Restrict access for confidential issues on milestone view

author: Douglas Barbosa Alexandre <dbalexandre@gmail.com> 2016-03-17 17:59:30 -0300
committer: Douglas Barbosa Alexandre <dbalexandre@gmail.com> 2016-03-17 20:55:59 -0300
commit: 482bfd1a6d454652feb1f64c0c0e1c50ce701986 (patch)
tree: 25cdac5545994663d823244be207e3e232546335 /spec
parent: 1029f4101b1de98ec7ffa706530bf405ffa71060 (diff)
download: gitlab-ce-482bfd1a6d454652feb1f64c0c0e1c50ce701986.tar.gz
2 files changed, 114 insertions, 10 deletions
diff --git a/spec/models/concerns/milestoneish_spec.rb b/spec/models/concerns/milestoneish_spec.rb
new file mode 100644
index 00000000000..47c3be673c5
--- /dev/null
+++ b/spec/models/concerns/milestoneish_spec.rb
@@ -0,0 +1,104 @@
+require 'spec_helper'
+
+describe Milestone, 'Milestoneish' do
+  let(:author) { create(:user) }
+  let(:assignee) { create(:user) }
+  let(:non_member) { create(:user) }
+  let(:member) { create(:user) }
+  let(:admin) { create(:admin) }
+  let(:project) { create(:project, :public) }
+  let(:milestone) { create(:milestone, project: project) }
+  let!(:issue) { create(:issue, project: project, milestone: milestone) }
+  let!(:security_issue_1) { create(:issue, :confidential, project: project, author: author, milestone: milestone) }
+  let!(:security_issue_2) { create(:issue, :confidential, project: project, assignee: assignee, milestone: milestone) }
+  let!(:closed_issue_1) { create(:issue, :closed, project: project, milestone: milestone) }
+  let!(:closed_issue_2) { create(:issue, :closed, project: project, milestone: milestone) }
+  let!(:closed_security_issue_1) { create(:issue, :confidential, :closed, project: project, author: author, milestone: milestone) }
+  let!(:closed_security_issue_2) { create(:issue, :confidential, :closed, project: project, assignee: assignee, milestone: milestone) }
+  let!(:closed_security_issue_3) { create(:issue, :confidential, :closed, project: project, author: author, milestone: milestone) }
+  let!(:closed_security_issue_4) { create(:issue, :confidential, :closed, project: project, assignee: assignee, milestone: milestone) }
+  let!(:merge_request) { create(:merge_request, source_project: project, target_project: project, milestone: milestone) }
+
+  before do
+    project.team << [member, :developer]
+  end
+
+  describe '#closed_items_count' do
+    it 'should not count confidential issues for non project members' do
+      expect(milestone.closed_items_count(non_member)).to eq 2
+    end
+
+    it 'should count confidential issues for author' do
+      expect(milestone.closed_items_count(author)).to eq 4
+    end
+
+    it 'should count confidential issues for assignee' do
+      expect(milestone.closed_items_count(assignee)).to eq 4
+    end
+
+    it 'should count confidential issues for project members' do
+      expect(milestone.closed_items_count(member)).to eq 6
+    end
+
+    it 'should count all issues for admin' do
+      expect(milestone.closed_items_count(admin)).to eq 6
+    end
+  end
+
+  describe '#total_items_count' do
+    it 'should not count confidential issues for non project members' do
+      expect(milestone.total_items_count(non_member)).to eq 4
+    end
+
+    it 'should count confidential issues for author' do
+      expect(milestone.total_items_count(author)).to eq 7
+    end
+
+    it 'should count confidential issues for assignee' do
+      expect(milestone.total_items_count(assignee)).to eq 7
+    end
+
+    it 'should count confidential issues for project members' do
+      expect(milestone.total_items_count(member)).to eq 10
+    end
+
+    it 'should count all issues for admin' do
+      expect(milestone.total_items_count(admin)).to eq 10
+    end
+  end
+
+  describe '#complete?' do
+    it 'returns false when has items opened' do
+      expect(milestone.complete?(non_member)).to eq false
+    end
+
+    it 'returns true when all items are closed' do
+      issue.close
+      merge_request.close
+
+      expect(milestone.complete?(non_member)).to eq true
+    end
+  end
+
+  describe '#percent_complete' do
+    it 'should not count confidential issues for non project members' do
+      expect(milestone.percent_complete(non_member)).to eq 50
+    end
+
+    it 'should count confidential issues for author' do
+      expect(milestone.percent_complete(author)).to eq 57
+    end
+
+    it 'should count confidential issues for assignee' do
+      expect(milestone.percent_complete(assignee)).to eq 57
+    end
+
+    it 'should count confidential issues for project members' do
+      expect(milestone.percent_complete(member)).to eq 60
+    end
+
+    it 'should count confidential issues for admin' do
+      expect(milestone.percent_complete(admin)).to eq 60
+    end
+  end
+end
diff --git a/spec/models/milestone_spec.rb b/spec/models/milestone_spec.rb
index de1757bf67a..72a4ea70228 100644
--- a/spec/models/milestone_spec.rb
+++ b/spec/models/milestone_spec.rb
@@ -32,6 +32,7 @@ describe Milestone, models: true do
 
