diff options
author | Imre Farkas <ifarkas@gitlab.com> | 2019-04-05 11:45:47 +0000 |
---|---|---|
committer | Andreas Brandl <abrandl@gitlab.com> | 2019-04-05 11:45:47 +0000 |
commit | d9d7237d2ebf101ca35ed8ba2740e7c7093437ea (patch) | |
tree | 419b0af4bc8de6de5888feec4f502bcc468df400 /spec/services/projects/create_service_spec.rb | |
parent | 30fa3cbdb74df2dfeebb2929a10dd301a0dde55e (diff) | |
download | gitlab-ce-d9d7237d2ebf101ca35ed8ba2740e7c7093437ea.tar.gz |
Move Contribution Analytics related spec in spec/features/groups/group_page_with_external_authorization_service_spec to EE
Diffstat (limited to 'spec/services/projects/create_service_spec.rb')
-rw-r--r-- | spec/services/projects/create_service_spec.rb | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/spec/services/projects/create_service_spec.rb b/spec/services/projects/create_service_spec.rb index e8418b09dc2..e1ec932918e 100644 --- a/spec/services/projects/create_service_spec.rb +++ b/spec/services/projects/create_service_spec.rb @@ -1,6 +1,7 @@ require 'spec_helper' describe Projects::CreateService, '#execute' do + include ExternalAuthorizationServiceHelpers include GitHelpers let(:gitlab_shell) { Gitlab::Shell.new } @@ -344,6 +345,42 @@ describe Projects::CreateService, '#execute' do expect(rugged.config['gitlab.fullpath']).to eq project.full_path end + context 'with external authorization enabled' do + before do + enable_external_authorization_service_check + end + + it 'does not save the project with an error if the service denies access' do + expect(::Gitlab::ExternalAuthorization) + .to receive(:access_allowed?).with(user, 'new-label', any_args) { false } + + project = create_project(user, opts.merge({ external_authorization_classification_label: 'new-label' })) + + expect(project.errors[:external_authorization_classification_label]).to be_present + expect(project).not_to be_persisted + end + + it 'saves the project when the user has access to the label' do + expect(::Gitlab::ExternalAuthorization) + .to receive(:access_allowed?).with(user, 'new-label', any_args) { true } + + project = create_project(user, opts.merge({ external_authorization_classification_label: 'new-label' })) + + expect(project).to be_persisted + expect(project.external_authorization_classification_label).to eq('new-label') + end + + it 'does not save the project when the user has no access to the default label and no label is provided' do + expect(::Gitlab::ExternalAuthorization) + .to receive(:access_allowed?).with(user, 'default_label', any_args) { false } + + project = create_project(user, opts) + + expect(project.errors[:external_authorization_classification_label]).to be_present + expect(project).not_to be_persisted + end + end + def create_project(user, opts) Projects::CreateService.new(user, opts).execute end |