diff options
| author | Valery Sizov <valery@gitlab.com> | 2016-10-18 16:49:19 +0300 |
|---|---|---|
| committer | Valery Sizov <valery@gitlab.com> | 2016-10-21 12:57:53 +0300 |
| commit | 168197cd5a179c961301225626ac1a175f892782 (patch) | |
| tree | 23e5cd1ae78f7c0f436dbed1ae9294cad2ca25f0 /spec | |
| parent | b1df8c4ec3f3213b7387e643bf57ce0fb1e1bcae (diff) | |
| download | gitlab-ce-fix_project_member_access_levels.tar.gz | |
Fix project member access levelsfix_project_member_access_levels
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/controllers/projects/project_members_controller_spec.rb | 36 | ||||
| -rw-r--r-- | spec/requests/api/members_spec.rb | 11 |
2 files changed, 47 insertions, 0 deletions
diff --git a/spec/controllers/projects/project_members_controller_spec.rb b/spec/controllers/projects/project_members_controller_spec.rb index 8519ebc1d5f..5e487241d07 100644 --- a/spec/controllers/projects/project_members_controller_spec.rb +++ b/spec/controllers/projects/project_members_controller_spec.rb @@ -228,4 +228,40 @@ describe Projects::ProjectMembersController do end end end + + describe 'POST create' do + let(:stranger) { create(:user) } + + context 'when creating owner' do + before do + project.team << [user, :master] + sign_in(user) + end + + it 'does not create a member' do + expect do + post :create, user_ids: stranger.id, + namespace_id: project.namespace, + access_level: Member::OWNER, + project_id: project + end.to change { project.members.count }.by(0) + end + end + + context 'when create master' do + before do + project.team << [user, :master] + sign_in(user) + end + + it 'creates a member' do + expect do + post :create, user_ids: stranger.id, + namespace_id: project.namespace, + access_level: Member::MASTER, + project_id: project + end.to change { project.members.count }.by(1) + end + end + end end diff --git a/spec/requests/api/members_spec.rb b/spec/requests/api/members_spec.rb index d22e0595788..493c0a893d1 100644 --- a/spec/requests/api/members_spec.rb +++ b/spec/requests/api/members_spec.rb @@ -328,4 +328,15 @@ describe API::Members, api: true do it_behaves_like 'DELETE /:sources/:id/members/:user_id', 'group' do let(:source) { group } end + + context 'Adding owner to project' do + it 'returns 403' do + expect do + post api("/projects/#{project.id}/members", master), + user_id: stranger.id, access_level: Member::OWNER + + expect(response).to have_http_status(422) + end.to change { project.members.count }.by(0) + end + end end |