diff options
author | tiagonbotelho <tiagonbotelho@hotmail.com> | 2016-07-22 21:57:46 +0100 |
---|---|---|
committer | tiagonbotelho <tiagonbotelho@hotmail.com> | 2016-07-22 21:57:46 +0100 |
commit | 850813d29867aac5935e1128880784f97071a6d8 (patch) | |
tree | d5da375e2dcdaf54d653bc50aa75d2e4dd7f096e /spec/models/user_spec.rb | |
parent | 2d64bda01f983c43f915e96bd5bf8fcb0790eb0e (diff) | |
parent | 08b5bec2fa3beb2880d451a9d9270813b0a22519 (diff) | |
download | gitlab-ce-850813d29867aac5935e1128880784f97071a6d8.tar.gz |
Merge branch 'master' into filter-branch-by-name
Diffstat (limited to 'spec/models/user_spec.rb')
-rw-r--r-- | spec/models/user_spec.rb | 82 |
1 files changed, 69 insertions, 13 deletions
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index fc74488ac0e..2a5a7fb2fc6 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -89,9 +89,9 @@ describe User, models: true do end describe 'email' do - context 'when no signup domains listed' do + context 'when no signup domains whitelisted' do before do - allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return([]) + allow_any_instance_of(ApplicationSetting).to receive(:domain_whitelist).and_return([]) end it 'accepts any email' do @@ -100,9 +100,9 @@ describe User, models: true do end end - context 'when a signup domain is listed and subdomains are allowed' do + context 'when a signup domain is whitelisted and subdomains are allowed' do before do - allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return(['example.com', '*.example.com']) + allow_any_instance_of(ApplicationSetting).to receive(:domain_whitelist).and_return(['example.com', '*.example.com']) end it 'accepts info@example.com' do @@ -121,9 +121,9 @@ describe User, models: true do end end - context 'when a signup domain is listed and subdomains are not allowed' do + context 'when a signup domain is whitelisted and subdomains are not allowed' do before do - allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return(['example.com']) + allow_any_instance_of(ApplicationSetting).to receive(:domain_whitelist).and_return(['example.com']) end it 'accepts info@example.com' do @@ -142,6 +142,53 @@ describe User, models: true do end end + context 'domain blacklist' do + before do + allow_any_instance_of(ApplicationSetting).to receive(:domain_blacklist_enabled?).and_return(true) + allow_any_instance_of(ApplicationSetting).to receive(:domain_blacklist).and_return(['example.com']) + end + + context 'when a signup domain is blacklisted' do + it 'accepts info@test.com' do + user = build(:user, email: 'info@test.com') + expect(user).to be_valid + end + + it 'rejects info@example.com' do + user = build(:user, email: 'info@example.com') + expect(user).not_to be_valid + end + end + + context 'when a signup domain is blacklisted but a wildcard subdomain is allowed' do + before do + allow_any_instance_of(ApplicationSetting).to receive(:domain_blacklist).and_return(['test.example.com']) + allow_any_instance_of(ApplicationSetting).to receive(:domain_whitelist).and_return(['*.example.com']) + end + + it 'should give priority to whitelist and allow info@test.example.com' do + user = build(:user, email: 'info@test.example.com') + expect(user).to be_valid + end + end + + context 'with both lists containing a domain' do + before do + allow_any_instance_of(ApplicationSetting).to receive(:domain_whitelist).and_return(['test.com']) + end + + it 'accepts info@test.com' do + user = build(:user, email: 'info@test.com') + expect(user).to be_valid + end + + it 'rejects info@example.com' do + user = build(:user, email: 'info@example.com') + expect(user).not_to be_valid + end + end + end + context 'owns_notification_email' do it 'accepts temp_oauth_email emails' do user = build(:user, email: "temp-email-for-oauth@example.com") @@ -887,16 +934,25 @@ describe User, models: true do end describe '#authorized_projects' do - let!(:user) { create(:user) } - let!(:private_project) { create(:project, :private) } + context 'with a minimum access level' do + it 'includes projects for which the user is an owner' do + user = create(:user) + project = create(:empty_project, :private, namespace: user.namespace) - before do - private_project.team << [user, Gitlab::Access::MASTER] - end + expect(user.authorized_projects(Gitlab::Access::REPORTER)) + .to contain_exactly(project) + end + + it 'includes projects for which the user is a master' do + user = create(:user) + project = create(:empty_project, :private) - subject { user.authorized_projects } + project.team << [user, Gitlab::Access::MASTER] - it { is_expected.to eq([private_project]) } + expect(user.authorized_projects(Gitlab::Access::REPORTER)) + .to contain_exactly(project) + end + end end describe '#ci_authorized_runners' do |