Remove explicit audit event log in MembershipActions

Move it to Members::ApproveAccessRequestService. Also, note that there was a double audit event log for access request destruction. Signed-off-by: Rémy Coutable <remy@rymai.me>
author: Rémy Coutable <remy@rymai.me> 2017-10-11 16:47:08 +0200
committer: Rémy Coutable <remy@rymai.me> 2018-02-27 16:02:22 +0100
commit: bf41063679b25371b2e64542f2f469b38502edf6 (patch)
tree: bc7363df6d75c628f593b29426b59ba05b10a223 /spec/services/members/destroy_service_spec.rb
parent: 3bf448267b117e79f08ab2f4b769d24a705a5f0f (diff)
download: gitlab-ce-bf41063679b25371b2e64542f2f469b38502edf6.tar.gz
1 files changed, 55 insertions, 52 deletions
diff --git a/spec/services/members/destroy_service_spec.rb b/spec/services/members/destroy_service_spec.rb
index 91152df3ad9..7464d73fd26 100644
--- a/spec/services/members/destroy_service_spec.rb
+++ b/spec/services/members/destroy_service_spec.rb
@@ -1,80 +1,55 @@
 require 'spec_helper'
 
 describe Members::DestroyService do
-  let(:user) { create(:user) }
+  let(:current_user) { create(:user) }
   let(:member_user) { create(:user) }
   let(:project) { create(:project, :public) }
   let(:group) { create(:group, :public) }
 
   shared_examples 'a service raising ActiveRecord::RecordNotFound' do
     it 'raises ActiveRecord::RecordNotFound' do
-      expect { described_class.new(source, user, params).execute }.to raise_error(ActiveRecord::RecordNotFound)
+      expect { described_class.new(source, current_user).execute(member) }.to raise_error(ActiveRecord::RecordNotFound)
     end
   end
 
   shared_examples 'a service raising Gitlab::Access::AccessDeniedError' do
     it 'raises Gitlab::Access::AccessDeniedError' do
-      expect { described_class.new(source, user, params).execute }.to raise_error(Gitlab::Access::AccessDeniedError)
+      expect { described_class.new(source, current_user).execute(member) }.to raise_error(Gitlab::Access::AccessDeniedError)
     end
   end
 
   shared_examples 'a service destroying a member' do
     it 'destroys the member' do
-      expect { described_class.new(source, user, params).execute }.to change { source.members.count }.by(-1)
+      expect { described_class.new(source, current_user).execute(member) }.to change { source.members.count }.by(-1)
     end
+  end
 
-    context 'when the given member is an access requester' do
-      before do
-        source.members.find_by(user_id: member_user).destroy
-        source.update_attributes(request_access_enabled: true)
-        source.request_access(member_user)
-      end
-      let(:access_requester) { source.requesters.find_by(user_id: member_user) }
-
-      it_behaves_like 'a service raising ActiveRecord::RecordNotFound'
-
-      %i[requesters all].each do |scope|
-        context "and #{scope} scope is passed" do
-          it 'destroys the access requester' do
-            expect { described_class.new(source, user, params).execute(scope) }.to change { source.requesters.count }.by(-1)
-          end
-
-          it 'calls Member#after_decline_request' do
-            expect_any_instance_of(NotificationService).to receive(:decline_access_request).with(access_requester)
-
-            described_class.new(source, user, params).execute(scope)
-          end
-
-          context 'when current user is the member' do
-            it 'does not call Member#after_decline_request' do
-              expect_any_instance_of(NotificationService).not_to receive(:decline_access_request).with(access_requester)
-
-              described_class.new(source, member_user, params).execute(scope)
-            end
-          end
-        end
-      end
+  shared_examples 'a service destroying an access requester' do
+    it 'destroys the access requester' do
+      expect { described_class.new(source, current_user).execute(access_requester) }.to change { source.requesters.count }.by(-1)
     end
-  end
 
-  context 'when no member are found' do
-    let(:params) { { user_id: 42 } }
+    it 'calls Member#after_decline_request' do
+      expect_any_instance_of(NotificationService).to receive(:decline_access_request).with(access_requester)
 
-    it_behaves_like 'a service raising ActiveRecord::RecordNotFound' do
-      let(:source) { project }
+      described_class.new(source, current_user).execute(access_requester)
     end
 
-    it_behaves_like 'a service raising ActiveRecord::RecordNotFound' do
-      let(:source) { group }
+    context 'when current user is the member' do
+      it 'does not call Member#after_decline_request' do
+        expect_any_instance_of(NotificationService).not_to receive(:decline_access_request).with(access_requester)
+
+        described_class.new(source, member_user).execute(access_requester)
+      end
     end
   end
 
-  context 'when a member is found' do
+  context 'with a member' do
     before do
       project.add_developer(member_user)
       group.add_developer(member_user)
     end
-    let(:params) { { user_id: member_user.id } }
+    let(:member) { source.members.find_by(user_id: member_user.id) }
 
     context 'when current user cannot destroy the given member' do
       it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError' do
@@ -88,8 +63,8 @@ describe Members::DestroyService do
 
     context 'when current user can destroy the given member' do
       before do
-        project.add_master(user)
-        group.add_owner(user)
+        project.add_master(current_user)
+        group.add_owner(current_user)
       end
 
       it_behaves_like 'a service destroying a member' do
@@ -99,14 +74,42 @@ describe Members::DestroyService do
       it_behaves_like 'a service destroying a member' do
         let(:source) { group }
       end
+    end
+  end
 
-      context 'when given a :id' do
-        let(:params) { { id: project.members.find_by!(user_id: user.id).id } }
+  context 'with an access requester' do
+    before do
+      project.update_attributes(request_access_enabled: true)
+      group.update_attributes(request_access_enabled: true)
+      project.request_access(member_user)
+      group.request_access(member_user)
+    end
+    let(:access_requester) { source.requesters.find_by(user_id: member_user.id) }
 
-        it 'destroys the member' do
-          expect { described_class.new(project, user, params).execute }
-            .to change { project.members.count }.by(-1)
-        end
+    context 'when current user cannot destroy the given access requester' do
+      it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError' do
+        let(:source) { project }
+        let(:member) { access_requester }
+      end
+
+      it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError' do
+        let(:source) { group }
+        let(:member) { access_requester }
+      end
+    end
+
+    context 'when current user can destroy the given access requester' do
+      before do
+        project.add_master(current_user)
+        group.add_owner(current_user)
+      end
+
+      it_behaves_like 'a service destroying an access requester' do
+        let(:source) { project }
+      end
+
+      it_behaves_like 'a service destroying an access requester' do
+        let(:source) { group }
       end
     end
   end
author	Rémy Coutable <remy@rymai.me>	2017-10-11 16:47:08 +0200
committer	Rémy Coutable <remy@rymai.me>	2018-02-27 16:02:22 +0100
commit	bf41063679b25371b2e64542f2f469b38502edf6 (patch)
tree	bc7363df6d75c628f593b29426b59ba05b10a223 /spec/services/members/destroy_service_spec.rb
parent	3bf448267b117e79f08ab2f4b769d24a705a5f0f (diff)
download	gitlab-ce-bf41063679b25371b2e64542f2f469b38502edf6.tar.gz