summaryrefslogtreecommitdiff
path: root/spec/graphql/mutations/ci/runner/update_spec.rb
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2023-05-03 16:58:27 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2023-05-03 16:58:27 +0000
commitf91ad20bb2f4e4e1e3a4f7d9f1cc8df75d91f686 (patch)
treefed1cac524f8f38b8fc42a13aa07b7cb29f17e0f /spec/graphql/mutations/ci/runner/update_spec.rb
parent1c4601b001e9e41a9cdefc97a7b212475a34d626 (diff)
downloadgitlab-ce-f91ad20bb2f4e4e1e3a4f7d9f1cc8df75d91f686.tar.gz
Add latest changes from gitlab-org/security/gitlab@15-9-stable-ee
Diffstat (limited to 'spec/graphql/mutations/ci/runner/update_spec.rb')
-rw-r--r--spec/graphql/mutations/ci/runner/update_spec.rb108
1 files changed, 46 insertions, 62 deletions
diff --git a/spec/graphql/mutations/ci/runner/update_spec.rb b/spec/graphql/mutations/ci/runner/update_spec.rb
index e0c8219e0f6..50351321be8 100644
--- a/spec/graphql/mutations/ci/runner/update_spec.rb
+++ b/spec/graphql/mutations/ci/runner/update_spec.rb
@@ -46,10 +46,17 @@ RSpec.describe Mutations::Ci::Runner::Update, feature_category: :runner_fleet do
end
end
- context 'when user can update runner', :enable_admin_mode do
- let_it_be(:admin_user) { create(:user, :admin) }
+ context 'when user can update runner' do
+ let_it_be(:user) { create(:user) }
- let(:current_ctx) { { current_user: admin_user } }
+ let(:original_projects) { [project1, project2] }
+ let(:projects_with_maintainer_access) { original_projects }
+
+ let(:current_ctx) { { current_user: user } }
+
+ before do
+ projects_with_maintainer_access.each { |project| project.add_maintainer(user) }
+ end
context 'with valid arguments' do
let(:mutation_params) do
@@ -82,27 +89,22 @@ RSpec.describe Mutations::Ci::Runner::Update, feature_category: :runner_fleet do
context 'with associatedProjects argument' do
let_it_be(:project3) { create(:project) }
+ let_it_be(:project4) { create(:project) }
+
+ let(:new_projects) { [project3, project4] }
+ let(:mutation_params) do
+ {
+ id: runner.to_global_id,
+ description: 'updated description',
+ associated_projects: new_projects.map { |project| project.to_global_id.to_s }
+ }
+ end
context 'with id set to project runner' do
- let(:mutation_params) do
- {
- id: runner.to_global_id,
- description: 'updated description',
- associated_projects: [project3.to_global_id.to_s]
- }
- end
+ let(:projects_with_maintainer_access) { original_projects + new_projects }
it 'updates runner attributes and project relationships', :aggregate_failures do
- expect_next_instance_of(
- ::Ci::Runners::SetRunnerAssociatedProjectsService,
- {
- runner: runner,
- current_user: admin_user,
- project_ids: [project3.id]
- }
- ) do |service|
- expect(service).to receive(:execute).and_call_original
- end
+ setup_service_expectations
expected_attributes = mutation_params.except(:id, :associated_projects)
@@ -112,57 +114,32 @@ RSpec.describe Mutations::Ci::Runner::Update, feature_category: :runner_fleet do
expect(response[:runner]).to be_an_instance_of(Ci::Runner)
expect(response[:runner]).to have_attributes(expected_attributes)
expect(runner.reload).to have_attributes(expected_attributes)
- expect(runner.projects).to match_array([project1, project3])
+ expect(runner.projects).to match_array([project1] + new_projects)
end
- context 'with user not allowed to assign runner' do
- before do
- allow(admin_user).to receive(:can?).with(:assign_runner, runner).and_return(false)
- end
+ context 'with missing permissions on one of the new projects' do
+ let(:projects_with_maintainer_access) { original_projects + [project3] }
it 'does not update runner', :aggregate_failures do
- expect_next_instance_of(
- ::Ci::Runners::SetRunnerAssociatedProjectsService,
- {
- runner: runner,
- current_user: admin_user,
- project_ids: [project3.id]
- }
- ) do |service|
- expect(service).to receive(:execute).and_call_original
- end
+ setup_service_expectations
expected_attributes = mutation_params.except(:id, :associated_projects)
response
- expect(response[:errors]).to match_array(['user not allowed to assign runner'])
+ expect(response[:errors]).to match_array(['user is not authorized to add runners to project'])
expect(response[:runner]).to be_nil
expect(runner.reload).not_to have_attributes(expected_attributes)
- expect(runner.projects).to match_array([project1, project2])
+ expect(runner.projects).to match_array(original_projects)
end
end
end
context 'with an empty list of projects' do
- let(:mutation_params) do
- {
- id: runner.to_global_id,
- associated_projects: []
- }
- end
+ let(:new_projects) { [] }
it 'removes project relationships', :aggregate_failures do
- expect_next_instance_of(
- ::Ci::Runners::SetRunnerAssociatedProjectsService,
- {
- runner: runner,
- current_user: admin_user,
- project_ids: []
- }
- ) do |service|
- expect(service).to receive(:execute).and_call_original
- end
+ setup_service_expectations
response
@@ -172,15 +149,9 @@ RSpec.describe Mutations::Ci::Runner::Update, feature_category: :runner_fleet do
end
end
- context 'with id set to instance runner' do
- let(:instance_runner) { create(:ci_runner, :instance) }
- let(:mutation_params) do
- {
- id: instance_runner.to_global_id,
- description: 'updated description',
- associated_projects: [project2.to_global_id.to_s]
- }
- end
+ context 'with id set to instance runner', :enable_admin_mode do
+ let_it_be(:user) { create(:user, :admin) }
+ let_it_be(:runner) { create(:ci_runner, :instance) }
it 'raises error', :aggregate_failures do
expect_graphql_error_to_be_created(Gitlab::Graphql::Errors::ArgumentError) do
@@ -188,6 +159,19 @@ RSpec.describe Mutations::Ci::Runner::Update, feature_category: :runner_fleet do
end
end
end
+
+ def setup_service_expectations
+ expect_next_instance_of(
+ ::Ci::Runners::SetRunnerAssociatedProjectsService,
+ {
+ runner: runner,
+ current_user: user,
+ project_ids: new_projects.map(&:id)
+ }
+ ) do |service|
+ expect(service).to receive(:execute).and_call_original
+ end
+ end
end
context 'with non-existing project ID in associatedProjects argument' do