:starrers].map { |s| s['user_id'] }
+          expect(user_ids).to include(user.id)
+          expect(user_ids).not_to include(private_user.id)
+        end
+      end
+    end
+  end
+end
diff --git a/spec/finders/starred_projects_finder_spec.rb b/spec/finders/starred_projects_finder_spec.rb
new file mode 100644
index 00000000000..6bc19af7a57
--- /dev/null
+++ b/spec/finders/starred_projects_finder_spec.rb
@@ -0,0 +1,39 @@
+require 'spec_helper'
+
+describe StarredProjectsFinder do
+  let(:project1) { create(:project, :public, :empty_repo) }
+  let(:project2) { create(:project, :public, :empty_repo) }
+  let(:other_project) { create(:project, :public, :empty_repo) }
+
+  let(:user) { create(:user) }
+  let(:other_user) { create(:user) }
+
+  before do
+    user.toggle_star(project1)
+    user.toggle_star(project2)
+  end
+
+  describe '#execute' do
+    let(:finder) { described_class.new(user, params: {}, current_user: current_user) }
+
+    subject { finder.execute }
+
+    describe 'as same user' do
+      let(:current_user) { user }
+
+      it { is_expected.to eq([project2, project1]) }
+    end
+
+    describe 'as other user' do
+      let(:current_user) { other_user }
+
+      it { is_expected.to eq([project2, project1]) }
+    end
+
+    describe 'as no user' do
+      let(:current_user) { nil }
+
+      it { is_expected.to eq([project2, project1]) }
+    end
+  end
+end
diff --git a/spec/finders/users_star_projects_finder_spec.rb b/spec/finders/users_star_projects_finder_spec.rb
new file mode 100644
index 00000000000..4c0aa3f8f77
--- /dev/null
+++ b/spec/finders/users_star_projects_finder_spec.rb
@@ -0,0 +1,40 @@
+require 'spec_helper'
+
+describe UsersStarProjectsFinder do
+  let(:project) { create(:project, :public, :empty_repo) }
+
+  let(:user) { create(:user) }
+  let(:private_user) { create(:user, private_profile: true) }
+  let(:other_user) { create(:user) }
+
+  before do
+    user.toggle_star(project)
+    private_user.toggle_star(project)
+  end
+
+  describe '#execute' do
+    let(:finder) { described_class.new(project, {}, current_user: current_user) }
+    let(:public_stars) { user.users_star_projects }
+    let(:private_stars) { private_user.users_star_projects }
+
+    subject { finder.execute }
+
+    describe 'as same user' do
+      let(:current_user) { private_user }
+
+      it { is_expected.to eq(private_stars + public_stars) }
+    end
+
+    describe 'as other user' do
+      let(:current_user) { other_user }
+
+      it { is_expected.to eq(public_stars) }
+    end
+
+    describe 'as no user' do
+      let(:current_user) { nil }
+
+      it { is_expected.to eq(public_stars) }
+    end
+  end
+end
diff --git a/spec/helpers/users_helper_spec.rb b/spec/helpers/users_helper_spec.rb
index f3649495493..a6623bc7941 100644
--- a/spec/helpers/users_helper_spec.rb
+++ b/spec/helpers/users_helper_spec.rb
@@ -27,7 +27,7 @@ describe UsersHelper do
 
     context 'with public profile' do
       it 'includes all the expected tabs' do
-        expect(tabs).to include(:activity, :groups, :contributed, :projects, :snippets)
+        expect(tabs).to include(:activity, :groups, :contributed, :projects, :starred, :snippets)
       end
     end
 
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index 5b3a2412aff..808c1c993d8 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -838,6 +838,28 @@ describe API::Projects do
     end
   end
 
+  describe 'GET /users/:user_id/starred_projects/' do
+    before do
+      user3.update(starred_projects: [project, project2, project3])
+    end
+
+    it 'returns error when user not found' do
+      get api('/users/9999/projects/')
+
+      expect(response).to have_gitlab_http_status(404)
+      expect(json_response['message']).to eq('404 User Not Found')
+    end
+
+    it 'returns projects filtered by user' do
+      get api("/users/#{user3.id}/starred_projects/", user)
+
+      expect(response).to have_gitlab_http_status(200)
+      expect(response).to include_pagination_headers
+      expect(json_response).to be_an Array
+      expect(json_response.map { |project| project['id'] }).to contain_exactly(project.id, project2.id, project3.id)
+    end
+  end
+
   describe 'POST /projects/user/:id' do
     it 'creates new project without path but with name and return 201' do
       expect { post api("/projects/user/#{user.id}", admin), params: { name: 'Foo Project' } }.to change { Project.count }.by(1)
@@ -2148,6 +2170,84 @@ describe API::Projects do
     end
   end
 
+  describe 'GET /projects/:id/starrers' do
+    shared_examples_for 'project starrers response' do
+      it 'returns an array of starrers' do
+        get api("/projects/#{public_project.id}/starrers", current_user)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(response).to include_pagination_headers
+        expect(json_response).to be_an Array
+        expect(json_response.map { |p| p['starred_since'].present? && p['user'].present? })
+      end
+
+      it 'returns the proper security headers' do
+        get api('/projects/1/starrers', current_user)
+
+        expect(response).to include_security_headers
+      end
+    end
+
+    let (:public_project) { create(:project, :public) }
+    let (:private_user) { create(:user, private_profile: true) }
+
+    before do
+      user.update(starred_projects: [public_project])
+      private_user.update(starred_projects: [public_project])
+    end
+
+    it 'returns not_found(404) for not existing project' do
+      get api("/projects/9999999999/starrers", user)
+
+      expect(response).to have_gitlab_http_status(:not_found)
+    end
+
+    context 'public project without user' do
+      it_behaves_like 'project starrers response' do
+        let(:current_user) { nil }
+      end
+
+      it 'returns only starrers with a public profile' do
+        get api("/projects/#{public_project.id}/starrers", nil)
+
+        user_ids = json_response.map { |s| s['user']['id'] }
+        expect(user_ids).to include(user.id)
+        expect(user_ids).not_to include(private_user.id)
+      end
+    end
+
+    context 'public project with user with private profile' do
+      it_behaves_like 'project starrers response' do
+        let(:current_user) { private_user }
+      end
+
+      it 'returns current user with a private profile' do
+        get api("/projects/#{public_project.id}/starrers", private_user)
+
+        user_ids = json_response.map { |s| s['user']['id'] }
+        expect(user_ids).to include(user.id, private_user.id)
+      end
+    end
+
+    context 'private project' do
+      context 'with unauthorized user' do
+        it 'returns not_found for existing but unauthorized project' do
+          get api("/projects/#{project3.id}/starrers", user3)
+
+          expect(response).to have_gitlab_http_status(:not_found)
+        end
+      end
+
+      context 'without user' do
+        it 'returns not_found for existing but unauthorized project' do
+          get api("/projects/#{project3.id}/starrers", nil)
+
+          expect(response).to have_gitlab_http_status(:not_found)
+        end
+      end
+    end
+  end
+
   describe 'GET /projects/:id/languages' do
     context 'with an authorized user' do
       it_behaves_like 'languages and percentages JSON response' do