   let(:milestone) { create(:milestone) }
   let(:issue) { create(:issue) }
+  let(:user) { create(:user) }
 
   describe "unique milestone title per project" do
     it "shouldn't accept the same title in a project twice" do
@@ -50,18 +51,17 @@ describe Milestone, models: true do
   describe "#percent_complete" do
     it "should not count open issues" do
       milestone.issues << issue
-      expect(milestone.percent_complete).to eq(0)
+      expect(milestone.percent_complete(user)).to eq(0)
     end
 
     it "should count closed issues" do
       issue.close
       milestone.issues << issue
-      expect(milestone.percent_complete).to eq(100)
+      expect(milestone.percent_complete(user)).to eq(100)
     end
 
     it "should recover from dividing by zero" do
-      expect(milestone.issues).to receive(:size).and_return(0)
-      expect(milestone.percent_complete).to eq(0)
+      expect(milestone.percent_complete(user)).to eq(0)
     end
   end
 
@@ -103,7 +103,7 @@ describe Milestone, models: true do
       )
     end
 
-    it { expect(milestone.percent_complete).to eq(75) }
+    it { expect(milestone.percent_complete(user)).to eq(75) }
   end
 
   describe :items_count do
@@ -113,23 +113,23 @@ describe Milestone, models: true do
       milestone.merge_requests << create(:merge_request)
     end
 
-    it { expect(milestone.closed_items_count).to eq(1) }
-    it { expect(milestone.total_items_count).to eq(3) }
-    it { expect(milestone.is_empty?).to be_falsey }
+    it { expect(milestone.closed_items_count(user)).to eq(1) }
+    it { expect(milestone.total_items_count(user)).to eq(3) }
+    it { expect(milestone.is_empty?(user)).to be_falsey }
   end
 
   describe :can_be_closed? do
     it { expect(milestone.can_be_closed?).to be_truthy }
   end
 
-  describe :is_empty? do
+  describe :total_items_count do
     before do
       create :closed_issue, milestone: milestone
       create :merge_request, milestone: milestone
     end
 
     it 'Should return total count of issues and merge requests assigned to milestone' do
-      expect(milestone.total_items_count).to eq 2
+      expect(milestone.total_items_count(user)).to eq 2
     end
   end
author	Douglas Barbosa Alexandre <dbalexandre@gmail.com>	2016-03-17 17:59:30 -0300
committer	Douglas Barbosa Alexandre <dbalexandre@gmail.com>	2016-03-17 20:55:59 -0300
commit	482bfd1a6d454652feb1f64c0c0e1c50ce701986 (patch)
tree	25cdac5545994663d823244be207e3e232546335 /spec
parent	1029f4101b1de98ec7ffa706530bf405ffa71060 (diff)
download	gitlab-ce-482bfd1a6d454652feb1f64c0c0e1c50ce701986.tar.gz