diff options
| author | Douglas Barbosa Alexandre <dbalexandre@gmail.com> | 2016-06-22 19:29:40 -0300 |
|---|---|---|
| committer | Douglas Barbosa Alexandre <dbalexandre@gmail.com> | 2016-06-22 20:09:19 -0300 |
| commit | 256cd8e498edfcbb8199abfb2b54d2d2905f030e (patch) | |
| tree | 0b1b782c5c84488c148a6e4e7f6ada0918de2bce /spec/services | |
| parent | 8f9b64c720d55ee40066d5a6b1017ab95dbd9781 (diff) | |
| download | gitlab-ce-256cd8e498edfcbb8199abfb2b54d2d2905f030e.tar.gz | |
Fix visibility of private project snippets for members when searching
Diffstat (limited to 'spec/services')
| -rw-r--r-- | spec/services/search/snippet_service_spec.rb | 38 |
1 files changed, 30 insertions, 8 deletions
diff --git a/spec/services/search/snippet_service_spec.rb b/spec/services/search/snippet_service_spec.rb index 85721b61cff..14f3301d9f4 100644 --- a/spec/services/search/snippet_service_spec.rb +++ b/spec/services/search/snippet_service_spec.rb @@ -2,35 +2,57 @@ require 'spec_helper' describe Search::SnippetService, services: true do let(:author) { create(:author) } - let(:internal_user) { create(:user) } + let(:project) { create(:empty_project) } let!(:public_snippet) { create(:snippet, :public, content: 'password: XXX') } let!(:internal_snippet) { create(:snippet, :internal, content: 'password: XXX') } let!(:private_snippet) { create(:snippet, :private, content: 'password: XXX', author: author) } + let!(:project_public_snippet) { create(:snippet, :public, project: project, content: 'password: XXX') } + let!(:project_internal_snippet) { create(:snippet, :internal, project: project, content: 'password: XXX') } + let!(:project_private_snippet) { create(:snippet, :private, project: project, content: 'password: XXX') } + describe '#execute' do context 'unauthenticated' do - it 'should return public snippets only' do + it 'returns public snippets only' do search = described_class.new(nil, search: 'password') results = search.execute - expect(results.objects('snippet_blobs')).to match_array [public_snippet] + expect(results.objects('snippet_blobs')).to match_array [public_snippet, project_public_snippet] end end context 'authenticated' do - it 'should return only public & internal snippets' do - search = described_class.new(internal_user, search: 'password') + it 'returns only public & internal snippets for regular users' do + user = create(:user) + search = described_class.new(user, search: 'password') + results = search.execute + + expect(results.objects('snippet_blobs')).to match_array [public_snippet, internal_snippet, project_public_snippet, project_internal_snippet] + end + + it 'returns public, internal snippets and project private snippets for project members' do + member = create(:user) + project.team << [member, :developer] + search = described_class.new(member, search: 'password') results = search.execute - expect(results.objects('snippet_blobs')).to match_array [public_snippet, internal_snippet] + expect(results.objects('snippet_blobs')).to match_array [public_snippet, internal_snippet, project_public_snippet, project_internal_snippet, project_private_snippet] end - it 'should return public, internal and private snippets for author' do + it 'returns public, internal and private snippets where user is the author' do search = described_class.new(author, search: 'password') results = search.execute - expect(results.objects('snippet_blobs')).to match_array [public_snippet, internal_snippet, private_snippet] + expect(results.objects('snippet_blobs')).to match_array [public_snippet, internal_snippet, private_snippet, project_public_snippet, project_internal_snippet] + end + + it 'returns all snippets when user is admin' do + admin = create(:admin) + search = described_class.new(admin, search: 'password') + results = search.execute + + expect(results.objects('snippet_blobs')).to match_array [public_snippet, internal_snippet, private_snippet, project_public_snippet, project_internal_snippet, project_private_snippet] end end end |