Add part of needed code

Add columns to store project creation settings Add project creation level column in groups and default project creation column in application settings Remove obsolete line from schema Update migration with project_creation_level column existence check Rename migrations to avoid conflicts Update migration methods Update migration method
author: Gosia Ksionek <mksionek@gitlab.com> 2019-04-05 18:49:46 +0000
committer: Douglas Barbosa Alexandre <dbalexandre@gmail.com> 2019-04-05 18:49:46 +0000
commit: 64858317adc4f017fe589342155faba9df31f093 (patch)
tree: 79a7db7e36ca4c6cd5b2b9090030e4a397e94ab4 /spec
parent: 8cdda8f79a1f747e2f8e393ca505d3142a958033 (diff)
download: gitlab-ce-64858317adc4f017fe589342155faba9df31f093.tar.gz
11 files changed, 269 insertions, 4 deletions
diff --git a/spec/controllers/admin/application_settings_controller_spec.rb b/spec/controllers/admin/application_settings_controller_spec.rb
index 9af472df74e..1a7be4c9a85 100644
--- a/spec/controllers/admin/application_settings_controller_spec.rb
+++ b/spec/controllers/admin/application_settings_controller_spec.rb
@@ -85,6 +85,13 @@ describe Admin::ApplicationSettingsController do
       expect(response).to redirect_to(admin_application_settings_path)
       expect(ApplicationSetting.current.receive_max_input_size).to eq(1024)
     end
+
+    it 'updates the default_project_creation for string value' do
+      put :update, params: { application_setting: { default_project_creation: ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS } }
+
+      expect(response).to redirect_to(admin_application_settings_path)
+      expect(ApplicationSetting.current.default_project_creation).to eq(::Gitlab::Access::MAINTAINER_PROJECT_ACCESS)
+    end
   end
 
   describe 'PUT #reset_registration_token' do
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 647fce0ecef..22165faa625 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -60,5 +60,11 @@ describe Admin::GroupsController do
       expect(response).to redirect_to(admin_group_path(group))
       expect(group.users).not_to include group_user
     end
+
+    it 'updates the project_creation_level successfully' do
+      expect do
+        post :update, params: { id: group.to_param, group: { project_creation_level: ::Gitlab::Access::NO_ONE_PROJECT_ACCESS } }
+      end.to change { group.reload.project_creation_level }.to(::Gitlab::Access::NO_ONE_PROJECT_ACCESS)
+    end
   end
 end
diff --git a/spec/controllers/groups_controller_spec.rb b/spec/controllers/groups_controller_spec.rb
index 2b803e7151f..4a28a27da79 100644
--- a/spec/controllers/groups_controller_spec.rb
+++ b/spec/controllers/groups_controller_spec.rb
@@ -349,6 +349,13 @@ describe GroupsController do
       expect(assigns(:group).errors).not_to be_empty
       expect(assigns(:group).path).not_to eq('new_path')
     end
+
+    it 'updates the project_creation_level successfully' do
+      post :update, params: { id: group.to_param, group: { project_creation_level: ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS } }
+
+      expect(response).to have_gitlab_http_status(302)
+      expect(group.reload.project_creation_level).to eq(::Gitlab::Access::MAINTAINER_PROJECT_ACCESS)
+    end
   end
 
   describe '#ensure_canonical_path' do
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index dcef8571f41..18a0c2ec731 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -4,6 +4,7 @@ FactoryBot.define do
     path { name.downcase.gsub(/\s/, '_') }
     type 'Group'
     owner nil
+    project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 378e4d5febc..5cef5f0521f 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -77,6 +77,14 @@ describe 'Edit group settings' do
     end
   end
 
