diff options
Diffstat (limited to 'spec/controllers/admin/users_controller_spec.rb')
-rw-r--r-- | spec/controllers/admin/users_controller_spec.rb | 90 |
1 files changed, 88 insertions, 2 deletions
diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb index 6301da74f4a..5312a0db7f5 100644 --- a/spec/controllers/admin/users_controller_spec.rb +++ b/spec/controllers/admin/users_controller_spec.rb @@ -23,6 +23,12 @@ RSpec.describe Admin::UsersController do expect(assigns(:users)).to eq([admin]) end + + it 'eager loads authorized projects association' do + get :index + + expect(assigns(:users).first.association(:authorized_projects)).to be_loaded + end end describe 'GET :id' do @@ -96,6 +102,58 @@ RSpec.describe Admin::UsersController do end end + describe 'PUT #approve' do + let(:user) { create(:user, :blocked_pending_approval) } + + subject { put :approve, params: { id: user.username } } + + context 'when feature is disabled' do + before do + stub_feature_flags(admin_approval_for_new_user_signups: false) + end + + it 'responds with access denied' do + subject + + expect(response).to have_gitlab_http_status(:not_found) + end + end + + context 'when feature is enabled' do + before do + stub_feature_flags(admin_approval_for_new_user_signups: true) + end + + context 'when successful' do + it 'activates the user' do + subject + + user.reload + + expect(user).to be_active + expect(flash[:notice]).to eq('Successfully approved') + end + end + + context 'when unsuccessful' do + let(:user) { create(:user, :blocked) } + + it 'displays the error' do + subject + + expect(flash[:alert]).to eq('The user you are trying to approve is not pending an approval') + end + + it 'does not activate the user' do + subject + + user.reload + expect(user).not_to be_active + end + end + end + end + describe 'PUT #activate' do shared_examples 'a request that activates the user' do it 'activates the user' do @@ -184,6 +242,17 @@ RSpec.describe Admin::UsersController do expect(flash[:notice]).to eq('Error occurred. A blocked user cannot be deactivated') end end + + context 'for an internal user' do + it 'does not deactivate the user' do + internal_user = User.alert_bot + + put :deactivate, params: { id: internal_user.username } + + expect(internal_user.reload.deactivated?).to be_falsey + expect(flash[:notice]).to eq('Internal users cannot be deactivated') + end + end end describe 'PUT block/:id' do @@ -321,7 +390,7 @@ RSpec.describe Admin::UsersController do describe 'POST update' do context 'when the password has changed' do - def update_password(user, password = User.random_password, password_confirmation = password) + def update_password(user, password = User.random_password, password_confirmation = password, format = :html) params = { id: user.to_param, user: { @@ -330,7 +399,7 @@ RSpec.describe Admin::UsersController do } } - post :update, params: params + post :update, params: params, format: format end context 'when admin changes their own password' do @@ -429,6 +498,23 @@ RSpec.describe Admin::UsersController do .not_to change { user.reload.encrypted_password } end end + + context 'when the update fails' do + let(:password) { User.random_password } + + before do + expect_next_instance_of(Users::UpdateService) do |service| + allow(service).to receive(:execute).and_return({ message: 'failed', status: :error }) + end + end + + it 'returns a 500 error' do + expect { update_password(admin, password, password, :json) } + .not_to change { admin.reload.password_expired? } + + expect(response).to have_gitlab_http_status(:error) + end + end end context 'admin notes' do |