Merge branch '13948-access-request-to-projects-and-groups' into 'master'

Allow users to request access to projects and groups

#### TODO:

- [x] Factorize the projects & groups members list
- [x] Factorize `request_access` and `approve` controller methods into a concern
- [x] Factorize the project & group dropdowns
- [x] Factorize access request routes
- [x] Factorize mailers

#### Will be done in separate MRs

- [ ] Documentation
- [ ] API

#### Access request to project

- [x] Design project access request button to spec (defined in #13948)
- [x] Request access to a project as a logged in user
- [x] Withdraw access request to a project as a logged in user
- [x] Do not treat project member request as actual membership (done partly in Ability)
- [x] Display access requests on project's members page (+ allow to change level, approve, and deny request)
- [x] Email requesting user at notification email address when accepted/denied
- [x] Email all project admins at notification email addresses when new access request
- [x] Unit specs to cover new functionality: `AccessRequestable` is missing specs
- [x] Controller specs to cover new functionality
- [x] Mailer specs to cover new functionality
- [x] Features specs to cover new UI and interactions
- [x] Regression specs still passing

#### Access request to group

- [x] Design group access request button to spec (defined in #13948)
- [x] Request access to a group as a logged in user
- [x] Withdraw access request to a group as a logged in user
- [x] Do not treat group member request as actual membership
- [x] Display access requests on group's members page (+ allow to change level, approve, and deny request)
- [x] Email requesting user at notification email address when accepted/denied
- [x] Email all project admins at notification email addresses when new access request
- [x] Unit specs to cover new functionality
- [x] Controller specs to cover new functionality
- [x] Mailer specs to cover new functionality
- [x] Features specs to cover new UI and interactions
- [x] Regression specs still passing

Closes #13948.

### Requesting access to a project

#### Responsive UI

![request-access-to-project](/uploads/59337d84ca4c2f637dfd73fca038def9/request-access-to-project.gif)

#### Request access link

![1-project-request-access-link](/uploads/5436f7854bc48bff74b2664b311920c6/1-project-request-access-link.png)

#### Flash once access is requested

![2-project-request-access-flash](/uploads/8b304dd737431c47d00ee90ab88b8098/2-project-request-access-flash.jpg)

#### Email sent to project admins on new access requests

##### HTML Email

![3-project-request-access-email-html](/uploads/63842c9bd4e43a907ab189087dd24cad/3-project-request-access-email-html.jpg)

##### Plain Email

![4-project-request-access-email-plain](/uploads/249289418678c65abfcf4c1e944986c6/4-project-request-access-email-plain.jpg)

### Withdrawing access request to a project

#### Withdraw access request link

![5-project-withdraw-request-link](/uploads/932984713a98f03ad75cd9606245cbe2/5-project-withdraw-request-link.png)

#### Withdraw access request confirmation dialog box

![6-project-withdraw-request-confirm](/uploads/bf6afb5b83ad8ba31443812d0ccbc50b/6-project-withdraw-request-confirm.png)

#### Flash once access has been withdrawn

![6-2-project-withdraw-request-confirm](/uploads/4dea00452adc4febd7cff4a969a7830a/6-2-project-withdraw-request-confirm.png)

### Access requests management page

![7-project-access-requests](/uploads/2030399fa9ce261e0df4bd3d399bfc24/7-project-access-requests.jpg)

#### Deny access request confirmation dialog box

![8-project-access-request-deny-confirm](/uploads/b6ffcc3092b037fb4d3a5f1929befa90/8-project-access-request-deny-confirm.png)

#### Email sent to requester on denied access requests

##### HTML Email

![9-project-request-access-denied-email-html](/uploads/7fb26d627f8919039ce88302e72ede83/9-project-request-access-denied-email-html.jpg)

##### Plain Email

![10-project-request-access-denied-email-plain](/uploads/34a21f2266e3238dc29b93f855183fb0/10-project-request-access-denied-email-plain.jpg)

#### Email sent to requester on granted access requests

##### HTML Email

![11-project-request-access-granted-email-html](/uploads/cecd4d874885c48dd8bb420f19defd8f/11-project-request-access-granted-email-html.jpg)

##### Plain Email

![12-project-request-access-granted-email-plain](/uploads/636446f7a711904231d592add2de83dc/12-project-request-access-granted-email-plain.jpg)

----------------------------------

----------------------------------

### Requesting access to a group

#### Responsive UI

![request-access-to-group](/uploads/b319b8844836ad599ad4d562f3ba6057/request-access-to-group.gif)

#### Request access link

![1-group-request-access-link](/uploads/1eccd38061f0183ba71c482f51ebf53a/1-group-request-access-link.png)

#### Flash once access is requested

![2-group-request-access-flash](/uploads/bbb94ede6c54cd0b6b28e8e1196f687c/2-group-request-access-flash.jpg)