+  describe 'project creation level menu' do
+    it 'shows the selection menu' do
+      visit edit_group_path(group)
+
+      expect(page).to have_content('Allowed to create projects')
+    end
+  end
+
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/features/projects/new_project_spec.rb b/spec/features/projects/new_project_spec.rb
index 75c72a68069..b54ea929978 100644
--- a/spec/features/projects/new_project_spec.rb
+++ b/spec/features/projects/new_project_spec.rb
@@ -252,4 +252,23 @@ describe 'New project' do
       end
     end
   end
+
+  context 'Namespace selector' do
+    context 'with group with DEVELOPER_MAINTAINER_PROJECT_ACCESS project_creation_level' do
+      let(:group) { create(:group, project_creation_level: ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS) }
+
+      before do
+        group.add_developer(user)
+        visit new_project_path(namespace_id: group.id)
+      end
+
+      it 'selects the group namespace' do
+        page.within('#blank-project-pane') do
+          namespace = find('#project_namespace_id option[selected]')
+
+          expect(namespace.text).to eq group.full_path
+        end
+      end
+    end
+  end
 end
diff --git a/spec/features/projects/user_creates_project_spec.rb b/spec/features/projects/user_creates_project_spec.rb
index 8d7e2883b2a..c0932539131 100644
--- a/spec/features/projects/user_creates_project_spec.rb
+++ b/spec/features/projects/user_creates_project_spec.rb
@@ -54,4 +54,31 @@ describe 'User creates a project', :js do
       expect(project.namespace).to eq(subgroup)
     end
   end
+
+  context 'in a group with DEVELOPER_MAINTAINER_PROJECT_ACCESS project_creation_level' do
+    let(:group) { create(:group, project_creation_level: ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS) }
+
+    before do
+      group.add_developer(user)
+    end
+
+    it 'creates a new project' do
+      visit(new_project_path)
+
+      fill_in :project_name, with: 'a-new-project'
+      fill_in :project_path, with: 'a-new-project'
+
+      page.find('.js-select-namespace').click
+      page.find("div[role='option']", text: group.full_path).click
+
+      page.within('#content-body') do
+        click_button('Create project')
+      end
+
+      expect(page).to have_content("Project 'a-new-project' was successfully created")
+
+      project = Project.find_by(name: 'a-new-project')
+      expect(project.namespace).to eq(group)
+    end
+  end
 end
diff --git a/spec/helpers/namespaces_helper_spec.rb b/spec/helpers/namespaces_helper_spec.rb
index 7ccbdcd1332..601f864ef36 100644
--- a/spec/helpers/namespaces_helper_spec.rb
+++ b/spec/helpers/namespaces_helper_spec.rb
@@ -1,10 +1,38 @@
 require 'spec_helper'
 
-describe NamespacesHelper do
+describe NamespacesHelper, :postgresql do
   let!(:admin) { create(:admin) }
-  let!(:admin_group) { create(:group, :private) }
+  let!(:admin_project_creation_level) { nil }
+  let!(:admin_group) do
+    create(:group,
+           :private,
+           project_creation_level: admin_project_creation_level)
+  end
   let!(:user) { create(:user) }
-  let!(:user_group) { create(:group, :private) }
+  let!(:user_project_creation_level) { nil }
+  let!(:user_group) do
+    create(:group,
+           :private,
+           project_creation_level: user_project_creation_level)
+  end
+  let!(:subgroup1) do
+    create(:group,
+           :private,
+           parent: admin_group,
+           project_creation_level: nil)
+  end
+  let!(:subgroup2) do
+    create(:group,
+           :private,
+           parent: admin_group,
+           project_creation_level: ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS)
+  end
+  let!(:subgroup3) do
+    create(:group,
+           :private,
+           parent: admin_group,
+           project_creation_level: ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS)
+  end
 
