diff options
author | Vinnie Okada <vokada@mrvinn.com> | 2015-03-07 11:23:43 -0700 |
---|---|---|
committer | Vinnie Okada <vokada@mrvinn.com> | 2015-03-08 16:10:05 -0600 |
commit | 285c5341855f8af6cbea5e964e3104a4698fa450 (patch) | |
tree | a73054190f441edcda4c33715c7822caeb7800ed /spec | |
parent | cacac147de2b317d02788c5da1cdc6010f00a340 (diff) | |
download | gitlab-ce-285c5341855f8af6cbea5e964e3104a4698fa450.tar.gz |
Allow admins to override restricted visibility
Allow admins to use restricted visibility levels when creating or
updating projects.
Diffstat (limited to 'spec')
-rw-r--r-- | spec/requests/api/projects_spec.rb | 26 | ||||
-rw-r--r-- | spec/services/projects/create_service_spec.rb | 27 | ||||
-rw-r--r-- | spec/services/projects/update_service_spec.rb | 6 |
3 files changed, 56 insertions, 3 deletions
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb index 0b3a47e3273..98b31a6e0af 100644 --- a/spec/requests/api/projects_spec.rb +++ b/spec/requests/api/projects_spec.rb @@ -3,6 +3,7 @@ require 'spec_helper' describe API::API, api: true do include ApiHelpers + include Gitlab::CurrentSettings let(:user) { create(:user) } let(:user2) { create(:user) } let(:user3) { create(:user) } @@ -202,6 +203,31 @@ describe API::API, api: true do expect(json_response['public']).to be_falsey expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PRIVATE) end + + context 'when a visibility level is restricted' do + before do + @project = attributes_for(:project, { public: true }) + allow_any_instance_of(ApplicationSetting).to( + receive(:restricted_visibility_levels).and_return([20]) + ) + end + + it 'should not allow a non-admin to use a restricted visibility level' do + post api('/projects', user), @project + expect(response.status).to eq(400) + expect(json_response['message']['visibility_level'].first).to( + match('restricted by your GitLab administrator') + ) + end + + it 'should allow an admin to override restricted visibility settings' do + post api('/projects', admin), @project + expect(json_response['public']).to be_truthy + expect(json_response['visibility_level']).to( + eq(Gitlab::VisibilityLevel::PUBLIC) + ) + end + end end describe 'POST /projects/user/:id' do diff --git a/spec/services/projects/create_service_spec.rb b/spec/services/projects/create_service_spec.rb index 8bb48346202..337dae592dd 100644 --- a/spec/services/projects/create_service_spec.rb +++ b/spec/services/projects/create_service_spec.rb @@ -55,6 +55,33 @@ describe Projects::CreateService do it { expect(File.exists?(@path)).to be_falsey } end end + + context 'restricted visibility level' do + before do + allow_any_instance_of(ApplicationSetting).to( + receive(:restricted_visibility_levels).and_return([20]) + ) + + @opts.merge!( + visibility_level: Gitlab::VisibilityLevel.options['Public'] + ) + end + + it 'should not allow a restricted visibility level for non-admins' do + project = create_project(@user, @opts) + expect(project).to respond_to(:errors) + expect(project.errors.messages).to have_key(:visibility_level) + expect(project.errors.messages[:visibility_level].first).to( + match('restricted by your GitLab administrator') + ) + end + + it 'should allow a restricted visibility level for admins' do + project = create_project(@admin, @opts) + expect(project.errors.any?).to be(false) + expect(project.saved?).to be(true) + end + end end def create_project(user, opts) diff --git a/spec/services/projects/update_service_spec.rb b/spec/services/projects/update_service_spec.rb index 10dbc548e86..ea5b8813105 100644 --- a/spec/services/projects/update_service_spec.rb +++ b/spec/services/projects/update_service_spec.rb @@ -47,9 +47,9 @@ describe Projects::UpdateService do context 'respect configured visibility restrictions setting' do before(:each) do - @restrictions = double("restrictions") - allow(@restrictions).to receive(:restricted_visibility_levels) { [ "public" ] } - Settings.stub_chain(:gitlab).and_return(@restrictions) + allow_any_instance_of(ApplicationSetting).to( + receive(:restricted_visibility_levels).and_return([20]) + ) end context 'should be private when updated to private' do |