summaryrefslogtreecommitdiff
path: root/spec/finders
diff options
context:
space:
mode:
authorToon Claes <toon@gitlab.com>2017-06-13 09:11:33 +0200
committerToon Claes <toon@gitlab.com>2017-06-15 08:46:34 +0200
commitef1811f4bc211929997a5b8cc1ecd511b52ca6f4 (patch)
tree01ca753274ade58376c6f081b83e53c456d1069f /spec/finders
parent42aaae9916b7b76da968579fcc722067947df018 (diff)
downloadgitlab-ce-ef1811f4bc211929997a5b8cc1ecd511b52ca6f4.tar.gz
Subgroups page should show groups authorized through inheritance
When a user is authorized to a group, they are also authorized to see all the ancestor groups and descendant groups. When a user is authorized to a project, they are authorized to see all the ancestor groups too. Closes #32135 See merge request !11764
Diffstat (limited to 'spec/finders')
-rw-r--r--spec/finders/groups_finder_spec.rb39
1 files changed, 36 insertions, 3 deletions
diff --git a/spec/finders/groups_finder_spec.rb b/spec/finders/groups_finder_spec.rb
index 5b3591550c1..9867d002561 100644
--- a/spec/finders/groups_finder_spec.rb
+++ b/spec/finders/groups_finder_spec.rb
@@ -38,7 +38,7 @@ describe GroupsFinder do
end
end
- context 'subgroups' do
+ context 'subgroups', :nested_groups do
let!(:parent_group) { create(:group, :public) }
let!(:public_subgroup) { create(:group, :public, parent: parent_group) }
let!(:internal_subgroup) { create(:group, :internal, parent: parent_group) }
@@ -51,15 +51,48 @@ describe GroupsFinder do
end
context 'with a user' do
+ subject { described_class.new(user, parent: parent_group).execute }
+
it 'returns public and internal subgroups' do
- expect(described_class.new(user, parent: parent_group).execute).to contain_exactly(public_subgroup, internal_subgroup)
+ is_expected.to contain_exactly(public_subgroup, internal_subgroup)
end
context 'being member' do
it 'returns public subgroups, internal subgroups, and private subgroups user is member of' do
private_subgroup.add_guest(user)
- expect(described_class.new(user, parent: parent_group).execute).to contain_exactly(public_subgroup, internal_subgroup, private_subgroup)
+ is_expected.to contain_exactly(public_subgroup, internal_subgroup, private_subgroup)
+ end
+ end
+
+ context 'parent group private' do
+ before do
+ parent_group.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PRIVATE)
+ end
+
+ context 'being member of parent group' do
+ it 'returns all subgroups' do
+ parent_group.add_guest(user)
+
+ is_expected.to contain_exactly(public_subgroup, internal_subgroup, private_subgroup)
+ end
+ end
+
+ context 'authorized to private project' do
+ it 'returns the subgroup of the project' do
+ subproject = create(:empty_project, :private, namespace: private_subgroup)
+ subproject.add_guest(user)
+
+ is_expected.to include(private_subgroup)
+ end
+
+ it 'returns all the parent groups if project is several levels deep' do
+ private_subsubgroup = create(:group, :private, parent: private_subgroup)
+ subsubproject = create(:empty_project, :private, namespace: private_subsubgroup)
+ subsubproject.add_guest(user)
+
+ expect(described_class.new(user).execute).to include(private_subsubgroup, private_subgroup, parent_group)
+ end
end
end
end