   before do
     admin_group.add_owner(admin)
@@ -105,5 +133,43 @@ describe NamespacesHelper do
         helper.namespaces_options
       end
     end
+
+    describe 'include_groups_with_developer_maintainer_access parameter' do
+      context 'when DEVELOPER_MAINTAINER_PROJECT_ACCESS is set for a project' do
+        let!(:admin_project_creation_level) { ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS }
+
+        it 'returns groups where user is a developer' do
+          allow(helper).to receive(:current_user).and_return(user)
+          stub_application_setting(default_project_creation: ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS)
+          admin_group.add_user(user, GroupMember::DEVELOPER)
+
+          options = helper.namespaces_options_with_developer_maintainer_access
+
+          expect(options).to include(admin_group.name)
+          expect(options).not_to include(subgroup1.name)
+          expect(options).to include(subgroup2.name)
+          expect(options).not_to include(subgroup3.name)
+          expect(options).to include(user_group.name)
+          expect(options).to include(user.name)
+        end
+      end
+
+      context 'when DEVELOPER_MAINTAINER_PROJECT_ACCESS is set globally' do
+        it 'return groups where default is not overridden' do
+          allow(helper).to receive(:current_user).and_return(user)
+          stub_application_setting(default_project_creation: ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS)
+          admin_group.add_user(user, GroupMember::DEVELOPER)
+
+          options = helper.namespaces_options_with_developer_maintainer_access
+
+          expect(options).to include(admin_group.name)
+          expect(options).to include(subgroup1.name)
+          expect(options).to include(subgroup2.name)
+          expect(options).not_to include(subgroup3.name)
+          expect(options).to include(user_group.name)
+          expect(options).to include(user.name)
+        end
+      end
+    end
   end
 end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index ad3e3061b9a..e6e7298a043 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -959,4 +959,12 @@ describe Group do
       end
     end
   end
+
+  describe 'project_creation_level' do
+    it 'outputs the default one if it is nil' do
+      group = create(:group, project_creation_level: nil)
+
+      expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
+    end
+  end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index dc98baca6dc..59f3a961d50 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -347,6 +347,120 @@ describe GroupPolicy do
     end
   end
 
+  context "create_projects" do
+    context 'when group has no project creation level set' do
+      let(:group) { create(:group, project_creation_level: nil) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_projects) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_allowed(:create_projects) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_allowed(:create_projects) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_projects) }
+      end
+    end
+
+    context 'when group has project creation level set to no one' do
+      let(:group) { create(:group, project_creation_level: ::Gitlab::Access::NO_ONE_PROJECT_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_projects) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_projects) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_disallowed(:create_projects) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_disallowed(:create_projects) }
+      end
+    end
+
+    context 'when group has project creation level set to maintainer only' do
+      let(:group) { create(:group, project_creation_level: ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_projects) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_projects) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_allowed(:create_projects) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_projects) }
+      end
+    end
+
+    context 'when group has project creation level set to developers + maintainer' do
+      let(:group) { create(:group, project_creation_level: ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_projects) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_allowed(:create_projects) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_allowed(:create_projects) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_projects) }
+      end
+    end
+  end
+
   it_behaves_like 'clusterable policies' do
     let(:clusterable) { create(:group) }
     let(:cluster) do
diff --git a/spec/requests/api/settings_spec.rb b/spec/requests/api/settings_spec.rb
index f33eb5b9e02..f869325e892 100644
--- a/spec/requests/api/settings_spec.rb
+++ b/spec/requests/api/settings_spec.rb
@@ -44,6 +44,7 @@ describe API::Settings, 'Settings' do
         put api("/application/settings", admin),
           params: {
             default_projects_limit: 3,
+            default_project_creation: 2,
             password_authentication_enabled_for_web: false,
             repository_storages: ['custom'],
             plantuml_enabled: true,
@@ -64,12 +65,13 @@ describe API::Settings, 'Settings' do
             performance_bar_allowed_group_path: group.full_path,
             instance_statistics_visibility_private: true,
             diff_max_patch_bytes: 150_000,
-            default_branch_protection: Gitlab::Access::PROTECTION_DEV_CAN_MERGE,
+            default_branch_protection: ::Gitlab::Access::PROTECTION_DEV_CAN_MERGE,
             local_markdown_version: 3
           }
 
         expect(response).to have_gitlab_http_status(200)
         expect(json_response['default_projects_limit']).to eq(3)
+        expect(json_response['default_project_creation']).to eq(::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS)
         expect(json_response['password_authentication_enabled_for_web']).to be_falsey
         expect(json_response['repository_storages']).to eq(['custom'])
         expect(json_response['plantuml_enabled']).to be_truthy
author	Gosia Ksionek <mksionek@gitlab.com>	2019-04-05 18:49:46 +0000
committer	Douglas Barbosa Alexandre <dbalexandre@gmail.com>	2019-04-05 18:49:46 +0000
commit	64858317adc4f017fe589342155faba9df31f093 (patch)
tree	79a7db7e36ca4c6cd5b2b9090030e4a397e94ab4 /spec
parent	8cdda8f79a1f747e2f8e393ca505d3142a958033 (diff)
download	gitlab-ce-64858317adc4f017fe589342155faba9df31f093.tar.gz