diff options
| author | Toon Claes <toon@gitlab.com> | 2017-06-13 09:11:33 +0200 |
|---|---|---|
| committer | Toon Claes <toon@gitlab.com> | 2017-06-15 08:46:34 +0200 |
| commit | ef1811f4bc211929997a5b8cc1ecd511b52ca6f4 (patch) | |
| tree | 01ca753274ade58376c6f081b83e53c456d1069f /spec/finders | |
| parent | 42aaae9916b7b76da968579fcc722067947df018 (diff) | |
| download | gitlab-ce-ef1811f4bc211929997a5b8cc1ecd511b52ca6f4.tar.gz | |
Subgroups page should show groups authorized through inheritance
When a user is authorized to a group, they are also authorized to see all the
ancestor groups and descendant groups.
When a user is authorized to a project, they are authorized to see all the
ancestor groups too.
Closes #32135
See merge request !11764
Diffstat (limited to 'spec/finders')
| -rw-r--r-- | spec/finders/groups_finder_spec.rb | 39 |
1 files changed, 36 insertions, 3 deletions
diff --git a/spec/finders/groups_finder_spec.rb b/spec/finders/groups_finder_spec.rb index 5b3591550c1..9867d002561 100644 --- a/spec/finders/groups_finder_spec.rb +++ b/spec/finders/groups_finder_spec.rb @@ -38,7 +38,7 @@ describe GroupsFinder do end end - context 'subgroups' do + context 'subgroups', :nested_groups do let!(:parent_group) { create(:group, :public) } let!(:public_subgroup) { create(:group, :public, parent: parent_group) } let!(:internal_subgroup) { create(:group, :internal, parent: parent_group) } @@ -51,15 +51,48 @@ describe GroupsFinder do end context 'with a user' do + subject { described_class.new(user, parent: parent_group).execute } + it 'returns public and internal subgroups' do - expect(described_class.new(user, parent: parent_group).execute).to contain_exactly(public_subgroup, internal_subgroup) + is_expected.to contain_exactly(public_subgroup, internal_subgroup) end context 'being member' do it 'returns public subgroups, internal subgroups, and private subgroups user is member of' do private_subgroup.add_guest(user) - expect(described_class.new(user, parent: parent_group).execute).to contain_exactly(public_subgroup, internal_subgroup, private_subgroup) + is_expected.to contain_exactly(public_subgroup, internal_subgroup, private_subgroup) + end + end + + context 'parent group private' do + before do + parent_group.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PRIVATE) + end + + context 'being member of parent group' do + it 'returns all subgroups' do + parent_group.add_guest(user) + + is_expected.to contain_exactly(public_subgroup, internal_subgroup, private_subgroup) + end + end + + context 'authorized to private project' do + it 'returns the subgroup of the project' do + subproject = create(:empty_project, :private, namespace: private_subgroup) + subproject.add_guest(user) + + is_expected.to include(private_subgroup) + end + + it 'returns all the parent groups if project is several levels deep' do + private_subsubgroup = create(:group, :private, parent: private_subgroup) + subsubproject = create(:empty_project, :private, namespace: private_subsubgroup) + subsubproject.add_guest(user) + + expect(described_class.new(user).execute).to include(private_subsubgroup, private_subgroup, parent_group) + end end end end |