diff options
| author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-04-02 07:48:30 +0000 |
|---|---|---|
| committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-04-02 07:48:30 +0000 |
| commit | 3e4c2b0427d70e920758e9c8f71ac43060d8c509 (patch) | |
| tree | 0ef4e37b03a2a4de81b240bd63c0d31fa1428dd7 /spec/features | |
| parent | b122be5ed55e3898196fb21e47fff40eb7dd6e0c (diff) | |
| parent | 727ec95528c3b928992406e570427728e7186fd4 (diff) | |
| download | gitlab-ce-3e4c2b0427d70e920758e9c8f71ac43060d8c509.tar.gz | |
Merge branch 'security-56224' into 'master'
Fix related branches visible in issues for guests
See merge request gitlab/gitlabhq!2996
Diffstat (limited to 'spec/features')
| -rw-r--r-- | spec/features/issues/user_creates_branch_and_merge_request_spec.rb | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/spec/features/issues/user_creates_branch_and_merge_request_spec.rb b/spec/features/issues/user_creates_branch_and_merge_request_spec.rb index 693ad89069c..0a006011c89 100644 --- a/spec/features/issues/user_creates_branch_and_merge_request_spec.rb +++ b/spec/features/issues/user_creates_branch_and_merge_request_spec.rb @@ -1,6 +1,7 @@ require 'rails_helper' describe 'User creates branch and merge request on issue page', :js do + let(:membership_level) { :developer } let(:user) { create(:user) } let!(:project) { create(:project, :repository) } let(:issue) { create(:issue, project: project, title: 'Cherry-Coloured Funk') } @@ -17,7 +18,7 @@ describe 'User creates branch and merge request on issue page', :js do context 'when signed in' do before do - project.add_developer(user) + project.add_user(user, membership_level) sign_in(user) end @@ -167,6 +168,39 @@ describe 'User creates branch and merge request on issue page', :js do expect(page).not_to have_css('.create-mr-dropdown-wrap') end end + + context 'when related branch exists' do + let!(:project) { create(:project, :repository, :private) } + let(:branch_name) { "#{issue.iid}-foo" } + + before do + project.repository.create_branch(branch_name, 'master') + + visit project_issue_path(project, issue) + end + + context 'when user is developer' do + it 'shows related branches' do + expect(page).to have_css('#related-branches') + + wait_for_requests + + expect(page).to have_content(branch_name) + end + end + + context 'when user is guest' do + let(:membership_level) { :guest } + + it 'does not show related branches' do + expect(page).not_to have_css('#related-branches') + + wait_for_requests + + expect(page).not_to have_content(branch_name) + end + end + end end private |