#### Email sent to project admins on new access requests

##### HTML Email

![3-group-request-access-email-html](/uploads/7df7196e83d80bea861ea94bd8f3f390/3-group-request-access-email-html.jpg)

##### Plain Email

![4-group-request-access-email-plain](/uploads/55a1abcd7a42368f3ba8f20650339e4a/4-group-request-access-email-plain.jpg)

### Withdrawing access request to a project

#### Withdraw access request link

![5-group-withdraw-request-link](/uploads/d02ed4f353a334a0a6c181da6006f0d6/5-group-withdraw-request-link.png)

#### Withdraw access request confirmation dialog box

![6-group-withdraw-request-confirm](/uploads/09d6e123390f257aff9aed3b08695ad6/6-group-withdraw-request-confirm.png)

#### Flash once access has been withdrawn

![6-2-group-withdraw-request-confirm](/uploads/cf300d2292d0c10ca592424860b80d20/6-2-group-withdraw-request-confirm.png)

### Access requests management page

![7-group-access-requests](/uploads/821c55ba4276112b1994ca87b0c5e1ad/7-group-access-requests.jpg)

#### Deny access request confirmation dialog box

![8-group-access-request-deny-confirm](/uploads/68fad9da8bc82492be3f6d55d33dba17/8-group-access-request-deny-confirm.png)

#### Email sent to requester on denied access requests

##### HTML Email

![9-group-request-access-denied-email-html](/uploads/48a8e0cc2cea3b36529b04d259dc8e65/9-group-request-access-denied-email-html.jpg)

##### Plain Email

![10-group-request-access-denied-email-plain](/uploads/85d95642a218eaf52a35da8a7a0ac8ed/10-group-request-access-denied-email-plain.jpg)

#### Email sent to requester on granted access requests

##### HTML Email

![11-group-request-access-granted-email-html](/uploads/b18949a6538168824f3d0c272d89dd81/11-group-request-access-granted-email-html.jpg)

##### Plain Email

![12-group-request-access-granted-email-plain](/uploads/c33c7847ab86eeab4b07714467573f63/12-group-request-access-granted-email-plain.jpg)

See merge request !3798

1 files changed, 47 insertions, 1 deletions

diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 6fa16be7f04..ccdcb29f773 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -5,7 +5,11 @@ describe Group, models: true do
 
   describe 'associations' do
     it { is_expected.to have_many :projects }
-    it { is_expected.to have_many :group_members }
+    it { is_expected.to have_many(:group_members).dependent(:destroy) }
+    it { is_expected.to have_many(:users).through(:group_members) }
+    it { is_expected.to have_many(:project_group_links).dependent(:destroy) }
+    it { is_expected.to have_many(:shared_projects).through(:project_group_links) }
+    it { is_expected.to have_many(:notification_settings).dependent(:destroy) }
   end
 
   describe 'modules' do
@@ -131,4 +135,46 @@ describe Group, models: true do
       expect(described_class.search(group.path.upcase)).to eq([group])
     end
   end
+
+  describe '#has_owner?' do
+    before { @members = setup_group_members(group) }
+
+    it { expect(group.has_owner?(@members[:owner])).to be_truthy }
+    it { expect(group.has_owner?(@members[:master])).to be_falsey }
+    it { expect(group.has_owner?(@members[:developer])).to be_falsey }
+    it { expect(group.has_owner?(@members[:reporter])).to be_falsey }
+    it { expect(group.has_owner?(@members[:guest])).to be_falsey }
+    it { expect(group.has_owner?(@members[:requester])).to be_falsey }
+  end
+
+  describe '#has_master?' do
+    before { @members = setup_group_members(group) }
+
+    it { expect(group.has_master?(@members[:owner])).to be_falsey }
+    it { expect(group.has_master?(@members[:master])).to be_truthy }
+    it { expect(group.has_master?(@members[:developer])).to be_falsey }
+    it { expect(group.has_master?(@members[:reporter])).to be_falsey }
+    it { expect(group.has_master?(@members[:guest])).to be_falsey }
+    it { expect(group.has_master?(@members[:requester])).to be_falsey }
+  end
+
+  def setup_group_members(group)
+    members = {
+      owner: create(:user),
+      master: create(:user),
+      developer: create(:user),
+      reporter: create(:user),
+      guest: create(:user),
+      requester: create(:user)
+    }
+
+    group.add_user(members[:owner], GroupMember::OWNER)
+    group.add_user(members[:master], GroupMember::MASTER)
+    group.add_user(members[:developer], GroupMember::DEVELOPER)
+    group.add_user(members[:reporter], GroupMember::REPORTER)
+    group.add_user(members[:guest], GroupMember::GUEST)
+    group.request_access(members[:requester])
+
+    members
+  end
 end